Table of contents
Crack The Hash
A hacker leaked the below hash online.
Can you crack it to know the password of the CEO?
1ab566b9fa5c0297295743e7c2a6ec27
Solution: Reversing the MD5 gives us Iamtheflag
Guess The Password
A hacker leaked the below hash online.
Can you crack it to know the password of the CEO?
The flag is the password
Hash: 06f8aa28b9237866e3e289f18ade19e1736d809d
Solution: Reversing the SHA-1 gives us jrahyn+
Postbase
We got these letters and numbers and don't understand them. Can you?
R[corrupted]BR3tCNDUzXzYxWDdZXzRSfQ==
Solution: The trailing ==
looks like a BASE64 string. Let's remove R[corrupted]
part and decode it. We get G{B453_61X7Y_4R}
. Now, it's common sense that the complete flag would be FLAG{B453_61X7Y_4R}
Hide Data
I used to hide my data with a classic cypher, can you get the flag hidden inside?
gur synt vf 2w68lsudym Vg vf cerggl rnfl gb frr gur synt ohg pna lbh frr vg v gbbx arneyl 1 zvahgr gb rapbqr guvf jvgu EBG13 tbbq yhpx va fbyivat gung
Solution: This looks like a classic ROT13 encryption. Let's decrypt and we get the following:
the flag is 2j68yfhqlz It is pretty easy to see the flag but can you see it i took nearly 1 minute to encode this with ROT13 good luck in solving that
The flag is 2j68yfhqlz
RSA101
we received a message from our agent but we don't know how to use our key to read the message.
And a zip file is given.
Solution: We're get an RSA private key, and a ciphertext. Let's use openssl
to decrypt it using the terminal.
openssl rsautl -decrypt -in cipher -out plain -inkey key.pem
And, we get the flag: flag{RSA_nice_try}
Up
We're given the message:
Every time you go up you will gain one ballon
ejxc{T0nY0J_BsUMS4}
Solution:
By hunch, we can map ejxc
to flag
by adding their position in the string to themselves. After mapping each alphabetic character, we get: flag{Y0uG0T_MeHAH4}
Hash3rror
we got this corrupted hash password from a Pcap file with a note (password = sha-1(hash-result)).
HASH:77be5d24ed2e3e590045e1d6o7e84i50d2799c19f48ede46804a8734e287df120f
Solution: Look at the hash 77be5d24ed2e3e590045e1d6o7e84i50d2799c19f48ede46804a8734e287df120f
It's basically in hex format, right? But no, it has two illegal characters: o
and i
. Let's remove that. Now, it's 64 characters long, which is the length of a sha-256
hash.
We get the plaintext s3cr3tpassword
. Now, as per instruction, we've to sha-1
encrypt it. After encryption, we get 83874343435092cb681c0d558a84bfeb389c32ed
. That's our solution.