John the Ripper GPU support

• Latest release include more formats and latest git trees include even more.
• CUDA significantly benefits from compile-time tuning of parameters for a given GPU, see doc/README-CUDA
• sha512crypt is currently faster on NVIDIA than on AMD/ATI, and moreover the OpenCL code is currently faster than CUDA (unusual)
• bcrypt is sort of supposed to be inefficient on GPU, so it achieves at best CPU-like performance currently (yet you do get the option to put your many GPUs to at least some reasonable use if you only have bcrypt hashes to attack)
• WPA-PSK CUDA uses a little bit of CPU code as well, and benefits from OpenMP (so you'll get slightly faster speed if you enable OpenMP in the JtR build, although you'll load multiple CPU cores then). The OpenCL version has post-processing on GPU too so doesn't use much CPU resources and will not benefit from OpenMP.
• RAR is a mix of CPU and GPU code, with the ratio varying widely between different RAR archives (type, size). Later versions has mature “early reject” code that minimizes this.
   
• http://openwall.info/wiki/john/GPU 

   High performance password cracking by implementing rainbow tables.pdf by Elsa Cristina David on Scribd

OLD NEWS ...MAYBE HANDY

Dolch Computer sells a 400-MHz rugged notebook

• By Bill Murray
• Aug 03, 1998

Dolch Computer Systems Inc. has released one of the first ruggedized 400-MHz Pentium II
notebook PCs.

The MegaPAC-P2 has Intel Corp.’s new 440BX chip set and 100-MHz motherboard bus.
It can hold as many as nine full-size ISA/PCI expansion boards.

The notebook runs on 120- or 220-volt alternating current or on 160-watt Power Anywhere
power supplies or uninterruptible power systems. The 25-pound, shock-mounted unit has an
alloy chassis and composite case.

A black coating on the 10.4-inch active-matrix display reduces glare and reflection.

The MegaPAC-P2 has 32M of EDO RAM, expandable to 128M, and a hard drive as large as 9G.
It will run MS-DOS, any Microsoft Windows operating system, IBM OS/2 or Santa Cruz
Operation Unix.

Federal users of Dolch products include the Air Force, Army, Coast Guard, Environmental
Protection Agency, Federal Aviation Administration, Marine Corps and Navy.

The Fremont, Calif., company sells notebooks on its General Services Administration
Information Technology Schedule contract, as well as on Unisys Corp.’s Air Force
Unified LAN Architecture II buy and Electronic Data Systems Corp.’s NASA Scientific
and Engineering Workstation Procurement II contract.

GSA pricing for the Dolch MegaPAC-P2 starts at $8,746.

https://gcn.com/articles/1998/08/03/dolch-computer-sells-a-400mhz-rugged-notebook.aspx 

Whitepixel breaks 28.6 billion password/sec

By Marc Bevand

09 Dec 2010

Keywords: amd attack bruteforcing gpu hardware performance

I am glad to announce, firstly, the release of whitepixel, an open source GPU-accelerated password hash auditing software for AMD/ATI graphics cards that qualifies as the world's fastest single-hash MD5 brute forcer; and secondly, that a Linux computer built with four dual-GPU AMD Radeon HD 5970 graphics cards for the purpose of running whitepixel is the first demonstration of eight AMD GPUs concurrently running this type of cryptographic workload on a single system. This software and hardware combination achieves a rate of 28.6 billion MD5 password hashes tested per second, consumes 1230 Watt at full load, and costs 2700 USD as of December 2010. The capital and operating costs of such a system are only a small fraction of running the same workload on Amazon EC2 GPU instances, as I will detail in this post.
[Update 2010-12-14: whitepixel v2 achieves a higher rate of 33.1 billion password/sec on 4xHD 5970.]

Software: whitepixel

See the whitepixel project page for more information, source code, and documentation.
Currently, whitepixel supports attacking MD5 password hashes only, but more hash types will come soon. What prompted me to write it was that sometime in 2010, ATI Catalyst drivers started supporting up to 8 GPUs (on Linux at least) when previously they were limited to 4, which made it very exciting to be able to play with this amount of raw computing performance, especially given that AMD GPUs are roughly 2x-3x faster than Nvidia GPUs on ALU-bound workloads. Also, I had previously worked on MD5 chosen-prefix collisions on AMD/ATI GPUs. I had a decent MD5 implementation, wanted to optimize it further, and put it to other uses.

