From b4f4ccaa2beec25aefe63647cbcf4321736c8f69 Mon Sep 17 00:00:00 2001 From: James Nobis Date: Tue, 4 Jan 2011 00:41:15 -0600 Subject: [PATCH] backport rcracki_mt trunk from rcracki.sourceforge.net misc cleanup 64-bit counters for values that overflowed --- .../distrrtgen_cuda/Makefile.linux_i686 | 145 ++++ .../rcracki_mt/ChainWalkContext.cpp | 12 +- .../rcracki_mt/ChainWalkSet.cpp | 648 +++++++++--------- Client Applications/rcracki_mt/ChainWalkSet.h | 154 ++--- Client Applications/rcracki_mt/ChangeLog.txt | 169 ++--- .../rcracki_mt/CrackEngine.cpp | 26 +- Client Applications/rcracki_mt/CrackEngine.h | 196 +++--- .../rcracki_mt/HashAlgorithm.h | 128 ++-- Client Applications/rcracki_mt/HashRoutine.h | 110 +-- Client Applications/rcracki_mt/HashSet.h | 118 ++-- Client Applications/rcracki_mt/Public.h | 1 + Client Applications/rcracki_mt/README.txt | 342 ++++----- Client Applications/rcracki_mt/RTI2Reader.cpp | 3 +- Client Applications/rcracki_mt/RTI2Reader.h | 2 +- .../rcracki_mt/RainbowCrack.cpp | 11 +- Client Applications/rcracki_mt/TODO | 1 + Client Applications/rcracki_mt/lm2ntlm.h | 160 ++--- Client Applications/rcracki_mt/md4.h | 70 +- .../rcracki_mt/rcrackiThread.cpp | 1 + .../rcracki_mt/rcrackiThread.h | 170 ++--- Client Applications/rcracki_mt/rcracki_mt.ini | 64 +- Client Applications/rcracki_mt/sha1.h | 66 +- 22 files changed, 1373 insertions(+), 1224 deletions(-) create mode 100644 BOINC software/BOINC client apps/distrrtgen_cuda/Makefile.linux_i686 diff --git a/BOINC software/BOINC client apps/distrrtgen_cuda/Makefile.linux_i686 b/BOINC software/BOINC client apps/distrrtgen_cuda/Makefile.linux_i686 new file mode 100644 index 0000000..f556474 --- /dev/null +++ b/BOINC software/BOINC client apps/distrrtgen_cuda/Makefile.linux_i686 @@ -0,0 +1,145 @@ +# freerainbowtables is a project for generating, distributing, and using +# perfect rainbow tables +# +# Copyright (C) Zhu Shuanglei +# Copyright 2010 Martin Westergaard Jørgensen +# Copyright 2009, 2010 Daniël Niggebrugge +# Copyright 2009, 2010 James Nobis +# +# This file is part of freerainbowtables. +# +# freerainbowtables is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 2 of the License, or +# (at your option) any later version. +# +# freerainbowtables is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with freerainbowtables. If not, see . + +SHELL = /bin/sh + +#BOINC_DIR = /home/ubuntu/boinc +BOINC_DIR = /usr/share/boinc-dev +BOINC_API_DIR = $(BOINC_DIR)/api +BOINC_LIB_DIR = $(BOINC_DIR)/lib +CC = g++ +COMMON_LIB_DIR = /usr/lib +# ending for libcudart +CUDA_LIB = so.2 +#CUDA_LIB = so.3 +CUDA_PATH = /usr/local/cuda +CUDA_VERSION = cuda__23 +#CUDA_VERSION = cuda__30 +#CUDA_VERSION = cuda__32 +PLATFORM = i686-pc-linux-gnu +VERSION = 3.11 +INCLUDES = -I../../../Common/rt\ api -I$(BOINC_DIR) -I$(BOINC_LIB_DIR) \ + -I$(BOINC_API_DIR) -I$(CUDA_PATH)/include +COMMON_API_PATH = ../../../Common/rt\ api + +OPTIMIZATION = -O3 +WARNALL = -Wextra -Wunused-macros -Wunsafe-loop-optimizations -Wundef \ + -Woverlength-strings -Wdisabled-optimization -Wformat-extra-args \ + -Wformat-security -Winline + +CXXFLAGS = -Wall -static -static-libgcc -ansi -c -DBOINC $(INCLUDES) \ + $(OPTIMIZATION) $(DEBUG) + +# -static +LFLAGS = -Wall -static-libgcc -ansi $(INCLUDES) $(OPTIMIZATION) \ + -L$(BOINC_API_DIR) -L$(BOINC_LIB_DIR) -L/usr/X11R6/lib -L/usr/lib \ + -L$(CUDA_PATH)/lib -L. -Xlinker -rpath . $(DEBUG) + +LIBS = -lboinc_api -lboinc -lpthread -lcudart \ + libcudart.