Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <AANLkTiksdf4q7W1zZSE0YYU_ajfsOMiqxC=FpNW4g11H@mail.gmail.com>
Date: Tue, 24 Aug 2010 00:30:56 -0400
From: Charles Weir <cweir@...edu>
To: john-users@...ts.openwall.com
Subject: Defcon18 "Crack Me If You Can" Complete Pot File

Hey all,
    I've been playing around with the plaintext answers KoreLogic
released after the "Crack Me If You Can" competition at this year's
Defcon, and I got it into my head to use the list of words to try and
create a complete JtR .pot file from all of the hashes. There were a
couple of reason for this. First of all, I wanted to start doing
comparisons of the different teams' cracking techniques; More
specifically the techniques they used to train on the cracked NTLM
passwords to attack the other hash types. For that I needed training
and test sets. Also, I REALLY wanted to see if JtR correctly handled
those #$@!# Oracle10 hashes, and if so, what the plaintexts were for
them.  Since I figure other people might be interested in this as
well, I'm making the .pot file available at:

https://sites.google.com/site/reusablesec/Home/random/KoreLogic_Defcon2010.pot

As for the highlights, yes JtR does handle the Oracle passwords,
though it's no wonder no one managed to crack them in the 48 hours we
had. For example, here is a typical Oracle password from the set:

!'O2?CHDOWN

Yes, it's based off of 'TOUCHDOWN', but nobody had those rules in
their mangling set...

What was much more interesting though was the time it took to run the
plaintext passwords through each hash type. To give you some
background, the plaintext list of all the passwords contained 54,932
unique words. I ran these cracking sessions on my Mac 2.2GHz Intel
Core Duo laptop, (only using one instance of JtR), with no mangling
rules, (since I had the perfect dictionary). Also note, some of the
salted hashes were already cracked from the competition so I did not
attempt to re-crack them, (though they are all in the downloadable
.pot file).

I didn't time it, but if I am generous it took approximately 1 second
to run the attack against all of the NTLM password hashes.

Against 10157 Netscape Salted Sha (ssha) hashes, it took me 1 minute
and 30 seconds, with me making 3095K c/s

Against 1000 Oracle10 password hashes it took 1 minute and 28 seconds,
with me making 260645 c/s

Against 80 Blowfish hashes, it took me 3 hours and 36 minutes to crack
them all, with me making 200 c/s

Against 4077 Crypt-MD5 hashes it took 10 hours and 10 minutes to crack
them all, with me making 3228 c/s

What this really brings home is how important hash type is to the
cracking session. There's been a lot of talk in the news lately how
GPU password crackers will soon force everyone to choose 12 character
passwords:

http://www.bbc.co.uk/news/technology-10963967

While team HashCat showed GPU password crackers are extremely
effective, (and I'm still in awe of their work), even a 10x speedup
against Crypt-MD5 hashes would only allows me to make ~30k guesses a
second. That's compared to the 328296K, yes that's 328 MILLION guesses
a second I'm able to make against NTLM password hashes on my laptop.
And that completely ignores the effect that the password salt has when
auditing large lists.

So once again, thanks to KoreLogic for running this competition, and I
can't wait for the next one at Defcon 19!

Matt Weir

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.