Hashcat

Location - Island of Misfit Toys: Scaredy Kite Heights

Objective Description

Crack the hash! The terminal gives us the following:

In a realm of bytes and digital cheer,  
The festive season brings a challenge near.  
Santa's code has twists that may enthrall,  
It's up to you to decode them all.

Hidden deep in the snow is a kerberos token,  
Its type and form, in whispers, spoken.  
From reindeers' leaps to the elfish toast,  
Might the secret be in an ASREP roast?

`hashcat`, your reindeer, so spry and true,  
Will leap through hashes, bringing answers to you.  
But heed this advice to temper your pace,  
`-w 1 -u 1 --kernel-accel 1 --kernel-loops 1`, just in case.

For within this quest, speed isn't the key,  
Patience and thought will set the answers free.  
So include these flags, let your command be slow,  
And watch as the right solutions begin to show.

For hints on the hash, when you feel quite adrift,  
This festive link, your spirits, will lift:  
https://hashcat.net/wiki/doku.php?id=example_hashes

And when in doubt of `hashcat`'s might,  
The CLI docs will guide you right:  
https://hashcat.net/wiki/doku.php?id=hashcat

Once you've cracked it, with joy and glee so raw,  
Run /bin/runtoanswer, without a flaw.  
Submit the password for Alabaster Snowball,  
Only then can you claim the prize, the best of all.

So light up your terminal, with commands so grand,  
Crack the code, with `hashcat` in hand!  
Merry Cracking to each, by the pixelated moon's light,  
May your hashes be merry, and your codes so right!

* Determine the hash type in hash.txt and perform a wordlist cracking attempt to find which password is correct and submit it to /bin/runtoanswer .*

Solution

We are given the hash and a wordlist in our directory on the machine. To solve this challenge, I copied both over locally.

First, read the hash file and note the format and characters that start the hash.

Now we pass the mode, hash file, and password list to hashcat.

hashcat -m 18200 hashobjective.txt passwordlist.txt

Then run the command specified to complete the objective:

PreviousPhish Detection Agency NextElf Hunt

Last updated 1 year ago

In a realm of bytes and digital cheer, The festive season brings a challenge near. Santa's code has twists that may enthrall, It's up to you to decode them all. Hidden deep in the snow is a kerberos token, Its type and form, in whispers, spoken. From reindeers' leaps to the elfish toast, Might the secret be in an ASREP roast? `hashcat`, your reindeer, so spry and true, Will leap through hashes, bringing answers to you. But heed this advice to temper your pace, `-w 1 -u 1 --kernel-accel 1 --kernel-loops 1`, just in case. For within this quest, speed isn't the key, Patience and thought will set the answers free. So include these flags, let your command be slow, And watch as the right solutions begin to show. For hints on the hash, when you feel quite adrift, This festive link, your spirits, will lift: https://hashcat.net/wiki/doku.php?id=example_hashes And when in doubt of `hashcat`'s might, The CLI docs will guide you right: https://hashcat.net/wiki/doku.php?id=hashcat Once you've cracked it, with joy and glee so raw, Run /bin/runtoanswer, without a flaw. Submit the password for Alabaster Snowball, Only then can you claim the prize, the best of all. So light up your terminal, with commands so grand, Crack the code, with `hashcat` in hand! Merry Cracking to each, by the pixelated moon's light, May your hashes be merry, and your codes so right! * Determine the hash type in hash.txt and perform a wordlist cracking attempt to find which password is correct and submit it to /bin/runtoanswer .*