Thursday, December 29, 2011

Currently supported hash types for the Multiforcer

Documentation on supported hash types has been weak - I just created a wiki page to fix this.


Note that SHA256, in addition to being somewhat slow right now, is not yet supported in 1.30 - it will be added in 1.31.

Sunday, December 18, 2011

Some new anti-spam measures...

As some people have noticed, I've been fighting forum spam and wiki spam for a while.  I've decided to try a few new things to combat this.

- I'm now using peoplesign as my capcha provider.  This, in theory, is harder for bots but still easy for humans.
- I've integrated Stop Forum Spam with my phpBB3 install to help block spammer registrations.
- I've modified the Cryptohaze Wiki to use the phpBB forum database instead of its own internal registration, and to require a valid account for editing.

This should, in theory, help reduce the flow of garbage into my forum.  Any other suggestions or things people find useful?

Saturday, December 10, 2011

Cryptohaze tools 1.30 release is out!

Cryptohaze 1.30 is out as of now - go ahead & download the new version before reading on.

The big news is that the Multiforcer now has proper resume support, and a more robust workunit class to handle network clients disconnecting properly.

Also, the WebTables feature for GRTCrack now will avoid disclosing the target hashes over the web requests.  This feature is enough that I will have an entire other post related to it coming soon.

If you're interested in either of these features, read on - otherwise, download & enjoy the various bugfixes.  If you're on Windows, and using GRTCrack, you will really want to grab 1.30 - large files were not being handled quite right previously.


Sunday, November 27, 2011

On the use of Valgrind for porting code

A small lesson I've learned on this project:

If you're porting code to Windows from Linux, use valgrind (a memory access checker) extensively before attempting to do anything on Windows!  Linux is very forgiving about things like writing one beyond the end of an array.  Windows is very unforgiving about this.  If you have any significant errors in valgrind with out of bounds accesses, the code is quite likely to crash in creative and obscene ways on Windows.

So check your memory accesses.

Also, new char(16) is NOT the same as new char[16].  Just... in case you were wondering.  *whistles*

Friday, November 11, 2011

GPU Rainbow Tables 1.22 out - with WebTables fixes!

Sorry for the delay.  My random number generator code was acting up and needed revision.  I've got 1.22 done for all platforms, which includes bugfixes for WebTables, as well as a fix for GRTIndex not working on Windows (some fun with memory).  It should all be working now!

Latest release is up at Sourceforge, as usual.

http://sourceforge.net/projects/cryptohaze/files/Cryptohaze-Combined/

I've also updated the website with some new information & updates to reflect the OpenCL tools.

What would you like to see next?

Sunday, October 30, 2011

Cryptohaze WebTables

//EDIT: WebTables is down right now, having some server issues.  Also, fixed some bugs in 1.20 that related to it and will be doing a 1.21 release shortly.

And now, the shiny new feature you didn't even know you'd been waiting for!

WebTables.

The problem with Rainbow Tables, so far, has been that you have to download them.  This is fine for small tables, sort of annoying for larger tables, and nearly impossible for the largest tables (1TB download, anyone)?  Current solutions are to ship tables around on hard drive, but I think I have a better solution...

Instead of doing the table search locally, the Cryptohaze tools now support doing all the processing locally, and the table search remotely.  This means that you can, in theory, search a 1TB set of tables with zero download, and if the remote server is loaded with something silly like a fast SSD array, the table searching will be FAR faster than searching locally on a spinning iron disk!

My new releases for Windows/Linux/MacOS X, downloadable at http://sourceforge.net/projects/cryptohaze/files/Cryptohaze-Combined/ , support this.  And I even have a free set of tables up to play with at http://freetables.cryptohaze.com/webtables.php

To use this, simply select the tables from the list available, and add the "--tableurl" parameter with the webtables.php URL - so in this case:

GRTCrack -f [hashfile] -h NTLM --tableurl http://freetables.cryptohaze.com/webtables.php NTLM-len6-idx0-chr95-cl50000-v2-perfect.grt NTLM-len6-idx100000-chr95-cl50000-v2-perfect.grt NTLM-len6-idx200000-chr95-cl50000-v2-perfect.grt NTLM-len6-idx300000-chr95-cl50000-v2-perfect.grt

Try it out!  Same goes for NTLM...

I have a few tweaks to make, including preventing the target hash from being sent in the candidate hash list (right now the "target" hashes are included in the list, which may be unacceptable for some pentesters), and getting the table list automatically from the remote server.  But it does work - try it out!

I plan to add subscription services soon to allow people to subscribe to the tables for a low monthly rate - if you're interested in access before I get this working, email me and I'll hook you up.

Enjoy!  As always, feedback is welcome!

I'm not dead...

I've been busy with refactoring the Cryptohaze tool suite into a combined codebase, and adding some fancy new things.  All the tools are now combined into one source tree, which will make adding algorithms much easier in the future.  I've also added a nice shiny new feature called WebTables, which will be explained in an upcoming blog post.  Anyone interested in coding up algorithms for me?

