Cryptohaze Multiforcer

Overview

The Cryptohaze Multiforcer is a high performance multihash brute forcer with support for per-position character sets, and very good performance scaling when dealing with large hash lists. As an example, on a list of 10 hashes, the Cryptohaze Multiforcer achieves 390M steps per second on a GTX260/[email protected] card. On a list of 1.4 million hashes with the same card, performance drops to 380M steps per second. This is the password stepping rate - not the search rate. The search rate is 380M * 1.4M passwords per second!

Downloads

The latest version of the Cryptohaze Multiforcer can be found on the Sourceforge project page: http://sourceforge.net/projects/cryptohaze/files/Cryptohaze-Combined/
Currently supported platforms are Windows, Linux, and OS X. Right now, it's a 64-bit binary, but the build environment supports 32-bit builds if needed.

Supported Algorithms

The Cryptohaze Multiforcer supports quite a few algorithms. The current list can be found on the wiki, but here's an overview!

  • MD5: md5($pass)
  • MD5S: md5($pass) for single MD5
  • NTLM: md4(unicode-16le($pass))
  • MD4: md4($pass)
  • SHA1: sha1($pass)
  • MSSQL: sha1($salt.toupper($pass))
  • SHA: base64(sha1($pass))
  • MD5_PS: md5($pass.$salt)
  • MD5_SP: md5($salt.$pass)
  • SSHA: base64(sha1($pass.$salt))
  • DOUBLEMD5: md5(md5($pass))
  • TRIPLEMD5: md5(md5(md5($pass)))
  • MD5OFSHA1: md5(sha1($pass))
  • SHA1OFMD5: sha1(md5($pass))
  • DUPMD5: md5($pass.$pass)
  • DUPNTLM: md4(unicode-16le($pass.$pass))
  • LM: Microsoft LanMan hash

  • Supported Platforms

    The Cryptohaze Multiforcer supports Windows, Linux, and Mac OS X. An nVidia GPU with CUDA support (8000 series, 9000 series, GTX200 series, GTX400/500 series) is required for this to function. Additionally, a reasonably modern driver with CUDA support will be required. However, to see good rates, a fairly powerful GPU is required. GTX200 series cards are the lowest recommended cards.

    Network Support

    The Cryptohaze Multiforcer includes cross-platform network support for unsalted hashes. This allows multiple hosts to easily work together on a complex problem space without requiring the user to manually break it into smaller pieces as some other tools require. All the results are consolidated on the server platform, and clients can connect and disconnect as they please. To enable the server, launch the Multiforcer as normal, except with the "--enableserver" command line flag. If you wish the server to ONLY be a server, and not run any CUDA computations (which can reduce the risk of the server crashing), add the "--serveronly" flag. The clients are launched with the "--remoteip remote_ip_or_hosthame" flag (with the appropriate IP or hostname) and will soon join in.

    Manual

    File formats

    The Multiforcer takes two files as inputs: the hash file, and the character set file. The hash file is very simple: One hash per line as follows:
    Hash input file
C55DC1C662628C7B3B85635A4E96262A
5F4DCC3B5AA765D61D8327DEB882CF99
0040F2ABC2CFF0C8F59883B99AE9FAB6
D41D8CD98F00B204E9800998ECF8427E
    The character set file is slightly more complex. For a single character set (the same character set applied to all positions), the character set file is very simple: Just the character set in a file, followed by a newline: 
    Single charset file (-c parameter)
abcdefghijklmnopqrstuvwzyx0123456789

    The per-position character set file is a bit more complex: One character set per line. Each line corresponds to the position in the password (so the 1st line is the 1st character, the 2nd line is the 2nd character, etc). You should have at least as many lines as characters in the password. 
    Per-position charset file (-u parameter)
 !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
abcdefghijklmnopqrstuvwxyz 
abcdefghijklmnopqrstuvwxyz 
abcdefghijklmnopqrstuvwxyz 
abcdefghijklmnopqrstuvwxyz
abcdefghijklmnopqrstuvwxyz
abcdefghijlkmnopqrstuvwxyz
 !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
 !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~

    Basic command line parameters

    For a full list of command line options, look at the wiki page.

    -h / --hashtype [hash type] (required) This specifies the hash type to search. See the wiki for a current list of supported hashes.
    -c / --charsetfile <filename> This specifies the charset file for single charset use.
    -u / --charsetfilemulti <filename> This specifies the charset file for per-position charset use.
    -o / --outputfile (optional) This specifies the output for found hashes. The file will be appended, not overwritten.
    -f / --hashfile (required) This specifies the file of hashes. Hashes should be in ASCII-hex format (as they are typically found), one per line. The file should end with a newline.
    --min / --max (required) These set the minimum and maximum password lengths to search. Lengths of 0 through 14 are currently supported.
    -m / --ms (optional) This specifies the target kernel time, in milliseconds (1/1000th of a second). When using a system with a GUI, lower times will allow better display response, but will lower performance. See below for more details. The default is 50ms, which should not interfere with general system use.
    -l / --lookup (optional) Use a 512MB chunk of GPU RAM to improve performance on very large hashlists. Requires at least 768MB video RAM to use.

    FAQ/Troubleshooting

    It doesn't run!

    Yes... this is a common problem with bleeding edge software. This is also the reason for the support forum. First steps would be to ensure you're running the most recent nVidia provided driver, and then to see if you can run /any/ CUDA enabled programs. CUDA requires an nVidia Geforce 8000 series or above (or some of the Quadros). Additionally, if you are using a large amount of video RAM, there may not be sufficient memory remaining for the kernels to launch. Debugging for this will be added in future versions, but if you are getting vague errors, try rebooting and running the code with no other applications open. If this doesn't help, post details of your error and configuration in the forum and I'll try to help.

    It doesn't run on my shiny new MacBook Pro with nVIdia 330M graphics!

    Yes, this is a known issue. Fortunately, there is a fix. The issue is that, under normal operation, the machine is using the Intel graphics chip - and not the nVidia CUDA capable card. The solution is to download gfxCardStatus, and force use of the 330M. This should allow the tools to run - let me know in the forums if you still have issues.

    Why is it slower on Vista/Win7 than on Linux?

    Classy as it is to say "Blame Microsoft," it's true. They changed the driver model for video cards, and as a result, kernel launches take longer, and the GUI does not let the GPU do whatever it wants. Try passing in a larger -m value and see if it helps.

    Forget desktop response - how do I make this run as fast as possible?

    The best option is a headless Linux server with a very high end GPU in it. If that's not an option, try passing --threads 512 --blocks 512 -m 500 to it. You may see improvements with an even longer kernel execution time - it depends on the system. Your display will be nearly unusable when this is running. If you have a low end GPU and this does not launch, try reducing the thread count to 256.

    It doesn't run on my ATI card! When will you support ATI?

    I would like to support ATI, but I don't have any ATI cards, and don't have the spare funds to go out and buy a few top of the line ATI cards to test on. Perhaps you should consider donating to my GPU fund!

    How about resume support?

    There is a definite demand for this! The next version will have checkpoint files and resume support!

    I have another question...

    The forum is linked in the nav on the left.


    ~Bitweasil