Date: Mon, 06 Aug 2012 10:17:48 +0200 From: Samuele Giovanni Tonon <samu@...uxasylum.net> To: john-users@...ts.openwall.com Subject: Cmiyc 2012 : samu writeup this is my second cmiyc and i think i gave a better contribution than last year Preparation =========== I did some preparation by testing hashkill and cryptohaze multiforce. i planned on recheck my own rules i did to sort them by importance and include them in john.local.conf but i didn't make in time, Hardware ======== * 1 dell with , intel i5-2520M, stock clock. * 1 server with, AMD Phenom(tm) II X4 945 Processor 1 amd 6970 (Cayman) 1 amd 5770 (Juniper) * 5 server with 2 Intel(R) Xeon(TM) CPU 3.00GHz for a total of 8 cores per server each and with glusterfs sharing the working dir Software ======== * John the Ripper * New Cryptohaze Multiforcer Summary ======= Contest started while i was still at work; i managed to get the 3 pdf, use and old version of pdf2john, and put them with mpirun on the 5 cluster; meanwhile i worked with multiforce on gpu side multiforce: I launched multiforce on bull's 7970, nvidia and my 6970 and 5750 to scan through the whole keyspace of raw-md5 hash 1-7 lenght . Later i did the same on raw-sha1 and nt. After that and seeing strange patterns and presumably very long passwords i tried again with all digits from length 8 and beyond: md5 and raw-sha1 gave some good results, nt was not so good. After this i switched back to use gpu with john john: while pdf were crunching i started some dictionary -rules=jumbo on fast hashes, the idea was to get as much hashes as possible to run some analysis. First one to see where those Greek lastnames as well as some password variance, i pointed out to irc but never had the time / clear mind to try to code something to look to those passwords when challenges were all achieved i moved my cluster first to bf and later to sunmd5; results were quite few i tried simple dictionary against sunmd5/bf with no rules at all : simple english words, cities, wikipedia, no luck at all so i moved to follows idea were given on irc and proactively announce to test them on some medium/fast hashes to distributed the load. gpu were used to test md5.13 md5a, and sha512crypt , unfortunately with sha5122crypt i had no luck at all. cpu were used for all fast hashes, last 8 hours i launched and -i:digits on raw-md5u and in the end i got 10 or so digits . at first i also tried to run a simple bash script with curl against http://md5.thekaine.de/ to save cpu power, unfortunately it was not so fast as i hoped so i gave up. i saw some arabic names, i could have never figured out they were taken from koran. Conclusion ========== This year i was a bit more "clean minded" about the contest, i still fail at changing mindset from "real world" scan to "contest" scans ; in the second example you basically finds dictionaries to test hashes on because there an "intelligent design" behind it :-) Given that, i soon realized best help was to follow suggestion on irc and help people on various formats, i think communication is quite important to avoid collision like two people running tests on the same formats. to KoreLogic i'd like to ask this: i don't know about others but here where i live it's 38 / 43 C degrees and with no a/c it is rather hard to make your home pc works without burning your whole house; it would be wonderful to at least make a winter contest as well (say around christmas) Notable mention: simon discovered: "Anakin Skywalker, meet Obi-Wan Kenobi." ep I not even the clasic trilogy and in the end < btvl> (seems like we missed LotR, not sure what kind of nerd misses that and discovers pride & prejudice we failed at basic nerd knowledge Cheers Samuele
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.