Overview of whitepixel

• It is the fastest of all single-hash brute forcing tools: ighashgpu, BarsWF, oclHashcat, Cryptohaze Multiforcer, InsidePro Extreme GPU Bruteforcer, ElcomSoft Lightning Hash Cracker, ElcomSoft Distributed Password Recovery.
• Targets AMD HD 5000 series and above GPUs, which are roughly 2x-3x faster than high-end Nvidia GPUs on ALU-bound workloads.
• Best AMD multi-GPU support. Works on at least 8 GPUs. Whitepixel is built directly on top of CAL (Compute Abstract Layer) on Linux. Other brute forcers support fewer AMD GPUs due to OpenCL libraries or Windows platform/drivers limitations.
• Hand-optimized AMD IL (Intermediate Language) MD5 implementation.
• Leverages the bitalign instruction to implement rotate operations in 1 clock cycle.
• MD5 step reversing. The last few of the 64 steps are pre-computed in reverse so that the brute forcing loop only needs to execute 46 of them to evaluate potential password matches, which speeds it up by 1.39x.
• Linux support only.
• Last but not least, it is the only performant open source brute forcer for AMD GPUs. The author of BarsWF recently open sourced his code but as shown in the graphs below it is about 4 times slower.

That said, speed is not everything. Whitepixel is currently very early-stage software and lacks features such as cracking multiple hashes concurrently, charset selection, and attacking hash algorithms other than MD5.
To compile and test whitepixel, install the ATI Catalyst Display drivers (I have heavily tested 10.11), install the latest ATI Stream SDK (2.2 as of December 2010), adjust the include path in the Makefile, build with "make", and start cracking with "./whitepixel $HASH". Performance-wise, whitepixel scales linearly with the number of GPUs and the number of ALUs times the frequency clock (as documented in this handy reference from the author of ighashgpu). 

http://blog.zorinaq.com/whitepixel-breaks-286-billion-passwordsec/ 

 

 

 

          Anúncios Grátis  

 

 

A carregar

 

 

 

 

Carnarvon fortune and Rothschild hidden vaults

HighClere Castle

GENERATE 70 COMBINATIONS IN 1 SECOND ....WHAT YOU SAY 500 MILLION..HALF A BILLION...

 Knuth: Generating All Combinations

I ran into a tricky little problem today: efficiently generating all combinations of k elements from a set of size N. I came up with some ideas but they weren’t efficient enough. I turned to a Knuth Volume 4 preprint on his website, and found all sorts of crazy algorithms for it. Here is a C# implementation I just coded up and tested that people might find useful. It allows you to make a Combination object, and use foreach on it to get all the members.
Note that I had a chance to use the C# 2.0 yield statement; it let me do a fairly direct translation from the pseudocode, although I made a few tiny changes to simplify things. See the comments for a few ways to improve efficiency a tiny bit but it doesn’t affect time complexity. If I understood Knuth, this algorithm runs in O(N choose t) – it’s linear in the number of elements in the output.

Combination class code: Combination.cs
Test class: CombinationsTest.cs
See also: Combinadic on Wikipedia

https://seekwell.wordpress.com/2007/11/17/knuth-generating-all-combinations/ 

 

C Program to Implement Fisher-Yates Algorithm for Array Shuffling

This C program implements Fisher-Yates algorithm for array shuffling. The Fisher–Yates shuffle (named after Ronald Fisher and Frank Yates), also known as the Knuth shuffle (after Donald Knuth), is an algorithm for generating a random permutation of a finite set—in plain terms, for randomly shuffling the set. A variant of the Fisher–Yates shuffle, known as Sattolo’s algorithm, may be used to generate random cycles of length n instead. The Fisher–Yates shuffle is unbiased, so that every permutation is equally likely. The modern version of the algorithm is also rather efficient, requiring only time proportional to the number of items being shuffled and no additional storage space. Here is the source code of the C program to shuffle an array using Fisher-Yates algorithm. The C program is successfully compiled and run on a Linux system. The program output is also shown below. 

http://www.sanfoundry.com/c-program-implement-fisher-yates-algorithm-array-shuffling/ 

DTMF Decoder Using 8051 and 16x2 LCD (let me help ypu opening the electronic vault!)

Loading custom DLLs instead of original DLLs (Let's talk about Stuxnet again and forget Kapsersky...)

