ThisisLegal.com

ThisisLegal Forums

Welcome to the forums! A chance for site members to chat and get help.

You are not logged in.

#1 2009-12-11 08:41:15

BanKai
Member
Registered: 2009-12-11
Posts: 2

Bonus 10

Which user's password I should crack?

Administrator
HelpAssistant
SUPPORT_388945a0
admin
IUSR_A000
IWAM_A000
VUSR_A000
ACTUser
SQLDebugger
aitsuser

Thanks!

Offline

#2 2009-12-11 10:27:15

t0mmy9
Administrator
Registered: 2005-01-07
Posts: 21

Re: Bonus 10

Administrator

Good job tongue


Site admin

Offline

#3 2009-12-11 11:00:55

BanKai
Member
Registered: 2009-12-11
Posts: 2

Re: Bonus 10

Does the password's charset contains special chars and not only [A-Z][a-z][0-9]?

Offline

#4 2009-12-11 16:22:13

xyberz09
Member
Registered: 2009-06-10
Posts: 46

Re: Bonus 10

Actually BanKai, that would give a lot away and spoil the fun. Although it might be possible to crack the hash just by brute forcing it, I originally intended it to be done differently. Look at everything that's there on the challenge page for hints. And look closely smile

PS: The rainbow isn't just for show, you know.

Offline

#5 2009-12-13 19:49:42

Faisal
Member
Registered: 2009-12-13
Posts: 1

Re: Bonus 10

But the README file in the zip says

You are given this file and are asked to get the admin username and password
from it. Good luck! You need it smile


So please clarify the user to crack ...
Admin
or
Administrator


First Deserve
Then Desire !

Offline

#6 2009-12-16 16:08:58

phoenix1204
Member
Registered: 2009-02-14
Posts: 2

Re: Bonus 10

Administrator... but you must use the LM pass instead of the real case-sensitive password

Offline

#7 2010-06-27 00:10:00

Audi
Member
Registered: 2010-06-27
Posts: 4

Re: Bonus 10

I bruteforced the LM password and NT password for the user Administrator, but somehow it is not being accepted, is the challenge broken....., I can PM the password found for verification to the Admin.

Offline

#8 2010-06-27 00:13:42

Audi
Member
Registered: 2010-06-27
Posts: 4

Re: Bonus 10

Ah got it at last, we need to submit LM password instead of NT password.....

good challenge, a real good sam file... thanks for such good challenges.....

Offline

#9 2010-08-02 01:29:48

Cerades2
Member
Registered: 2010-08-02
Posts: 1

Re: Bonus 10

Looks impossible for me since i've used 2 r*****w tables already.

Offline

#10 2011-02-22 08:42:37

phcoder
Member
Registered: 2011-02-09
Posts: 32

Re: Bonus 10

what tools do I need to extract hashes from the sam file?
Do I need to download ophcrack?

Offline

#11 2011-08-02 23:03:39

xyberz09
Member
Registered: 2009-06-10
Posts: 46

Re: Bonus 10

@Cerades2: You're on the right track but there are other ways of using r*****w tables. You probably didn't have the right one with you and it's quite unrealistic to download every r*****w table you come across. Why don't you go looking for everything there is that you can find on r*****w tables and maybe you'll find a better idea (or website) wink

@phcoder: I haven't used Ophcrack but I suppose you could use it to get the hashes: http://ophcrack.org/features/

Offline

#12 2013-03-08 13:58:20

skewlboy
Member
Registered: 2013-03-08
Posts: 3

Re: Bonus 10

I just have to say that asking us for "admin" password when there is an actual "admin" user but the intended one is "Administrator" is quite misleading and worth correcting, imo... even though it states "find the admin username"...

Offline

#13 2014-01-06 00:21:29

neoxquick
Member
Registered: 2014-01-06
Posts: 1

Re: Bonus 10

Can someone help me which tool i need to use, so i would be able to extract pass and usernames?? i dont think simple search does the trick


bye NeO

Offline

Board footer

Powered by FluxBB