Solve a riddle, guess a 4 char password and add 10 BTC to your xmas... SOLVED!!

[phr33]

No, that's what I ment with dictionary mode.

I did a new run and got

Code:

./john --wordlist=dict1.txt jtr.private.hash

and got

Code:

guesses: 0  time: 0:00:23:34 DONE (Wed Dec 26 10:30:52 2012)  c/s: 10446 

[phr33]

What OS do you run? Maybe you don't get all the correct CPU flags?

I get:

Code:

$ cat /proc/cpuinfo  | grep flags
flags           : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx lahf_lm ida arat epb xsaveopt pln pts dtherm tpr_shadow vnmi flexpriority ept vpid

You could try building with this

Code:

make linux-x86-64-avx

[K1773R]

No, that's what I ment with dictionary mode.

I did a new run and got

Code:

./john --wordlist=dict1.txt jtr.private.hash

and got

Code:

guesses: 0  time: 0:00:23:34 DONE (Wed Dec 26 10:30:52 2012)  c/s: 10446 

damn! so u create a wordlist with the sha256sums too and the jtr.private.hash is made from gpg2john right? i dont get it why ur somuch faster :S

flags: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm sse4_1 sse4_2 popcnt aes xsave avx lahf_lm ida arat epb xsaveopt pln pts dtherm tpr_shadow vnmi flexpriority ept vpid
kernel: 3.0.0

[phr33]

No, that's what I ment with dictionary mode.

I did a new run and got

Code:

./john --wordlist=dict1.txt jtr.private.hash

and got

Code:

guesses: 0  time: 0:00:23:34 DONE (Wed Dec 26 10:30:52 2012)  c/s: 10446 

damn! so u create a wordlist with the sha256sums too and the jtr.private.hash is made from gpg2john right? i dont get it why ur somuch faster :S

flags: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm sse4_1 sse4_2 popcnt aes xsave avx lahf_lm ida arat epb xsaveopt pln pts dtherm tpr_shadow vnmi flexpriority ept vpid
kernel: 3.0.0

Yep! I think you more or less have to as jtr won't mangle the password in this custom (and partly unknown!) way we need. And yes jtr.private.hash is the output of gpg2john.

[K1773R]

No, that's what I ment with dictionary mode.

I did a new run and got

Code:

./john --wordlist=dict1.txt jtr.private.hash

and got

Code:

guesses: 0  time: 0:00:23:34 DONE (Wed Dec 26 10:30:52 2012)  c/s: 10446 

damn! so u create a wordlist with the sha256sums too and the jtr.private.hash is made from gpg2john right? i dont get it why ur somuch faster :S

flags: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm sse4_1 sse4_2 popcnt aes xsave avx lahf_lm ida arat epb xsaveopt pln pts dtherm tpr_shadow vnmi flexpriority ept vpid
kernel: 3.0.0

Yep! I think you more or less have to as jtr won't mangle the password in this custom (and partly unknown!) way we need. And yes jtr.private.hash is the output of gpg2john.

crazy, crazy. this is really wierd.

[K1773R]

i get a different outupt style from john:
"guesses: 0  time: 0:00:11:32 28.21% (ETA: Wed Dec 26 11:16:29 2012)  c/s: 6016  trying: c6520e7584da05897a51081fcdfe7dc3"
which john version are u using?
i tested 1.7.9-jumbo-7+unstable [linux-x86-64-avx] and 1.7.9-jumbo-7+unstable [linux-x86-64-native]

[phr33]

I have a couple of more CPU flags than you:
smx pcid x2apic and tsc_deadline_timer

But that should not cause any performance loss..

[K1773R]

I have a couple of more CPU flags than you:
smx pcid x2apic and tsc_deadline_timer

But that should not cause any performance loss..

as i said, this is really wierd stuff going on...

[phr33]

i get a different outupt style from john:
"guesses: 0  time: 0:00:11:32 28.21% (ETA: Wed Dec 26 11:16:29 2012)  c/s: 6016  trying: c6520e7584da05897a51081fcdfe7dc3"
which john version are u using?
i tested 1.7.9-jumbo-7+unstable [linux-x86-64-avx] and 1.7.9-jumbo-7+unstable [linux-x86-64-native]

Oh that does not look too good. Apart from the lower speed there's something not quite right. I'll let you think about it. There is not that much info in there so you should be able to find it rather quickly!  

[phr33]

We are at 100!  


Hint hint hint!

[CIYAM]

So now the next hint (and as promised it should not make things too easy):

Code:

I changed the equation.

