hashcat
advanced password recovery


Digg Del.icio.us Reddit Facebook Stumble Upon Twitter

Download latest version (older versions)

Name Version License md5sum Date
oclGaussCrack v1.3 GPLv2 fc7b0b5fb1a0bc6084de98ca4f7463db 2013.02.05

Changes v1.2 -> v1.3

  • Added two support utilities: gaussFilter and gaussCombinator, see README for details
  • Added check for \r\n LFs not just \n
  • Implemented Trac #47: Full verification of all 4 known hashes
  • Implemented Trac #48: Saving the cracked hashes to a "pot" file
  • Fixed buf: In utf16 unicode there is a zero-byte following the \n, skip it

  • Changes v1.1 -> v1.2

  • Added two optional parameters to pick a range of candidates to test - useful in distributed / resume
  • Reduced required host memory
  • Cleaned code to make it more readable
  • Changed maximum line length from BUFSIZ to configurable MAX_LINELEN
  • Changed GPU kernel to more precise checks
  • Changed GPU runtime in status display
  • Fixed bug: Add extra buffer space for salt and padding
  • Fixed bug: VECT_SIZE was handled incorrectly
  • Fixed bug: kernel source terminator byte was set incorrectly
  • Fixed bug: cracked display showed more data than neccessary

  • Changes v1.0 -> v1.1

  • Added windows precompiled binaries
  • Added dedicated 32/64 bit precompiled binaries
  • Added real Gauss-Virus hash to kernel
  • Test vector hash is just commented out, simply uncomment it for test
  • Removed OpenSSL depency
  • Fixed documentation
  • Why

    The goal of the program is to crack the verification hash of the encrypted payload of the Gauss Virus as described here

    • Uses OpenCL to accelerate the 10k MD5 loop
    • Uses optimizations also used in oclHashcat-plus for maximum performance
    • Able to handle multi-GPU setups (of the same type)
    • VCL (Virtual CL) v1.18 compatible
    • Open Source
    • Supports integration into distributed computing environments
    • Supports resume

    Use the binaries

    • Make sure you have OpenCL enabled driver installed

    ... or compile it from sources

    • Make sure to have an OpenCL SDK installed
    • Just run "make" to compile

    Performance

    • AMD Radeon HD 7970 (GPU): 489k c/s
    • AMD Radeon HD 6990 (GPU): 670k c/s
    • AMD FX 8120 (CPU): 14k c/s
    • AMD FX 6100 (CPU): 11k c/s
    • NVIDIA GeForce GTX 470 (GPU): 94k c/s
    • NVIDIA GeForce GTX 560Ti (GPU): 86k c/s

    Intel CPU supporting OpenCL should work as well.
    You can increase the performance slightly by increasing the workload GPU_ACCEL in oclGaussCrack.c.
    To enable CPU mode change DEVICE_TYPE to CL_DEVICE_TYPE_CPU.

    How to use

    • The program waits for any arbitrary input data on stdin. This is your password / path / the unknown key
    • It then appends the fixed salt to the input and processes the first MD5 on CPU
    • The resulting digest is used as input for the 10k MD5 loops which is done on the GPU
    • The hashes are compared on GPU. If they match, the GID which matched is stored in the result buffer
    • The host program reads the result buffer and if the hash was cracked it uses the GID to lookup the original plaintext used

    Example

    This is the official Kaspersky test-vector!

    NOTE: To enable "test mode", go to src/oclGaussCrack.cl and uncomment the target hash for the test vector in lines 31 - 37.
    $ ./oclGaussCrack64.bin < test.txt
    
    This should output:
    
    Loading Kernel...
    Initializing OpenCL...
    Found new device # 0: Tahiti, 32 compute units
    Initialization done, accepting candidates from stdin...
    
    
    GPU # 0: ALARM! Candidate number 0 cracked the hash! Hex dump following:
    
    43 00 3a 00 5c 00 44 00
    6f 00 63 00 75 00 6d 00
    65 00 6e 00 74 00 73 00
    20 00 61 00 6e 00 64 00
    20 00 53 00 65 00 74 00
    74 00 69 00 6e 00 67 00
    73 00 5c 00 6a 00 6f 00
    68 00 6e 00 5c 00 4c 00
    6f 00 63 00 61 00 6c 00
    20 00 53 00 65 00 74 00
    74 00 69 00 6e 00 67 00
    73 00 5c 00 41 00 70 00
    70 00 6c 00 69 00 63 00
    61 00 74 00 69 00 6f 00
    6e 00 20 00 44 00 61 00
    74 00 61 00 5c 00 47 00
    6f 00 6f 00 67 00 6c 00
    65 00 5c 00 43 00 68 00
    72 00 6f 00 6d 00 65 00
    5c 00 41 00 70 00 70 00
    6c 00 69 00 63 00 61 00
    74 00 69 00 6f 00 6e 00
    7e 00 64 00 69 00 72 00
    31 00 00 00 00 00 00 00
              

    Parameters

    oclGaussCrack supports two optional parameters since v1.2.

    The first one sets an offset that defines how many entries from input data to skip.
    The second one sets an limitation that defines how many entries from input data to process.

    By doing this, you can pick a range of the workload coming on stdin.
    This is required to integrate oclGaussCrack into distributed computing services, like boinc or so.
    It is also useful if you want to continue your work at a specific point after it stopped for whatever reason.

    Both parameters are just numbers. You can set the first one without setting the second one but not vice versa.

    Limitations

    • Maximum input length of the string can be configured by changing MAX_LINELEN in program header.
    • Maximum number of GPUs suported can be configured by changing MAX_GPU in the program header.

    Download older versions

    This is a list of older oclGaussCrack versions, it's not always bad to grab the latest version.

    Name Version License md5sum Date
    oclGaussCrack v1.2 GPLv2 125f21cd6b3c602af034b7550c3dda64 2012.12.30
    oclGaussCrack v1.1 GPLv2 20480a9e4c2aa011b3abc3c0b796b5e1 2012.12.28
    oclGaussCrack v1.0 GPLv2 562a3bae0c9ae201bfdf0c243faf6bbe 2012.12.27