Walk through 2024-01-07 Challenge

The Challenge

You were given a series of characters that may be confused with hexadecimal/base16.

24 61 70 72 31 24 69 6q 70 6s 73 65 24 34 48 4o 55 73 53 79 49 59 68 4r 5n 4q 65 50 47 6r 54 45 76 59 2s

This was intentional, as in my last blog I dropped a hint that if you have standard hexadecimal, you should not expect to see letters greater than 'f'. In the provided text, we see letters n, o, q, r, and s. That tells us that we do not have standard hexadecimal. However, if we do try to decode this as hexadecimal, we do find some seemingly legible ASCII. This is because some of the bytes are in fact hexadecimal.

Hopefully your eye caught the non-standard bytes. We use the "Frequency distribution" ingredient to see what we can learn.

---Truncated---
30	0	2.88%   	|||
31	1	1.92%   	||
32	2	4.81%   	|||||
33	3	4.81%   	|||||
34	4	11.54%  	||||||||||||
35	5	10.58%  	|||||||||||
36	6	8.65%   	|||||||||
37	7	7.69%   	||||||||
38	8	1.92%   	||
39	9	4.81%   	|||||
---Truncated---
6e	n	0.96%   	|
6f	o	0.96%   	|
70	p	0%      	
71	q	1.92%   	||
72	r	1.92%   	||
73	s	1.92%   	||

We see that there is in fact a total of 16 bytes represented, 15 if we remove the whitespace, which is interesting. We would expect that for hexadecimal, but we know for a fact that this isn't standard hexadecimal.

We know the author of the challenge enjoys character shift obfuscation such as ROT13, and we know the letters are the only characters affected by ROT13, which would explain why some of these are seemingly valid hexadecimal bytes, and others are not. We can either try ROT13 on the full sequence, or we can try on the letters we know are present: n, o, q, r, and s. For good measure we can even include p, since it seems like that byte just isn't present but would be if the data was there. We put the string nopqrs into CyberChef and use ROT13 Brute Force, or ROT13.

Amount =  1: opqrst
Amount =  2: pqrstu
Amount =  3: qrstuv
Amount =  4: rstuvw
Amount =  5: stuvwx
Amount =  6: tuvwxy
Amount =  7: uvwxyz
Amount =  8: vwxyza
Amount =  9: wxyzab
Amount = 10: xyzabc
Amount = 11: yzabcd
Amount = 12: zabcde
Amount = 13: abcdef
Amount = 14: bcdefg
Amount = 15: cdefgh
Amount = 16: defghi
Amount = 17: efghij
Amount = 18: fghijk
Amount = 19: ghijkl
Amount = 20: hijklm
Amount = 21: ijklmn
Amount = 22: jklmno
Amount = 23: klmnop
Amount = 24: lmnopq
Amount = 25: mnopqr

Only one of these are entirely within the character space. We determine that the next layer is likely ROT13. We apply the ROT13 ingredient.

We have what appears to be standard hexadecimal bytes, and we decode these using the "From Hex" ingredient.

$apr1$impose$4HKUsSyIYhNZMePGnTEvY/

If you have seen strings formatted like this before, you are excited and get to work. If you are not, you continue to throw the kitchen sink at it within CyberChef, or you start using your preferred search engine, which should totally be Google, or ask your preferred large language model (LLM), which should totally be Bard. Note: in a real investigation or intrusion, you should not enter this kind of material into public or third party resources without understanding exactly what you are giving up.

You determine this is a password hash. Your research reveals that $apr1 signifies the implementation, Apache's APR1, the string that follows (impose) is the salt, and the string that follows (4HKUsSyIYhNZMePGnTEvY/) is the encoded password hash.

As a side note, the encoding of the password hash is an alternative base64 encoding that uses the following character set:

./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz

You research some more to identify software that can be used to crack this particular password hash. You likely identify John The Ripper or HashCat. You research some more and determine an effective way to crack weak passwords is with a dictionary attack or word lists. You either find a popular and good word list, or you add words you think the author is a fan of using and begin your cracking efforts. I intentionally used a word that I use a lot.

# Add the full string to a file; I used hash.txt
# Note, if you don't escape the $s, you're going to be pretty mad.
# Alternatively, just open a text editor and paste it in.

echo "\$apr1\$impose\$4HKUsSyIYhNZMePGnTEvY/" >> hash.txt

# Determine the mode to use with hashcat
hashcat --help | grep apr1 

# Generate your word list or use a stock one such as rockyou.txt

wget https://github.com/brannondorsey/naive-hashcat/releases/download/data/rockyou.txt

# Start Cracking
hashcat -a 0 -m 1600 hash.txt rockyou.txt

We find the password, "attribution" which is our coupon code for 10% off merchandise on imposecost.net!

Alternatives

John The Ripper

John the Ripper is capable of cracking the APR1 hash as well.

john --wordlist="./rockyou.txt" hash.txt
john --show hash.txt

CyberChef

CyberChef is not the preferred tool to solve this challenge in its entirety. The ROT13 ingredient and hexadecimal decode are useful, but after that you're in for some pain. Numerous people figured out it was either not possible or not reasonable to try to attack the rest of the problem with CyberChef. That is except for Radu Caragea (@mztropics/), who had previous solved the challenge using John The Ripper saw people throw in the towel over CyberChef and decided to prove or disprove whether or not this problem could be solved with CyberChef cradle to grave. He did it. You can read his solution here: https://gist.github.com/Sin42/f7503e4a7d74302dc67f1d52153203d0

Setup

If you want to generate similar challenges, I used openssl to generate this:

# impose is the salt; attribution is the password.
openssl passwd -apr1 -salt impose attribution

# Full set up, note there's a newline byte when done this way.
# You will need binary-refinery for hex -R and rot 13 to work.

openssl passwd -apr1 -salt impose attribution | tr -d '\n' | hex -R | rot 13