KoreLogic's Crack Me If You Can 2026
When:
Start: August 07, 2026 - 18:00 UTC
End: August 09, 2026 - 18:00 UTC
What:
Crack Me If You Can 2026, also known as CMIYC, is KoreLogic's password cracking contest held during DEF CON 34. Teams compete to recover as many plaintexts as possible from provided hash sets and related challenge material. The 2026 scenario centers on a fictional breach of a data broker named Pamama, where teams are tasked with cracking staff accounts and encrypted files to expose the impact of the breach.
Teams may use their own tools, public tools, and any authorized hardware they have available. Pro teams are expected to share techniques, methodology, and resource details after the event.
Where:
DEF CON 34
Las Vegas, NV, USA
Remote participation over the Internet.
Website:
https://contest-2026.korelogic.com/
Rules:
https://contest-2026.korelogic.com/intro/#rules
Team Registration:
https://contest-2026.korelogic.com/howto_register/
Crack Submission Info:
https://contest-2026.korelogic.com/howto_submit/
Contest Updates:
https://infosec.exchange/@CrackMeIfYouCan
Notes:
Anyone can play, though teams will do best.
Team types include Pro Teams and Street Teams.
Contest materials, hints, additional files, and updates may be released during the contest.
Test hashes are expected before contest start so teams can verify their submission process.
Encrypted contest files may be published before the start, with passphrases released when the contest begins.
