Thankfully KoreLogic has given non-attendees the chance to play in their "Crack Me If You Can" game for Defcon! Hooray! 48 hours of unadulterated power consuming, hash generating, text file management, pgp encrypting and general usage of unused computing cycles!
This year I decided to devote a few hours to this contest while the wife and baby sleep. I'll be writing some updates as I get some time on how things are going. It's now been a little over an hour since I started so here's where things stand.
On Your Mark
Pre-registration involved generating a PGP key (if you didn't already have one) and sending it off to KoreLogic's scoring server for verification. This was easy if you've spent any time doing encrypted communication exchanges.
While I waited for the contest to start I made sure I had all my tools and systems ready. This would be the chance to help prove out the expenditure of NVidia GTX580 cards, high-end CPUs, RAID disk space, etc. Since I'm running in an even shorter timeframe (and smaller team size... of one!) early preparation was key.
Tools I planned on using:
- John the Ripper, latest jumbo patches and GPU patches if time and code permitted
- The oclHashCat suite
- Misc rainbowtables collected over the years
- Misc wordlists collected over the years
Molly wakes me up at 5:50am on Friday morning for her regular feeding... 20 minutes of extra sleep! I check my e-mail and am excited to see the encrypted contest e-mails in my inbox. A quick pgp decryption and the URLs to download are shown. Hooray!
Oops, based on the CMIYC twitter feed they had generated some weak hashes. Use the two files instead of the first one. Ok!
Down they come with wget.... Hmm, zip files. No problem! Take a peek with 'unzip -v' and the contents look pretty good. Time to get rolling...
~/korelogic-2011/test$ unzip ../2011-CrackMeIfYouCan_part1.zip
Oh. Of course it's going to be password protected. But it's pretty easy to guess if you take a step back and think about it.Archive: ../2011-CrackMeIfYouCan_part1.zipcreating: contest_tree/challenge1/[../2011-CrackMeIfYouCan_part1.zip] contest_tree/challenge1/challenge1.zip password:
Two hours in...
A long way to go still... Right now I'm basically not caring about the scoring points and going after "low-hanging passwords" using a very large dictionary, JTR's stock rules and patience. Some high scoring hashes may be cracking, I don't really know right now.. Time to feed the baby again.4066 password hashes cracked, 123780 left