Saturday, December 10, 2011

Cryptohaze tools 1.30 release is out!

Cryptohaze 1.30 is out as of now - go ahead & download the new version before reading on.

The big news is that the Multiforcer now has proper resume support, and a more robust workunit class to handle network clients disconnecting properly.

Also, the WebTables feature for GRTCrack now will avoid disclosing the target hashes over the web requests.  This feature is enough that I will have an entire other post related to it coming soon.

If you're interested in either of these features, read on - otherwise, download & enjoy the various bugfixes.  If you're on Windows, and using GRTCrack, you will really want to grab 1.30 - large files were not being handled quite right previously.

In general order of shiny, more details on the new features:

The Multiforcer now has proper resume support.  If you noticed the .crs files it used to drop, those are gone, and in their place are .mfr (MultiForcer Resume) files.  Unlike the .crs files, these actually work!  The save period is every 2 minutes right now, so if you don't see changes in less than two minutes, it is working as advertised.  The state will be saved, and you can resume an existing session with "--resumefile=<file>" - use the desired mfr file.  This does require that the path to the character set and hash file have not changed - it does not save their contents.  If you are using salted hashes, you will probably want to remove the cracked ones prior to resuming, otherwise they will slow things down (as they will be present in the hash list).  Another nice feature is that you can stop the cracking, change network settings, and use the resume file to pick up where you left off.  If you start a crack job, want to join another system in, and realize you forgot to add "--enableserver" on startup, just cancel the job, resume it, and add the --enableserver option - it works nicely!

The second new feature for the Multiforcer is the "Robust Workunit" support.  Previously, if a network client disconnected in the middle of a cracking job, the active workunits would be "lost" and passwords could be skipped as a result.  The new workunit class handles this properly, and will resubmit workunits that are cancelled.  This means that you can join and disconnect network clients at will, without any concerns about missing passwords.  It's a nice improvement for those using network clients.

Also, for network clients, if you have systems that are always going to be running a client, you can run the client with "--daemon" - it will not have any console output, and will sit quietly, waiting for the specified server to launch a cracking task.  It will then join in until the task is done, and go back to sitting quietly waiting.  Might be useful to a few people...

Finally, if you are concerned about WebTables allowing hashes to be disclosed to a remote entity, the GRTCrack utility will now work in a mode that prevents this.  I will have a full blog post coming describing how this feature works so pentesters can make informed decisions on using it in their environment, but it's present and it works.

Enjoy!  As always, feedback is welcome.

No comments:

Post a Comment