Manager
Table of Contents
Bumpy box.
Problem
There might be a flag inside this file. The password is all digits.
NOTE: The flag is NOT in the standard auctf{} format
Solution
First, use John the Ripper to generate hash.
Then, just crack.
./hashcat64.exe -a 3 -w 3 -m 13400 ./crack.hash -O -1 ?d --increment ?1?1?1?1?1?1?1?1?1?1?1?
Finally, use KeePass to open the box and found the flag.
Result
nemo@MARSHMALLOW-LAP > E:\..\..\hashcat-5.1.0 > ./hashcat64.exe -a 3 -w 3 -m 13400 ./crack.hash -O -1 ?d --increment ?1?1?1?1?1?1?1?1?1?1?1?1 hashcat (v5.1.0) starting...
* Device #2: Intel's OpenCL runtime (GPU only) is currently broken.
We are waiting for updated OpenCL drivers from Intel.
You can use --force to override, but do not report related errors.
nvmlDeviceGetFanSpeed(): Not Supported
OpenCL Platform #1: NVIDIA Corporation
======================================
* Device #1: GeForce GTX 1050, 1024/4096 MB allocatable, 5MCU
OpenCL Platform #2: Intel(R) Corporation
========================================
* Device #2: Intel(R) UHD Graphics 630, skipped.
* Device #3: Intel(R) Core(TM) i5-8300H CPU @ 2.30GHz, skipped.
./OpenCL/m13400-optimized.cl: Optimized OpenCL kernel requested but not needed - falling back to pure OpenCL kernel
Hashes: 1 digests; 1 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates
Applicable optimizers:
* Zero-Byte
* Single-Hash
* Single-Salt
* Brute-Force
Minimum password length supported by kernel: 0
Maximum password length supported by kernel: 256
Watchdog: Temperature abort trigger set to 90c
The wordlist or mask that you are using is too small.
This means that hashcat cannot use the full parallel power of your device(s).
Unless you supply more work, your cracking speed will drop.
For tips on supplying more work, see: https://hashcat.net/faq/morework
Approaching final keyspace - workload adjusted.
Session..........: hashcat
Status...........: Exhausted
Hash.Type........: KeePass 1 (AES/Twofish) and KeePass 2 (AES)
Hash.Target......: $keepass$*2*60000*222*f31bf71589af9d69d3a9d58b97755...69cdd7
Time.Started.....: Sat Apr 04 22:24:12 2020 (2 secs)
Time.Estimated...: Sat Apr 04 22:24:14 2020 (0 secs)
Guess.Mask.......: ?1 [1]
Guess.Charset....: -1 ?d, -2 Undefined, -3 Undefined, -4 Undefined
Guess.Queue......: 1/12 (8.33%)
Speed.#1.........: 5 H/s (0.70ms) @ Accel:512 Loops:256 Thr:32 Vec:1
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 10/10 (100.00%)
Rejected.........: 0/10 (0.00%)
Restore.Point....: 1/1 (100.00%)
Restore.Sub.#1...: Salt:0 Amplifier:9-10 Iteration:59904-60000
Candidates.#1....: 6 -> 6
Hardware.Mon.#1..: Temp: 53c Util: 78% Core:1759MHz Mem:3504MHz Bus:16
The wordlist or mask that you are using is too small.
This means that hashcat cannot use the full parallel power of your device(s).
Unless you supply more work, your cracking speed will drop.
For tips on supplying more work, see: https://hashcat.net/faq/morework
Approaching final keyspace - workload adjusted.
Cracking performance lower than expected?
* Update your OpenCL runtime / driver the right way:
https://hashcat.net/faq/wrongdriver
* Create more work items to make use of your parallelization power:
https://hashcat.net/faq/morework
Session..........: hashcat
Status...........: Exhausted
Hash.Type........: KeePass 1 (AES/Twofish) and KeePass 2 (AES)
Hash.Target......: $keepass$*2*60000*222*f31bf71589af9d69d3a9d58b97755...69cdd7
Time.Started.....: Sat Apr 04 22:24:14 2020 (3 secs)
Time.Estimated...: Sat Apr 04 22:24:17 2020 (0 secs)
Guess.Mask.......: ?1?1 [2]
Guess.Charset....: -1 ?d, -2 Undefined, -3 Undefined, -4 Undefined
Guess.Queue......: 2/12 (16.67%)
Speed.#1.........: 45 H/s (0.72ms) @ Accel:512 Loops:256 Thr:32 Vec:1
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 100/100 (100.00%)
Rejected.........: 0/100 (0.00%)
Restore.Point....: 10/10 (100.00%)
Restore.Sub.#1...: Salt:0 Amplifier:9-10 Iteration:59904-60000
Candidates.#1....: 62 -> 67
Hardware.Mon.#1..: Temp: 54c Util: 70% Core:1746MHz Mem:3504MHz Bus:16
The wordlist or mask that you are using is too small.
