Skip to main content
Back to Contest Archive

Crack Me If You Can 2011

DEF CON 19 contest materials with Insidepro team 2011 winning, plus standings, submission rules, team pages, and hash-type breakdowns.

Event
DEF CON 19
Dates
August 2011

Insidepro team 2011

Resources

Active Members 22
Nicks Admin, blazer, bvv, Cod3inj3cT, Comrad777, dda, Frank89, Gray_Wolf, gscp, jnpe, mastercracker, Mastermind, mr.2x, pizdec, POLIMO, proinside, raspberry, segasega, test0815, Tyra, usasoft, user
Software PasswordsPro, EGB, Saminside, John the Ripper, Hashcat, OclHashcat suite, ULM, DupeKill, Cryptohaze Multiforcer 1.0, Ultimate Zip Cracker
Hardware 91 CPU cores, 1-3 Amazon EC2 instances, and 31 Graphics cards, some dual-GPU (see table below)

How we defeated the champions

Overview

First of all, I must say that this year's contest was a big improvement over last year. Not that last year was boring, far from that, but the feedbacks given last year were well understood and rectified this year. The weighted points depending on the hashing algorithm made much more sense. The bonuses and the challenges added a lot more spice and need for strategies.

Team Composition

Our team was more or less the core of last year plus some excellent additions that I personally never heard of before but were known from other member of our team. They ended up completing very well the team. For the ones who are curious, we were 22 members spread throughout the world and remotely working with each other via a forum, www.Insidepro.com (see screenshot below).

The members were: Insidepro's admin, blazer, bvv, Cod3inj3cT, Comrad777, dda, Frank89, Gray_Wolf, gscp, jnpe, mastercracker, Mastermind, mr.2x, pizdec, POLIMO, proinside, raspberry, segasega, test0815, Tyra, usasoft and user. In terms of hardware we roughly had almost 100 CPU cores, 1 amazon cloud and about 35 GPUs (see a table of our hardware resources). There was also a website setup that was promising but we could not fix every bug in time and ended up relying on our forum like last year.

Preparation

Preparation for this contest is hard since we don't know exactly what we will be faced with so we basically made sure that some glitches from last year do not reproduce and made some tools here and there just in case they could be needed. Based on last year's contest experience, we knew that the basic strategy was to finding as many passwords possible in the first hours using every method available, find patterns in the passwords and then focus on those patterns to crack more. Before the contest we heard the rumors on how Hashcat team was strong hardware-wise and that John users were doing some massive recruiting. We knew those 2 teams would be the toughest to beat.

During the Contest

About an hour before the start of the contest people started to post (like said earlier posting on the forum was our main way of communication) and everyone was eager to see that list of hashes to crack. At the start time of the contest, we were like runners at the start line waiting for the gun shot: all tense, focused and ready. However the list was not coming... anyway everyone knows the story but we still would like to know what the famous first file was. At last, we received the password-protected file which was quickly cracked and the fun could begin.

It took a while to sort and post all the hash and challenges but as soon as they were posted, everyone rushed on them and gave their best shot. Within 1 minute of being posted, the first challenge file was cracked and 10 minutes later all the passwords found. 10 minutes after that another challenge was down. Without any specific planning everyone got a "niche" and all the hash type were at least partially covered. I personally felt lost for at least the first 12 to 24 hours to the contest because there was so much going on and so much to cover. There was a lot of misses and some hits depending on the algo you were trying.

From what I remember, we were third for a good part of the contest but we were steadily progressing. At midway of the contest we had solid patterns to work with and then there was the breakthrough... We realized that all the toughest algos (that were worth also the most points) were restricted to passwords starting with a, s, m or y and that their length was less than 7 (at least from the ones we were able to crack). This allowed us to reduce our wordlist by a lot giving much more effective attacks and a huge source of points. Then it was playing the "catch up" game when 1 team would lead then the other would post and become first.

One of the memorable moments in our team is in a thread about ranking while we were first and working very hard to stay first. Then Oh no! Hashcat is first again. Then one of our member replied "Don't worry, I have about 50 ms-cash2 and will post them in a couple of minutes." General relief. It finally stayed very tight up to the very end. Hashcat fought a great battle and it was a matter of a couple of hash that tilted the balance in our direction.

Strengths

I think that our main strengths were:
  1. We were composed mostly of very skilled crackers that knew what they were doing so there was no need to direct them anywhere. Only a couple of pointers here and there were necessary.
  2. Everyone spread evenly to cover the challenge or re-deployed to fill the gaps. I am sure that no one, including myself, was able to follow everything that happened in our team during the contest since we were focusing on our task to accomplish but the end result was there.
  3. There was also great team spirit, good communication through our posts and lots of teamwork.
  4. Early recognition of patterns and the followed exploitation of them.
  5. Focusing on the toughest hash at the end with the patterns we learned.
  6. We had the pleasure of having the creator of ULM (Unified List Manager) in our team which was able to quickly design custom analysis tools for our needs during the contest. Some of those tools will be part in the next or future release of ULM (http://users.tpg.com.au/blazerx/).

Weakness

Our weakness (let's say semi-weakness): gathering the cracked passwords. There was one member (Insidepro's admin) that was gathering every single cracked passwords. Our team members were posting like crazy (especially at the beginning of the contest) and it was almost not humanely possible to keep up with them. For that, I have great respect for the work of admin in that contest. This was even more true since as far as I could notice, there was never a real "down" time.

For efficiency since I was the member in charge of the communications with Korelogic and submitting the passwords, I took over admin's task in the last 30 minutes of the contest. I was NOT able to keep up with the posted passwords and was NOT able to submit everything that was cracked. Luckily, I submitted just enough so that we could win. I must say that those last 30 minutes were amongst the most stressful in my life but the result and happiness afterward was way worth the stress.

Mastercracker

Forum Screenshot

[Back] Contest archive image: insidepro forum

Hardware Resources

[Back]
Type Count
CPU Cores 91
Amazon EC2 One Instance throughout; 2 more for the last 4 hours
Nvidia 9800GT 1
Nvidia 9800GX2 1
Nvidia GTS250 4
Nvidia GTX260 1
Nvidia GTX275 3
Nvidia GTX285 1
Nvidia GTX295 3
Nvidia GTS450 1
Nvidia GTX460 3
Nvidia GTX470 2
Nvidia GTX480 1
Nvidia GTX580 1
Nvidia GTX590 1
ATI 3400 1
ATI 5750 2
ATI 5770 1
ATI 5850 1
ATI 5870 1
ATI 6990 2