$(CUDA_LIB)=libcudart_$(VERSION)_$(PLATFORM)_$(CUDA_VERSION).$(CUDA_LIB) \ + libgcc_s.so.1=libgcc_s_$(VERSION)_$(PLATFORM)_$(CUDA_VERSION).so.1 \ + libstdc++.so.6=libstdc++_$(VERSION)_$(PLATFORM)_$(CUDA_VERSION).so.6 \ + $(COMMON_LIB_DIR)/libpthread.a +OBJS = ChainWalkContext.o des_enc.o des_setkey.o distrrtgen.o ecb_enc.o \ + HashAlgorithm.o HashRoutine.o md4.o md5.o Public.o rcuda_ext.o rcuda.o + +OSNAME = $(shell uname -s) + +all: distrrtgen + +distrrtgen: libcudart_$(PLATFORM).$(CUDA_LIB) \ + libgcc_s_$(PLATFORM).so.1 libstdc++_$(PLATFORM).so.6 \ + $(BOINC_API_DIR)/libboinc_api.a $(BOINC_LIB_DIR)/libboinc.a $(OBJS) + $(CXX) $(LFLAGS) $(OBJS) $(LIBS) -o distrrtgen + +libcudart_$(PLATFORM).$(CUDA_LIB): + ln -s $(CUDA_PATH)/lib/libcudart.$(CUDA_LIB) \ + libcudart.$(CUDA_LIB)=libcudart_$(VERSION)_$(PLATFORM)_$(CUDA_VERSION).$(CUDA_LIB) + echo -n "" > libcudart.$(CUDA_LIB)=libcudart_$(VERSION)_$(PLATFORM)_$(CUDA_VERSION).$(CUDA_LIB).file_ref_info + +libstdc++_$(PLATFORM).so.6: + ln -s `$(CC) $(CXXFLAGS) -print-file-name=libstdc++.so.6` \ + libstdc++.so.6=libstdc++_$(VERSION)_$(PLATFORM)_$(CUDA_VERSION).so.6 + echo -n "" > libstdc++.so.6=libstdc++_$(VERSION)_$(PLATFORM)_$(CUDA_VERSION).so.6.file_ref_info + +libgcc_s_$(PLATFORM).so.1: + ln -s `$(CC) $(CXXFLAGS) -print-file-name=libgcc_s.so.1` \ + libgcc_s.so.1=libgcc_s_$(VERSION)_$(PLATFORM)_$(CUDA_VERSION).so.1 + echo -n "" > libgcc_s.so.1=libgcc_s_$(VERSION)_$(PLATFORM)_$(CUDA_VERSION).so.1.file_ref_info + +clean: + /bin/rm -f distrrtgen *.o + +debug: DEBUG += -DDEBUG -g +debug: all + +debugall: DEBUG += -DDEBUG -g $(WARNALL) +debugall: all + +distclean: + /bin/rm -f distrrtgen *.o \ + libgcc_s.so.1=libgcc_s_$(VERSION)_$(PLATFORM)_$(CUDA_VERSION).so.1 \ + libstdc++.so.6=libstdc++_$(VERSION)_$(PLATFORM)_$(CUDA_VERSION).so.6 \ + libcudart.$(CUDA_LIB)=libcudart_$(VERSION)_$(PLATFORM)_$(CUDA_VERSION).$(CUDA_LIB) \ + libgcc_s.so.1=libgcc_s_$(VERSION)_$(PLATFORM)_$(CUDA_VERSION).so.1.file_ref_info \ + libstdc++.so.6=libstdc++_$(VERSION)_$(PLATFORM)_$(CUDA_VERSION).so.6.file_ref_info \ + libcudart.$(CUDA_LIB)=libcudart_$(VERSION)_$(PLATFORM)_$(CUDA_VERSION).$(CUDA_LIB).file_ref_info + +rebuild: clean all + +ChainWalkContext.o: $(COMMON_API_PATH)/ChainWalkContext.h $(COMMON_API_PATH)/ChainWalkContext.cpp $(COMMON_API_PATH)/HashRoutine.h $(COMMON_API_PATH)/Public.h + $(CXX) $(CXXFLAGS) $(COMMON_API_PATH)/ChainWalkContext.cpp + +des_enc.o: $(COMMON_API_PATH)/des_enc.c $(COMMON_API_PATH)/des_locl.h $(COMMON_API_PATH)/spr.h + $(CXX) $(CXXFLAGS) $(COMMON_API_PATH)/des_enc.c + +des_setkey.o: $(COMMON_API_PATH)/des_setkey.c $(COMMON_API_PATH)/des_locl.h $(COMMON_API_PATH)/podd.h $(COMMON_API_PATH)/sk.h + $(CXX) $(CXXFLAGS) $(COMMON_API_PATH)/des_setkey.c + +distrrtgen.o: distrrtgen.cpp distrrtgen.h $(COMMON_API_PATH)/ChainWalkContext.h $(COMMON_API_PATH)/Public.h + $(CXX) $(CXXFLAGS) distrrtgen.cpp + +ecb_enc.o: $(COMMON_API_PATH)/ecb_enc.c $(COMMON_API_PATH)/des_locl.h $(COMMON_API_PATH)/spr.h + $(CXX) $(CXXFLAGS) $(COMMON_API_PATH)/ecb_enc.c + +HashAlgorithm.o: $(COMMON_API_PATH)/HashAlgorithm.h $(COMMON_API_PATH)/HashAlgorithm.cpp $(COMMON_API_PATH)/Public.h $(COMMON_API_PATH)/md4.h + $(CXX) $(CXXFLAGS) $(COMMON_API_PATH)/HashAlgorithm.cpp + +HashRoutine.o: $(COMMON_API_PATH)/HashRoutine.h $(COMMON_API_PATH)/HashRoutine.cpp $(COMMON_API_PATH)/global.h $(COMMON_API_PATH)/HashAlgorithm.h + $(CXX) $(CXXFLAGS) $(COMMON_API_PATH)/HashRoutine.cpp + +md4.o: $(COMMON_API_PATH)/md4.h $(COMMON_API_PATH)/md4.cpp $(COMMON_API_PATH)/global.h + $(CXX) $(CXXFLAGS) $(COMMON_API_PATH)/md4.cpp + +md5.o: $(COMMON_API_PATH)/md5.h $(COMMON_API_PATH)/md5.cpp $(COMMON_API_PATH)/global.h + $(CXX) $(CXXFLAGS) $(COMMON_API_PATH)/md5.cpp + +Public.o: $(COMMON_API_PATH)/Public.h $(COMMON_API_PATH)/Public.cpp $(COMMON_API_PATH)/global.h + $(CXX) $(CXXFLAGS) $(COMMON_API_PATH)/Public.cpp + +rcuda_ext.o: rcuda_ext.h rcuda_ext.cpp $(COMMON_API_PATH)/ChainWalkContext.h + $(CXX) $(CXXFLAGS) rcuda_ext.cpp + +rcuda.o: rcuda.h rcuda.cu $(COMMON_API_PATH)/Public.h $(COMMON_API_PATH)/global.h + $(CUDA_PATH)/bin/nvcc $(OPTIMIZATION) $(DEBUG) --machine 32 -I../../../Common/rt\ api --compile rcuda.cu +# $(CUDA_PATH)/bin/nvcc -G $(DEBUG) --machine 32 -I../../../Common/rt\ api --compile rcuda.cu diff --git a/Client Applications/rcracki_mt/ChainWalkContext.cpp b/Client Applications/rcracki_mt/ChainWalkContext.cpp index 417d900..60c7f0f 100644 --- a/Client Applications/rcracki_mt/ChainWalkContext.cpp +++ b/Client Applications/rcracki_mt/ChainWalkContext.cpp @@ -553,15 +553,11 @@ void CChainWalkContext::IndexToPlain() } m_Plain[i] = m_vCharset[j].m_PlainCharset[nTemp]; #else - __asm__ __volatile__ ( "mov %2, %%eax;" - "xor %%edx, %%edx;" + __asm__ __volatile__ ("xor %%edx, %%edx;" "divl %3;" - "mov %%eax, %0;" - "mov %%edx, %1;" - : "=m"(nIndexOfX32), "=m"(nTemp) - : "m"(nIndexOfX32), "m"(m_vCharset[j].m_nPlainCharsetLen) - : "%eax", "%edx" - ); + : "=a"(nIndexOfX32), "=d"(nTemp) + : "a"(nIndexOfX32), "rm"(m_vCharset[j].m_nPlainCharsetLen) + : ); m_Plain[i] = m_vCharset[j].m_PlainCharset[nTemp]; #endif break; diff --git a/Client Applications/rcracki_mt/ChainWalkSet.cpp b/Client Applications/rcracki_mt/ChainWalkSet.cpp index b80b4ab..48ca775 100644 --- a/Client Applications/rcracki_mt/ChainWalkSet.cpp +++ b/Client Applications/rcracki_mt/ChainWalkSet.cpp @@ -1,324 +1,324 @@ -/* - * rcracki_mt is a multithreaded implementation and fork of the original - * RainbowCrack - * - * Copyright (C) Zhu Shuanglei - * Copyright Martin Westergaard Jørgensen - * Copyright 2009, 2010 Daniël Niggebrugge - * Copyright 2009, 2010 James Nobis - * - * This file is part of rcracki_mt. - * - * rcracki_mt is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 2 of the License, or - * (at your option) any later version. - * - * rcracki_mt