PicoCTF 2017 – LeakedHashes

Another day, another challenge…

Today’s blog post we’re going to solve the “LeakedHashes” challenge from PicoCTF.

Let’s get started.

Clicking on the challenge we see:


OK – we need to log into a service, but we do not know the password. We do have leaked hash passwords.

Clicking the hashdump.txt file we see:


Let’s see what the hints say.


OK. Let’s see if we can find a way to crack these passwords!

Doing a Google search for “online cracked hashes” we get the following link.

Trying the first hash of root we were not able to crack the password.

Using the second hash of christene, we get:


We were able to crack the password.

Let’s try to login in with christene.

Going back to the commnd line and using the nc command we get:


Scrolling down we see:

We found the flag, and acquired 90 points!!!

Leave a Reply