Cryptohaze GPU Rainbow Tables

From Cryptohaze Project Wiki
Jump to: navigation, search

The GPU rainbow table tools are a very high performance implementation of rainbow tables. They are capable of searching quite large password spaces very quickly, and are designed from the ground up to deal with very large table files that do not fit in RAM (100s of GB or larger). The tools will use all available GPUs in the system and are capable of handling multiple hashes at a time.


Overview of the tools

There are two sets of tools: Generate tools, and cracking tools. A brief overview of them is provided here, with details linked.

Generate tools and utilities

There are several tools in the generate chain.

  • GRTGen: The basic table generation tool that generates table parts to be merged. There are two tools: One for CUDA devices, and one for OpenCL devices.
  • GRTAnalyze: Analyzes a table to determine how many bits of hash should be retained for optimum size/performance.
  • GRTMerge: Merges separate table parts into large full or perfect tables.
  • GRTConvert: Converts a table between formats, or reduces the number of bits stored in the hash to reduce size.
  • GRTBulkConvert: Bulk converts tables from V3 tables to V2 tables (useful for distributed generation).
  • GRTIndex: Creates indexes for table files to speed searching.
  • GRTMakeTestFile: Generates a test file based on a table. Useful for developers.
  • GRTVerify: Verifies a table to ensure it is correct.
  • GRTSearchTables: Standalone table search utility used for WebTables.
  • ShowConfig-OpenCL: Shows the current OpenCL configuration.

Cracking tools

  • GRTCrack: Uses the generated rainbow tables to crack passwords. There is one version for CUDA and one for OpenCL.

Quick Table Generation Howto

Getting started generating tables is actually quite simple. The first thing is to choose the hashing algorithm you'll later want to crack (e.g. SHA1), the character set to use in the passwords (e.g. alpha, alpha-numeric, etc.). After this, pick an index (which can be any non-negative number) and you need to choose a chainlength and the number of chains you wish to produce. If you have no idea what these values control, I'd suggest learning about it from the [Rainbow_Tables#Table_Parameters] page. For the impatient, just pick a chain length of 50,000 and make the numchains 10,000,000. This will generate 500 billion hashes, uses around 200MB of space (using SHA1, 8 char passwords, and charsetall), and takes about 25 minutes with a Tesla C2075 (or about 3 hours with an ATI Raedon HD 6950). Below is the command that was used to do this generation

./GRTGen-CUDA -h SHA1 -c ./charsets/charsetall -l 8 -i 949 --chainlength 50000 --numchains 10000000 -t 256 -b 2048

The -b is to run 2048 thread blocks to run, and -t is to spawn 256 threads per block. These are optional parameters and I found that these values worked best on the particular system I was using. If you want to maximize performance, try using various values and seeing which ones run faster.

Quick Cracking Howto

As most people here are more interested in using the generated tables to crack passwords, the crack process will be described here, with the generate process being described in detail on other pages.

Get the tables from somewhere: GRT Table Sources

GRTCrack-CPP -h <hash type> -f <hash file> <table files>

The basic operation involves running GRTCrack, specifying the hash type, specifying the list of hashes to crack, and specifying the table files.

On Linux, this may look like:

./GRTCrack-CPP -h NTLM -f test_hashes/Hashes-NTLM-Full.txt output/NTLM*.grt

Windows will look similar.

You typically have to specify *.grt if you use wildcards, otherwise they will pick up the index files too - these are automatically loaded, and should not be used as table files.

Personal tools