whats_my_password

Another quick walk-through from ACSC5.  This problem is called whats_my_password and can be found here.

Problem

What is that administrator’s password? Note: enter the flag in the format acsc2017{}

Solution

So if you follow the link on the first page, it will take you to a sql dump from a mysql database.  There is nothing to indicate what program gave the database, but beginning on line 22 and in a number of other places, you see prefix/suffix “wp”.  A quick google for any of the table names will show that the database likely belongs to WordPress.  A little more digging will show that the users passwords are stored in the wp_users table.  If you continue down to line 446 you will see where that table is defined

and then on line 464 where the user ‘admin’ is inserted into the table.

Looking at the table definition, the third field is ‘user_pass’ which for the user insert has a value of ‘5fcfd41e547a12215b173ff47fdd3739’.  Either that is a really good password (except that it’s missing any special characters), or its hashed.  A google for “break a hash” gives me the 2nd result of crackstation[.]net (there are lots of other ones out there).  When I paste in the hash, it breaks it to “trustno1” meaning the flag is acsc2017{trustno1}.

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code class="" title="" data-url=""> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong> <pre class="" title="" data-url=""> <span class="" title="" data-url="">