Hi, I want to ask a question. I try to develop brute force parallel password recovery. For example 10 character password, It requires a lot terabyte. I want to use a clustering for this maybe I use GPU.
How can I distribute these passwords to worker machines? which methods are there to distribute passwords?
I want to develop custom password recovery so I want to learn How to distribute passwords between worker machines. We can use MPI or HADOOP technology to parallelize. If we create all passwords in master machine for 10 characters, it require more 80000 tera. If we create passwords in workers, I must develop smart distributing strategy. so Do you have any experiences about distributing passwords. In addition, which technolohy do you prefer MPI or HADOOP.
Reinventing the wheel, ehh?
I would reconsider your approach, as a free, working solution already exists.
(11-20-2014, 11:29 AM)Rolf Wrote: [ -> ]Reinventing the wheel, ehh?
I would reconsider your approach, as a free, working solution already exists.
did you mean hashtopus?
Yes he did. Also you approach is not very good. You do need to rethink on how you do it.
Are you using only CPU's? Are you using a mix? Have you looked at a mask attack?
Just questions you should ask yourself.
(11-20-2014, 05:48 PM)coolbry95 Wrote: [ -> ]Yes he did. Also you approach is not very good. You do need to rethink on how you do it.
Are you using only CPU's? Are you using a mix? Have you looked at a mask attack?
Just questions you should ask yourself.
I know developed password recovery software like hashcat but we try to develop custom one. We plan to use mix (GPU and CPU). We generally plan dictionary and brute force attack.
You could start by building your custom wrapper for hashcat/oclhashcat.
The cats themselves support password distribution through -s and -l flags, so the wrapper would need to simply utilize that.
Once you get that done and know how things generally work, you could begin writing your own software for the actual hash cracking, but:
1. Hashcat EULA doesn't forbid using it in custom projects.
2. Oclhc is so optimized it's the fastest multi-purpose solution for hash cracking; if speed matters, stick with it.
3. Coding a hash cracker in CUDA/OpenCL from scratch is no easy undertaking, could take a while. If time is of the essence, stick to cats.
As for using MPI or other software for distribution, I can't really offer any advice.
validator: Please do not take this the wrong way as it is not my intention to discourage you,, but rather to give you a reality check. It's great that you are interested in password cracking and have the ambition to develop your own cracker. However, from the things you have said on this thread so far, it is clear to me that you neither have the knowledge nor the skill necessary to undertake a project of this magnitude. The fact that you are talking about brute forcing 10 character passwords and needing 80000 terabytes of storage tells me you do not actually understand how password cracking works in practice. I would highly suggest learning about how password cracking actually works before you jump right in to developing a distributed cracker.
If you need a distributed solution, there are FOSS (hashtopus, disthc, etc) and commercial (Sagitta Hashstack) solutions readily available to you. I would strongly suggest sticking with one of those for now.