Jupyter Lab Framework Example: Revisiting CMIYC2022
Everything that happens once can never happen again. But everything that happens twice will surely happen a third time.-- Paulo CoelhoIntroducing the JupyterLab Password Cracking Framework: For the last couple of months, I've been (slowly) working on building out a new backend/framework to be able to manage password cracking sessions using ... Read More
Hashcat Tips and Tricks for Hacking Competitions: A CMIYC Writeup Part 3
I want to know1and understand1But I will not1-- Hashes cracked from the KoreLogic CMIYC 2023 competitionIn the previous two posts on the CMIYC competition [Part 1, Part 2], I had focused on how to integrate data science tools into your password cracking workflow and showed how to crack passwords on ... Read More
Using JupyterLab to Manage Password Cracking Sessions (A CMIYC 2023 Writeup) Part 2
“Tools?" scoffed Kalisti, "Tools are for people who have nothing better to do than think things through and make sensible plans.”― Laini Taylor, Muse of NightmaresWhen we left off in Part 1 of my CMIYC2023 Writeup, I had cracked a measly 437 passwords. Yes I had a Jupyter Notebook set up ... Read More
Using JupyterLab to Manage Password Cracking Sessions (A CMIYC 2023 Writeup) Part 1
“We become what we behold. We shape our tools, and thereafter our tools shape us.”-- Marshall McLuhanThis year I didn't compete in the Defcon Crack Me If You Can password cracking competition. It was my wife's first Defcon, so there was way too much stuff going on to sit around ... Read More
More Password Cracking Tips: A Defcon 2022 Crack Me If You Can Roundup
“We do not learn from experience... we learn from reflecting on experience.” -- John DeweyIntroduction:KoreLogic's Crack Me if You Can (CMIYC) is one of the oldest as most established password cracking competitions. Held every year at Defcon, it serves as a great way to pull together password enthusiasts from all over ... Read More
Password Cracking Tips: A CrackTheCon Roundup
“It is common sense to take a method and try it. If it fails, admit it frankly and try another. But above all, try something.”― Franklin D. RooseveltCrackTheCon, a password cracking contest run by CynoSurePrime, just finished. I competed as a Street team and I was really impressed. This was ... Read More
Installing John the Ripper on Microsoft’s Windows Subsystem for Linux (WSL)
"I see my path, but I don't know where it leads. Not knowing where I'm going is what inspires me to travel it." --Rosalía de CastroIntroduction:With great regret I finally decided to retire my 10-year-old MacBook Pro as my personal travel laptop. Part of that is I'll be attending Defcon ... Read More
Solving Problems with Unknown Constraints
"Software constraints are only confining if you use them for what they're intended to be used for" -- David Byrne (Of the Talking Heads)I recently had an ongoing conversation that spanned several days about the subject of solving mazes. A friend casually mentioned the "Same Wall Rule", (also known as the ... Read More
Evaluating the Value of the (@)Purge Rule
“Only sometimes when we pick and choose among the rules we discover later that we have set aside something precious in the process.” ― Helen Simonson, Major Pettigrew's Last StandBackground and Problem Statement:I was recently asked the following question: "Is there any value in supporting the character purge rule in Hashcat?" The ... Read More
Cracking the MySpace List – First Impressions
Alt Title: An Embarrassment of RichesBackstory:Sometime around 2008, a hacker or disgruntled employee managed to break into MySpace and steal all the usernames, e-mails, and passwords from the social networking site. This included information covering more than 360 million accounts. Who knows what else they stole or did, but for the ... Read More
