SEC-101 Lab 4: Hash-and-Crypto-Misuse Exercise

Week: 5 Graded: Yes Time estimate: 75-90 minutes Tools: hashcat (primary) or John the Ripper (CPU-only alternative); CyberChef (browser, for bcrypt verification); Linux/macOS terminal or WSL2 on Windows

Learning objective

Crack a small set of MD5-hashed and SHA-1-hashed passwords using a dictionary attack. Observe how unsalted fast hashes fall in seconds. Demonstrate that the same passwords, salted and hashed with bcrypt, resist the same attack. (Bloom's L2: Understand -- explain why fast hashes fail for passwords; L3: Apply -- run hashcat against a hash file and interpret the output.)

Setup

Install hashcat (primary, GPU-accelerated if available)

• Linux: sudo apt install hashcat or download from hashcat.net.
• macOS: brew install hashcat.
• Windows WSL2: sudo apt install hashcat. Hashcat in WSL2 uses CPU mode; if you have a discrete GPU, the Windows native hashcat binary (from hashcat.net) can use it for much faster cracking, but WSL2 CPU mode is sufficient for this lab.

Verify: hashcat --version should print the version.

Install John the Ripper (CPU-only alternative, if hashcat is unavailable)

• Linux: sudo apt install john.
• macOS: brew install john.

Verify: john --version.

Download the RockYou wordlist (if not already present)

The RockYou wordlist is a real-world password list from the 2009 RockYou breach, containing 14 million real passwords. It is included with Kali Linux and most security distributions.

• Ubuntu/Debian: sudo apt install wordlists && ls /usr/share/wordlists/ -- if not present: download from a reputable source (search "rockyou.txt wordlist download").
• macOS: Download and place at ~/rockyou.txt.

Verify: wc -l ~/rockyou.txt should show approximately 14 million lines.

Step-by-step instructions

Part A: Crack MD5 hashes (20 min)

Create a file called hashes-md5.txt with the following hashed passwords (one per line):

5f4dcc3b5aa765d61d8327deb882cf99
e10adc3949ba59abbe56e057f20f883e
25f9e794323b453885f5181f1b624d0b
21232f297a57a5a743894a0e4a801fc3
d8578edf8458ce06fbc5bb76a58c5ca4

These are MD5 hashes of real-world common passwords.

Run hashcat against this file:

hashcat -m 0 -a 0 hashes-md5.txt ~/rockyou.txt

• -m 0 = MD5 mode
• -a 0 = dictionary attack

Record in your lab notebook:

• How long did the crack take?
• Which hashes cracked and what were the plaintext passwords?
• What percentage of the five hashes cracked?

Part B: Crack SHA-1 hashes (15 min)

Create a file called hashes-sha1.txt:

5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8
7c4a8d09ca3762af61e59520943dc26494f8941b
f7c3bc1d808e04732adf679965ccc34ca7ae3441
d033e22ae348aeb5660fc2140aec35850c4da997
5e884898da28047151d0e56f8dc6292773603d0d

Run hashcat:

hashcat -m 100 -a 0 hashes-sha1.txt ~/rockyou.txt

• -m 100 = SHA-1 mode

Record: same questions as Part A. Compare the time to crack MD5 vs SHA-1.

Part C: The salted hash defense (20 min)

The hashes above are unsalted: the same password always produces the same hash. A salt is a random value added before hashing so that identical passwords produce different hashes.

Create a file called hashes-salted-md5.txt:

$1$salt1234$XW78KQlJh2tBoKFLMV5sL1
$1$thissalt$0m2iUNpYwDLBW.iBm0jDO.

These are salted MD5-crypt hashes (the format Linux traditionally used). Run hashcat:

hashcat -m 500 -a 0 hashes-salted-md5.txt ~/rockyou.txt

• -m 500 = md5crypt (salted MD5)

Record: did the hashes crack? How much longer did it take compared to the unsalted MD5 from Part A?

Why the salt slows things down (but doesn't stop GPU cracking): The salt prevents pre-computed rainbow table attacks and makes each hash unique, but SHA-1 and MD5 are still fast enough that a GPU can try billions of salted hashes per second. The salt helps; the fast hash is the problem.

Part D: bcrypt resistance (15 min)

Generate a bcrypt hash of a common password using your terminal:

# Python method:
python3 -c "import bcrypt; print(bcrypt.hashpw(b'password', bcrypt.gensalt(rounds=12)))"

# Or using htpasswd (if available):
htpasswd -nbB test password

Copy the resulting bcrypt hash into a file hash-bcrypt.txt. Run hashcat:

hashcat -m 3200 -a 0 hash-bcrypt.txt ~/rockyou.txt --status-timer 10

• -m 3200 = bcrypt
• --status-timer 10 = print status every 10 seconds

Let it run for 60-90 seconds, then stop it with Ctrl+C.

Record in your lab notebook:

• What is hashcat's cracking speed for bcrypt (hashes per second)?
• Compare this to the MD5 cracking speed from Part A.
• How long would it take hashcat (at this speed) to exhaust the full RockYou wordlist for bcrypt?
• At this bcrypt speed, how long would it take to crack a truly random 10-character alphanumeric password?

Part E: Analysis (10 min)

Write 200-300 words answering:

1. What is the practical difference between an unsalted MD5 database and a bcrypt-cost-12 database from an attacker's perspective?

2. A developer argues: "Our users' passwords are all at least 12 characters; even with MD5, they're secure." Is this correct? Show your reasoning with numbers from this lab.

3. What should the developer do instead?

Deliverable

Your lab notebook entries for Parts A-E, including the recorded hash-crack outputs and the Part E written analysis. Annotated screenshots of the hashcat output are encouraged.

Grading rubric

picoCTF connection

picoCTF's Cryptography category includes challenges involving hash identification, hash cracking (often with small dictionaries), and common password hash formats. The skills in this lab (identifying hash format from the hash string, selecting the right hashcat mode, interpreting the output) transfer directly. If you get stuck on a picoCTF crypto challenge involving hashes, check whether the hash length identifies the format: MD5 = 32 hex chars; SHA-1 = 40; SHA-256 = 64.

Lab 4 of 9. Next: Lab 5 (Broken-auth on OWASP Juice Shop, Week 6).