存档

文章标签 ‘CUDA’

RAR GPU Password Recovery rar密码破解新秀

2010年5月8日 1 条评论

根据作者所说,是全球第一个也是全球最快的rar密码破解程序。地址在http://golubev.com/rargpu.htm ,它支持ATI和N卡。A卡4850的速度是Intel Q6600 @ 2.4G CPU的19倍。另外一款rar gpu破解程序不支持A卡,就不多介绍了,地址在http://www.crark.net/。 看图说话。

阅读全文…

ATI vs nVidia GPU performance for cracking

2010年4月5日 2 条评论

转载自zveno的博客,关于ATI和nVidia GPU破解密码性价比很不错的的数据。跑纯MD5,HD5970是5631M,GTX 295是1451M,前者是后者的3.88倍。跑wpa的话,前者是后者的5.29倍,看来不同的算法,还是有一定区别的。

阅读全文…

GPU挑战单因素静态密码,ATI HD 5970暴力无法挡

2010年4月2日 10 条评论

虽然我的标题有点片面,但在身份认证的部分领域这是个客观事实。素包子之前考虑入GTX 295,但结果无货,订货也订不到,这两天又研究了下GPU的相关信息,发现原来ATI的5970显卡更暴力,下面的数据基本接近疯狂。素包子按照之前的计算结果,1块GTX 295跑md5是125亿每秒,那么一块HD5970就是588亿每秒,如果两块HD5970的话,就是1177亿每秒。看图说话。

阅读全文…

支持GPU的破解软件

2010年3月10日 评论已被关闭

刚才有哥们问我有啥软件支持GPU,我顺手找了下。

1 rainbowcrack
2 elcomsoft.   ElcomSoft Password Recovery Bundle和ElcomSoft Distributed Password Recovery。前者主要是针对文件格式,后者主要针对密码哈希。
3 http://www.insidepro.com/eng/egb.shtml EGB是唯一一个支持用GPU破解unix password(unix des)和unix shadow(unix md5) 的程序。

基本覆盖了大部分的加密和哈希算法了。其中egb支持破解unix的md5和des密码,具体可以下载http://www.insidepro.com/download/egb.zip 来看。elcomsoft不支持用GPU加速unix密码破解,是一个遗憾。

分类: 技术点滴 标签: , ,

GPU CUDA密码破解速度对比

2010年3月10日 16 条评论

不是很清楚GPU破解密码速度如此之快的原理,所以也不清楚到底决定GPU破解速度的关键是什么,是显卡的频率?CUDA核心个数?显存类型?显存大小?显存带宽?刚才在做WAP破解的Pyrit和elmsoft网站上找了个图,从这个图猜测出的结论是,多块最高端的295 GTX显卡一起跑最牛X,单块CUDA的话,也是295 GTX最牛了,不知道正确与否,还请有经验的同学指点一下。至于opencl好像没看到太多密码破解软件支持它。上图。

刚才看了下,如果是专业玩破解的,上tesla吧。

对比一下第一和第二张图就会发现问题,第一章图4个295顶8个tesla 1060,第二张图的一个tesla 1070顶2个295。知道原因了,1070是240*4的,1060是240*1的。而且1070是一个服务器。。。不是一个显卡了。1060和1070详细情况如下。骨灰级玩家,上吧。如果是这样的话,还是单块295GTX快。另外说明下,285 275都是单个gpu的,295是爽gpu的,就是240*2的。

最后说说295 gtx的价格在4K左右,可选的品牌也不少,华硕,inno3d,xfx。现在公版的295 gtx也是单PCB设计,估计和散热有关。

http://diy.pconline.com.cn/graphics/hq/gz/0912/1975531.html ,但是输出接口DVI和HDMI的,不知道能否接上传统的显示器,如果不能的话,不知道能否用系统其他的显卡做显示,用这个显卡跑密码,但不接显示器 -_-

并且他的体形貌似很大,一般的机箱恐怕还招架不住。

http://www.nvidia.com/object/product_tesla_c1060_us.html

http://www.nvidia.com/object/product_tesla_s1070_us.html

N的所有GPU显卡都在这里。

http://www.nvidia.com/object/cuda_gpus.html

鹰总指点,根据1图所示,用2* 9800最平民化,1500内搞定,两个9800比一个295还牛。我看了下9800的三个型号,前两者一样cuda core是128,后者是128*2,如果两个后者的话,就是128*4=512了,是比295的480(240*2)要高一点。pconline上看一个9800 gx2要将尽3K。。。

http://www.nvidia.com/object/product_geforce_9800_gtx_us.html

http://www.nvidia.com/object/product_geforce_9800_gtx_plus_us.html

http://www.nvidia.com/object/product_geforce_9800_gx2_us.html

阅读全文…

单因素静态密码基本靠不住了

2010年3月9日 10 条评论

用GPU跑各种加密或哈希算法的速度如下,太疯狂了,以前搞到一个domain cached credentials,给john打上mscash补丁,再跑个一个月才可以跑出来,现在一看,速度竟然达到ntlm的一半,恐怖啊,内网渗透过程可以极大加速了,md5也是杯具了,值得注意的是,下面的数据来自于比较低端的8800GS显卡,这里有GTX 250的数据 http://www.insidepro.com/eng/egb.shtml 至于,GTX 295,那肯定更牛X了。

