The initiative provide wellness advice to enterprises and this includes information on choosing a good password. They would like you to see how resistant each of these passwords are to password recovery. The initiative do not have anyone skilled in Cryptography. They would like you to assess some of their secure crypto systems and solve a crypto problem discovered as part of a security response.
- Hash 1
- Hash 2
- Hash 3
- Hash 4
- Not So 1 Time Pad - Some strange traffic was detected on the network, the initiative staff believe it to be covert communication. Try and decode the messages in covertcoms.pcap. Submit the keys XORed together as your answer.
- Daves Amazing Hash TM - An ex-employee, Dave, wrote a secure hashing algorithm. Is it amazing as it appears? Go to http://10.13.37.10/daves/daves.php to get started.
- 2-Factor - 2-factor is a great way to add security, if it's secure to begin with. Can you log in with administrative access? Read-only access is available with: Username: davedavington@ecwi.cysca, Password: asfjbv459dQA, Pin: 000000. Go to http://10.13.37.10/2fact/2fact.php to get started.
- files/ - Category files
- writeups/ - Category writeups