Level Goal

A password is required for the next level. vortex5.c and md5.h. a-z,A-Z,0-9 is the search space. The password length is 5 chars long, it was originally 7 chars long.

Solution

this level is all about brute forcing, we will run through a list of words or generate the possible permutations with 5 characters of the 0-9,a-z,A-Z character search space.

for this i will use which is an open source password auditing and password recovery tool.

basically john the ripper will try to MD5 hash the passwords or wordsand compare the resulted hash values with the list of hashes given.

in the main function we can see that the hash of the accepted password is

155fb95d04287b757c996d77b5ea51f7

so we wil add this hash to the list of hashes file and run JohnTheRipper on it.

now we got a match, we can run the vortex5 executable and supply the dumped password.

great we got a shell as user vortex6, we can dump this user’s password from /etc/vortex_pass/vortex6 and we are done with this level.