The question below is for educational purposes only and the discussed featured are not meant to alter registered DLLs or develop a malware but for learning and experiencing.

Recently I've been exploring few methods to load my own custom DLLs instead of an application's original DLLs. One of the methods that came up was the .local method.
After experiencing with this method a little bit and after I removed the KnownDlls entry from the registry I managed to replace some system DLLs with my patched DLLs successfully.
These are the DLLs:

However, the DLLs are IN the local folder:

However, there are still some DLLs that insist loading from the system32 directory, although they are present in the local folder.
Is there any way I can force the DLL's to load from the local folder instead of the system32 folder?

c++ c windows debugging winapi

7   Any program that tries to substitute system DLLs Ian malware by definition – David Heffernan Jun 26 at 20:17 5   @WeatherVane there are many legitimate reasons to do so. 1. Use proxy DLLs to monitor API calls. 2. Replace functionality as I wish. 3. Because some people are enthusiastic to learn and experience. – Aviv Jun 26 at 20:20 3   To allow for patches to 3rd party libraries. Not to replace core system libraries. – IInspectable Jun 26 at 20:29 4   @Aviv You claim that .local redirection is possible here. What do you know that we don't. We say that's impossible because the system loader loads those DLLs. Why don't you use hooking? The reality is that you don't want to do that because you want to foist your bogus DLLs on somebody else's process. – David Heffernan Jun 26 at 21:44 6   @Aviv: David's right with his last two comments. The MSDN page msdn.microsoft.com/en-us/library/windows/desktop/… is pretty clear that the app.exe.local file changes the behavior of LoadLibrary and LoadLibraryEx. ntdll.dll and kernel32.dll are what provide LoadLibrary(Ex), so by chicken-and-egg analysis you can see that they aren't loaded by LoadLibrary(Ex), and therefore are not affected by DLL redirection. In fact, I think you'll find that ntdll and kernel32 aren't loaded into a new process at all, they are in the initial module table. – Ben Voigt Jun 26 at 21:59 show 22 more comments

2 Answers

active oldest votes

This is not an answer so much as a rambling, unsourced, brain dump. It does serve to explain why I am not surprised at your result. This boils down, for me, to the crucial difference between CreateProcess and LoadLibrary, and how Win32 processes work. Normally, when using LoadLibrary, you are using it from within the process you want the dll to be loaded into. As such, it can take advantage of a whole bunch of in-process context information about activation contexts, dll search paths etc. including knowledge of things like the app.local flag. All these values are specific to the current process and it is not the job of any other process (or even the Kernel) to track stuff like this. But, if we look at CreateProcess we can see some problems. When it is initially called, it is called in the context of the launching, not destination, process, so it knows nothing of the destination processes activation context. In fact, the destination process does not exist yet. The CreateProcess implementation needs to create a NT process, and execute some code in it asap to perform the process load as it doesn't make any sense to instantiate all that per process context stuff in the current process. But, to do that, there needs to be at least some code in the destination process: The kernel code responsible for parsing the EXE files header, extracting the headers and building the activation contexts that will be used to load the remaining dlls. This means that, unfortunately for you, kernel32.dll and some dependencies need to be mapped into a process long before that process is capable of building a dll search context, noticing the app.local flag etc. answered Jun 27 at 9:59

It's indeed a bit rambling. Perhaps most importantly, CreateProcess doesn't actually do that much work. It kicks off kernel code which then creates the new process, maps a few core DLL's, and then starts running the new process. But all that isn't CreateProcess. Have a peek at NtCreateProcess –

You should look at how the Windows loader works. This is OS version dependent, but some of those DLLs load before your program and the loader always looks for them on a path provided by the system. Look at the sequence by starting your program with WinDbg. http://stackoverflow.com/questions/38042757/loading-custom-dlls-instead-of-original-dlls

This is a very, very nice tool...what I mean by this is that, on the case of bilock's casino and vault chit, there's a vulnerability called "pull plug forward and not turn"...but as the description says : "The tool is also especially useful in car openings applying picking techniques (e.g. in the case of BMW, Daimler-Chrysler), because here the lock must be picked in the locking direction and then must be flipped into the unlocking direction very quickly..."

https://shop.multipick.com/en/opening--locksmith-tools/lock-picking--lock-manipulation/electric-picks--multipick-control/plug-spinner-flipper/super-gun-plug-spinner

How to use 315Mhz and 433Mhz Car key remote control code scanner coppier...