Closed mungewell closed 7 years ago
glv2
commented
9 years ago In its current state, the program doesn't contain the code to work on a cluster of computers (like openmpi or equivalent) or to remember the passwords already tried.
But indeed you can run the program several times on several computers and choose different prefixes to test on each one.
mungewell
commented
9 years ago Added some logging on my fork. '-L' flag which lets you see what is going on.
$ ./bruteforce-salted-openssl -L 1 -l 2 -m 2 configure.enc_short -N -s "12345678" -t 2
mungewell
commented
9 years ago So looking that the '-b' and '-e' options, it is actually quite easy to partition the task between different machines (or even just break it down into smaller, more manageable blocks). These flags automatically/internally modify the password lengths, so the bulk of the command line remains the same.
So if you have 4 machines available and a character set of '12345678' you might want to do: box 1: $ ./bruteforce-salted-openssl -b '1' ... $ ./bruteforce-salted-openssl -b '2' ... box 2: $ ./bruteforce-salted-openssl -b '3' ... $ ./bruteforce-salted-openssl -b '4' ... box 3: $ ./bruteforce-salted-openssl -b '5' ... $ ./bruteforce-salted-openssl -b '6' ... box 4: $ ./bruteforce-salted-openssl -b '7' ... $ ./bruteforce-salted-openssl -b '8' ...
You might even benefit from having a queue and launching the next on the remote machine(s) when they finish their last block. Using a combination of '-s' and '-B' (my fork) flags you can spec the character set and have the candidate solutions written to file with different prefixes.
As side note, using a truncated encrypted file and the '-N' and -'M' flags, my laptop is crunching ~5,700,000,000 aes256 keys per hour :-)
$ time bruteforce-salted-openssl -L 500000 -l 5 -m 5 -N -c aes-256-cbc -M '#!/' -B binary-aes256/cand5 -t 8 start.sh.enc_short
...
Just tested solution 62460000000
Password candidate saved to file: binary-aes256/cand5-3718
Just tested solution 62460500000
Just tested solution 62461000000
Just tested solution 62461500000
^C
real 661m32.845s
user 5184m55.558s
sys 46m0.082sCheers, Simon.
Hi, I see that you have multi-thread support which works nicely. I'd like to be able to split the task across multiple PCs, do you have any suggestions on how the keyspace can be defined for each of the machines?
For example with '-t 2 -s "12345678"' threading appears to test Thread 1: 1, 2, 3, 4, 11, 12, 13, 14, 15, 16, 17, 18, 21, 22, 23, etc Thread 2: 5, 6, 7, 8, 51, 52, 53, 54, 55, 56, 57, 58, 61, 62, 63, etc
Do I just hard code a different prefix on different machines, and run multiple times to cover all options?
It would also be nice to be able to restart at particular location in the sequence. Maybe these are the same request...