A relativly small team has had great success at DEFCON 2010 in this years “Crack Me If you can” competition sponsored by Korelogic Inc, a US-based information security company.

The team was using a software called hashcat which did compete very well against much more well known tools like and teams using John (John the Ripper) or EGB (Extreme GPU Bruteforcer).

The final draw was early this morning UTC, Korelogic will announce the winners later. The competetition demanded a challagening real life scenario, so that the teams were in the need to leave the paths of pure bruteforce based attacks in the 48 hour time-limited contest to attack 53 000 password hashes.

Instead concepts like mask based attacks and the look for pattern matching password testing came into play, as well as to figure out which algorithm was used to generate a certain hash. A social engeneering approach was not possible in the contest, so to leave all teams to pure bare-bone password cracking expertise.

Read On: “Crack Me If You Can”: Defcon 2010 Password Cracking Challenge (backtrack-linux; 3 Aug 2010); Defcon Crack Me if You Can Competition (Reusable Security; 28 Jul 2010)