How I Hacked My Way to a Free CrikeyCon Ticket and a New Job

Beware droppy the dropbear. AKA the Crikeycon mascot.

Let’s rewind a week, I noticed a twitter post come up from Paul Jenkins (@infosecrecpaul) and Marcus Lavalle-Smith (@MarcusRecruiter).

I’d love to go to @CrikeyCon, I was just starting my lunch break at work, so why not!

Here’s the challenge in text:

e00da03b685a0dd18fb6a08af0923de0
093f65e080a295f8076b1c5722a46aa2
26657d5ff9020d2abefe558796b99584
38b3eff8baf56627478ec76a704e9b52

If you have seen many MD5 hashes in your time, you will know that this looks like 4 MD5 hashes seperated by line breaks.

Rather than trying to crack them myself which is often time and processor intensive, I googled them one by one, to find that the decryped hashes were 4 numbers:

e00da03b685a0dd18fb6a08af0923de0 = 139
093f65e080a295f8076b1c5722a46aa2 = 59
26657d5ff9020d2abefe558796b99584 = 96
38b3eff8baf56627478ec76a704e9b52 = 101

I noticed that this looks like an IP address, so I navigate to http://139.59.96.101