Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Sat, 25 Aug 2018 13:24:21 +0300
From: Aleksey Cherepanov <lyosha@...nwall.com>
To: john-users@...ts.openwall.com
Subject: team john-users write-up for "Crack Me If You Can 2017" contest at DerbyCon

Team John-Users "Crack Me If You Can 2017" DerbyCon WriteUp

Contest Website [1]:

[1] https://contest-2017.korelogic.com/

Contest Format:

KoreLogic has a tradition of changing up each CMIYC competition to
drive tool development and teach new cracking techniques. Previous
contests have focused on corporate password policies, passphrase
cracking, new file formats, and non-ASCII password encodings. This
year was no different. The contest changed from a "which team can
crack the most hashes" to a challenge format where each set of cracked
hashes revealed the URL to the next challenge. The first team to
complete all of the challenges was the winner. Team john-users
finished in third place, behind team hashcat and team CynoSure Prime.

Highlights of challenges included:
1) Moving to more of a forensics model of having to crack individual
hashes to move forward
2) Keeping with the forensics model, adjusting cracking strategy for
individual challenges based on the "easily" cracked hashes for that
challenge
3) Dealing with broken hash formats
4) Target research (hello pastebin)
5) Using regex mode, PRINCE mode and tools like combinator/kwprocessor
to generate guesses

Contest Materials:

As of 8/25/2018, the contest materials are still available on-line and
do not require registration to access. You can start the first
challenge using the following URL [2]:

[2] https://contest-2017.korelogic.com/Challenge1.txt

Team Members:

Aleksey Cherepanov (Team Captain)
Denis Burykin aka Apingis
Dhiru Kholia
goblinmax [W&P]
Luis Rocha
Matt Weir
rofl0r
Solar Designer
soxrok2212
trebla
Viktor Gazdag aka wucpi
and 1 additional member (see dedicated chapter)

Hardware Used:
~40-60 CPU cores
~15-20 GPUs
Many members of the team primarily relied on their general desktop
computer to complete the challenges, so had on average around 4 CPU
cores and 1 GPU.

Software Used:

- John the Ripper bleeding-jumbo [3]
- hashcat [4]
- kwprocessor [5]
- Custom scripts written during the contest

[3] https://github.com/magnumripper/JohnTheRipper
[4] https://hashcat.net/hashcat/
[5] https://github.com/hashcat/kwprocessor

While our team is primarily associated with the John the Ripper tool,
since Hashcat is also open source we encouraged our members to use it
as well. Having a better understanding of both tools helps the
community and can lead to future improvements.

Team Organization:

Due to the nature of the challenges, collecting and submitting all of
the cracked passwords in one repository didn't make sense. Instead we
pasted cracks into a shared team IRC channel as well as posting them
to our mailing list. Due to the nature of our team, there was some
fragmentation as several members could not join the IRC channel. This
meant much of the collaboration occurred between those two mediums in
parallel. One advantage of this was that members who could not
actively participate in the cracking, (for example being at work
during a Friday), could still lend their support to figuring out
challenges, troubleshooting issues with Hashcat/JtR, and guess
generation strategies.

Contest Notes:

Our team really enjoyed the new format. It pushed us to try new things
and experiment in a friendly setting. As can be expected, there are a
lot of areas where we can improve our collaboration. Simple things
like timezones can provide unexpected challenges.

For a full write-up of the different challenges, we recommend Team
Hashcat's excellent write-up [6].

[6] https://hashcat.net/events/CMIYC2017/CMIYC2017WriteupHashcat.pdf

Most of the cracks included the URL for the next challenge. Each URL
was broken up into individual parts to make cracking it feasible. This
meant it was often possible to verify hash type by mangling some of
the common parts of the URL such at "https://", "dot", and "html".

Challenge #6 stood out as the results of cracking the NTLM hashes were
what appeared to be random strings. Based on some Google searching, (A
password cracker's best friend), we identified pastebin dumps of
additional hashes. When cracking them we found the URL for the next
challenge. We encountered the same problem as Team Hashcat reported at
this point where our team became confused which challenge number we
were on, (aka if the pastebin link referred to the same challenge or a
new one). This isn't a problem with the challenge itself, but points
to some improvements we can make regarding our workflow. Side note,
dates on pastebin posts were 17 August and 29 August which means the
hashes were available more than 1 month before the contest.

Challenge #8 was also interesting since the hash itself was missing
one character of the salt. This forced us to try and crack all
variations of the salt. We probably could have implemented this in the
custom formats for JtR, but it was much easier to simply generate all
permutations of the missing character as a different password hash and
then crack the entire set. Since there weren't that many hashes this
didn't slow us down much. If there were thousands/millions of target
hashes though then implementing this in JtR natively would have made
more sense so that all variations of a cracked hash would be removed
from future guessing attacks.

Challenge #9 was probably the most talked about challenge of the
contest. Cracking all but one hash of this challenge was fairly
straightforward, but the one hash stopped us cold. We were stuck on

=======================
Those
Damn
Salts!!
ec71bb18570a8942d8e32681b7a333ab...
NowIt's
Time2Test
Your
Power.
YourTrue
Power!
HTTPS://
contest
D4sh
2017
d0t
KoreLogic
dot
com
SLASH
what
SLASH
islove
SLASH
baby
SLASH
dont
SLASH
hurtme
SLASH
donthurt
SLASH
MEEEEEEE
///////////
d259b840dae9250caf756d4514deb908...
////
WriteThat
.WAV
=======================

There was a lot of wrong paths we took trying to finish that song,
writing variations of "NoMore", the band name, etc. PRINCE, and small
scripts were used heavily in this part. It wasn't until KoreLogic
published a hint about a rock star that we were finally able to
complete this challenge and move on. It turned out the final password
was "DidBonJovi". In retrospect was very similar to cracking passwords
in real life where one tough password can halt all forward progress.

