Date: Tue, 10 Jul 2012 17:03:30 -0400 (EDT) From: "Brad Tilley" <brad@...ystems.com> To: john-users@...ts.openwall.com Subject: Re: our own training pseudo contest before CMIYC 2012 Hello Frank, > Also, IIRC, hashcat recently had a contest to find "best 64" rules. > May be we can prepare something similar. > Use the default password.lst, converted to lower case, removing any > resulting duplicates, but adding "rockyou". > Then, try to find which rules in which sequence would be the best to > crack dummy hashes generated from the rockyou password list. Since the contest passwords are usually contrived they don't crack like real-world passwords do so effective real-world rules may not help that much. You may consider using word_machine to do some historical analysis of past cracked contest passwords to get an idea of how the organizers used words and patterns in then. For example, here are the top 10 most common raw words from the 2010 contest (based on 30,945 cracks): wm --clean --words kl2010.txt | wm --frequent --words stdin > kl2010-freq.csv word count vegas 673 lasvegas 484 defcon 422 july 285 facebook 272 korelogic 271 whitehat 246 monday 243 blackhat 240 august 183 And here are the top 10 CVNS patterns from that same year. Big 'C' is a big consonant, little 'c' is a little one, etc: wm --pattern-cv 10 --words kl2010.txt > kl2010-pat.csv Pattern Count CcccNNNN 279 CvccvcNNNN 246 ccccNNNN 216 NNNNcccc 204 CvccNNNN 145 CcvcNNNN 128 CccNNNNNN 124 cvccvc 121 CvccvcNN 101 CCcvcvcS 99 IMO, half of the battle to doing well during these contests is figuring out what words and patterns the contest organizers used. If you figure out more than the other teams do, you'll likely win, or come close I think. And perhaps analyzing old cracked passwords from their previous contest will shed some light on what they've done historically. Of course, there's no guarantee this year will be the same, but you never know and in order to be really effective, you'll need to do this sort of analysis during the contest too and adjust your attack accordingly which will require hands-on time and attention. Hope this helps, Brad
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.