Solve a riddle, guess a 4 char password and add 10 BTC to your xmas... SOLVED!! - page 7.

phr33

full member

Activity: 226

Merit: 100

Quote from: CIYAM on December 26, 2012, 06:53:12 AM

Quote from: phr33 on December 26, 2012, 06:44:48 AM

You can send it to 1GAtPwoTGPQ35y9QugJueum5GzaEzLYjiQ

All winnings will be passed on to a followup contest! It might take a while, but there will be one!

On it's way:

http://blockchain.info/tx/003a4b9ee67639a08c28b9c183ab36f3b2fc192aeac84d9bd8cc29684f6f094e

I have a much better bash script that I am including with a custom Open SUSE distro (which I am still putting together) - that will be a hell of a lot more challenging than this to crack (the point being similar to Mike Caldwell's one that you don't need to remember a huge password to get good security).

Thank you very much! You will be in the list of sources of the price for my upcoming challenge!

Could you please direct me to Mike Caldwell's statements? With a (light but still) background in information theory I'm rather skeptical to this statement. Entropy is a b-tch Cool

Scrat Acorns

sr. member

Activity: 293

Merit: 250

Quote from: CIYAM on December 26, 2012, 06:56:53 AM

Oh really - then why hasn't this been cracked already?

First of all, you're implying that just because we haven't cracked it in 10 hours then it will never be cracked.

Secondly, we don't know the exact implementation of your key derivation function.

CIYAM

legendary

Activity: 1890

Merit: 1086

Ian Knowles - CIYAM Lead Developer

Quote from: Scrat Acorns on December 26, 2012, 06:55:26 AM

This is security by obscurity though. Once they know about your implementation it will be easily cracked.

Oh really - then why hasn't this been cracked already?

(the script in the OP is a simplified version of the one I will publish - btw you cannot run the script I will publish without first modifying it in order to hopefully stop someone being silly enough to run it without first modifying it as I modified the one being tested here)

If I can modify one line of a script and use a 4 letter password that no-one here has been able to crack already then I think that speaks for itself.

Scrat Acorns

sr. member

Activity: 293

Merit: 250

Quote from: CIYAM on December 26, 2012, 06:53:12 AM

I have a much better bash script that I am including with a custom Open SUSE distro (which I am still putting together) - that will be a hell of a lot more challenging than this to crack (the point being similar to Mike Caldwell's one that you don't need to remember a huge password to get good security).

This is security by obscurity though. Once they know about your implementation it will be easily cracked.

Why not use a well scrutinized key derivation function and run 10 million iterations of it?

phr33

full member

Activity: 226

Merit: 100

Quote from: K1773R on December 26, 2012, 06:49:36 AM

yes, for opencl u have to change this

Code:

typedef struct {
        uint8_t length;
        uint8_t v[24];
} gpg_password;

change the 24 to 64 in both files (current folder and opencl).
now its working

Looks good!
I would still defiantly try that using a key with known password to make sure it really works

CIYAM

legendary

Activity: 1890

Merit: 1086

Ian Knowles - CIYAM Lead Developer

Quote from: phr33 on December 26, 2012, 06:44:48 AM

You can send it to 1GAtPwoTGPQ35y9QugJueum5GzaEzLYjiQ

All winnings will be passed on to a followup contest! It might take a while, but there will be one!

On it's way:

http://blockchain.info/tx/003a4b9ee67639a08c28b9c183ab36f3b2fc192aeac84d9bd8cc29684f6f094e

I have a much better bash script that I am including with a custom Open SUSE distro (which I am still putting together) - that will be a hell of a lot more challenging than this to crack (the point being similar to Mike Caldwell's one that you don't need to remember a huge password to get good security).

K1773R

legendary

Activity: 1792

Merit: 1008

/dev/null

Quote from: phr33 on December 26, 2012, 06:38:50 AM

Quote from: K1773R on December 26, 2012, 06:33:19 AM

this hurts... who is so retarded and sets this?

