Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Wed, 3 Jul 2013 14:00:56 -0300
From: José Luis Herrera <jl200520@...il.com>
To: john-users@...ts.openwall.com
Subject: exoof's write-up for hashrunner 2013

First of all I apologize for my late write-up, I've just had some health
problems but now am good to go.
I didn't have any kind of experience before regarding a cracking passwords
contest. But I got over it and could help a bit. Decided to participate due
to my interestests on cryptography, also I've suscribed to the john-users
list more or less 1 year and few months ago, also saw the last year
contestbut thought well am not well prepared nor do know how to use
john properly, but this time I started using it properly either reading the
documentation/wiki as well as blogs, older write-ups, etc. Then proceeded
to contact Aleksey and Solar to test my luck, and thanks to them I got my
 first experience in the whole process that smart password cracking process
involves.

Preparation:

I've used to collect some wordlists either from leaks or from somewhere
that could provide a good wordlist to start working with, so I've got them
long before the contest but didn't provide any huge improvement at all.
When I got accepted to participate in the contest, just prepared my
machines to install john and start testing some attacks against hashes from
the last year hash-runner contest as a suggestion from Aleksey.

Software:

JtR

Hardware:
- 2500k, q6600 and i5 760 at stock clocks

Time spent:
30 or 35 hours more or less

Attacks:
Before anything just checked every contest file and decided with which type
of hash I would feel better working. Then I saw md5's file and thought well
it would be good to start with, thanks to a script from dhiru IIRC we could
crack effectively the broken-md5 hashes, after a few hours when I got up
saw some hits and some patterns related with the cosmos,  so got on the irc
and other members just said there are more patterns but most of them
related to the space with some mangling rules.
I've left md5 with an incremental attack while I started working on bcrypt
where i've just got only one hit during the whole contest. When md5 started
to get stuck decided to work with some rules such as
After that, asked on the irc which hash needed some help and got told try
some luck with keccak-256 where I also got some hits after a few hours and
started to work on rules such as korelogic ones to try to buff this hash
type a bit more.
When there were a few hours and didn't get any md5 hit, just stopped the
work on it and tried my work on md4 where things were good after aplying
some rules and comparing results with the team, then the team said we got
some colours+l33t over here and things started to go smoothly.
After that started to look into sha-512 where i've got very few hits, a bit
dissapointing but things must go on and tried luck with pix where I've left
a machine running incremental mode for 6 hours and got nothing,

Personal opinion:
Since it was my first contest I thought that the contest itself was good
planned, and the art of password cracking is a matter of time, interest and
continuously improvements, just realized that you can't go blind on
cracking every hash without even looking at what did you found neither just
thinking that low hits means you did bad, instead it will help to analyze
what in this case the host of hash-runner thought/used to make those hashes.
A big problem with my participation on the contest was that when the
conteststarted it was 2 am over here and things got a bit complicated,
also the
fact that it got during work-days, hopefully next year it'll be on a
weekend.
On the 2nd day of the contest one my machines failed and got one rig out of
the game, but after talking with other team members on the irc, having too
many machines for this kind of contests doesn't benefits you if you can't
use them properly, after that i've used mainly the 2500k machine and left
the q6600 for just some long and slow work. This way I've felt way more
productive and could focus on what really was necessary. I guess that
someday when I get more experience I could use more machines and produce
improvements instead of just destroying progress, also I hope that the next
time I can help a bit more the team. I didn't think that my contributions
were great but OK. And that thinking is the most important part of the
contest.

Summary:

I'd like to thank the organizers for making this type of contests and the
team itself due to the awesome people that are on it and also the ones that
didn't were on the irc during contest time but offered tips, help, etc via
ml. And also would like to thank Aleksey and Solar for allowing me to join
the team, knowing that I've got no-experience in contests.


-- 
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Regards,
Jose L. Herrera

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.