Posts: 4
Threads: 0
Joined: Mar 2012
(03-31-2012, 12:13 AM)atom Wrote: the post was not deleted, just splitted into a seperate thread, since this thread is about the challange, not about strange rule engine behaiviors. please read the http://hashcat.net/forum/thread-1027.html then you hopefully understand why it works how it works...
Yes now I understand how it works. I apologize for not seeing that.
Posts: 5,185
Threads: 230
Joined: Apr 2010
Thanks to dakykilla:
Quote:o0to0b o0t o0b
can be written as just "o0b"
Posts: 57
Threads: 12
Joined: May 2010
Fun competition, although I didn't join in. You guys are way much better than I am, so I didn't even consider trying. :-)
On the other hand I suddenly had this weird thought when the competition was over, and atom said that the new and improved best64.rule would be provided with the new 0.08 version of oclHashcat-plus. "What if the new best64.rule is actually worse than the old one for other lists than those used in the competition?"
Time for my experiment:
I've got 85615 unique NTLM hashes, originating from a domain with complexity requirements turned on (default config from Microsoft). I will use the same wordlist (passwords_top10k.dict.txt), as used in the competition, and run that against the NTLM hashes using the old and the new best64.rule, to see how many hashes gets cracked using each one.
My command line (Ubuntu 12.04LTS 64-bit, Nvidia GTX580, newest drivers, all updates installed):
cudaHashcat-plus64.bin -m 1000 -o best64.test --outfile-format=7 -r rules/best64.rule -a 0 ntlm.txt passwords_top10k.dict.txt (& best64-old.rule for the other run)
best64.rule is 1044 bytes, 103 lines
best64-old.rule is 548 bytes, 69 lines
Interesting results indeed:
best64.rule (new): Recovered 1364/85615
best64-old.rule (old): Recovered 2187/85615
It's 01:40 now, so I'll drop any more tests to be sure my brain isn't messing up things too much, but I will do some more testing over the next couple of days.
Posts: 25
Threads: 7
Joined: Dec 2011
05-06-2012, 03:18 AM
(This post was last modified: 05-06-2012, 03:25 AM by arex1337.)
I mentioned this issue in my writeup. The competitors were obviously incentivized to target the provided hashes. I haven't done any testing myself, but if this is true I am not surprised at all.
Never really understood the best64 obsession anyway. 64 is a small number, and you should customize your attack to each target.
Posts: 5,185
Threads: 230
Joined: Apr 2010
Its all about the slow ones, like md5crypt, phpass, WPA/WPA2...
Posts: 10
Threads: 2
Joined: Jul 2012
05-06-2014, 02:19 PM
(This post was last modified: 05-06-2014, 04:49 PM by pandaologist.)
Has anyone still got the top10k file and perhaps the hashes for this challenge?
Posts: 17
Threads: 0
Joined: May 2014
You can build it yourself, check page 4, there is detailed explanations on how to generate it
Posts: 20
Threads: 4
Joined: Nov 2017
07-17-2020, 01:21 PM
(This post was last modified: 07-17-2020, 01:29 PM by dizcza.)
I'm sorry to post in 8-years old thread but all links are dead
My question is "Was best64 rule list generated from rockyou?"
Thank you.
Posts: 2,301
Threads: 11
Joined: Jul 2010
the contest was run on the phpbb wordlist, not rockyou.