"Crack Me If You Can"

Back to Top

Submitting results

Once you have cracked some passwords, send us a PGP signed & encrypted email with every plaintext that you have cracked, one per line. Each time you submit you should include everything you've cracked up to that point, not just the new cracks since last submission. We will verify them, and update the stats page.

Do not include anything in the encrypted payload besides cracked plaintexts. For instance, don't include 'username:plaintext', or 'hash:plaintext', just 'plaintext'. If you send us junk that's not correct plaintexts, we will assume you are spewing /dev/random at us and shun all future mail from you, and your team will be disqualified.

Do not flood us with submissions. We will ignore submissions from a team sent faster than once per five minutes. Sending us more than one per minute will disqualify your team.

Do not go too long between submitting updates. One every two hours is preferred. Of course if you sleep a few hours and miss a couple we will forgive you. But if you go more than 12 hours without an update, we will assume you gave up or died of alchohol poisoning, and drop your team.

Here is what a submission process might look like, after you have listed your cracked plaintexts into the file 'cracked':

$ gpg -a -o submission-email.pgp.asc -r sub-2011@contest.korelogic.com \
                                                             -se cracked
$ mail -s "cracked" sub-2011@contest.korelogic.com \
					< submission-email.pgp.asc

Or attach the file keysub-email.pgp.asc to an email to sub-2011@contest.korelogic.com, such as if you are using Gmail.

Don't forget to use --default-key 0xDEADBEEF if you created a dedicated PGP key just for this event.