Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20100715083743.GA11482@openwall.com>
Date: Thu, 15 Jul 2010 12:37:43 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: Contest Details - "Crack Me If You Can" - DEFCON 2010

On Fri, Jun 18, 2010 at 09:38:45AM -0500, Minga Minga wrote:
> Here are the details for that password cracking contest at DEFCON this year.
> 
> http://www.korelogic.com/defcon_2010-contest.html
> 
> Here is the DEFCON message board to discuss it:
> 
> https://forum.defcon.org/forumdisplay.php?f=519

I took a look at the sample hashes you posted here:

https://forum.defcon.org/showthread.php?t=11476
http://www.freerainbowtables.com/gethashlist.php?type=ntlm

Actually, it appears that they were user-contributed (right?), and most
of them (at least the easily crackable ones) are LM and not NTLM
(despite of what the message and the link say) - although it's a mix of
both types, as well as some others (plenty of raw MD5) and not valid
hashes at all (well, not produced by hashing a password, so would be
extremely difficult to crack).

I doubt that the hashes you'd use for the contest will be similar to
these, or will they?

During the contest, will it be OK to publicly share tips specific to the
contest hashes - e.g., recommend specific JtR settings on john-users?

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.