Find The Hash – SayCure CTF Challenge Solution

In recent articles, I solved some CTF Challenges Solution and got a Good Response. Therefore I am here to write another CTF Challenge Solution “Find the Hash” which was also organized by @SayCureIO. Some of my Friends already posted the solution of this challenge on SayCure Blog but I will try to explain it my own words I mean how I solved it. Let’s get Started.

Overview:

Click on the selected one to read a recent article about CTF Challenge.

• CTF Challenge Solution article 1
• CTF Challenge Solution article 2

Challenge:

"Well, here is your flag. But do me a favor. Feed me the correct flag."
SayCure{You_HASHED_the_XXXX}
XXXX = [A-Z]
Sha-256 of the flag is "47D953330BF06E10CE7CD0707FF673F0C73561A8E422048ED8FFD2B38F99ACBA"

Understanding the Challenge:

It is clear from the above Challenge that they want us to find the 4 characters when inserted in the above Flag makes the given hash. At first, I was Stuck and thought the Hash is made from that 4 Characters, so I made a Script that makes that 4 characters, Encode it to Sha-256 Hash and then compare it with the given Hash but failed to find that 4 Characters. I then Tried to get all possible 4 Characters, put that in the Flag but still failed to find.

Find the Hash:

I was thinking about why I am unable to find the hash? I was wondering why? Then suddenly the Hash once again caught my attention and I saw that the alphabets of the given Hash were all in Upper Case. So, without wasting more time, I configured my Script and after some time I was able to find the Flag.

Code:

import itertools
import hashlib
def foo(l):
     yield from itertools.product(*([l] * 4)) 

for x in foo('ABCDEFGHIJKLMNOPQRSTUVWXYZ'):
     
    hash_object = hashlib.sha256(("SayCure{You_HASHED_the_"+str("".join(x))+"}").encode("utf-8"))
    hex_dig = hash_object.hexdigest()
    if hex_dig.upper() == "47D953330BF06E10CE7CD0707FF673F0C73561A8E422048ED8FFD2B38F99ACBA":
        print("Found: ","SayCure{You_HASHED_the_"+str("".join(x))+"}")
        break
    else:
        print("Trying.......","SayCure{You_HASHED_the_"+str("".join(x))+"}")

Output:

Trying....... SayCure{You_HASHED_the_AAAA}
Trying....... SayCure{You_HASHED_the_AAAB}
Trying....... SayCure{You_HASHED_the_AAAC}
......
Trying....... SayCure{You_HASHED_the_GLAD}
Trying....... SayCure{You_HASHED_the_GLAE}
Found: SayCure{You_HASHED_the_GLAF}

Flag:

So that was another CTF challenge solution. See you soon with another writeup 🙂