存档

文章标签 ‘elcomsoft’

RAR GPU Password Recovery rar密码破解新秀

2010年5月8日 1 条评论

根据作者所说,是全球第一个也是全球最快的rar密码破解程序。地址在http://golubev.com/rargpu.htm ,它支持ATI和N卡。A卡4850的速度是Intel Q6600 @ 2.4G CPU的19倍。另外一款rar gpu破解程序不支持A卡,就不多介绍了,地址在http://www.crark.net/。 看图说话。

阅读全文…

ATI vs nVidia GPU performance for cracking

2010年4月5日 2 条评论

转载自zveno的博客,关于ATI和nVidia GPU破解密码性价比很不错的的数据。跑纯MD5,HD5970是5631M,GTX 295是1451M,前者是后者的3.88倍。跑wpa的话,前者是后者的5.29倍,看来不同的算法,还是有一定区别的。

阅读全文…

GPU挑战单因素静态密码,ATI HD 5970暴力无法挡

2010年4月2日 10 条评论

虽然我的标题有点片面,但在身份认证的部分领域这是个客观事实。素包子之前考虑入GTX 295,但结果无货,订货也订不到,这两天又研究了下GPU的相关信息,发现原来ATI的5970显卡更暴力,下面的数据基本接近疯狂。素包子按照之前的计算结果,1块GTX 295跑md5是125亿每秒,那么一块HD5970就是588亿每秒,如果两块HD5970的话,就是1177亿每秒。看图说话。

阅读全文…

加密算法面对严峻挑战

2008年10月30日 评论已被关闭

Important! Using this software for purposes other than recovering your own lost passwords violates License Agreement and may violate the Law!

Extreme GPU Bruteforcer

Program Description
INI File Parameters
Program Status
Demo Version Restrictions
License Agreement
FAQ

Program Description

The program is meant for the recovery of passwords from hashes of different types, utilizing the power of GPU, which enables reaching truly extreme attack speed:

Hashing module Average speed (with NVIDIA GeForce 8800GS)
MD5 270 million p/s
MySQL 620 million p/s
NTLM 320 million p/s
SHA-1 70 million p/s
MySQL5 38 million p/s
Domain Cached Credentials 160 million p/s
md5(md5($pass)) 110 million p/s
md5($pass.$salt) 165 million p/s
md5($salt.$pass) 155 million p/s
md5(md5($pass).$salt) 100 million p/s
md5(md5($salt).$pass) 155 million p/s
md5($salt.$pass.$salt) 115 million p/s
md5($salt.md5($pass)) 55 million p/s
md5(md5($salt).md5($pass)) 75 million p/s
md5(md5($pass).md5($salt)) 75 million p/s
sha1($username.$pass) 40 million p/s

 

Number of non-salted hashes the program can handle simultaneously: 500000.
Number of salted hashes the program can handle simultaneously: 100.

To launch the program, pass the following command-line parameters to it:

1. Name of the INI file with attack settings (minimal and maximal password length, character set to be used, etc.) This parameter is not mandatory, since by default each EXE module uses the INI file with the name identical to the module name (for instance, MD5.exe will use settings from the MD5.ini file available in the program setup file). However, you can create several INI files with different attack parameters and feed them to the program one after another.

2. Name of the text file with hashes. The format of hash lines to be observed: “one line = one hash”. The program setup file includes evaluation files with hash samples. This parameter is mandatory.

INI File Parameters

MinLength – minimal length of passwords searched. Available values range from 0 through 15 characters; the default value is 3 characters.

MaxLength – maximal length of passwords searched. Available values range from 1 through 15 characters; the default value is 8 characters.

CharacterSet – character set to be used for the attack. The following standard character sets are supported:
         ?d – 0123456789
         ?l – abcdefghijklmnopqrstuvwxyz
         ?u – ABCDEFGHIJKLMNOPQRSTUVWXYZ
         ?s – !@#$%^&*()`~-_=+\|[]{};:'”,.?<>/?
You can also set your own character set (for example, “qwertyuiop”) or set a combination of the standard character sets and your custom character set; for example:
         CharacterSet=?l?d?u
         CharacterSet=qwerty?d
         CharacterSet=1234567890abcdef
         CharacterSet=!@#?d?l
Default character set – ?l?d.

PasswordsInThread – number of passwords to be processed in a single thread (1…30000); the default value is 6000 passwords. To decrease the GPU load, you can decrease this value. In this case, the search speed will drop slightly, but on the other hand the computer won’t drag on working with other applications. And the other way around – increasing of this parameter will put the greatest load on the video card, which will increase the attack speed, at the same time slowing down other applications.

LastPassword – this parameter stores last processed password. Therefore, when the program is launched again, the attack will resume from that password. Thus, in order to start the attack all over, you will need to drop the value in this parameter. Note: If you don’t want to have last processed password stored in the INI file set the Read-only attribute on that INI file.

StreamProcessors – number of stream processors (16…256); the default value is 96 (for GeForce 8800GS).