This means that hashcat cannot use the full parallel power of your device(s).
Unless you supply more work, your cracking speed will drop.
For tips on supplying more work, see: https://hashcat.net/faq/morework
Approaching final keyspace - workload adjusted.
Session..........: hashcat
Status...........: Exhausted
Hash.Type........: KeePass 1 (AES/Twofish) and KeePass 2 (AES)
Hash.Target......: $keepass$*2*60000*222*f31bf71589af9d69d3a9d58b97755...69cdd7
Time.Started.....: Sat Apr 04 22:24:17 2020 (3 secs)
Time.Estimated...: Sat Apr 04 22:24:20 2020 (0 secs)
Guess.Mask.......: ?1?1?1 [3]
Guess.Charset....: -1 ?d, -2 Undefined, -3 Undefined, -4 Undefined
Guess.Queue......: 3/12 (25.00%)
Speed.#1.........: 406 H/s (0.86ms) @ Accel:512 Loops:256 Thr:32 Vec:1
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 1000/1000 (100.00%)
Rejected.........: 0/1000 (0.00%)
Restore.Point....: 100/100 (100.00%)
Restore.Sub.#1...: Salt:0 Amplifier:9-10 Iteration:59904-60000
Candidates.#1....: 623 -> 676
Hardware.Mon.#1..: Temp: 55c Util: 84% Core:1746MHz Mem:3504MHz Bus:16
The wordlist or mask that you are using is too small.
This means that hashcat cannot use the full parallel power of your device(s).
Unless you supply more work, your cracking speed will drop.
For tips on supplying more work, see: https://hashcat.net/faq/morework
Approaching final keyspace - workload adjusted.
Session..........: hashcat
Status...........: Exhausted
Hash.Type........: KeePass 1 (AES/Twofish) and KeePass 2 (AES)
Hash.Target......: $keepass$*2*60000*222*f31bf71589af9d69d3a9d58b97755...69cdd7
Time.Started.....: Sat Apr 04 22:24:20 2020 (5 secs)
Time.Estimated...: Sat Apr 04 22:24:25 2020 (0 secs)
Guess.Mask.......: ?1?1?1?1 [4]
Guess.Charset....: -1 ?d, -2 Undefined, -3 Undefined, -4 Undefined
Guess.Queue......: 4/12 (33.33%)
Speed.#1.........: 2265 H/s (1.69ms) @ Accel:512 Loops:256 Thr:32 Vec:1
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 10000/10000 (100.00%)
Rejected.........: 0/10000 (0.00%)
Restore.Point....: 1000/1000 (100.00%)
Restore.Sub.#1...: Salt:0 Amplifier:9-10 Iteration:59904-60000
Candidates.#1....: 6234 -> 6764
Hardware.Mon.#1..: Temp: 59c Util: 90% Core:1746MHz Mem:3504MHz Bus:16
The wordlist or mask that you are using is too small.
This means that hashcat cannot use the full parallel power of your device(s).
Unless you supply more work, your cracking speed will drop.
For tips on supplying more work, see: https://hashcat.net/faq/morework
Approaching final keyspace - workload adjusted.
