Hashing Crypto 101 WriteUp – TryHackMe

In this article, I tried to prepare a write-up for the “Hashing – Crypto 101” room on tryhackme.


[Task 1] Key Terms

#1 Is base64 encryption or encoding?

Encoding – This is NOT a form of encryption, just a form of data representation like base64 or hexadecimal. Immediately reversible.

ANSWER: encoding


 [Task 2] What is a hash function?

Hash functions are quite different from encryption. There is no key, and it’s meant to be impossible (or very very difficult) to go from the output back to the input.

#1 What is the output size in bytes of the MD5 hash function?

MD5 processes a variable-length message into a fixed-length output of 128 bits.

128 bit= 16 bytes

ANSWER: 16

#2 Can you avoid hash collisions? (Yea/Nay)

ANSWER: Nay

#3 If you have an 8 bit hash output, how many possible hashes are there?

There are 28 possibles hashes.

ANSWER: 256


 [Task 3] Uses for hashing

Hashing is used for 2 main purposes in Cyber Security. To verify integrity of data (More on that later), or for verifying passwords.

#1 Crack the hash “d0199f51d2728db6011945145a1b607a” using the rainbow table manually.

You can use this website to crack this hash value.

ANSWER: basketball

#2 Crack the hash “5b31f93c09ad1d065c0491b764d04933” using online tools

You can use this website to crack this hash value.

ANSWER: tryhackme

#3 Should you encrypt passwords? Yea/Nay

ANSWER: Nay


[Task 4]  Recognising password hashes

#1 How many rounds does sha512crypt ($6$) use by default?

You can read this website for this question.

ANSWER: 5000

#2 What’s the hashcat example hash (from the website) for Citrix Netscaler hashes?

You can find the answer in this website.

ANSWER: 1765058016a22f1b4e076dccd1c3df4e8e5c0839ccded98ea

#3 How long is a Windows NTLM hash, in characters?

In the example above, you see one hash value. You can get the result by counting the letters of this hash value.

ANSWER: 32


[Task 5] Password Cracking

#1 Crack this hash: $2a$06$7yoU3Ng8dHTXphAg913cyO6Bjs3K5lBnwq5FJyA6d01pMSrddr1ZG

I created new file and wrote this hash value and saved it on Kali Linux.

Then, I analyzed this hash value.

Then I used “hashcat” in Kali Linux.

In hashcat tool, bcrypt hash code is 3200. You can see this hash code with “hashcat –help” command.

Then I used this command and “rockyou.txt” file for worldlist.

hashcat -m 3200 <your hash value file> <rockyou.txt file location> --force

Answer: 85208520

#2 Crack this hash: 9eb7ee7f551d2f0ac684981bd1f1e2fa4a37590199636753efe614d4db30e8e1

You can use this website to crack this hash value.

ANSWER: halloween

#3 Crack this hash: $6$GQXVvW4EuM$ehD6jWiMsfNorxy5SINsgdlxmAEl3.yif0/c3NqzGLa0P.S7KRDYjycw5bnYkF5ZtB8wQy8KnskuWQS3Yr1wQ0

For Sha512crypt code in hashcat is 1800. You can see this code in this website.

I used this command:

hashcat -m 1800 <your hash value file> <rockyou.txt file location> --force

Then the result can be seen this picture.

ANSWER: spaceman

#4 Bored of this yet? Crack this hash: b6b0d451bbf6fed658659a9e7e5598fe

You can use this website to crack this hash value.

ANSWER: funforyou


[Task 6] Hashing for integrity checking

Hashing can be used to check that files haven’t been changed. If you put the same data in, you always get the same data out. If even a single bit changes, the hash will change a lot. This means you can use it to check that files haven’t been modified or to make sure that they have downloaded correctly. You can also use hashing to find duplicate files, if two pictures have the same hash then they are the same picture.

#1 What’s the SHA1 sum for the amd64 Kali 2019.4 ISO? https://cdimage.kali.org/kali-images/kali-2019.4/

You can find the answer after click the link and download the file .

ANSWER: 186c5227e24ceb60deb711f1bdc34ad9f4718ff9

#2 What’s the hashcat mode number for HMAC-SHA512 (key = $pass)?

You can see this code in this website.

ANSWER: 1750


So far, I have tried to explain the solutions of the questions as detailed as I can. I hope it helped you. See you in my next write-up.

Bir Cevap Yazın

Aşağıya bilgilerinizi girin veya oturum açmak için bir simgeye tıklayın:

WordPress.com Logosu

WordPress.com hesabınızı kullanarak yorum yapıyorsunuz. Çıkış  Yap /  Değiştir )

Google fotoğrafı

Google hesabınızı kullanarak yorum yapıyorsunuz. Çıkış  Yap /  Değiştir )

Twitter resmi

Twitter hesabınızı kullanarak yorum yapıyorsunuz. Çıkış  Yap /  Değiştir )

Facebook fotoğrafı

Facebook hesabınızı kullanarak yorum yapıyorsunuz. Çıkış  Yap /  Değiştir )

Connecting to %s

WordPress.com'da Blog Oluşturun.

Yukarı ↑

%d blogcu bunu beğendi: