Shorten password

misc/metadata-matters/README.md

@@ -9,10 +9,10 @@
 
 One of our agents has gotten a foothold on an old, isolated workstation. It looks like it might have some important information, but we need superuser privileges to get to it.
 
-We managed to extract the password hash for the root user. We know that the password policy mandates passwords that are 12 characters long, and requires that they have capitals, numbers, lowercase letters and symbols.
+We managed to extract the password hash for the root user. We know that the password policy mandates passwords that are 10 characters long, and requires that they have capitals, numbers, lowercase letters and symbols.
 
 ```
-root:$6$hJRNE3mUrOwPQcEd$5JE.VZyAKwFlIY448NOcmzDQX.3dGAr0aUn7ogkw97pU/qcT0l6PN5M2YA32E4Km.5bmQE1jh7cHfbRUieZ0g1
+root:$6$yWctB8cp.P4qQJWg$P.EXiq4zC/sbiv2GLFvaZjFwyPFP.SYzslFlWV/WUi3ccJOvGYcuVv1zAWl09FA74/squo.hXzwDPWDrUzl9N1
 ```
 
 Cracking a good, long password seems impossible... unless you know something we don't?

misc/metadata-matters/challenge.yml

@@ -5,10 +5,10 @@ category: misc
 description: |
   One of our agents has gotten a foothold on an old, isolated workstation. It looks like it might have some important information, but we need superuser privileges to get to it.
 
-  We managed to extract the password hash for the root user. We know that the password policy mandates passwords that are 12 characters long, and requires that they have capitals, numbers, lowercase letters and symbols.
+  We managed to extract the password hash for the root user. We know that the password policy mandates passwords that are 10 characters long, and requires that they have capitals, numbers, lowercase letters and symbols.
 
   ```
-  root:$6$hJRNE3mUrOwPQcEd$5JE.VZyAKwFlIY448NOcmzDQX.3dGAr0aUn7ogkw97pU/qcT0l6PN5M2YA32E4Km.5bmQE1jh7cHfbRUieZ0g1
+  root:$6$yWctB8cp.P4qQJWg$P.EXiq4zC/sbiv2GLFvaZjFwyPFP.SYzslFlWV/WUi3ccJOvGYcuVv1zAWl09FA74/squo.hXzwDPWDrUzl9N1
   ```
 
   Cracking a good, long password seems impossible... unless you know something we don't?
@@ -21,7 +21,7 @@ extra:
   decay: 25
 
 flags:
-  - CCSC{UnM4sk}
+  - CCSC{M4sk}
 
 tags:
   - misc

misc/metadata-matters/solution/README.md

@@ -1,9 +1,9 @@
-The password is the flag. This means that the attacker knows the beginning and the end, and the only part of the password that they actually need to guess is the middle. The middle being only 7 characters means that it's straightforward to crack on a relatively modern cpu/gpu.
+The password is the flag. This means that the attacker knows the beginning and the end, and the only part of the password that they actually need to guess is the middle. The middle being only 4 characters means that it's straightforward to crack on a relatively modern cpu/gpu.
 
 Start up hashcat, give it the right mask, and get the flag.
 
 ```
-hashcat -m 1800 pw -a 3 "CCSC{?a?a?a?a?a?a}"
+hashcat -m 1800 pw -a 3 "CCSC{?a?a?a?a}"
 ```
 
-Flag: CCSC{UnM4sk}
+Flag: CCSC{M4sk}