Saturday, August 6, 2016

This document explains the rcrack program. The rcrack program lookup existing rainbow tables for the plaintext of user supplied hash.
Six similar programs are available:

http://project-rainbowcrack.com/crack.htm

HashKiller.co.uk allows you to input an NTLM hash and search for its decrypted state in our database, basically, it's a NTLM cracker / decryption tool.

We have a total of just over 312.072 billion unique decrypted NTLM hashes since August 2007.
Please input the NTLM hashes that you would like to be converted into text / cracked / decrypted. NOTE that space character is replaced with [space]:
Please note the password is after the : character, and the NTLM hash is before it.

https://hashkiller.co.uk/ntlm-decrypter.aspx

Free Password Hash Cracker

Enter up to 20 non-salted hashes, one per line:

Supports: LM, NTLM, md2, md4, md5, md5(md5_hex), md5-half, sha1, sha224, sha256, sha384, sha512, ripeMD160, whirlpool, MySQL 4.1+ (sha1(sha1_bin))

Download CrackStation's Wordlist

How CrackStation Works

CrackStation uses massive pre-computed lookup tables to crack password hashes. These tables store a mapping between the hash of a password, and the correct password for that hash. The hash values are indexed so that it is possible to quickly search the database for a given hash. If the hash is present in the database, the password can be recovered in a fraction of a second. This only works for "unsalted" hashes. For information on password hashing systems that are not vulnerable to pre-computed lookup tables, see our hashing security page.
Crackstation's lookup tables were created by extracting every word from the Wikipedia databases and adding with every password list we could find. We also applied intelligent word mangling (brute force hybrid) to our wordlists to make them much more effective. For MD5 and SHA1 hashes, we have a 190GB, 15-billion-entry lookup table, and for other hashes, we have a 19GB 1.5-billion-entry lookup table.
You can download CrackStation's dictionaries here, and the lookup table implementation (PHP and C) is available here.

https://crackstation.net/

Friday, August 5, 2016

Cracking Story - How I Cracked Over 122 Million SHA1 and MD5 Hashed Passwords

.... as I only own a classic computer configuration with an AMD Phenom II 4 cores at 3,2 Mhz in addition to an ATI/AMD 5770 graphics card

The password cracking tools I used during this long trip were John the Ripper and oclHashcat-plus. This article is about cracking the provided MD5 hashes of KoreLogic only, but the same strategy was also applied to the SHA1 hashes.
Updates:

08/29/2012 – New example in the John the Ripper section: "Crack double MD5 hashes with the help of dict2hash.pl script"
08/29/2012 – New download! All in one sorted and cleaned version.

http://blog.thireus.com/cracking-story-how-i-cracked-over-122-million-sha1-and-md5-hashed-passwords/

Thursday, August 4, 2016

John the Ripper GPU support

Latest release include more formats and latest git trees include even more.
CUDA significantly benefits from compile-time tuning of parameters for a given GPU, see doc/README-CUDA
sha512crypt is currently faster on NVIDIA than on AMD/ATI, and moreover the OpenCL code is currently faster than CUDA (unusual)
bcrypt is sort of supposed to be inefficient on GPU, so it achieves at best CPU-like performance currently (yet you do get the option to put your many GPUs to at least some reasonable use if you only have bcrypt hashes to attack)
WPA-PSK CUDA uses a little bit of CPU code as well, and benefits from OpenMP (so you'll get slightly faster speed if you enable OpenMP in the JtR build, although you'll load multiple CPU cores then). The OpenCL version has post-processing on GPU too so doesn't use much CPU resources and will not benefit from OpenMP.
RAR is a mix of CPU and GPU code, with the ratio varying widely between different RAR archives (type, size). Later versions has mature “early reject” code that minimizes this.
http://openwall.info/wiki/john/GPU

High performance password cracking by implementing rainbow tables.pdf by Elsa Cristina David on Scribd

Tuesday, August 2, 2016

OLD NEWS ...MAYBE HANDY

Dolch Computer sells a 400-MHz rugged notebook

By Bill Murray
Aug 03, 1998

Dolch Computer Systems Inc. has released one of the first ruggedized 400-MHz Pentium II
notebook PCs.

The MegaPAC-P2 has Intel Corp.’s new 440BX chip set and 100-MHz motherboard bus.
It can hold as many as nine full-size ISA/PCI expansion boards.

The notebook runs on 120- or 220-volt alternating current or on 160-watt Power Anywhere
power supplies or uninterruptible power systems. The 25-pound, shock-mounted unit has an
alloy chassis and composite case.

