Back to Top
Once you have cracked some passwords, send us a PGP signed & encrypted email
with every plaintext that you have cracked, one per line. Each time you submit
you should include everything you've cracked up to that point, not just the new
cracks since last submission. We will verify them, and update the stats
Do not include anything in the encrypted payload besides cracked
plaintexts. For instance, don't include 'username:plaintext', or
'hash:plaintext', just 'plaintext'. If you send us junk that's not
correct plaintexts, we will assume you are spewing /dev/random at us and shun
all future mail from you, and your team will be disqualified.
Do not flood us with submissions. We will ignore submissions from a
team sent faster than once per five minutes. Sending us more than one
per minute will disqualify your team.
Do not go too long between submitting updates. One every two hours
is preferred. Of course if you sleep a few hours and miss a couple
we will forgive you. But if you go more than 12 hours without an
update, we will assume you gave up or died of alchohol poisoning,
and drop your team.
Here is what a submission process might look like, after you have
listed your cracked plaintexts into the file 'cracked':
$ gpg -a -o submission-email.pgp.asc -r firstname.lastname@example.org \
$ mail -s "cracked" email@example.com \
Or attach the file keysub-email.pgp.asc to an email to
firstname.lastname@example.org, such as if you are using Gmail.
Don't forget to use --default-key 0xDEADBEEF if you created a dedicated PGP
key just for this event.