8800GS是96个流处理器,250是128个,295是480个,也就是说,如果是一个295,就把8800的数据*4.5,如果是两个295,就把8800的数据*9,million已经是百万了,只能用很暴力,非常暴力,相当暴力来形容。囧。跑MD5,是250亿每秒,跑MYSQL,是600亿每秒,

GPU破解密码的FAQ http://www.elcomsoft.com/edpr_gpu_acceleration.html

阅读全文…

准备搞个台式机配GPU的显卡

2009年12月9日 2 条评论

据说GPU跑密码非常疯狂,一直想体验一下;看了下笔记本电脑里带GPU的就是mac系列了,但是确实用不习惯mac。其他本子带GPU的都是14寸显示器以上的,我希望的又是13寸,最好是12寸的本子,不过可能性不大了,一个12寸的显示器配一个GPU完全发挥不了GPU的作用,除了用来跑密码 :)想想还是搞个台式机配个GPU算了,在家看电影专用,偶尔体验下跑密码的疯狂。

分类: 技术点滴 标签: , ,

加密算法面对严峻挑战

2008年10月30日 评论已被关闭

Important! Using this software for purposes other than recovering your own lost passwords violates License Agreement and may violate the Law!

Extreme GPU Bruteforcer

Program Description
INI File Parameters
Program Status
Demo Version Restrictions
License Agreement
FAQ

Program Description

The program is meant for the recovery of passwords from hashes of different types, utilizing the power of GPU, which enables reaching truly extreme attack speed:

Hashing module Average speed (with NVIDIA GeForce 8800GS)
MD5 270 million p/s
MySQL 620 million p/s
NTLM 320 million p/s
SHA-1 70 million p/s
MySQL5 38 million p/s
Domain Cached Credentials 160 million p/s
md5(md5($pass)) 110 million p/s
md5($pass.$salt) 165 million p/s
md5($salt.$pass) 155 million p/s
md5(md5($pass).$salt) 100 million p/s
md5(md5($salt).$pass) 155 million p/s
md5($salt.$pass.$salt) 115 million p/s
md5($salt.md5($pass)) 55 million p/s
md5(md5($salt).md5($pass)) 75 million p/s
md5(md5($pass).md5($salt)) 75 million p/s
sha1($username.$pass) 40 million p/s

 

Number of non-salted hashes the program can handle simultaneously: 500000.
Number of salted hashes the program can handle simultaneously: 100.

To launch the program, pass the following command-line parameters to it:

1. Name of the INI file with attack settings (minimal and maximal password length, character set to be used, etc.) This parameter is not mandatory, since by default each EXE module uses the INI file with the name identical to the module name (for instance, MD5.exe will use settings from the MD5.ini file available in the program setup file). However, you can create several INI files with different attack parameters and feed them to the program one after another.

2. Name of the text file with hashes. The format of hash lines to be observed: “one line = one hash”. The program setup file includes evaluation files with hash samples. This parameter is mandatory.

INI File Parameters

MinLength – minimal length of passwords searched. Available values range from 0 through 15 characters; the default value is 3 characters.

MaxLength – maximal length of passwords searched. Available values range from 1 through 15 characters; the default value is 8 characters.

CharacterSet – character set to be used for the attack. The following standard character sets are supported:
         ?d – 0123456789
         ?l – abcdefghijklmnopqrstuvwxyz
         ?u – ABCDEFGHIJKLMNOPQRSTUVWXYZ
         ?s – !@#$%^&*()`~-_=+\|[]{};:'”,.?<>/?
You can also set your own character set (for example, “qwertyuiop”) or set a combination of the standard character sets and your custom character set; for example:
         CharacterSet=?l?d?u
         CharacterSet=qwerty?d
         CharacterSet=1234567890abcdef
         CharacterSet=!@#?d?l
Default character set – ?l?d.

PasswordsInThread – number of passwords to be processed in a single thread (1…30000); the default value is 6000 passwords. To decrease the GPU load, you can decrease this value. In this case, the search speed will drop slightly, but on the other hand the computer won’t drag on working with other applications. And the other way around – increasing of this parameter will put the greatest load on the video card, which will increase the attack speed, at the same time slowing down other applications.

LastPassword – this parameter stores last processed password. Therefore, when the program is launched again, the attack will resume from that password. Thus, in order to start the attack all over, you will need to drop the value in this parameter. Note: If you don’t want to have last processed password stored in the INI file set the Read-only attribute on that INI file.

StreamProcessors – number of stream processors (16…256); the default value is 96 (for GeForce 8800GS).

