As a part of authorized penetration tests of companies' internal corporate networks and external websites, you have captured a large number of password hashes and some encrypted files of various types. You owned the firmware of some weird devices, and got hashes. You found corrupted backups with partial password hashes in them. You found password-protected ZIP and RAR files and you want to know whats inside. You were able to do a SQL injection, and extract the users' hashes from the database. But now, you have to crack all these hashes.

In it's 8th year, Crack Me If You Can (CMIYC) is the premiere password cracking contest. We challenge teams of the world's best password crackers. And force them to share their knowledge, tips, and tricks with the community. The challenges presented in the 2010 contest are now trivial and easily completed by even a novice password cracker. So, in 2019, we hope to introduce new challenges that will continue to push the boundaries of what is possible with password recovery.

The contest is geared in a way so that even beginner password crackers will get some points, and hopefully learn along the way.

Fire up your GTX 3080 Tis and EC2 clusters. Ask your boss for time on that super computer your company has. Buy a CRAY on ebay. Email your college professor and ask for your account to be re-enabled on the cluster. Get a few extra box fans. You are going to need it all. Stop wasting your GPUs on playing FortNight, there are passwords to crack!