H1 CTF: Reversing the password

Given the following data from a Google document .

7b 0a 20 a0 22 65 76 e5 6e 74 22 ba 20 22 70 e1 73 73 77 ef 72 64 5f e3 68 61 6e e7 65 22 2c 8a 20 20 22 f5 73 65 72 ee 61 6d 65 a2 3a 20 22 e2 63 6f 6c ec 69 6e 22 ac 0a 20 20 a2 6f 6c 64 df 70 61 73 f3 77 6f 72 e4 22 3a 20 a2 3a 5c 78 c3 37 5c 78 c6 34 5c 6e dc 78 41 46 a9 29 37 43 dc 78 31 35 dc 78 44 30 dc 78 46 33 dc 78 44 45 e9 55 3b 22 ac 0a 20 20 a2 6e 65 77 df 70 61 73 f3 77 6f 72 e4 22 3a 20 a2 39 5c 78 c6 41 5c 78 b9 39 5c 78 c3 41 5c 78 c5 44 5c 78 c6 32 58 53 c7 5c 78 44 c4 2d 5c 78 c3 32 5c 78 b8 45 7a 48 eb 22 2c 0a a0 20 22 74 e9 6d 65 73 f4 61 6d 70 a2 3a 20 31 b5 30 31 38 b5 38 38 36 b0 30 30 30 8a 7d 0a

Check the data

$ pbpaste | xxd -r -p

Where xxd is a hexdump tool.

{ ?"ev?nt"? "p?ssw?rd_?han?e",? "?ser?ame?: "?col?in"? ?old?pas?wor?": ?:\x?7\x?4\n?xAF?)7C?x15?xD0?xF3?xDE?U;"? ?new?pas?wor?": ?9\x?A\x?9\x?A\x?D\x?2XS?\xD?-\x?2\x?EzH?", ? "t?mes?amp?: 1?018?886?000?}

The data is mangled. From the Google doc description, there needs to be some bit manipulation

Save the corrupt data

$ pbpaste | xxd -r -p > corrupt_data

python script to deal with mangled bits

import sys from functools import partial

with open('corrupt_data', 'rb') as in_file:

for data in iter(partial(in_file.read, 1), b''):

x = int.from_bytes(data, byteorder='big')

sys.stdout.write((chr(x&0b01111111))) # Fix "shifted" bits

$ python3 dirty.py { "event": "password_change", "username": "bcollin", "old_password": ":\xC7\xF4\n\xAF))7C\x15\xD0\xF3\xDEiU;", "new_password": "9\xFA\x99\xCA\xED\xF2XSG\xDD-\xC2\x8EzHk", "timestamp": 1501858860000 }

Verify the timestamp

$ date -r 1501858860 Fri Aug 4 11:01:00 AST 2017

Get the hex value for the password since the current format doesn’t do us any good.

$ python >> ":\xC7\xF4\n\xAF))7C\x15\xD0\xF3\xDEiU;".encode('hex') '3ac7f40aaf2929374315d0f3de69553b' >> "9\xFA\x99\xCA\xED\xF2XSG\xDD-\xC2\x8EzHk".encode('hex') '39fa99caedf2585347dd2dc28e7a486b'

Take the last hint and literally reverse as the hex encoded string

$ python >> '3ac7f40aaf2929374315d0f3de69553b'[::-1] 'b35596ed3f0d5134739292faa04f7ca3' >> '39fa99caedf2585347dd2dc28e7a486b'[::-1] 'b684a7e82cd2dd7435852fdeac99af93'

The two hashes are

‘b35596ed3f0d5134739292faa04f7ca3’

‘b684a7e82cd2dd7435852fdeac99af93’

Googling for these strings yield

old_password -> b35596ed3f0d5134739292faa04f7ca3:p4ssw0rd new_password -> b684a7e82cd2dd7435852fdeac99af93:thisiscrazy

Can recheck for one of the hashes, that it is indeed a md5 operation done twice

$echo -n "thisiscrazy" | md5 5990027d60d655641fb35b1e3dca9e75

$ echo -n "5990027d60d655641fb35b1e3dca9e75" | md5

b684a7e82cd2dd7435852fdeac99af93

References

http://md5decoder.org/

https://crackstation.net/

https://www.ccs.neu.edu/home/cbw/static/class/5600/slides/12_Auth_and_Access.pptx