[s]tatus [p]ause [b]ypass [c]heckpoint [q]uit =>
Session..........: hashcat
Status...........: Running
Hash.Type........: KeePass 1 (AES/Twofish) and KeePass 2 (AES)
Hash.Target......: $keepass$*2*60000*222*f31bf71589af9d69d3a9d58b97755...69cdd7
Time.Started.....: Sat Apr 04 22:24:25 2020 (14 secs)
Time.Estimated...: Sat Apr 04 22:24:58 2020 (19 secs)
Guess.Mask.......: ?1?1?1?1?1 [5]
Guess.Charset....: -1 ?d, -2 Undefined, -3 Undefined, -4 Undefined
Guess.Queue......: 5/12 (41.67%)
Speed.#1.........: 3004 H/s (13.48ms) @ Accel:512 Loops:256 Thr:32 Vec:1
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 40000/100000 (40.00%)
Rejected.........: 0/40000 (0.00%)
Restore.Point....: 0/10000 (0.00%)
Restore.Sub.#1...: Salt:0 Amplifier:4-5 Iteration:1536-1792
Candidates.#1....: 92345 -> 97646
Hardware.Mon.#1..: Temp: 64c Util: 95% Core:1733MHz Mem:3504MHz Bus:16
[s]tatus [p]ause [b]ypass [c]heckpoint [q]uit =>
Session..........: hashcat
Status...........: Running
Hash.Type........: KeePass 1 (AES/Twofish) and KeePass 2 (AES)
Hash.Target......: $keepass$*2*60000*222*f31bf71589af9d69d3a9d58b97755...69cdd7
Time.Started.....: Sat Apr 04 22:24:25 2020 (14 secs)
Time.Estimated...: Sat Apr 04 22:24:58 2020 (19 secs)
Guess.Mask.......: ?1?1?1?1?1 [5]
Guess.Charset....: -1 ?d, -2 Undefined, -3 Undefined, -4 Undefined
Guess.Queue......: 5/12 (41.67%)
Speed.#1.........: 3004 H/s (13.48ms) @ Accel:512 Loops:256 Thr:32 Vec:1
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 40000/100000 (40.00%)
Rejected.........: 0/40000 (0.00%)
Restore.Point....: 0/10000 (0.00%)
Restore.Sub.#1...: Salt:0 Amplifier:4-5 Iteration:14848-15104
Candidates.#1....: 92345 -> 97646
Hardware.Mon.#1..: Temp: 64c Util: 93% Core:1733MHz Mem:3504MHz Bus:16
[s]tatus [p]ause [b]ypass [c]heckpoint [q]uit =>
Session..........: hashcat
Status...........: Running
Hash.Type........: KeePass 1 (AES/Twofish) and KeePass 2 (AES)
Hash.Target......: $keepass$*2*60000*222*f31bf71589af9d69d3a9d58b97755...69cdd7
Time.Started.....: Sat Apr 04 22:24:25 2020 (15 secs)
Time.Estimated...: Sat Apr 04 22:24:59 2020 (19 secs)
Guess.Mask.......: ?1?1?1?1?1 [5]
Guess.Charset....: -1 ?d, -2 Undefined, -3 Undefined, -4 Undefined
Guess.Queue......: 5/12 (41.67%)
Speed.#1.........: 3004 H/s (13.49ms) @ Accel:512 Loops:256 Thr:32 Vec:1
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 40000/100000 (40.00%)
Rejected.........: 0/40000 (0.00%)
Restore.Point....: 0/10000 (0.00%)
Restore.Sub.#1...: Salt:0 Amplifier:4-5 Iteration:28160-28416
Candidates.#1....: 92345 -> 97646
Hardware.Mon.#1..: Temp: 64c Util: 93% Core:1721MHz Mem:3504MHz Bus:16
[s]tatus [p]ause [b]ypass [c]heckpoint [q]uit =>
Session..........: hashcat
Status...........: Running
Hash.Type........: KeePass 1 (AES/Twofish) and KeePass 2 (AES)
Hash.Target......: $keepass$*2*60000*222*f31bf71589af9d69d3a9d58b97755...69cdd7
Time.Started.....: Sat Apr 04 22:24:25 2020 (18 secs)
Time.Estimated...: Sat Apr 04 22:24:59 2020 (16 secs)
Guess.Mask.......: ?1?1?1?1?1 [5]
Guess.Charset....: -1 ?d, -2 Undefined, -3 Undefined, -4 Undefined
Guess.Queue......: 5/12 (41.67%)
Speed.#1.........: 2992 H/s (13.56ms) @ Accel:512 Loops:256 Thr:32 Vec:1
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 50000/100000 (50.00%)
Rejected.........: 0/50000 (0.00%)
Restore.Point....: 0/10000 (0.00%)
Restore.Sub.#1...: Salt:0 Amplifier:5-6 Iteration:12544-12800
Candidates.#1....: 42345 -> 47646
Hardware.Mon.#1..: Temp: 64c Util: 94% Core:1708MHz Mem:3504MHz Bus:16
Session..........: hashcat
Status...........: Exhausted
Hash.Type........: KeePass 1 (AES/Twofish) and KeePass 2 (AES)
Hash.Target......: $keepass$*2*60000*222*f31bf71589af9d69d3a9d58b97755...69cdd7
