hashcat Forum

Full Version: oclHashcat-plus cracks TrueCrypt
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2 3 4
Hey Guys,

I've some good news! I've justed finished a working oclHashcat-plus version to support cracking TrueCrypt Smile

Everything is written 100% on GPU.

There is no copy overhead to the host, thus your CPU will stay cool at 0% and you can do whatever you want to do with it.

Current implementation is able to crack all the supported hashes:
  • RipeMD160
  • SHA512
  • Whirlpool

So far for the hashes (and thats what makes cracking TrueCrypt slow).

For the ciphers, I'm currently doing only AES and of course the XTS block-cipher.

Serpent and Twofish and there cascaded modes will be added next.

Quote:
root@sf:~/oclHashcat# ./oclHashcat-plus64.bin -m 6211 test.tc -a 3 ?l?l?l?l?lat -n 32 -u 2000
oclHashcat-plus v0.15 by atom starting...

Hashes: 1 total, 1 unique salts, 1 unique digests
Bitmaps: 8 bits, 256 entries, 0x000000ff mask, 1024 bytes
Workload: 1999 loops, 32 accel
Watchdog: Temperature abort trigger set to 90c
Watchdog: Temperature retain trigger set to 80c
Device #1: Cayman, 1024MB, 830Mhz, 24MCU
Device #2: Cayman, 1024MB, 830Mhz, 24MCU
Device #3: Cayman, 1024MB, 830Mhz, 24MCU
Device #4: Cayman, 1024MB, 830Mhz, 24MCU
Device #1: Kernel ./kernels/4098/m6211.Cayman_1124.2_1124.2.kernel (480220 bytes)
Device #1: Kernel ./kernels/4098/markov_le_plus.Cayman_1124.2_1124.2.kernel (145332 bytes)
Device #2: Kernel ./kernels/4098/m6211.Cayman_1124.2_1124.2.kernel (480220 bytes)
Device #2: Kernel ./kernels/4098/markov_le_plus.Cayman_1124.2_1124.2.kernel (145332 bytes)
Device #3: Kernel ./kernels/4098/m6211.Cayman_1124.2_1124.2.kernel (480220 bytes)
Device #3: Kernel ./kernels/4098/markov_le_plus.Cayman_1124.2_1124.2.kernel (145332 bytes)
Device #4: Kernel ./kernels/4098/m6211.Cayman_1124.2_1124.2.kernel (480220 bytes)
Device #4: Kernel ./kernels/4098/markov_le_plus.Cayman_1124.2_1124.2.kernel (145332 bytes)

test.tc:hashcat

Session.Name...: oclHashcat-plus
Status.........: Cracked
Input.Mode.....: Mask (?l?l?l?l?lat)
Hash.Target....: File (test.tc)
Hash.Type......: TrueCrypt 5.0+ / PBKDF2-HMAC-RipeMD160 / AES
Time.Started...: Fri May 17 14:27:40 2013 (40 secs)
Speed.GPU.#1...: 55788 H/s
Speed.GPU.#2...: 55775 H/s
Speed.GPU.#3...: 55795 H/s
Speed.GPU.#4...: 55797 H/s
Speed.GPU.#*...: 223.2 kH/s
Recovered......: 1/1 (100.00%) Digests, 1/1 (100.00%) Salts
Progress.......: 8749056/11881376 (73.64%)
Rejected.......: 0/8749056 (0.00%)
HWMon.GPU.#1...: 99% Util, 55c Temp, 29% Fan
HWMon.GPU.#2...: 99% Util, 57c Temp, N/A Fan
HWMon.GPU.#3...: 99% Util, 55c Temp, 29% Fan
HWMon.GPU.#4...: 99% Util, 57c Temp, N/A Fan

Started: Fri May 17 14:27:40 2013
Stopped: Fri May 17 14:28:23 2013

Here are some speeds from 2x hd6990:
  • PBKDF2-HMAC-RipeMD160 / AES: 223 kHash/s
  • PBKDF2-HMAC-SHA512 / AES: 95 kHash/s
  • PBKDF2-HMAC-Whirlpool / AES: 49 kHash/s *updated*
  • PBKDF2-HMAC-RipeMD160 boot-mode / AES: 451 kHash/s

These tests show oclHashcat-plus is new worlds fastest TrueCrypt cracker Smile

While I was implementing the Whirlpool hash I found out how this hash can be optimized by over 50% in raw mode. However, some of these technique can also be used within an PBKDF2-HMAC construct.

PS: I'll explain the technique at my talk on passwordscon 2013 in Las Vegas.

Stay tuned for v0.15 release Smile

--
atom
Nicely done! And congrats!
Is your talk going to be taped?
Totally awesome work atom Smile congrats!
Thanks guys. I'm not sure if it's taped, question for epixoip Smile
The speeds on RipeMD160 will improve again once AMD fixes this confirmed bug:

http://devgurus.amd.com/thread/166396

Currently I have to workaround this which makes the code a little bit slower.
Thank you Smile
Great ! Well, now is time for release of new oclHashcat, I guess Big Grin
No, I'm working on > length 15 support. If I'm done with that, I will release.
Oh, that's even better ! Keep up the good work Big Grin
(05-17-2013, 03:48 PM)atom Wrote: [ -> ]I'm not sure if it's taped, question for epixoip Smile

The best way to know is to actually come to the conference, and see if we are videotaping the talks Smile
Pages: 1 2 3 4