[K1773R]

i get a different outupt style from john:
"guesses: 0  time: 0:00:11:32 28.21% (ETA: Wed Dec 26 11:16:29 2012)  c/s: 6016  trying: c6520e7584da05897a51081fcdfe7dc3"
which john version are u using?
i tested 1.7.9-jumbo-7+unstable [linux-x86-64-avx] and 1.7.9-jumbo-7+unstable [linux-x86-64-native]

Oh that does not look too good. Apart from the lower speed there's something not quite right. I'll let you think about it. There is not that much info in there so you should be able to find it rather quickly!  

i can only think ur talking about the version, so again which version do you use? i got mine from github.

[K1773R]

So now the next hint (and as promised it should not make things too easy):

Code:

I changed the equation.

somany possibilites is the equation true or false?

[phr33]

So now the next hint (and as promised it should not make things too easy):

Code:

I changed the equation.

Haha! Well, you sure didn't make it a lot easier.  

The equation could probably be changed in more ways than the 62^4 ways the key can!


::EDIT
Remember that withholding good hints will contribute to global warming! 

[CIYAM]

The next hint will be a little more specific about the equation change - let me know how soon you think you need this hint (if no other consensus then I will be giving it at a 200 confirmations).

[phr33]

i get a different outupt style from john:
"guesses: 0  time: 0:00:11:32 28.21% (ETA: Wed Dec 26 11:16:29 2012)  c/s: 6016  trying: c6520e7584da05897a51081fcdfe7dc3"
which john version are u using?
i tested 1.7.9-jumbo-7+unstable [linux-x86-64-avx] and 1.7.9-jumbo-7+unstable [linux-x86-64-native]

Oh that does not look too good. Apart from the lower speed there's something not quite right. I'll let you think about it. There is not that much info in there so you should be able to find it rather quickly!  

i can only think ur talking about the version, so again which version do you use? i got mine from github.

The version number is fine

[CIYAM]

Remember that withholding good hints will contribute to global warming!  

Very true - that's why I had originally wanted to make the last hint more specific - but in any case it seems that you guys are doing some very useful work in testing the approach that I am using (so some extra bounties will be given out to those who have contributed significantly to this thread).

[K1773R]

i get a different outupt style from john:
"guesses: 0  time: 0:00:11:32 28.21% (ETA: Wed Dec 26 11:16:29 2012)  c/s: 6016  trying: c6520e7584da05897a51081fcdfe7dc3"
which john version are u using?
i tested 1.7.9-jumbo-7+unstable [linux-x86-64-avx] and 1.7.9-jumbo-7+unstable [linux-x86-64-native]

Oh that does not look too good. Apart from the lower speed there's something not quite right. I'll let you think about it. There is not that much info in there so you should be able to find it rather quickly!  

i can only think ur talking about the version, so again which version do you use? i got mine from github.

The version number is fine

unstable part? i tryd with the official jumbo release and it cant load the GPG stuff.

[phr33]

The next hint will be a little more specific about the equation change - let me know how soon you think you need this hint (if no other consensus then I will be giving it at a 200 confirmations).

I can obviously only speak for myself, but I simply see too many possibilities to brute force at the moment. Or rather that I see no good way of automating the guessing of the equation modification.
Replacing the "=" and "at least" with ">=" was the only logical change I could come up with.
Next up is a ton of "two times %s..." etc.

In other words: My CPU is idle until next hint

But you can wait until 200 confirms if other ppl think they have a shot. Getting a handful of ppl learning about password breaking, gpg and hasing is a much nobler cause than just putting 10 BTC in my wallet!

But on the other hand. I think I can promise that I'll make a similar contest if I win

Cheers!

[BkkCoins]

Reporting in on GPU performance with John.

So I wrote up my own pwd gen which outputs new pwds to stdout and can be piped into John.
I run like this,

mkpwds | john --stdin --format=gpg-opencl ciyam.hash

... give some output like this...

Compilation log:
Warning: gpg kernel has register spilling. Lower performance is expected.

Loaded 1 password hash (OpenPGP / GnuPG Secret Key [OpenCL])

and after letting it do about 4 million pwds this way (drum roll) I get about 30,000 c/s reported.

This is on 1x 5830. Not that much more than a fast CPU I guess but then I do have 3 available. I just haven't played with running multiple instances yet. I have to turn mining off on 1 GPU to get that. Otherwise, while mining, it gets about <20,000 c/s. This is on a low end Athlon cpu typical for mining.

So at 30,000 c/s it should take roughly 8 minutes to do a salt pattern. Or 2.5 if I can get all 3 GPUs going and manage to split the pwd stream.