Cyber security logo

Cyber Security Forensics!

Find the resources you need to master the art of Cyber Security Forensics

DISK01 Challenge

In this section we tackle the DISK01 challenge from picoCTF. I will not be providing the answer here but I will guide you though the process to discover the hidden flag.

Generating a MD4 Hash

Studying Vulnerabilities: MD4 is considered completely insecure and is vulnerable to collision attacks (finding two different inputs that produce the same hash) and pre-image attacks. Researchers use it to study how these attacks work in practice, demonstrate the flaws, and understand the evolution of cryptographic principles.

In Windows with Python

  1. Download and install python
  2. open PowerShell
  3. run python -c "import sys,hashlib; print(hashlib.new('md4',sys.argv[1].encode('utf-16le')).hexdigest())" "Password123"
  4. Replace Password123 with the password you want to hash.

On Linux with smbencrypt or python

  1. smbencrypt “Password123”
  2. python3 -c 'import hashlib; import binascii; print(binascii.hexlify(hashlib.new("md4", "your_password".encode("utf-16le")).digest()).decode("ascii"))'