Code:

#define PLAINTEXT_LENGTH    32

Hehe. I bet they thought "noone is retared enough to try to brute force more than 32 chars anyway" when they set it Cheesy

As for the open-cl version they seem to have a more legit reason. Probably more restricted data types and more clever packing of data in there to get nice performance.

yes, for opencl u have to change this

Code:

typedef struct {
        uint8_t length;
        uint8_t v[24];
} gpg_password;

change the 24 to 64 in both files (current folder and opencl).
now its working

Code:

guesses: 0  time: 0:00:00:36 DONE (Wed Dec 26 12:44:56 2012)  c/s: 409200  trying: 7277b9b8b5034fc4e715be0e9e61bf3aac30cce46396a30b5272d89e19418a61 - eea8eca3d1525375b2091f1760ae69e

eea8eca3d1525375b2091f1760ae69e <-- last hash in wordlist which is a bug but dosnt matter. (bug fixed, forgot to fsync it)

Scrat Acorns

sr. member

Activity: 293

Merit: 250

Quote from: CIYAM on December 26, 2012, 06:37:37 AM

How are the rest of you going - want that hint earlier or happy to wait till until confirmation # 200?

Whatever you decide let us know now.

I am also throwing in the towel after 210 or so tries. Been running it since yesterday on a 16 core Xeon.

phr33

full member

Activity: 226

Merit: 100

Quote from: CIYAM on December 26, 2012, 06:37:37 AM

Quote from: phr33 on December 26, 2012, 06:33:54 AM

I tested all passwords for 9 different key derivations before throwing in the towel.

Sorry to hear that but as you have been very helpful with this I will be sending you 1 BTC anyway (let me know what address to send to either here in a PM if you prefer).

How are the rest of you going - want that hint earlier or happy to wait till until confirmation # 200?

Thanks!

You can send it to 1GAtPwoTGPQ35y9QugJueum5GzaEzLYjiQ

All winnings will be passed on to a followup contest! It might take a while, but there will be one!

K1773R

legendary

Activity: 1792

Merit: 1008

/dev/null

Quote from: CIYAM on December 26, 2012, 06:37:37 AM

Quote from: phr33 on December 26, 2012, 06:33:54 AM

I tested all passwords for 9 different key derivations before throwing in the towel.

Sorry to hear that but as you have been very helpful with this I will be sending you 1 BTC anyway (let me know what address to send to either here in a PM if you prefer).

How are the rest of you going - want that hint earlier or happy to wait till until confirmation # 200?

i got 7 so far, still got the wordlists

waiting seems fine, i need to sleep too, my body is still human Tongue

phr33

full member

Activity: 226

Merit: 100

Quote from: K1773R on December 26, 2012, 06:33:19 AM

this hurts... who is so retarded and sets this?

Code:

#define PLAINTEXT_LENGTH    32

Hehe. I bet they thought "noone is retared enough to try to brute force more than 32 chars anyway" when they set it Cheesy

As for the open-cl version they seem to have a more legit reason. Probably more restricted data types and more clever packing of data in there to get nice performance.

CIYAM

legendary

Activity: 1890

Merit: 1086

Ian Knowles - CIYAM Lead Developer

Quote from: phr33 on December 26, 2012, 06:33:54 AM

I tested all passwords for 9 different key derivations before throwing in the towel.

Sorry to hear that but as you have been very helpful with this I will be sending you 1 BTC anyway (let me know what address to send to either here in a PM if you prefer).

How are the rest of you going - want that hint earlier or happy to wait till until confirmation # 200?

phr33

full member

Activity: 226

Merit: 100

Quote from: CIYAM on December 26, 2012, 06:29:40 AM

Not sure if you guys have already been doing this but if some basic stats (such as the total # of attempts each of you have tried) could be published then I think that would be very useful (after it has been cracked of course and perhaps only by the winner).

I tested all passwords for 9 different key derivations before throwing in the towel.

K1773R

legendary

Activity: 1792

Merit: 1008

/dev/null

Quote from: phr33 on December 26, 2012, 06:22:43 AM

Quote from: K1773R on December 26, 2012, 06:15:26 AM

how did you fix this? google results are unrelated to this problem (or atleast all i have read so far).
good that i dont delete my wordlists so afterwards i can just recheck...

Google is usually good, but sometimes one need to just have a look at the source code. You'll find the gpg plugin implemented in src/gpg_fmt_plug.c

I'm sure you will find the length defined there!

this hurts... who is so retarded and sets this?

