Back to [Teams] [Top]
Graph of Insidepro's score over time
||Admin, Comrad777, dda, ErrorNeo, Frank89 (aka FrankTNT), Gray_Wolf, Mastercracker, Mastermind, MoHaX (aka Magggg), proinside, test0815, POLIMO, Tyra, usasoft, User, vector
||Canada(1), France(1), Germany(1), Italy(1), Portugal(1), Russia(4), Ukraine(1), Not Specified(6)
||EGB, PasswordsPro, Saminside, Hashcat, OclHashcat, JTR, Ophcrack
Roughly, 40 cores' worth of P4 - i7 CPUs, and 20 GPU cores
First, due to problems with messaging/receiving the hashes, we started about an
hour late. Once we got our hands on the list of hashes, we split it per hash
type and posted in different threads of a private forum. The forum was the
communication system between all the team members through posting and PMs.
We did not have a fixed plan and everyone just went with the hash types they
were most comfortable with. Two members (1 official and myself since I was in
charge of submitting the cracked passwords) were in charge of keeping the lists
up to date by posting the "Left to crack" hashes. One of the good thing was
that since our members were from different time zones, there was always some
cracking and posting going on.
After 8 hours we made a general plan: crack 100% of the LM hash because there's
not much guessing in there, and as much of NTLM as possible since the algorithm
was the second fastest. After 13 hours, we were in first place. Afer 31 hours,
Hashcat was first place and ahead 10,000 points... However we had enough
passwords to see patterns. We started to focus on hybrid attack using what we
saw as the "basic" password in order to get different passwords, rather than
trying to find the same password encrypted in different algorithms which does
not give any more points.
Another focus was looking at the hash with usernames that looked like admin and
try to crack them. We ended up bruteforcing the whole keyspace 1-7 chars for
LM hashes with EGB because rainbow tables were too slow. In the last 2 hours
we did tremendous progress by finding patterns and making attacks matching
those patterns on NTLM hashes. But we ran out of time.
As a last statement, I must say that having the GPU cracking technology is an
undeniable advantage over CPU only but as for CPU, you can have as many core as
you want but you still need to know how to use them efficiently in order to get