At the recently concluded DEFCON 20 conference in Las Vegas, attendees were presented with this decryption challenge by KoreLogic Security. Take their collection of encrypted password hashes and a bundle of encrypted files and see how many you can crack. File types are from various systems, including UNIX servers, Windows AD, LDAP servers, webapps, etc. The encrypted files can be of any type, including .doc, .zip, private key files, etc.
At the conference, teams were given 48 hours to see how many they could correctly crack, and prizes were awarded to the highest scorers.
THE CONTEST IS CLOSED. However, if you didn’t get a chance to attend this year and want try your hand at cracking the hashes and files you can still give it a try. The contest rules can be found on the KoreLogic site. The challenges data file can be found here. The challenge password hash file bundle can be downloaded here.
REMEMBER, THE CONTEST IS CLOSED. Any activities you engage in are for your own education and entertainment.
SPOILER — After you’ve given it your best efforts and want to check your results, you can download the decryption keys and answers here. For those of us who find this type of activity baffling, the contest organizers promise to post a walk-through of the solutions soon.