Created
August 11, 2013 20:24
-
-
Save grutz/6206693 to your computer and use it in GitHub Desktop.
CMIYC 2013: Challenge 9 PFX Crack
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| grutz@beelzebubba:2013-cmiyc-street-challenges_1-9$ tar -tvf Challenge9_street.tar.xz | |
| drwxr-sr-x root/root 0 2013-08-01 20:12 Challenge9_street/ | |
| -rw-r--r-- root/root 329 2013-08-01 20:12 Challenge9_street/README | |
| -rw-r--r-- root/root 67108864 2013-08-01 20:12 Challenge9_street/efs.dd | |
| grutz@beelzebubba:2013-cmiyc-street-challenges_1-9$ cd Challenge9_street | |
| grutz@beelzebubba:loop$ Challenge9_street$ cat README | |
| The filesystem in this .dd image has some encrypted files within it. | |
| If you recover any of the passwords needed to decrypt the files, | |
| submit them like any other password crack (each plaintext on a line | |
| by itself). | |
| If you manage to decrypt the files, they will give you some hints | |
| about some of the plaintexts used by Company3. | |
| grutz@beelzebubba:Challenge9_street$ fdisk -l efs.dd | |
| Disk Challenge9_street/efs.dd: 67 MB, 67108864 bytes | |
| 2 heads, 1 sectors/track, 65536 cylinders, total 131072 sectors | |
| Units = sectors of 1 * 512 = 512 bytes | |
| Sector size (logical/physical): 512 bytes / 512 bytes | |
| I/O size (minimum/optimal): 512 bytes / 512 bytes | |
| Disk identifier: 0x06d9f508 | |
| Device Boot Start End Blocks Id System | |
| efs.dd1 128 125055 62464 7 HPFS/NTFS/exFAT | |
| grutz@beelzebubba:Challenge9_street$ mkdir loop | |
| grutz@beelzebubba:Challenge9_street$ sudo mount -o ro,loop,offset=65536 efs.dd loop | |
| grutz@beelzebubba:Challenge9_street$ cd loop | |
| grutz@beelzebubba:loop$ ls | |
| backup $RECYCLE.BIN secret documents System Volume Information | |
| grutz@beelzebubba:loop$ ls backup | |
| 63492B3A0CE6EF8BBFD60B8446C95A76D26E30C7 mabel.pfx | |
| grutz@beelzebubba:loop$ ls secret\ documents/ | |
| dipper.txt mabel.txt shared.txt | |
| grutz@beelzebubba:loop$ /opt/pw-crackers/jtr/JohnTheRipper/run/pfx2john backup/mabel.pfx | |
| grutz@beelzebubba:loop$ /opt/pw-crackers/jtr/JohnTheRipper/run/pfx2john backup/mabel.pfx | |
| mabel:$pfx$*2558*308209fa020103308209b606092a864886f70d010701a08209a7048209a33082099f3082060806092a864886f70d010701a08205f9048205f5308205f1308205ed060b2a864886f70d010c0a0102a08204fe308204fa301c060a2a864886f80be020207d0048204d8305d1ca9b208ecf652688134b1bea08c5d68657b01a28ee2405c3df2df8a098b85231b50d3d8587f3a68f7c23303cb2cd614ab69e9110fa3b9f7f6960a057c49a2f30abbbea2d4459fdef767365de4a29faed039d6c4a0662b73a32ba900dca20c64b1a63118b639e298bbc874cec74c42b5ca32b0fa0c88f5661eed640bd35e0f9fdd75b63a81eed2c64c46c94b8d2251bd67274c733f8dbcf63f3b80c86be5ea94cba8e6701498b6b6cd93dc2fb15186b00d621e2e2b69a22028aeebe1aa1ae968b39a74cbeab9ff7239dde62fe007e861cc056fd40e3bf84556ee47d692c2702ac21d3dfe1ae23d837b62ff07085b5db26cb549bf253615d16ac464a2c745d70df8cdd8e534db953097ffa2f263a588e3b27893b3f1bb0f34e981d8553ff675285d4bec52979b348a47f78be237fde3596b1238c4a4e3ec11ba463af944cc43bf38a1e2214d0c6674cdbcde10dfb5486b86ec85812c1f49d63dbd54124add3ed7705334109cee404eca6b36d1b94f334cbd3d7252cf36042b32992c593cebf6ae731e94c18a4d9f67d275659220839bcafb4577473dc9fe2d73a4fa3bfdd691e9fb849d88228e6e520bcdebc18abf86cbf6613dc0e6fa77cb8833b56a410d3438a2c8a6b0b5b3cc3ac2bf53b349dcf8895107eaea6b7b2584e1277a68e0e44582161ada000b0d04e7dbfcb51cb43d0ead47fe96b75fecb4283b7c7a9b057fedf9d32ccdcd416fe43a12c3bd14eb7210a20ce98af13f8c74ac8b88d2a260e44dc09f8e7942dbc0a31ab909292d6ab20e769f90727b50064b0d7625666bcef0b68343320a4e3ad8e3fc697428ecd17742fa2331b6c97c87674b692dcf6b2336c62a17e743c915a50a6a5a269148f9efa8945f0a6a6cb3a8c7ad583a1b7ef05d287a7fa3c6122280f3930808f96f7af9e51a366b64e2f98704fa6b5ad2b8808e8027c85bb9d40edcba2677e189378d8dd70a4634b739006cd151313285087553b7f3c45d938d63e62f3389346e786d9d98c168e39a3dc83fae8be2f0de266c4049dce5bf36612b2e718aabacf8048b8a764e14a7eb6468d9f4baafeedf0f56979e67d93e894fe28a9218b96925e0b671a9c2abdf2dba2f21d19ffd4d6a4ccc921bf223cec4e48c5e712f4aa4fd4fa438f3e5f63e4fd100d9a8e8f80d173aba61e939766d45438147ec08428c0a9a5ef2185953f097d91f8ad2570b5f6fc2306de321f53543e69e488dfeae2b950435cb6cb176d0f4df722a47780ad5dc663b03de0db5ebf227b493dc820e72cbf02709e0dbe49ffe59842c0eee11568d58a9673687f115a84fb3b58451daa8301ea7985fc4888a68097def56f3ba36f3bbe0d54a7507cfa694be6581f9ee39240dddc424179e2f25bf9d89d1aa950e7466e3dabcd5970367146dd63bcbd69b0b6d861dc8f28d6acf51c8b14401c0fcff555d09aac561ade9016c110a7d0d7aa7bfa5a92b6abed86c0dce1c50a67170e5e920dc7112e4453889ed68081a070fbe66ea29a4c4097efbddd8d800fa10ab913181db301306092a864886f70d0109153106040401000000305706092a864886f70d010914310370038002d0038006500390038002d0034003100660064002d0062003400630065002d006100380036003800620036003000330034006200660032306b06092b0601040182371101315e1e5c004d006900630072006f0073006f0066007400200045006e00680007900700074006f0067007200610070006800690063002000500072006f00760069006400650072002000760031002e00303082038f06092a864886f70d010706a08203803082037c0201003082037506092a864886f70d010701301c060a2a864886f70d010c207d08082034874998debe490236fee2692efc7e1be935afae2ccacda0e69d3080bf5ed04e81bbcb2a3e03228a452c0856a6d1fc31d28dbfe2e94ccf47788e1e470c5775e7f9fa955ff82c87827e2b509174349e5e0037e4d28cbe5e7b05c642b5e1bb1b481ae5bcd230e1e60630284c6a52e75da43192b3f2a0704a0a01f99fb1c4e05e57754d072cc8c8430de995ad091ccb22f0647a04966e7cdee857e1082f83c30c18e50955089000b7de67c738bc08bbf25fa1f0285a885df0fd52eb1ea90052ee5ba5fc5808f9adf1df7487f6d0637d181dd4d817b9b6b3150cdfa89acdff2e123d82a6e03c2e1044434d95bfeb29fb647b74650404fe0b04612084e7a0645b5348d551b9d4d9368fd939a2a9509f68e5e24ba977d92a58af2ee4313247fb2fa3ce10ce563a2fa46a777b3f0d6e371cd39c862669e481fd6dba9480a27cf35f1d627f3b77d7adb1db5490252de1dea64a0328fdbbb050c5579f7695502781ab638c601036c7121e8c6a2644267e0f8c3d9b6c8c55aa374c958d5c458e684355cd4378637664a5d5071a1191c6f6568c233d6829a5d25b1bb603ce57f6c4d20fd3f6d479daa97dda788d963ea33f130e106e838c9c8b33c16f5cfb213e9ab53911bb825e5bcf42341ecbe953462047d6c8bbc26bf8471dc97566e3fdaf46cd1b74c31670ac31e0bd38452b9414a79cb21903d0d5523c51f4dd35714d8dbc1a4ef689e3bfc41716867d0473b4a1b3110810e8efdb1d742b5c740d9727fdfb74d23b6104ba206b5903e3a9c43b3e9768a42b4afded64ba0393689d81c4e92f8864e229ef07679a74b0abc9016579935aa5587dcd8961ae1b8854a7221d7156e7eaae79350a9bd3ea7dd6cd980e0e89ea6262135186a1299df861c4b73207444c75b9ecfbb5ad516affd533ff13dde3ee262c21d40a7f46978479b0b588cefdb7e64ccd0182cad341a1891347c3c2220ea4ed002bc633aeb29e5737d3b9b1ffce091e869843f2169ad86a4f435704e22e9d8687eee8a7e81aae223d274e28fab6303b301f300706052b0e03021a04145fd87aaa600a441a08dcab62a9a060c724297f1c0414e5b381d1b8d3efa39ced9d91a660d07bb8fa2d48020207d0 | |
| grutz@beelzebubba:loop$ /opt/pw-crackers/jtr/JohnTheRipper/run/pfx2john backup/mabel.pfx > chal9_pfx.hash | |
| grutz@beelzebubba:loop$ john chal9_pfx.hash -pot:$KORE/kore2013.pot -sess:/tmp/chal9pfx -w:/opt/pw-crackers/wordlists/realworld/rockyou.txt | |
| Loaded 1 password hash (PKCS12 (.pfx, .p12) [32/64]) | |
| guesses: 0 time: 0:00:00:12 0.18% (ETA: Sat Aug 3 11:42:23 2013) c/s: 2599 trying: 160988 | |
| guesses: 0 time: 0:00:00:32 0.40% (ETA: Sat Aug 3 12:04:37 2013) c/s: 2190 trying: renees | |
| guesses: 0 time: 0:00:00:43 0.52% (ETA: Sat Aug 3 12:09:06 2013) c/s: 2109 trying: 10081993 | |
| guesses: 0 time: 0:00:02:55 1.96% (ETA: Sat Aug 3 12:20:05 2013) c/s: 1889 trying: toploader | |
| waddles1 (mabel) | |
| guesses: 1 time: 0:00:04:06 DONE (Sat Aug 3 09:55:23 2013) c/s: 1850 trying: waddles1 | |
| Use the "--show" option to display all of the cracked passwords reliably |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment