Another quick walk-through from ACSC5. This problem is called whats_my_password and can be found here.
Problem
What is that administrator’s password? Note: enter the flag in the format acsc2017{}
Solution
So if you follow the link on the first page, it will take you to a sql dump from a mysql database. There is nothing to indicate what program gave the database, but beginning on line 22 and in a number of other places, you see prefix/suffix “wp”. A quick google for any of the table names will show that the database likely belongs to WordPress. A little more digging will show that the users passwords are stored in the wp_users table. If you continue down to line 446 you will see where that table is defined
DROP TABLE IF EXISTS `wp_users`; CREATE TABLE `wp_users` ( `ID` bigint(20) UNSIGNED NOT NULL, `user_login` varchar(60) COLLATE utf8mb4_unicode_ci NOT NULL DEFAULT '', `user_pass` varchar(255) COLLATE utf8mb4_unicode_ci NOT NULL DEFAULT '', `user_nicename` varchar(50) COLLATE utf8mb4_unicode_ci NOT NULL DEFAULT '', `user_email` varchar(100) COLLATE utf8mb4_unicode_ci NOT NULL DEFAULT '', `user_url` varchar(100) COLLATE utf8mb4_unicode_ci NOT NULL DEFAULT '', `user_registered` datetime NOT NULL DEFAULT '0000-00-00 00:00:00', `user_activation_key` varchar(255) COLLATE utf8mb4_unicode_ci NOT NULL DEFAULT '', `user_status` int(11) NOT NULL DEFAULT '0', `display_name` varchar(250) COLLATE utf8mb4_unicode_ci NOT NULL DEFAULT '' ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
and then on line 464 where the user ‘admin’ is inserted into the table.
INSERT INTO `wp_users` (`ID`, `user_login`, `user_pass`, `user_nicename`, `user_email`, `user_url`, `user_registered`, `user_activation_key`, `user_status`, `display_name`) VALUES (1, 'admin', '5fcfd41e547a12215b173ff47fdd3739', 'BigT', 'some_address@gmail.com', '', '2017-07-01 17:36:03', '', 0, 'BigT');
Looking at the table definition, the third field is ‘user_pass’ which for the user insert has a value of ‘5fcfd41e547a12215b173ff47fdd3739’. Either that is a really good password (except that it’s missing any special characters), or its hashed. A google for “break a hash” gives me the 2nd result of crackstation[.]net (there are lots of other ones out there). When I paste in the hash, it breaks it to “trustno1” meaning the flag is acsc2017{trustno1}.