Tuesday, September 20, 2011

OpenCL GRT beta for Linux!

It's out... and probably buggy.

See http://cryptohaze.com/forum/viewtopic.php?f=5&t=281

Bug reports appreciated!  It's still very rough around the edges...

Sunday, September 11, 2011

Hex output option for Multiforcer 1.1

It was actually buried in the last post, but the 1.1 Multiforcer includes the "--hexoutput" option that adds hex to the found password section.

This was added at the request of

Monday, September 5, 2011

Cryptohaze Multiforcer 1.1 Release (with LM support!)

It's out!

I'm informed it's the world's fastest CUDA LM cracker right now!

http://cryptohaze.com/multiforcer.php

The 1.1 is out for Windows, Linux, and OS X.

The big news is LM support.  Close behind is a set of improvements for network support: You can now run the server as only a server (not doing any compute), the clients will now sit and wait for the server if it goes away, and the Windows client no longer crashes the server when it disconnects.

More feature or algorithm requests?  Hang out in the forum!  http://cryptohaze.com/forum/

Or find me on IRC: #cryptohaze on irc.freenode.net

Thursday, September 1, 2011

Hm... How about some LM support?

*grins*


Planning on putting out a 1.1 release this weekend, which includes this and some other very nice tweaks and algorithms.

Sunday, July 31, 2011

How about some 1.0 release for Windows/Linux/Mac?

So...

After quite a while, a few betas, a lot of time on valgrind, and a ton of computers wrapped around me, I've got a 1.0 release out for all my major tools.

http://cryptohaze.com/multiforcer.php has the multiforcer downloads.

http://cryptohaze.com/gpurainbowcracker.php has the GPU rainbow table tool downloads.

There's also a wiki up now - http://cryptohaze.com/wiki/index.php/Main_Page

So, go at it!  Bug reports are welcome, though I'm aware the networking support with the multiforcer is a bit glitchy (and will likely be fixed in a release in a few weeks).

Wednesday, July 27, 2011

Blackhat/Defcon

I will be there with at least one external hard drive filled with tables.

If anyone else going is interested in purchasing a set of tables, I will have NTLM length 8, full US charset available.  If you bring your own hard drive, I'm willing to sell them for $300 (and copy them over to your drive - roughly 1.2TB of space needed so bring a 2TB).  If you'd like them on a drive, I can also bring them on a hard drive to give to you for $400.

Normal price for these tables will be $500 after BH/Defcon. :)

Email me or comment if you're interested and I'll get in touch...

Sunday, June 26, 2011

Using boost::thread as a drop-in replacement for pthreads (for Windows compatibility)

The problem:

You're a Posix programmer.  You code for proper, Unix-ish OSes.  People keep wanting Windows support, but you've used pthreads.

If you care, read on...


Quad-GPU builds with a case!

I have posted a followup to this post!  Read here for my rack case experiences

I'm quite aware that many people in this realm don't believe in cases.  The more GPUs you can hang out in open air, the better.  However, not everyone can do that.  Some people have reasons to need a cleaner setup - either because they don't like the clutter of a box hanging everywhere, or because they have someone else living with them who says "NO" to a huge mess of cables.


Read on for details...

Sorry about the downtime...

As at least some of you noticed, the website was down for a bit.

Upgrading distros remotely occasionally goes well, and usually goes poorly.  You should be able to guess which way this one went...

I've got the site back up on a temporary host right now, and will be getting a better host for it shortly.  This should separate my generation boxes from my website, which has been part of the problem.

Not dead!  Just coding...

Sunday, June 12, 2011

Some more useful links for 64-bit Windows builds...

Some other stuff I've found to be useful for doing 64-bit Windows builds:

GetTimeOfDay clone for Windows

Determine the version of a library file from a VS2008 command prompt:
dumpbin /headers library.lib | findstr machine 

Prebuilt Boost binaries for Windows including x64 binaries

I'll add others as I find them...

Saturday, May 28, 2011

Updating the BIOS using EZ-Flash on the Asus 1215N

The stock BIOS that ships with the Asus 1215N is a fine BIOS... for a stock system.  Unfortunately, it doesn't allow access to more than 2.8GB worth of RAM.  As most people upgrade their systems, this is a bit of a downer - adding another 2GB for only 800MB more usable is no good.

Fortunately, updating the BIOS is easy - once you know the trick.  Remember all that "Create a DOS boot CD, run the flasher" rubbish?  No more!  The Asus EZ-Flash system lets you flash directly from a USB stick (or, possibly, other media - but as the 1215N only has a USB port, it's the one we're using). 

The trick is that if you try it, it probably won't work.

Why?  EZ-Flash seems to require a hideous FAT16 filesystem to function.  It also seems to require that the ROM be named "1215N.ROM" (for unknown reasons possibly related to old junk on my USB key).  If this is enough for you to succeed, awesome, otherwise read on...


