Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <BLU0-SMTP657737892343937F76B397FD930@phx.gbl>
Date: Sat, 1 Jun 2013 15:12:55 +0200
From: Frank Dittrich <frank_dittrich@...mail.com>
To: john-users@...ts.openwall.com
Subject: Frank's write-up for hashrunner 2013

I've been very busy lately, so that I was afraid I wouldn't be able to
participate at all.
At least I didn't have time for preparation.

It was more than 24 hours into the contest until I found some time to
participate, and even then I couldn't participate full-time.

Hardware used:

A single laptop with an Intel i3-2367M CPU @ 1.40GHz (dual core with
hyperthreading), booted from a very slow USB-2 stick with a LUKS
encrypted file system on it.


I started reading the john-contest mails, and saw the discussion about
Lukas finding the 12345678[1-9][0-9] bcrypt passwords.

I found that the same passwords occurred among the raw-md4 cracks, and
that there were other "base words" (leetified names of colors and other
words) plus Az"[1-9][0-9]".
So I first completed that pattern for the existing base words with raw-md4.
Then I collected all the base words from raw-md4 and started to test
these base words with rules Az"[1-9][0-9]" on the bcrypt hashes.

Soon the first bcrypt passwords were cracked.
Due to my weak hardware, I asked on the mailing list for help to
complete the task on more powerful hardware.
Lukas ran that on bull, and it resulted in several hundred new bcrypt
cracks.

Later on I identified the image #11 as a picture of the Eaglescliffe
Chromium factory, but I don't think it helped us in cracking any hashes.
(After the contest I managed to reduce the number of uncracked mscash
hashes from 616 to 7.)

Like many others, I tried to solve the #4 mystery.
Because others had tried names of fruits and vegetables, I tried to use
the output of
strings 4.png
as an input word list, but had no luck.

When Lukas suggested to try more topic related words on bcrypt, I first
experimented on raw-md4, and reported the "base words" that worked on
the mailing list, so that Lukas could try them on bcrypt.

After somebody cracked a bcrypt hash with 123qwe, I tried some keyboard
patterns, but without luck.
As it turned out, the real pattern instead was:
raw-md5 passwords with lower case a and e, but all other letters upper
case cracked bcrypt hashes when converted to lower case.

When I ran out of ideas what else to try for bcrypt, Solar suggested
that we try to crack more keccak hashes because of their value compared
to the cost.
That's when I fetched the latest bleeding revision (so far I always used
unstable), applied obvious patterns (duplicate words, appending 1 or 2
digits, leetifying words with sa@...si1so0ss5st+Q) to base words that
have been used to crack keccak hashes.
Then I tried the same patterns with some larger word lists (rockyou,
facebook names, all passwords found for other hash types).

Alexander tried my suggested rule sa@...si1so0ss5st+Q (I found one more
substitution, sz2, only after the contest) against some
larger word lists and uploaded a pot file less than 15 minutes before
deadline.
The last 2 lines contained 2 raw-md5 passwords:
M00nl1gh+69 and M00nl1gh+83.
This allowed me to crack another 88 raw-md4 hashes and upload my final
pot file 8 minutes before the deadline.


Summary:

I'd like to thank the organizers for such an interesting contest.

We really worked as a team, helping each other in many ways.
The most frustrating part probably was not being able to crack a single
sha256crypt hash, despite trying hard.
(Only after the contest we managed to find sha256crypt passwords.)

I couldn't participate as much as I would have liked, had much less
hardware resources than I wished I had.
But despite that, I think my contribution was OK.

Frank

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.