miketweaver

Install NightShade

Get NightShade Files

git clone https://github.com/UnrealAkama/NightShade
cd NightShade

Setup Pip and Postgres

sudo apt update

miketweaver

REM # -----------------------------------------------------------------
REM # This requires ultradefrag, and sdelete installed.
REM # cinst ultradefrag sysinternals -y
REM # run as Admin
REM # -----------------------------------------------------------------

net stop wuauserv
rmdir /S /Q C:\Windows\SoftwareDistribution\Download
mkdir C:\Windows\SoftwareDistribution\Download
net start wuauserv

miketweaver

miketweaver

PCrack CTF Post-Mortem - 2017

Thank you to everyone who played this year at @SAINTCON! We had an awesome time and loved seeing everyone heat up their rooms and test their skills. As far as I'm aware, there was only one graphics card killed in this endeavor (sorry about that @d4rkm4tter).

Scores

SAINTCON Players:

1st - 53,371,688 - leeroy

miketweaver

import random
import os
import sys
import hashlib
import thread

leetrandomness = 1;
temppassword = ""
use = False

miketweaver

So, for validation, here is my suggestion. Works for however people want to submit (separate hashes.txt, password.txt or combined "hash:pass" file).

• grab a copy of mdxfind/mdsplit from http://hashes.org . Ensure you have the contest-orginal pcrack.master.hashed.txt file (it will be read-only).

• If separate files:

     mdxfind -f pcrack.master.hashed.txt -h ^sha1$ plaintext.txt >result
     mdsplit -f result hashes.txt

You will be left with hashes.txt and hashes.SHA1x01. The hashes.SHA1x01 are the validated number of cracks (wc -l to get number), and any invalid hash submissions will be in hashes.txt. If this file is empty, all hashes validated.

miketweaver

#!/usr/bin/env python
import hashlib
import binascii

score = 0

hashfile = "newformat.txt"

# Notes:
# Chars 0-39 are the first 40 chars of the hash

miketweaver

#!/usr/bin/env python
import hashlib

score = 0

plaintext = "plaintext.txt"
hashes = "hashes.txt"

plainfile = open(plaintext)
hashfile = open(hashes)

miketweaver

Command:

curl -X POST   https://api.passwordctf.com/hashes   -d '{
"data": {
"user_name": "USERNAME GOES HERE",
"api_key": "API KEY GOES HERE",
"hashes": [
"a2477e96493f08578eac08f015ec74ead449cd04:73f1e0a2254a21f094652b8b82b2f586"
]
}

miketweaver

#!/bin/bash
#Copyright 2017 Mike Weaver
#Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
#The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
#THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE