KoreLogic's Password Cracking Contest at DEF CON KoreLogic's Password Cracking Contest at DEF CON

CMIYC 2019 Hashes and Plaintexts

All of the hashes this year were django-scrypt format - painfully slow to attack head-on (slower for Pro than for Street). Every plaintext was tied to a specific username, and each username also occurred in some hint/challenge file. All of the challenge files combined a few elements:
  1. Something simple to open it up (password like "password", or just strings or base64 -d the file, etc.).
  2. Some notes/hint/email text that gave information about the tricks used in that set.
  3. Some username:hash data using a weak hash type.
  4. Once those weak hashes were cracked, the plaintexts were an effective dictionary against those same usernames' real django-scrypt hashes.

Hash Set Composition

Below is a brief description of each "hash set" in the different hint/challenge files, and the main tricks to each one:

Alaska These users' plains were the rawmd5 of their old passwords; leak contained rawsha1 of those old passwords.
BlueManGroup Plaintexts based on the Navi's language in Avatar. (Get it? Blue Man?)
COREDUMP Everything was based on the words DEFCON, KoreLogic, Minga, or password.
JBJ base64'd tarball containing hint + username:NTLM hashes; plains had something to do with Minga's favorite band.
LEAK1 HTTPS packet capture with keys, decrypted to hints + username:NT hashes.
Log1 zlib-compressed tarball of hints & hashes; passwords used a word reversed with a year suffix added.
Log2 Place-name plaintexts mutated using keyboard shifting, up a row.
loga3 Place-name plaintexts were shifted right on the keyboard; the signature in the email hint gave away the shift pattern.
putty Hint and rawsha1 hashes appended to the end of the executable.
S8SUX Username:SHA1 hashes; plains used a Dothraki dictionary because Season 8 Sucks.
SeeEssSeeEssTeeDee (CSCSTD) Odd squashfs filesystem image, with hashes using CSC-STD-002-85 text as a dictionary.
speak Users' plains based on NewSpeak in 1984.
WOLF rawmd5s of words taken from Beowulf; hint included mutation rules.

Hash Set Cracks Per Team

The tables below show the total hashes available per hash set and the percentage of each set that each team cracked, with the team that got the highest percentage in each shown in bold. See above for brief explanations of each hash set.

Pro Teams

Hash Set: Percent of Total
(24,692)
Alaska
(1,470)
BlueMan
(896)
COREDUMP
(877)
JBJ
(8,092)
LEAK1
(3,055)
Log1
(823)
Log2
(826)
loga3
(826)
putty
(1,931)
S8SUX
(1,767)
CSCSTD
(650)
speak
(1,157)
WOLF
(2,322)
Team:
Hashcat 67.82 86.05 44.31 5.70 83.48 38.72 79.34 76.88 85.35 87.83 35.20 57.85 67.16 70.24
Cynosure Prime 65.00 84.08 2.23 2.62 86.73 72.08 0 88.26 90.68 87.57 72.21 26.92 80.38 0
john-users 42.44 68.78 0.56 0.23 70.06 1.34 0 84.99 89.95 89.44 31.41 3.69 0 0
acc58f52db3845f3cd19eede267f0d93 29.61 29.86 8.71 0.23 24.70 0 69.14 84.87 90.68 82.13 6.28 58.92 60.07 0
Hashes.com Team 26.63 0 0 18.47 63.57 0 0 6.30 1.69 0 28.69 6.46 56.61 0
[Mobile users: swipe left to scroll.]

Street Teams

Hash Set: Percent of Total
(9,620)
Alaska
(445)
BlueMan
(310)
COREDUMP
(285)
JBJ
(2,639)
LEAK1
(1,050)
Log1
(273)
Log2
(279)
loga3
(260)
putty
(608)
S8SUX
(598)
CSCSTD
(215)
speak
(368)
WOLF
(2,290)
Team:
HashCraftsMen 17.67 47.87 0 1.05 26.64 0 0 0 89.62 89.31 0.84 0 0 0
VivaLaFaRT 9.20 0 1.29 0 7.16 0 0 0 88.46 0 3.85 59.07 84.78 0
Nikola 1.65 0 0 0 6.03 0 0 0 0 0 0 0 0 0
Cyclone 0.74 0 0 0 2.58 0 0 0 0 0 0.50 0 0 0
87195895BCA802AF 0.22 0 0 0 0 0 0 0 0 0 0 0 5.71 0
0x69BE027C97 0.12 0 0 0.35 0 0.95 0 0 0 0 0.17 0 0 0
caciosb2019 0.03 0 0 0 0 0 0 0.72 0 0 0.17 0 0 0
SplitCaber 0.01 0 0 0 0 0 0 0 0 0 0.17 0 0 0
Forumhero 0.01 0 0 0 0 0 0 0 0 0 0.17 0 0 0
[Mobile users: swipe left to scroll.]

Test Hashes

As usual, the test hashes we released during pre-registration were designed to hint at the weak hash -> strong hash progression. They included:
  • backups.zip, password "backups", that unpacked into three passwd.N files with successively newer timestamps, containing:
    • Raw MD5 hashes for users u1, u2, u3 that cracked to:u1:NIST
      u1:was
      u2:change
      u2:your
      u3:just
      u3:not
      u3:every
    • Salted SHA1 hashes that cracked to:u1:wrong
      u2:password
      u3:30
      u3:days
    • md5crypt hashes that cracked to:u1:NIST was wrong
      u2:change your password
      u3:just not every 30 days
  • email.zip containing password_policy_changes.mbox, password "password policy", which discussed increasing the password strength policy when switching from md5crypt to bcrypt.
  • The actual test hashes, which cracked to:u1:NIST was wrong.
    u2:Change your password.
    u3:Just not every 31 days.
Several teams got one or two of the final bcrypt test hashes, but nobody(?) submitted successful cracks for all three.