04-27-2015, 01:42 PM
I thought again about the contest from the idea of it. The way we think atm, the approach we are using atm, it has also a major disadvantage. If we agree too what our goal is with this contest, to find the best efficient rules to crask slow hash types like truecrypt, we should think different.
Because sometimes we find different rules to be more efficient than other based on the target hash. Basically this is the idea of PRINCE, but we can try to do something like this with rules, too. However, we need to create target-classes. So, instead of a count we set it fixed to some size (like 128) and add the target, like:
For the above rules I can assure you those "targets" would have different best32 rulesets.
And don't get confused from it. For example while adding a hash-type like truecrypt to a target class is basically a bad idea, this is just a political correct substitution for a ruleset targeting people trying to hide data on that truecrypt volume. Also the reason I put up a chinese target is not because my goal is to crack chinese hashes, it's just that from my experience people from china are using pure numbers, long numbers, as their password. That has something to do with their keyboard input.
While this type of rulesets is not so common it's basically what people need.
Because sometimes we find different rules to be more efficient than other based on the target hash. Basically this is the idea of PRINCE, but we can try to do something like this with rules, too. However, we need to create target-classes. So, instead of a count we set it fixed to some size (like 128) and add the target, like:
- best_truecrypt.rule
- best_chinese.rule
- best_admin.rule
- best_financial.rule
- best_nazi.rule
For the above rules I can assure you those "targets" would have different best32 rulesets.
And don't get confused from it. For example while adding a hash-type like truecrypt to a target class is basically a bad idea, this is just a political correct substitution for a ruleset targeting people trying to hide data on that truecrypt volume. Also the reason I put up a chinese target is not because my goal is to crack chinese hashes, it's just that from my experience people from china are using pure numbers, long numbers, as their password. That has something to do with their keyboard input.
While this type of rulesets is not so common it's basically what people need.