Time.Started.....: Sat Apr 04 22:24:25 2020 (34 secs)
Time.Estimated...: Sat Apr 04 22:24:59 2020 (0 secs)
Guess.Mask.......: ?1?1?1?1?1 [5]
Guess.Charset....: -1 ?d, -2 Undefined, -3 Undefined, -4 Undefined
Guess.Queue......: 5/12 (41.67%)
Speed.#1.........: 2953 H/s (13.58ms) @ Accel:512 Loops:256 Thr:32 Vec:1
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 100000/100000 (100.00%)
Rejected.........: 0/100000 (0.00%)
Restore.Point....: 10000/10000 (100.00%)
Restore.Sub.#1...: Salt:0 Amplifier:9-10 Iteration:59904-60000
Candidates.#1....: 62345 -> 67646
Hardware.Mon.#1..: Temp: 65c Util: 88% Core:1721MHz Mem:3504MHz Bus:16
[s]tatus [p]ause [b]ypass [c]heckpoint [q]uit =>
Session..........: hashcat
Status...........: Running
Hash.Type........: KeePass 1 (AES/Twofish) and KeePass 2 (AES)
Hash.Target......: $keepass$*2*60000*222*f31bf71589af9d69d3a9d58b97755...69cdd7
Time.Started.....: Sat Apr 04 22:25:00 2020 (22 secs)
Time.Estimated...: Sat Apr 04 22:30:38 2020 (5 mins, 16 secs)
Guess.Mask.......: ?1?1?1?1?1?1 [6]
Guess.Charset....: -1 ?d, -2 Undefined, -3 Undefined, -4 Undefined
Guess.Queue......: 6/12 (50.00%)
Speed.#1.........: 3157 H/s (110.40ms) @ Accel:512 Loops:256 Thr:32 Vec:1
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 0/1000000 (0.00%)
Rejected.........: 0/0 (0.00%)
Restore.Point....: 0/100000 (0.00%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:52224-52480
Candidates.#1....: 123456 -> 171716
Hardware.Mon.#1..: Temp: 67c Util:100% Core:1695MHz Mem:3504MHz Bus:16
[s]tatus [p]ause [b]ypass [c]heckpoint [q]uit =>
Session..........: hashcat
Status...........: Running
Hash.Type........: KeePass 1 (AES/Twofish) and KeePass 2 (AES)
Hash.Target......: $keepass$*2*60000*222*f31bf71589af9d69d3a9d58b97755...69cdd7
Time.Started.....: Sat Apr 04 22:25:00 2020 (24 secs)
Time.Estimated...: Sat Apr 04 22:30:40 2020 (5 mins, 16 secs)
Guess.Mask.......: ?1?1?1?1?1?1 [6]
Guess.Charset....: -1 ?d, -2 Undefined, -3 Undefined, -4 Undefined
Guess.Queue......: 6/12 (50.00%)
Speed.#1.........: 3157 H/s (110.39ms) @ Accel:512 Loops:256 Thr:32 Vec:1
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 0/1000000 (0.00%)
Rejected.........: 0/0 (0.00%)
Restore.Point....: 0/100000 (0.00%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:56832-57088
Candidates.#1....: 123456 -> 171716
Hardware.Mon.#1..: Temp: 67c Util:100% Core:1695MHz Mem:3504MHz Bus:16
$keepass$*2*60000*222*f31bf71589af9d69d3a9d58b97755405de93aedfbefe244129bb5ac64ed8af41*2f0e592de948bbc65eb9738af2daca231ae54c851ceb1e98f16a69e8f5f48336*8a868c9aedf169c857a8734188bba8eb*8f12fb161ef9e102ef805b84f5ee733c2a645b71099cbf8dab1ed750c58756ee*34fe5cf5eb7991a826a71c3330f88ce9c5ed7cf0e041e4e50a24110d2a69cdd7:157865
Session..........: hashcat
Status...........: Cracked
Hash.Type........: KeePass 1 (AES/Twofish) and KeePass 2 (AES)
Hash.Target......: $keepass$*2*60000*222*f31bf71589af9d69d3a9d58b97755...69cdd7
Time.Started.....: Sat Apr 04 22:25:00 2020 (26 secs)
Time.Estimated...: Sat Apr 04 22:25:26 2020 (0 secs)
Guess.Mask.......: ?1?1?1?1?1?1 [6]
Guess.Charset....: -1 ?d, -2 Undefined, -3 Undefined, -4 Undefined
Guess.Queue......: 6/12 (50.00%)
Speed.#1.........: 3157 H/s (109.85ms) @ Accel:512 Loops:256 Thr:32 Vec:1
Recovered........: 1/1 (100.00%) Digests, 1/1 (100.00%) Salts
Progress.........: 81920/1000000 (8.19%)
Rejected.........: 0/81920 (0.00%)
Restore.Point....: 0/100000 (0.00%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:59904-60000
Candidates.#1....: 123456 -> 171716
Hardware.Mon.#1..: Temp: 67c Util: 99% Core:1721MHz Mem:3504MHz Bus:16
Started: Sat Apr 04 22:24:00 2020
Stopped: Sat Apr 04 22:25:26 2020
Flag is y0u4r34r34lh4ck3rn0w#!$1678
