Smashthestack Blowfish Level 01

In this level when we are asked to telnet to blowfish.smashthestack.org on port 6666.
When doing that we get:

san@bart:~$ nc blowfish.smashthestack.org 6666

 $1$4JKI4bjj$EucGdPgVb6uc4oTUQ.mJV0
 ----------------------------------

 Crack this passwd with john the ripper
 and use the password to login with
 ssh level2@blowfish.smashthestack.org -p 2222

 - http://iamyas.blogspot.com/2008/01/format-of-etcshadow-file.html 
 - http://www.openwall.com/john/

We download and install john the ripper and after that we create a file like this:

smashthestack1:$1$4JKI4bjj$EucGdPgVb6uc4oTUQ.mJV0

We run john the ripper with that as input and it breaks it really quickly:

$ ./john smashthestack 
Loaded 1 password hash (FreeBSD MD5 [32/32])
welcome          (smashthestack1)
guesses: 1  time: 0:00:00:00 100.00% (2) (ETA: Thu Jan 28 18:27:26 2010)  c/s: 3764  trying: welcome

We have the password for the second level: welcome

You can find the second level tutorial here.

Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License