As an example, here is one of the small scripts that Aleksey
Cherepanov wrote to generate versions of "nomore":

perl -le '$u = 20; for $a (1 .. $u) { for $b (1 .. $u) { for $c (1 ..
$u) { for $d (1 .. $u) { $k1 = "N" . ("o" x $a); $k2 = "M" . ("o" x
$b) . "r" . ("e" x $c); $k3 = ("!" x $d); for $kk1 ($k1, lc $k1, uc
$k1) { for $kk2 ($k2, lc $k2, uc $k2) { print $kk1 . $kk2; print $kk1
. $kk2 . $k3;} } } } } }' | john --pipe pw/ps2

This also can be directly implemented in JtR using JtR's built-in
regular expression mode (based on rexgen library):

john --regex='([nN]o{1,20}|NO{1,20})([mM]o{1,20}re{1,20}|MO{1,20}RE{1,20})!{0,20}' pw/ps2

All the challenges after that fell quite fast and involved things like
keyboard walks, (which some team members used kwprocessor [5] for).

Team impressions:

As stated earlier, the overall impression from our team was that the
contest was really fun! It was tough and very intensive. Critical
hashes were finished by different members, and everyone contributed
either via cracking, technical support, or other pieces of advice.
Different members approached the same problem in different ways and we
all benefited from learning from each other.

We appreciated the new format and found it interesting. A plus/minus
of it (depending on how you looked at it) was it also allowed us to
finish the competition vs. spending the last day frantically trying to
crack every last hash. Admittedly it was also frustrating getting
stuck, but that's password cracking for you! We do appreciate
KoreLogic providing hints to keep things moving along.

Timeline:

This was a relatively short contest so some members were not able to
join before it was completed. It also took a while for our team to
ramp up as it started on a Friday when many of our members were still
at work. This isn't a complaint as all the other teams had to deal
with the same challenges. As you can see from our time-line, a vast
majority of the contest was spent on challenge #9.

+------+----------+-------+------------+
| Chal | Abs.time | Delta | Comment    |
+------+----------+-------+------------+
|    1 |    01:10 |  1:09 |            |
|    2 |    01:42 |  0:32 |            |
|    3 |    03:02 |  1:20 |            |
|    4 |    04:02 |  1:00 |            |
|    5 |    06:16 |  2:14 |            |
|    6 |    06:47 |  0:31 | pastebin   |
|    7 |    08:06 |  1:19 |            |
|    8 |    10:36 |  2:30 |            |
|    9 |    24:26 | 13:50 | rock star  |
|   10 |    24:40 |  0:14 |            |
|   11 |    25:35 |  0:55 |            |
|   12 |    26:35 |  1:00 |            |
|   13 |    26:42 |  0:07 |            |
|   14 |    26:54 |  0:12 |            |
|   15 |    27:07 |  0:13 | submission |
+------+----------+-------+------------+

Explaining the Unnamed Member:

Team john-users is open to anyone who wants to join. In the past this
hasn't been an issue since there has been a level of mutual respect
between the major teams that has discouraged cheating. But community
around contests grows and new players come. This was the first year
where we had a problem with our policy. One team member took our final
challenge submission and submitted it by themselves before we could
submit it. In part this was an issue with our workflow, (we wanted our
team captain Aleksey to submit it), so there was a 13 minute delay
between our final crack and our submission.

We confronted the team member who admitted what they did.

There was a lot of internal debate about how to handle this. A
majority of the team do not hold any grievances against the
individual. The individual contributed during the contest and quite
honestly this contest isn't worth dragging someone's name through the
mud. Therefore we are simply stripping their name from our team
write-up.

We also are unlikely to change our recruitment policies to any
significant degree beyond coming up with a new standard of conduct.
This is a community group and we want to encourage new members to join
and to learn, not chase them away. This whole episode was saddening as
the individual showed real promise, but we're not going to burn
everything down to avoid a repeat. Of course, consistently being the
third place team also makes us a less appealing target! That being
said, we like to think we'll remain the same even if we achieve higher
rankings in the future. So please if you are reading this, consider
joining team john-users in the next challenge!

Full Disclosure, hint provided by the Unnamed Member:

The unnamed member posted a hint for challenge #9, "the rock star"
challenge to our IRC channel:

> I just got a hint
> It's nothing to do with "no more"
> It's not the lyrics

Even with that hint we did not make any progress. It was only after
the hint from the KoreLogic that we successfully completed this
challenge. There is some concern (but no indication) that this member
may have been in contact, (or listening in), with other teams. We
wanted to document this and be as transparent as possible.

Final Thanks:

We would like to thank other teams for the tough competition!

We would like to thank KoreLogic for their hard work on the contest!
This awesome event is an invaluable gift to us and all other participants.

A contest is a game environment very suitable for learning. It gives
materials and additional motivation, it forces participants to learn
more advanced cracking, and to build hardcore skills. We appreciate
all of the effort KoreLogic put into making this as we always learn
something new from these challenges.

Many thanks!

Team john-users

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.