Hashing - Crypto 101

An introduction to Hashing, as part of a series on crypto

This room in the TryHackMe teaches about the basics of hashes. It's a walkthrough, so most of the process is included in the room. But I would like to share my findings and additional stuff related to this room.

I have not provided any cracked-hash in this write-up. Though I have blurred them in a way, so the reader can get a hint only.

Task 1:

The purpose of encoding is to transform data so that it can be properly (and safely) consumed by a different type of system. The purpose of encryption is to transform data in order to keep it secret from others. Read more

Task 2:

1. Output size of MD5 hash is 128 bit. 128 bit = 16 bytes. Because 1 byte = 8 bit.

2. Due to the pigeonhole effect, collisions are not avoidable

3. There are 2^8 possibles hashes. 2^8 = 256

Task 3:

1. This blog post is about the Rainbow Table Attack: Read
2. Online tools to crack hash. This will also tell you the hash type: Link
3. Password should be hashed. Encryption is not the correct term for that: Read more

Task 4:

1. SHA-rounds means the iteration of SHA function: Read more
2. Recommended website is enough to find the hash: Link. Check the image below to understand.

Task 5:

1. Hash analyser is an online tool: Link. The image below is the result of the first hash.

2. hashcat is kali tool to crack hash. 'bcrypt' hash code is 3200. Command: hashcat --help

3. Command to run hashcat:

hashcat -m 3200 [Hash saved file] [rockyou.txt file location] 

Do not use --force as it will generate false positive and false negative.

4. Crackstation.net can also crack some 'non-salted' hash. Try it too.

Task 6:

1. This link will show you the list of SHA1 sum: Link
2. Check 'Hash cat wiki', provided at task 4: Link

I hope this will help you. Thank you.