DeleteHashes – this parameter allows removing recovered hashes from the original text file. On the “1” value, the recovered hashes will be deleted; on the “0” value (default) – the hashes will be preserved.

Program Status

Extreme GPU Bruteforcer is Shareware.
The personal license fee is 39.95.

Learn how you can pay for the license key. Click here.

Demo Version Restrictions

Maximal duration of attack is limited to 3 minutes. Also disabled is the recognition of the LastPassword parameter.

License Agreement

1. All rights for Extreme GPU Bruteforcer are reserved to InsidePro Software.

2. The software is distributed as Demo, without any restrictions on the length of the evaluation. You may also copy and redistribute the unchanged distributive of the Demo edition on any data mediums (hard disk, floppy disk, CD-ROM, etc.).

3. To remove all restrictions from the software, you must register your copy of the software by purchasing and then entering a license key (or several license keys) in the application.

4. The use of license keys by any person not registered as an authorized user of the software, distribution of or publishing license keys are illegal. The author of the software reserves the right to revoke the registered user status from such key owners and block the revoked keys in the future versions of software.

5. You shall not modify, disassemble or decompile this software. The violation of this provision in any part shall lead to the immediate termination of this license agreement.

6. The software is provided “AS IS”. You use this software at your own risk. Under no circumstances shall the author be held liable for any data loss or damage, lost profits or any other damages caused by using or not using this software.

7. The author guarantees that the software does not contain harmful, spyware nor any other code designed for performing any functions other than those stated in Program Description.

8. Using the software shall indicate your acceptance of this license agreement.

9. If you do not wish to be bounded by these terms, delete all files of this software from your computer and stop using this software.

FAQ

Q: What are the system requirements that your program lays down?
A: The main requirement is that your video card must support the CUDA technology (you can find the list of such video cards here). Other than that, you must have the latest drivers for it installed on your video card.

Q: My video card has an ATI Radeon GPU. Will your program work with it?
A: No, it will not, since the CUDA (Compute Unified Device Architecture) technology is only supported by GPU manufactured by NVIDIA.

Q: When I launch the program, it brings up a DOS prompt window, which disappears the very next moment. How am I supposed to work with the program?
A: For the convenient operation, use a file manager that runs in the DOS mode; e.g., FAR Manager.

Q: The program pops the “CUDA Error: …” message on startup. How can it be fixed?
A: First of all, make sure that your video card supports the CUDA technology, and you have got the latest video card drivers installed. If these requirements have been observed, and the error persists, please send the following information to our Technical Support Service for the analysis: error message, exact model of your video card, and the GPU information returned by the GetDeviceInfo.exe program that’s included in the setup file.

Q: My computer hangs or shows the “Blue Screen of Death” (BSOD) when the program is launched. How can this be fixed?
A: That can take place when your GPU is over-clocked; therefore, it is recommended that you restore the original values of the GPU and memory clock. Also, make sure that your video card receives reliable and quality cooling, as the program employs the full power of your GPU and, consequently, in this operating mode its temperature goes up. Also, running under the full load, the video card consumes a great amount of electricity, and your power supply may fail to meet such power demands.

Q: I managed to launch the program; now, how can I halt it?
A: Press the Ctrl+C or Ctrl+Break shortcuts on the keyboard.

Q: I launched the program, and now my computer runs really slow. How can this be fixed?
A: By default, the program is configured to run in the extreme operating mode, where the computer is loaded with only one job – recovering passwords at the highest speed possible. Obviously, that leads to slowing down the operating speed of the rest of applications. To decrease the load on your computer, decrease the value in the PasswordsInThread parameter in the INI file.

Q: How can I save recovered passwords that the program prints on the screen?
A: Besides displaying recovered passwords on the screen, the program automatically accumulates them in the DIC file and also adds them in the format “Hash:Password” to the OUT file, which it automatically creates in its folder immediately after it’s launched.

Q: Does the program recover passwords that contain national characters; for instance, Cyrillic?
A: Yes, it does; for that purpose, in the CharacterSet parameter of your INI file enter the required character set. Please keep in mind that characters in the DOS encoding are different than those in the Windows encoding; therefore, the found passwords may look odd in the DOS prompt window. Anyway, in the OUT file they will be saved in the right encoding, so you will be able to work with them easily copy them, edit them, etc.

Q: When I launch an attack to recover salted hashes, my computer freezes or displays BSOD. Why?
A: Since the speed of processing salted hashes decreases proportionally to their number, with a great number of hashes it is necessary to decrease the value of PasswordsInThread (and of StreamProcessors when that’s necessary). Otherwise, the total number of threads in a GPU, multiplied by the number of hashes in each thread, with a low attack speed will lead to the point where the GPU will become overloaded with calculations and will take too long to respond to the driver’s queries.

Q: Now, how do I determine whether or not GPU is overloaded?
A: In the normal state, EGB refreshes the attack speed indicator 2 times per second; therefore, if the refresh rate on your screen is noticeably lower, your GPU is overloaded, and you need to lower the values of PasswordsInThread and StreamProcessors.