Try your hand at DEFCON 2012 decryption challenge

Posted on Saturday, August 4th, 2012 in encryption by the machinegeek

At the recently concluded DEFCON 20 conference in Las Vegas, attendees were presented with this decryption challenge by KoreLogic Security. Take their collection of encrypted password hashes and a bundle of encrypted files and see how many you can crack. File types are from various systems, including UNIX servers, Windows AD, LDAP servers, webapps, etc. The encrypted files can be of any type, including .doc, .zip, private key files, etc.

At the conference, teams were given 48 hours to see how many they could correctly crack, and prizes were awarded to the highest scorers.

THE CONTEST IS CLOSED. However, if you didn’t get a chance to attend this year and want try your hand at cracking the hashes and files you can still give it a try. The contest rules can be found on the KoreLogic site. The challenges data file can be found here. The challenge password hash file bundle can be downloaded here.

REMEMBER, THE CONTEST IS CLOSED. Any activities you engage in are for your own education and entertainment.

SPOILER — After you’ve given it your best efforts and want to check your results, you can download the decryption keys and answers here. For those of us who find this type of activity baffling, the contest organizers promise to post a walk-through of the solutions soon.

Get crackin’!

This entry was posted on Saturday, August 4th, 2012 at 3:00 pm and is filed under encryption. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.

Leave a Reply

Notify me of followup comments via e-mail. You can also subscribe without commenting.

Recent Comments

  • Geert Jordaens: I'm not sure what kind of licensing I have to add since it is a fairly straight forward implementation of the adaptive Huffman Decoding. For...
  • erich: For anyone interested, I've added some c++ code for adaptive huffman decoding in the git repository.
  • Sjaak: I would add some more protection in the used trigger file (on the serverpilot site) then not using a standard name :) hopefully they use...
  • Pete Castagna: My friend Charlie who worked in synthesizers at a DOD type of place made a modification to this avalanche pulse generator that allowed him to...
  • Sam Catchpole: Yes please :D