Password Cracking Challenge 3 - Cracking 3
Prompt
Cyber Command: Our analysts have obtained password dumps of default passwords. We know the password scheme is an adjective plus a noun plus two digits. See if you can crack them.
Answers
09bb2a559af215d490d3ce5f70ce2226
cruelcompany10
6e7a4ea0bd0d12b9b851010b91116802
sharpbook16
dd342239b6aee4ad8fccbb09797ce109
charmingmoney27
Steps I Took
Knew the format was [adjective][noun][2 digits], so I needed a combined wordlist.
Found an adjective list and a noun list on GitHub, then used this Python script to combine them:
with open("adjectives.txt") as a, open("nouns.txt") as n, open("bases.txt", "w") as out:
adjs = [x.strip() for x in a if x.strip()]
nouns = [x.strip() for x in n if x.strip()]
for adj in adjs:
for noun in nouns:
out.write(adj + noun + "\n")
Ran a hashcat hybrid attack to append 2 digits to each base word:
hashcat -m 0 -a 6 hashes.txt bases.txt ?d?d
First attempts with small lists (300 words each, ~9M combinations) failed. Kept increasing wordlist size. Eventually tried using Claude.ai directly with the hashes:
Then submitted a longer prompt with more context:
Eventually succeeded after using these full wordlists:
This was the second hardest challenge overall.