This challenge gives us the following description:
Solve me to unlock the advanced category of challenges!
Well, I had a flag to give you. It was my password wrapped in IGE{}, but then someone hashed the flag:
72ad6954b3c211e9bb78f3346da02b7bFlag format: IGE{XXXXXXXXXXXXX}
Credit: Jonny D.
So from the description, we get the flag’s hash and a very important detail: the hashed flag was wrapped in IGE{}, so we can’t get the flag from public hash databases.
So without the ability to find the hash from public databases, we have to crack the hash by ourselves. From the description, we can also deduce that the flag is created from a password, so I decided to try using the rockyou.txt wordlist. To achieve this I created the following python script
import hashlib
# The hash
_hash = '72ad6954b3c211e9bb78f3346da02b7b'
prefix = 'IGE{'
subfix = '}'
# Opens the rockyou.txt file in read-only mode
f = open('./rockyou.txt', "r", encoding="latin-1")
# Returns True if the generated hash is the same as provided hash else it returns False
def check_hash(content):
# Creates the complete flag from the password
string = prefix + content + subfix
# Gets the hash from the string
res = hashlib.md5(string.encode())
print('Trying string: ' + string + ' ' + res.hexdigest())
# If the flag is found then announce that it was found and return True
if res.hexdigest() == _hash:
print('-----------------------------------------')
print('Flag found: ' + string)
print('Flag found: ' + string)
print('Flag found: ' + string)
print('-----------------------------------------')
return True
return False
while True:
# read one password from the list and remove white spaces before and after
password = f.readline().strip()
# if the flag was found then exit the loop
if check_hash(password):
break
Running the script gives us the flag: IGE{galacticforce}
