Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Tue, 7 Aug 2012 00:32:28 -0400
From: "Matt Weir" <cweir@...edu>
To: <john-users@...ts.openwall.com>
Subject: Matt's writeup for Crack Me If You Can 2012

First of all I want to acknowledge the work Kevin Young did. He's another
password cracking researcher who's been investigating passphrases, (you can
see an article he was interviewed for here:
http://www.computerworld.com/s/article/9227894/How_Charles_Dickens_helped_cr
ack_your_LinkedIn_password). I met him at Defcon and he wanted to help out,
and since he was dealing with internet connectivity issues like I was it
turned out to be easier for him to just give me his cracked passwords and
have me upload them to our server vs. him registering as another member on
our team. Pretty much all the passphrases I uploaded were ones that he had
cracked. I'm not sure about the exact hardware he used, but I'm pretty sure
it was just a laptop he had left running in his hotel room.

 

As far as my own contributions go, I was the team representative at Defcon
so I hung out at the Korelogic booth when I could and I picked up the
registration serial number. The only computer I had this year was my macbook
pro so I did all my cracking on that. Also the only password cracking
program I used was JtR 1.7.9-jumbo6, (though I did use several custom
scripts to generate guesses). 

 

When the contest began Thursday night I initially started cracking the
raw-sha1 hashes to try and grab some plaintexts and figure out patterns. I
ran a bunch of dictionaries through it using the "single" ruleset. I also
used the korelogic ruleset for some of the smaller dictionaries. At the same
time I had an incremental=all attack running so I could try to identify
patterns I didn't know about. Based on the cracked passwords I saw I created
several JtR mangling rules and sent them out to our contest listserv.
Throughout the contest I added to, deleted, and modified these rules but
unfortunately I never got around to sending updates to the list due to my
spotty internet access. I really kind of regret that.

 

Friday morning/afternoon I ended up having to devote my CPU power to helping
my CTF team try and crack several PGP encrypted files, (turns out they
weren't encrypted with a passphrase after-all), so I wasn't very productive,
but I moved on to cracking several of the other hash types Friday night
using my custom rules. 

 

Saturday morning there were three very good password cracking talks that I'd
recommend checking out the slides for. The Hash dumping talk was very useful
to me since I've run into that problem a lot in the past and every time it
happened I felt like I was going crazy
(http://defcon.org/html/defcon-20/dc-20-speakers.html#Reynolds).The talk on
breaking MSCHAPv2 was also excellent
(http://defcon.org/html/defcon-20/dc-20-speakers.html#Marlinspike), along
with bitweasil's talk on his GPU crackers,
(http://defcon.org/html/defcon-20/dc-20-speakers.html#Bitweasil). I hope
bitweasil is able to help our team out next year since all of his stuff is
opensource.

 

Saturday I focused on re-mangling the previous cracked passwords our team
had cracked and trying them against the different hash types. Beyond running
the plains through several mangling rules, I also did things like strip the
digits/special characters out to extract the basewords, and concatenate the
cracked passwords and then mangle them. I also had enough cracked passwords
to train my probabilistic cracker, (it's really just a rule generator), on
them and then run cracking sessions using that. I've made some improvements
to my probabilistic cracker since the last contest and I just need to polish
it up a bit before I release a new version to everyone else, but I was
actually very happy with how it ran this year.  It was a lot easier than
writing mangling rules by hand, that's for sure! I just wish I had more time
to run cracking sessions using it. Around 6:00pm I made it back to my hotel
room and spend the next couple of hours running short cracking sessions
against all the hash types, (with the exception of the really
computationally expensive hashes), so that way I could maximize the number
of hashes I cracked, (vs. focusing on one hash type exclusively and only
cracking a few for the extra effort I put into it). At 11:30 I called it a
night, but I have to admit I spent the next 30 minutes obsessively checking
the scoreboard. It was a exciting finish!

 

I'd really like to thank Korelogic for the work they did putting this
contest on. The amount that this contest is spurring research and
development is amazing, and their company has put in a ton of work over the
last couple of years making this a reality. I expect there's a lot of people
who are going to be looking into passphrases over this next year due their
prevalence in the contest this year ;p  

 

I do have two suggestions that I would make for next year but these are just
personal preferences:

 

1) Have a higher cap for the file challenges so the big teams are forced to
develop tools to support additional file encryption types. I appreciate that
Korelogic tried to provide incentive to smaller teams, but I don't know how
well that worked out in reality. Maybe have puzzle challenges instead for
individuals/small groups. For example provide information about a target and
have people try to crack that target's password. Make these puzzles worth no
points for the overall contest, but keep the donation prize for whoever
cracks it so that way individuals can work on those to help a good cause.
That would also provide more incentive to individuals since they are
unlikely to win the contest anyway while discouraging the big teams from
scooping up all the challenges since they wouldn't be worth any point to
them.

 

2) I'd love to see the number of hash types reduced and have additional
categories based on password creation policies added in their place. Aka
have a category for passwords that are at least 15 characters long and
contain uppercase/lowercase/special/digits. My reasoning behind this is that
the major password cracking tools have strong support for many of the hash
types already so I'd like to see some of the focus shift to attacking
password creation policies instead. The researcher in me would also love to
see the results of how effective those policies turn out to be in practice.

 

All in all I had a great time. Thanks everyone!

 

*I'd like to also say it was a classy move when team Hashcat submitted all
of their cracked hashes early Saturday afternoon instead of holding them
back. I know there's strategy in holding hashes back, but in the spirit of
being a good sport I think in future contests we should follow their lead
and release hashes as we crack them, (or at least as soon as it becomes easy
to).

 

Matt Weir 

 

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.