Date: Thu, 9 Aug 2012 09:58:14 +0200 From: Guth <guth@...posor.com> To: john-users@...ts.openwall.com Subject: guth's writeup for Crack Me If You Can 2012 Here is my personal writeup about CMIYC2012 contest : # Preparation Unlike last year I : - tried (without luck) to motive friends to join the team - as expected, i didn't take enough (if any) time to prepare this year. - had 1 (small) GPU (instead of none) - had lot less CPU cores: last year 30-40, this year 18 (with less GHz) - had bigger wordlists, and various languages ones # During contest When the contest started, i had a look at challenges, but switched very shortly. I started to run BIG wordlist on NT/nsldap/des/mysql/oracle11 hashes in order to have "samples" of passwords used. I had good results on md5u with big lists as well. Discovered some switzerland cites, althoug i had few "direct" results with the dic compiled from wikipedia, i did not try mangling them. Luckily some others did later. Tried with no luck on Sweden cities. Tried to run (not much luck) famous people names from:already cracked hashes on fast+"half-slow" hashes. I also did some runs of recovered passwords with wordlist on all but very slow hashes, with lines like: for file in *uncracked ; do ./john -w=recovered $file --format="$(echo -n $file |sed 's|hashes-[0-9]\+\.\(.\+\)\.txt-uncracked|\1|')" --rule=TestRule1 ; done I also tried this kind of run with multiples wordlists (non-acsii chars, multiple languages, ...) with custom and "standard"(single/extra/jumbo) rules (rules selection related to wordlist size in order to get "acceptable" run time). Used also some computing time to search/compile names from well known people from South-Africa (from guesses on some spotted names on famous.txt), no luck on it as well. Finally I ran (without luck, again) medium wordlist of well knows password (hopping to find other patterns, "exotic" words) on phps (during sleeptime). # Debrief / Conclusion I should have : - dig more on the "password in many language" hint/feeling i/we got due to the founds in challenge (german+spanish) - globally try harder to find patterns (a lot less than last year) - use more rules I had some troubles with GPU: various selftests errors etc. (not logged, investigation required), so it was nearly not use at all. I got memory corruption(=crash) on some wordlists (reported and corrected since contest ended) Team: Thanks anyone how contributed to JtR: Solar, magnum, JimF, ... (can't list all but you know if you did) The work on GPU implementations helped a bit this year, but is still to improve (as well as the number of GPU in the team :P). GREAT thanks to every one for the fun and great work, real team spirit, ... It was a lot of fun to read/follow "live" what everyone does/thinks/works on.. One single IRC line made my day: < btvl> (seems like we missed LotR, not sure what kind of nerd misses that and discovers pride & prejudice ;) Korelogic: I have the feeling that this year contest was a lot more realistic than last years patterns were present but not too much occurences of each (just enought). i.e. no "master pattern" allowing to recover half of hashes at once. Even if passphrases/over 12 passwords is quite rare in the wild, it seems appropriate in the context of his contest (even if trying to be realistic a contest can't be 100% real, due to context, aims, teams, ...) So all in all it seems fine to me, thought not perfect. Hashcat: Well done, hard fight, lot of fun ! See you next year :) Guth
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.