CTF-Players

Home > 2020 > Syskron Security CTF > Leak audit

Leak audit

Forensics

Points - 200

We found an old dump of our employee database on the dark net! Please check the database and send us the requested information:

    How many employee records are in the file?

    Are there any employees that use the same password? (If true, send us the password for further investigation.)

    In 2017, we switched to bcrypt to securely store the passwords. How many records are protected with bcrypt?

Flag format: answer1_answer2_answer3 (e.g., 1000_passw0rd_987).

The simplest way to solve this is probably to just open the databsae using sqlite3 … A simple .schema will now inform you about the database’s general structure:

schema

Now… simply use three or less queries to answer all of the task statement’s questions:

  1. How many employee records are in the file?
SELECT COUNT(*)
FROM   personal;

376
  1. Are there any employees that use the same password? (If true, send us the password for further investigation.)
SELECT    password, COUNT(*) "count"
FROM      personal
GROUP BY  password
HAVING    count > 1;

mah6geiVoo|2
  1. In 2017, we switched to bcrypt to securely store the passwords. How many records are protected with bcrypt?
SELECT  COUNT(*) 
FROM    personal 
WHERE   password LIKE '$2b$%';

21

Now, reconstructing the flag was no problem at all: flag{376_mah6geiVoo_21}