Overview
There has recently been a data leak from the Brigham Young University School of Accountancy and you’ve been tasked with seeing which students are in danger of having their passwords figured out. You’ve been given a list of student information along with their usernames and hashed passwords to complete your task (you are told that the school hashes passwords with UTF-16). Pull out your laptop and start cracking those passwords on Alteryx!
Instructions
Build a workflow and get creative to crack as many student passwords as possible using the data provided and your own ideas. (including the top 200 most common passwords). You’ve also been told by the faculty that some students have used passwords related to Brigham Young University and accounting. As part of the challenge, make sure to only use Alteryx, and show your passwords in your solution.
Start off with a blob convert tool. You’ll choose which column to work on/convert. It’s a straightforward tool, but google it if you need help. Another option is the formula tool. A hint in using the formula tool is in the blob convert tool (one of the options).
I thought it was super cool to learn how to crack passwords! I am still a little bit confused on how it works but I thought it was and I am excited for our hackathon in class because I think that this experience will help me.
Challenge87Amy.yxmd (11.7 KB)
Well folks, now I know how to crack some hashed passwords! It was a cool challenge, I liked the use of a blob tool (mostly because it was called a blob tool) and I learned more about joins!
Challenge 87 Password Cracker.yxmd (13.0 KB)
The blob convert tool is a very interesting and useful tool that I didn’t even think of ever using. Thanks for helping learn how to use it!
I hashed different combination to find matches to the passwords leak, the factors to match those where the following:
A) Most commonly used passwords
B) Most commonly used passwords combine with another most commonly used password
C) First name + last name
D) Last name + First name
That was fun! I used Chat GPT to generate a list of building names and codes along with other common words associated with BYU after finding the matches with the top 200 most common passwords. I copied the lists generated by Chat GPT and made a separate excel spreadsheet which I input into the workflow. In all, I found 1,269 of the 4,096 records. PasswordCrackerWF.yxmd (19.2 KB)
