Password Cracking Flash CTF
Welcome to the Fall 2025 Kickoff Capture The Flag competition! You will work in teams of 4.
Password Cracking
Challenge 1
(10 points)
We've received a password hash from the rockyou breach:
84d961568a65073a3bcf0eb216b2a576
Challenge 2
(15 points)
We've received a password hash based on sports:
f64d4211274466092708a6eea3342151245584673c8ea8a46a4caa4fdef9d73a
Challenge 3
(10 points)
We've received a password hash in the format of THP-DML?-249# where ? is an uppercase letter and # is a digit:
cc1f062de5a0967c1c3d7ae4b4c5aeee
Challenge 4
(10 points)
We've received a windows password hash:
E395FEF7152D0C07AAD3B435B51404EE:20CAF4C7BCCEA1964E1646D17B1C040F
Challenge 5
(20 points)
We've received a password hash in the format of an animal with 2 digits appended:
ca07b2edbbf3828ec7d5520914be841d
Challenge 6
(30 points)
We've received a password hash based on the 10k most common passwords with 1 digit prepended. (Hint: SecLists)
e33ed4caab4356c883fb0eddef8176db
Challenge 7
(25 points)
We've received an encrypted PDF file with a password from rockyou.txt.
Download PDF (If it opens in new tab, use Ctrl/Command + S to save).
Challenge 8
(25 points)
We've received an encrypted ZIP file with a password in the form of password-23##52 where # is a digit.
Challenge 9
(60 points)
We've received a linux binary that asks for a password, can you figure it out?
Challenge 10
(50 points)
We've received a /etc/shadow file from a linux environment, can you get into admin account? It seems to be based on default passwords. (Hint: SecLists)
Challenge 11
(40 points)
We've received a password hash that's based on our about page with 1 number appended. (Hint: You can make a wordlist with cewl <website> -w <output>)
1719e76336b93effb3d3cc3ca781fade
Challenge 12
(30 points)
We've recieved a zip file with an encrypted zip file inside, can you get in? (Hint: meta)
Credits
- Author(s): Divesh Gupta (legendile7)