Sunday, May 22, 2011

Asus 1215N, CUDA, and setup notes

First and foremost:  The Asus 1215N works PERFECTLY for CUDA in both Windows and Linux!  There have been several posts about the internet either complaining about CUDA not working, or wondering if it works.

I would like to report that, in fact, it does work perfectly.  I would further like to expand on how it works, what needs to be done to set things up, and document other gotchas in the setup process.  If this is helpful, please let me know!


Friday, April 29, 2011

64-bit compilation with VS2008

More as a note to myself when I do this again:

http://www.cppblog.com/xcpp/archive/2009/09/09/vc2008express_64bit_win7sdk.html


This is a very useful link involving getting 64-bit compilation working with VS2008 (relevant for CUDA).

Saturday, April 23, 2011

Multi-hash, multi-GPU cracking!

There's finally a beta out that does multiple GPU, multiple-hash cracking for the Cryptohaze tables.

http://cryptohaze.com/forum/viewtopic.php?f=5&t=222

Right now, it's Linux-only, MD5-only (len 6-10), and has a way of segfaulting... sometimes.  It's compiled with debug symbols, so if you can reliably reproduce a segfault, PLEASE, let me know with gdb output!

However:

It takes large hashlists (any size, though beyond a few hundred is of questionable value), uses all avaiable GPUs to generate the candidate hashes, merges any duplicates, searches the table (using the index if possible), again merges the chains to eliminate duplicates, and uses all GPUs to regenerate chains.

Please, try it out and let me know how it works for you!

Windows & Mac versions coming soon.

Friday, February 11, 2011

What's a Wordyforcer?

I've finally produced working code for the Wordyforcer!  :)

It's not yet in a public-beta state - it still crashes with some regularity, has no GUI to speak of, and is MD5 only right now.

However, it's a heavy-mutation wordlist multihash cracker.

It works as follows:

You provide it with:
- Up to 3 wordlists
- A permutation list
- A cracking mask
- A hash list

The wordlists are standard, newline-separated wordlists.

The permutation list contains, per line, the permutations to apply to the words.  It looks like this:


aA4@
bB
cC(
dD
eE3
fF
gG
hH
iI1l!|
...

The first symbol in each line is the "base" symbol, and the subsequent symbols are what it gets mutated to.  So, with this, 'ab' will get tried as ab, aB, Ab, AB, 4b, 4B, @b, @B.

This is applied to *each word in the wordlist* in the generated hashes to try.

Finally, there's the mask, which allows freeform mixing of the following:

?a : All printable US ASCII (95)
?l: All lowercase
?u: All uppercase
?d: Digits 0-9
?s: All symbols
?p: Space character
?W: Word from the first wordlist
?S: Word from the 2nd wordlist
?T: Word from the third wordlist

This allows you to generate masks like:

?W?d?d to find all possible mutated words in your wordlist with two digit suffixes.

Otherwise, it's the same as the standard multiforcer (and may, in fact, get merged into the same code - it uses the same kernels, so there's no point in distributing two 30-40MB binaries...)

Thoughts/comments/suggestions?  I'm hoping to have a usable beta for Linux out in a week or two once I can add some more robustness and a GUI.

There's a forum post up as well: http://cryptohaze.com/forum/viewtopic.php?f=4&t=182

Friday, February 4, 2011

Scripts to control nVidia fan speeds

In my previous post, I discussed how to set up your xorg.conf file to allow you to manually control fan speed on headless nVidia cards.  Now, I'm going to talk about some command line utilities, and ways to script fan speed control so that you don't have to do it with a GUI every time you want your cards to cool down.


nVidia fan speed control for headless cards with Coolbits

As I sit here in front of my CUDA dev system, I have three video cards: Two GTX470s, and a GTX580.  All of them are running their fans at high speeds, and my current GPU temperatures (while idle) are: 34C, 33C, 25C.  The trick is that I only have a display attached to one card!

It's been known for a while that, for whatever reason, nVidia doesn't let you control the fan speed of cards without monitors attached using the Coolbits tweak.  This is really very annoying for those of us with CUDA dev boxes or production boxes that have a ton of video cards we would like to keep cool.

Fortunately, there IS a way around it - at least for boxes running X11.  I've not found a way to make this work on a purely headless production box yet, but if you have X11 up, you can control all your fans!


Thursday, February 3, 2011

Sorry about the downtime!

Sorry about that.  Server issues that required some manual intervention to deal with.  I was missing the backups to bring things online at a spare location as well... this is being fixed.  Progress is being made, though...

Thursday, January 13, 2011

Welcome to the Cryptohaze Blog!

I've decided that I need a blog.  There's a lot going on, I've discovered a lot of neat things, and certain other people seem to be getting a lot of credit and traffic for things I've done.

So, I have a blog now.

And will be updating it as I make progress.

Welcome!