Tags: sqlite3

Rating: 5.0

# Past Demons (30 points)

format = flag{password}

## Problem

We've had a hard time finding anything on spookyboi. But finally, with some search engine finessing, an analyst found an old, vulnerable server spookyboi used to run. We extracted a database, now we need your help finding the password.


## Solution


in order to view it like its supposed to we need to import it into a sqlite3 database.

to open it with sqlite3 we need to run #sqlite3 out.db#

![alt text](https://raw.githubusercontent.com/ozzzozo/writeups/main/ctfs/hacktober/sql/PastDemons/0.png)

to view all the tables we need to run #.tables# inside the sqlite db.

we need to found spookyboi password.

before we run any sql commands we need to set the header on and mode to column in order for the sql commands to be run like we want them to.

#.mode column#

now to view passwd and users table contents.

#SELECT * FROM passwd;#
#SELECT * FROM users;#

we can see that spookyboi's uid is 8 so we need to crack the password with the uid of 8.

![alt text](https://raw.githubusercontent.com/ozzzozo/writeups/main/ctfs/hacktober/sql/PastDemons/2.png)

doing this with john or hashcat will be a waste of time because we can do it with online tools like crackstation.net

we can see that crackstation.net was able to find that hash contents in their database and also find the type of hash.

![alt text](https://raw.githubusercontent.com/ozzzozo/writeups/main/ctfs/hacktober/sql/PastDemons/3.png)

flag{zxcvbnm}


Original writeup (https://github.com/ozzzozo/writeups/tree/main/ctfs/hacktober/sql/PastDemons).