HARD
Password Cracking / DFIR
🏆 250 pts
Challenge #15: Cracking the Vault
password hashing md5 hashcat john sql
📋 Mission Brief
A corporate password vault database was exfiltrated during a breach. Multiple accounts are stored with different hashing schemes. One legacy account uses weak cryptography — crack it to recover the secrets it protects.
🎯 The Challenge
An SQL database dump from a compromised password vault has been recovered. The vault stores credentials for multiple internal accounts using different password hashing algorithms.
Your mission:
1. Parse the SQL dump and identify all user accounts
2. Identify which hashing algorithm each account uses
3. Find the account with the weakest hash — this is your target
4. Crack the hash using a wordlist attack
5. Use the cracked password to “access” that account’s vault entry
6. The flag is inside the vault entry for that account
Tools needed:
Hash type codes for Hashcat:
MD5 = 0 | bcrypt = 3200 | SHA-256 = 1400
Note: The bcrypt hashes are intentionally uncrackable in reasonable time. Only one hash is actually crackable — find it!
Your mission:
1. Parse the SQL dump and identify all user accounts
2. Identify which hashing algorithm each account uses
3. Find the account with the weakest hash — this is your target
4. Crack the hash using a wordlist attack
5. Use the cracked password to “access” that account’s vault entry
6. The flag is inside the vault entry for that account
Tools needed:
hashcat -m 0 hash.txt /usr/share/wordlists/rockyou.txt (MD5)john --format=raw-md5 --wordlist=rockyou.txt hash.txtHash type codes for Hashcat:
MD5 = 0 | bcrypt = 3200 | SHA-256 = 1400
Note: The bcrypt hashes are intentionally uncrackable in reasonable time. Only one hash is actually crackable — find it!
⬇ DOWNLOAD CHALLENGE FILE
ch15_password_vault.zip
🚩 Submit Flag
Flag format: PlainlySec{...}