Korelogic Logo
"Crack Me If You Can" - DEFCON 2011
  Insidepro team 2011 has won the contest!  
Back to [Teams] [Top]

Insidepro team 2011


Active Members 22
Nicks Admin, blazer, bvv, Cod3inj3cT, Comrad777, dda, Frank89, Gray_Wolf, gscp, jnpe, mastercracker, Mastermind, mr.2x, pizdec, POLIMO, proinside, raspberry, segasega, test0815, Tyra, usasoft, user
Software PasswordsPro, EGB, Saminside, John the Ripper, Hashcat, OclHashcat suite, ULM, DupeKill, Cryptohaze Multiforcer 1.0, Ultimate Zip Cracker
Hardware 91 CPU cores, 1-3 Amazon EC2 instances, and 31 Graphics cards, some dual-GPU (see table below)

How we defeated the champions


First of all, I must say that this year's contest was a big improvement over last year. Not that last year was boring, far from that, but the feedbacks given last year were well understood and rectified this year. The weighted points depending on the hashing algorithm made much more sense. The bonuses and the challenges added a lot more spice and need for strategies.

Team Composition

Our team was more or less the core of last year plus some excellent additions that I personally never heard of before but were known from other member of our team. They ended up completing very well the team. For the ones who are curious, we were 22 members spread throughout the world and remotely working with each other via a forum, www.Insidepro.com (see screenshot below).

The members were: Insidepro's admin, blazer, bvv, Cod3inj3cT, Comrad777, dda, Frank89, Gray_Wolf, gscp, jnpe, mastercracker, Mastermind, mr.2x, pizdec, POLIMO, proinside, raspberry, segasega, test0815, Tyra, usasoft and user. In terms of hardware we roughly had almost 100 CPU cores, 1 amazon cloud and about 35 GPUs (see a table of our hardware resources). There was also a website setup that was promising but we could not fix every bug in time and ended up relying on our forum like last year.


Preparation for this contest is hard since we don't know exactly what we will be faced with so we basically made sure that some glitches from last year do not reproduce and made some tools here and there just in case they could be needed. Based on last year's contest experience, we knew that the basic strategy was to finding as many passwords possible in the first hours using every method available, find patterns in the passwords and then focus on those patterns to crack more. Before the contest we heard the rumors on how Hashcat team was strong hardware-wise and that John users were doing some massive recruiting. We knew those 2 teams would be the toughest to beat.

During the Contest

About an hour before the start of the contest people started to post (like said earlier posting on the forum was our main way of communication) and everyone was eager to see that list of hashes to crack. At the start time of the contest, we were like runners at the start line waiting for the gun shot: all tense, focused and ready. However the list was not coming... anyway everyone knows the story but we still would like to know what the famous first file was. At last, we received the password-protected file which was quickly cracked and the fun could begin.

It took a while to sort and post all the hash and challenges but as soon as they were posted, everyone rushed on them and gave their best shot. Within 1 minute of being posted, the first challenge file was cracked and 10 minutes later all the passwords found. 10 minutes after that another challenge was down. Without any specific planning everyone got a "niche" and all the hash type were at least partially covered. I personally felt lost for at least the first 12 to 24 hours to the contest because there was so much going on and so much to cover. There was a lot of misses and some hits depending on the algo you were trying.

From what I remember, we were third for a good part of the contest but we were steadily progressing. At midway of the contest we had solid patterns to work with and then there was the breakthrough... We realized that all the toughest algos (that were worth also the most points) were restricted to passwords starting with a, s, m or y and that their length was less than 7 (at least from the ones we were able to crack). This allowed us to reduce our wordlist by a lot giving much more effective attacks and a huge source of points. Then it was playing the "catch up" game when 1 team would lead then the other would post and become first.

One of the memorable moments in our team is in a thread about ranking while we were first and working very hard to stay first. Then Oh no! Hashcat is first again. Then one of our member replied "Don't worry, I have about 50 ms-cash2 and will post them in a couple of minutes." General relief. It finally stayed very tight up to the very end. Hashcat fought a great battle and it was a matter of a couple of hash that tilted the balance in our direction.


I think that our main strengths were:
  1. We were composed mostly of very skilled crackers that knew what they were doing so there was no need to direct them anywhere. Only a couple of pointers here and there were necessary.
  2. Everyone spread evenly to cover the challenge or re-deployed to fill the gaps. I am sure that no one, including myself, was able to follow everything that happened in our team during the contest since we were focusing on our task to accomplish but the end result was there.
  3. There was also great team spirit, good communication through our posts and lots of teamwork.
  4. Early recognition of patterns and the followed exploitation of them.
  5. Focusing on the toughest hash at the end with the patterns we learned.
  6. We had the pleasure of having the creator of ULM (Unified List Manager) in our team which was able to quickly design custom analysis tools for our needs during the contest. Some of those tools will be part in the next or future release of ULM (http://users.tpg.com.au/blazerx/).

Our weakness (let's say semi-weakness): gathering the cracked passwords. There was one member (Insidepro's admin) that was gathering every single cracked passwords. Our team members were posting like crazy (especially at the beginning of the contest) and it was almost not humanely possible to keep up with them. For that, I have great respect for the work of admin in that contest. This was even more true since as far as I could notice, there was never a real "down" time.

For efficiency since I was the member in charge of the communications with Korelogic and submitting the passwords, I took over admin's task in the last 30 minutes of the contest. I was NOT able to keep up with the posted passwords and was NOT able to submit everything that was cracked. Luckily, I submitted just enough so that we could win. I must say that those last 30 minutes were amongst the most stressful in my life but the result and happiness afterward was way worth the stress.


Forum Screenshot


Hardware Resources

CPU Cores91
Amazon EC2One Instance throughout; 2 more for the last 4 hours
Nvidia 9800GT1
Nvidia 9800GX21
Nvidia GTS2504
Nvidia GTX2601
Nvidia GTX2753
Nvidia GTX2851
Nvidia GTX2953
Nvidia GTS4501
Nvidia GTX4603
Nvidia GTX4702
Nvidia GTX4801
Nvidia GTX5801
Nvidia GTX5901
ATI 34001
ATI 57502
ATI 57701
ATI 58501
ATI 58701
ATI 69902


Please contact us if you would like more information about our services, tools, or careers with us.
Privacy Policy : Copyright 2012. KoreLogic Security. All rights reserved