back to home

GLASSHEADS, pt. 2 Challenge #1 - Winston

This challenge can be found when Art hacks into Winston's computer.

The Setup

Help Art figure out Winston's password and log into this web app.

Art was able to dump the NTLM hash of his password from one of the devices

I bet it's not very strong. Can you crack it? You may need to use a tool like "hashcat" or "john" to help you.

We're given a web app and a hash.

The Ripper

Let's try to use John the Ripper to crack this password.

On a unix machine, put the hash in a hash.txt file and run:

john --format=NT --show hash.txt

This will instantly find the password, and you'll be able to get the flag by entering it in the web app.