best64.rule contest
#21
Presumably we'd be working against a list of plains, not hashes, and use -m 9999 to help develop the rules.
Reply
#22
(04-14-2015, 12:52 PM)atom Wrote: It would be nice to add more people from the password cracking scene (like team-insidepro and jtr-users) for this contest, as everyone would benefit from it.

@mastercracker & @magnum You guys interessted?

It depends a little on what the criterias end up like, but yeah I probably am. If I have the time. This kind of contest isn't as real-time critical as a password cracking contest, right?
Reply
#23
Yes, and no. If we want to call it a contest then we should add some time-limit. Maybe just one that isn't THAT time-critical. Maybe a week or so?

What criterias would you like to see?
Reply
#24
I would kind of like to see a rolling contest, one that never really ends. Make it an automated website so there's no manual work involved. You just submit your ruleset, it tallies up the score, then shows it on the scoreboard with a link to download each one. Every X number of hashcat releases, we just take a snapshot of which ruleset is the best.

The biggest reason why I like this approach is that it encourages continuous development.

Does this approach appeal to anyone else?
Reply
#25
I really like that idea epioxip! The website would be trivial to set up also. This would also allow people to really narrow down rule generation.
Reply
#26
that's also fine. we just need to make sure there's a way to add some username to it Smile
Reply
#27
Naturally Smile
Reply
#28
I like the idea too. But the ruleset performance will also vary according to the wordlist(s) used. How will you measure the score?
Reply
#29
why not just base the score off of the amount of passwords cracked?
Reply
#30
(04-24-2015, 06:02 PM)coolbry95 Wrote: why not just base the score off of the amount of passwords cracked?
Because it depends on the goal of the contest. If it's to figure out the best rules, then we need a standard set of hashes and a standard wordlist. However, we might just get a ruleset highly specific to the wordlist used. It's likely that a good amount of the rules will still be relevant to any wordlist. If we want a best wordlist + ruleset, then we need to put limits since the best result could be achieved by putting the cracked password list as the wordlist and 1 single rule, the : (don't do modifications)...
Reply