A black coating on the 10.4-inch active-matrix display reduces glare and reflection.

The MegaPAC-P2 has 32M of EDO RAM, expandable to 128M, and a hard drive as large as 9G.
It will run MS-DOS, any Microsoft Windows operating system, IBM OS/2 or Santa Cruz
Operation Unix.

Federal users of Dolch products include the Air Force, Army, Coast Guard, Environmental
Protection Agency, Federal Aviation Administration, Marine Corps and Navy.

The Fremont, Calif., company sells notebooks on its General Services Administration
Information Technology Schedule contract, as well as on Unisys Corp.’s Air Force
Unified LAN Architecture II buy and Electronic Data Systems Corp.’s NASA Scientific
and Engineering Workstation Procurement II contract.

GSA pricing for the Dolch MegaPAC-P2 starts at $8,746.

https://gcn.com/articles/1998/08/03/dolch-computer-sells-a-400mhz-rugged-notebook.aspx

Whitepixel breaks 28.6 billion password/sec

By Marc Bevand

09 Dec 2010

Keywords: amd attack bruteforcing gpu hardware performance

I am glad to announce, firstly, the release of whitepixel, an open source GPU-accelerated password hash auditing software for AMD/ATI graphics cards that qualifies as the world's fastest single-hash MD5 brute forcer; and secondly, that a Linux computer built with four dual-GPU AMD Radeon HD 5970 graphics cards for the purpose of running whitepixel is the first demonstration of eight AMD GPUs concurrently running this type of cryptographic workload on a single system. This software and hardware combination achieves a rate of 28.6 billion MD5 password hashes tested per second, consumes 1230 Watt at full load, and costs 2700 USD as of December 2010. The capital and operating costs of such a system are only a small fraction of running the same workload on Amazon EC2 GPU instances, as I will detail in this post.
[Update 2010-12-14: whitepixel v2 achieves a higher rate of 33.1 billion password/sec on 4xHD 5970.]

Software: whitepixel

See the whitepixel project page for more information, source code, and documentation.
Currently, whitepixel supports attacking MD5 password hashes only, but more hash types will come soon. What prompted me to write it was that sometime in 2010, ATI Catalyst drivers started supporting up to 8 GPUs (on Linux at least) when previously they were limited to 4, which made it very exciting to be able to play with this amount of raw computing performance, especially given that AMD GPUs are roughly 2x-3x faster than Nvidia GPUs on ALU-bound workloads. Also, I had previously worked on MD5 chosen-prefix collisions on AMD/ATI GPUs. I had a decent MD5 implementation, wanted to optimize it further, and put it to other uses.

Overview of whitepixel

It is the fastest of all single-hash brute forcing tools: ighashgpu, BarsWF, oclHashcat, Cryptohaze Multiforcer, InsidePro Extreme GPU Bruteforcer, ElcomSoft Lightning Hash Cracker, ElcomSoft Distributed Password Recovery.
Targets AMD HD 5000 series and above GPUs, which are roughly 2x-3x faster than high-end Nvidia GPUs on ALU-bound workloads.
Best AMD multi-GPU support. Works on at least 8 GPUs. Whitepixel is built directly on top of CAL (Compute Abstract Layer) on Linux. Other brute forcers support fewer AMD GPUs due to OpenCL libraries or Windows platform/drivers limitations.
Hand-optimized AMD IL (Intermediate Language) MD5 implementation.
Leverages the bitalign instruction to implement rotate operations in 1 clock cycle.
MD5 step reversing. The last few of the 64 steps are pre-computed in reverse so that the brute forcing loop only needs to execute 46 of them to evaluate potential password matches, which speeds it up by 1.39x.
Linux support only.
Last but not least, it is the only performant open source brute forcer for AMD GPUs. The author of BarsWF recently open sourced his code but as shown in the graphs below it is about 4 times slower.

That said, speed is not everything. Whitepixel is currently very early-stage software and lacks features such as cracking multiple hashes concurrently, charset selection, and attacking hash algorithms other than MD5.
To compile and test whitepixel, install the ATI Catalyst Display drivers (I have heavily tested 10.11), install the latest ATI Stream SDK (2.2 as of December 2010), adjust the include path in the Makefile, build with "make", and start cracking with "./whitepixel $HASH". Performance-wise, whitepixel scales linearly with the number of GPUs and the number of ALUs times the frequency clock (as documented in this handy reference from the author of ighashgpu).

http://blog.zorinaq.com/whitepixel-breaks-286-billion-passwordsec/

BLACK MASK