RingZer0team CTF - Challenge 57
Posted on Fri 05 May 2017 in Security
This is a continuation of my series on RingZer0Team.com.
Challenge 57 ("Hash Breaker Reloaded", under the Coding Challenges) is one of a series of challenges where you're simply presented with a hash - you need to return the plaintext value to the page within 3 seconds.
In contrast to Challenge 56, this challenge also includes a salt:
You have 3 seconds to break this hash
Send the answer back using https://ringzer0team.com/challenges/57/[clear_text]
----- BEGIN HASH -----
ab9507edbb2501b3c02e47c51af0178d68655980
----- END HASH -----
----- BEGIN SALT -----
c2ac9d8d004b4011d0864e76c7ebaaccfd18464bb8ff66bdbf19a703eb95a944
----- END SALT -----
The hash looks like another SHA-1, but of course the online hash reversers don't have the now-salted hash in their rainbow tables. I figured that the challenge was a simple continuation of the previous challenge, so I crossed my fingers and guessed the hash was simply a number (from last time), concatenated with the plain-text salt.
... And I was lucky! The below code got me the flag:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 |
|
As last time, there's no error handling in that code, so if it runs for more than a few seconds it's probably toast.