DeleteHashes – this parameter allows removing recovered hashes from the original text file. On the “1” value, the recovered hashes will be deleted; on the “0” value (default) – the hashes will be preserved.

Program Status

Extreme GPU Bruteforcer is Shareware.
The personal license fee is 39.95.

Learn how you can pay for the license key. Click here.

Demo Version Restrictions

Maximal duration of attack is limited to 3 minutes. Also disabled is the recognition of the LastPassword parameter.

License Agreement

1. All rights for Extreme GPU Bruteforcer are reserved to InsidePro Software.

2. The software is distributed as Demo, without any restrictions on the length of the evaluation. You may also copy and redistribute the unchanged distributive of the Demo edition on any data mediums (hard disk, floppy disk, CD-ROM, etc.).

3. To remove all restrictions from the software, you must register your copy of the software by purchasing and then entering a license key (or several license keys) in the application.

4. The use of license keys by any person not registered as an authorized user of the software, distribution of or publishing license keys are illegal. The author of the software reserves the right to revoke the registered user status from such key owners and block the revoked keys in the future versions of software.

5. You shall not modify, disassemble or decompile this software. The violation of this provision in any part shall lead to the immediate termination of this license agreement.

6. The software is provided “AS IS”. You use this software at your own risk. Under no circumstances shall the author be held liable for any data loss or damage, lost profits or any other damages caused by using or not using this software.

7. The author guarantees that the software does not contain harmful, spyware nor any other code designed for performing any functions other than those stated in Program Description.

8. Using the software shall indicate your acceptance of this license agreement.

9. If you do not wish to be bounded by these terms, delete all files of this software from your computer and stop using this software.

FAQ

Q: What are the system requirements that your program lays down?
A: The main requirement is that your video card must support the CUDA technology (you can find the list of such video cards here). Other than that, you must have the latest drivers for it installed on your video card.

Q: My video card has an ATI Radeon GPU. Will your program work with it?
A: No, it will not, since the CUDA (Compute Unified Device Architecture) technology is only supported by GPU manufactured by NVIDIA.

Q: When I launch the program, it brings up a DOS prompt window, which disappears the very next moment. How am I supposed to work with the program?
A: For the convenient operation, use a file manager that runs in the DOS mode; e.g., FAR Manager.

Q: The program pops the “CUDA Error: …” message on startup. How can it be fixed?
A: First of all, make sure that your video card supports the CUDA technology, and you have got the latest video card drivers installed. If these requirements have been observed, and the error persists, please send the following information to our Technical Support Service for the analysis: error message, exact model of your video card, and the GPU information returned by the GetDeviceInfo.exe program that’s included in the setup file.

Q: My computer hangs or shows the “Blue Screen of Death” (BSOD) when the program is launched. How can this be fixed?
A: That can take place when your GPU is over-clocked; therefore, it is recommended that you restore the original values of the GPU and memory clock. Also, make sure that your video card receives reliable and quality cooling, as the program employs the full power of your GPU and, consequently, in this operating mode its temperature goes up. Also, running under the full load, the video card consumes a great amount of electricity, and your power supply may fail to meet such power demands.

Q: I managed to launch the program; now, how can I halt it?
A: Press the Ctrl+C or Ctrl+Break shortcuts on the keyboard.

Q: I launched the program, and now my computer runs really slow. How can this be fixed?
A: By default, the program is configured to run in the extreme operating mode, where the computer is loaded with only one job – recovering passwords at the highest speed possible. Obviously, that leads to slowing down the operating speed of the rest of applications. To decrease the load on your computer, decrease the value in the PasswordsInThread parameter in the INI file.

Q: How can I save recovered passwords that the program prints on the screen?
A: Besides displaying recovered passwords on the screen, the program automatically accumulates them in the DIC file and also adds them in the format “Hash:Password” to the OUT file, which it automatically creates in its folder immediately after it’s launched.

Q: Does the program recover passwords that contain national characters; for instance, Cyrillic?
A: Yes, it does; for that purpose, in the CharacterSet parameter of your INI file enter the required character set. Please keep in mind that characters in the DOS encoding are different than those in the Windows encoding; therefore, the found passwords may look odd in the DOS prompt window. Anyway, in the OUT file they will be saved in the right encoding, so you will be able to work with them easily copy them, edit them, etc.

Q: When I launch an attack to recover salted hashes, my computer freezes or displays BSOD. Why?
A: Since the speed of processing salted hashes decreases proportionally to their number, with a great number of hashes it is necessary to decrease the value of PasswordsInThread (and of StreamProcessors when that’s necessary). Otherwise, the total number of threads in a GPU, multiplied by the number of hashes in each thread, with a low attack speed will lead to the point where the GPU will become overloaded with calculations and will take too long to respond to the driver’s queries.

Q: Now, how do I determine whether or not GPU is overloaded?
A: In the normal state, EGB refreshes the attack speed indicator 2 times per second; therefore, if the refresh rate on your screen is noticeably lower, your GPU is overloaded, and you need to lower the values of PasswordsInThread and StreamProcessors.