Code:

#define PLAINTEXT_LENGTH    32

recompiling with 64.
edit opencl_gpg_fmt_plug.c too! (defaults to 15, wtf?)
compiling done:

Code:

guesses: 0  time: 0:00:00:35 DONE (Wed Dec 26 12:31:23 2012)  c/s: 411250  trying: 7277b9b8b5034fc4e715be0e@a785a10e4399ab30ec56aee3@f30430753b6537 - eea8eca3d1525375b2091f1760ae69e

now the opencl stuff is crap (see the @).

python stuff:

Code:

$ python --version
Python 2.6.5

my guess: faster hashing/loops in 2.7 compared to 2.6.

phr33

full member

Activity: 226

Merit: 100

A general recommendation when writing brute force scripts is to try it on something you know the password to!

In this case, create a gpg key with a password using your own 4 letter password run through the key derivation and check that you actually find the key!

I myself tend to always screw up at least some small detail. Testing is crucial if you don't want to wast all those cpu-hours

Scrat Acorns

sr. member

Activity: 293

Merit: 250

Quote from: CIYAM on December 26, 2012, 06:29:40 AM

Not sure if you guys have already been doing this but if some basic stats (such as the total # of attempts each of you have tried) could be published then I think that would be very useful (after it has been cracked of course).

200+ salt variations tested.

Kill me now.

I've been running this since yesterday. Been aware of the echo newline injection and the JTR limitation from the get go.

CIYAM

legendary

Activity: 1890

Merit: 1086

Ian Knowles - CIYAM Lead Developer

Not sure if you guys have already been doing this but if some basic stats (such as the total # of attempts each of you have tried) could be published then I think that would be very useful (after it has been cracked of course and perhaps only by the winner).

phr33

full member

Activity: 226

Merit: 100

Quote from: K1773R on December 26, 2012, 06:22:12 AM

Quote from: phr33 on December 26, 2012, 06:11:49 AM

Quote from: K1773R on December 26, 2012, 06:04:41 AM

Quote from: cedivad on December 26, 2012, 06:00:52 AM

Quote from: K1773R on December 26, 2012, 05:58:11 AM

Quote from: cedivad on December 26, 2012, 05:56:52 AM

Has anyone tried to use c to create the dictionary?

i do it in java with JNI mixed.

What's your speed? It would take me something like 1 day to write the 14 million combinations there are...

2 seconds to create the wordlist (4 chars)
17 seconds to create all sha256 sums
1.5 seconds to write it down to disk (916MB)

Feel free to benchmark the python version on your überclocked machine with blazing fast SSD!

i dont have SSD, dislike to loose my data so fast, the reason why it writes so fast is simply the ext4 cache/buffer.

Code:

real	1m39.336s
user	1m38.058s
sys	0m0.868s

altough this test dosnt seem to be a good benchmark since there are several daemons/VM running.

which python version, pypy or python?

Code:

$ python --version
Python 2.7.3

phr33

full member

Activity: 226

Merit: 100

Quote from: K1773R on December 26, 2012, 06:15:26 AM

how did you fix this? google results are unrelated to this problem (or atleast all i have read so far).
good that i dont delete my wordlists so afterwards i can just recheck...

Google is usually good, but sometimes one need to just have a look at the source code. You'll find the gpg plugin implemented in src/gpg_fmt_plug.c

I'm sure you will find the length defined there!

K1773R

legendary

Activity: 1792

Merit: 1008

/dev/null

Quote from: phr33 on December 26, 2012, 06:11:49 AM

Quote from: K1773R on December 26, 2012, 06:04:41 AM

Quote from: cedivad on December 26, 2012, 06:00:52 AM

Quote from: K1773R on December 26, 2012, 05:58:11 AM

Quote from: cedivad on December 26, 2012, 05:56:52 AM

Has anyone tried to use c to create the dictionary?

i do it in java with JNI mixed.

What's your speed? It would take me something like 1 day to write the 14 million combinations there are...

2 seconds to create the wordlist (4 chars)
17 seconds to create all sha256 sums
1.5 seconds to write it down to disk (916MB)

Feel free to benchmark the python version on your überclocked machine with blazing fast SSD!

i dont have SSD, dislike to loose my data so fast, the reason why it writes so fast is simply the ext4 cache/buffer.

Code:

real	1m39.336s
user	1m38.058s
sys	0m0.868s

altough this test dosnt seem to be a good benchmark since there are several daemons/VM running.

which python version, pypy or python?

Topic: Solve a riddle, guess a 4 char password and add 10 BTC to your xmas... SOLVED!! - page 7. (Read 13707 times)