is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with rcracki_mt. If not, see . - */ - -#if defined(_WIN32) && !defined(__GNUC__) - #pragma warning(disable : 4786) -#endif - -#include "ChainWalkSet.h" - -CChainWalkSet::CChainWalkSet() -{ - m_sHashRoutineName = ""; - m_sPlainCharsetName = ""; - m_nPlainLenMin = 0; - m_nPlainLenMax = 0; - m_nRainbowTableIndex = 0; - m_nRainbowChainLen = 0; - debug = false; - sPrecalcPathName = ""; - preCalcPart = 0; -} - -CChainWalkSet::~CChainWalkSet() -{ - DiscardAll(); -} - -void CChainWalkSet::DiscardAll() -{ - //printf("debug: discarding all walk...\n"); - - list::iterator it; - for (it = m_lChainWalk.begin(); it != m_lChainWalk.end(); it++) - delete [] it->pIndexE; - m_lChainWalk.clear(); -} - -string CChainWalkSet::CheckOrRotatePreCalcFile() -{ - char sPreCalcFileName[255]; - - // 255 files limit to be sure - for (; preCalcPart < 255; preCalcPart++) - { - sprintf(sPreCalcFileName, "%s.%d", sPrecalcPathName.c_str(), preCalcPart); - string sReturnPreCalcPath(sPreCalcFileName); - - long fileLen = 0; - - FILE* file = fopen(sReturnPreCalcPath.c_str(), "ab"); - if(file!=NULL) - { - fileLen = GetFileLen(file); - long unsigned int nextFileLen = fileLen + (sizeof(uint64) * (m_nRainbowChainLen-1)); - // Rotate to next file if we are going to pass 2GB filesize - if (nextFileLen < ((unsigned)2 * 1024 * 1024 * 1024)) - { - // We might want to vPrecalcFiles.push_back(sReturnPreCalcPath) if we just created this file - // We don't as only newly generated chainwalksets will be stored to this new file, so we don't have to look there - if (debug) printf("Debug: Using for precalc: %s\n", sReturnPreCalcPath.c_str()); - fclose(file); - return sReturnPreCalcPath; - } - fclose(file); - } - } - - return string(""); -} - -void CChainWalkSet::updateUsedPrecalcFiles() -{ - // we might also use this function to search a wildcard path of precalc files - vPrecalcFiles.clear(); - char sPreCalcFileName[255]; - - int i; - // 255 files max - for (i = 0; i < 255; i++) - { - sprintf(sPreCalcFileName, "%s.%d", sPrecalcPathName.c_str(), i); - string sTryPreCalcPath(sPreCalcFileName); - FILE* file = fopen(sTryPreCalcPath.c_str(), "rb"); - if(file!=NULL) { - vPrecalcFiles.push_back(sTryPreCalcPath); - fclose(file); - } - else { - break; - } - } -} - -void CChainWalkSet::removePrecalcFiles() -{ - if (debug) printf("Debug: Removing precalc files.\n"); - updateUsedPrecalcFiles(); - string sCurrentPrecalcPathName = ""; - string sCurrentPrecalcIndexPathName = ""; - - int i; - for (i = 0; i < (int)vPrecalcFiles.size(); i++) - { - sCurrentPrecalcPathName = vPrecalcFiles[i]; - sCurrentPrecalcIndexPathName = sCurrentPrecalcPathName + ".index"; - - if (debug) printf("Debug: Removing precalc file: %s\n", sCurrentPrecalcPathName.c_str()); - - if (remove(sCurrentPrecalcPathName.c_str()) != 0) - if (debug) printf("Debug: Failed removing precalc file: %s\n", sCurrentPrecalcPathName.c_str()); - - if (debug) printf("Debug: Removing precalc index file: %s\n", sCurrentPrecalcIndexPathName.c_str()); - - if (remove(sCurrentPrecalcIndexPathName.c_str()) != 0) - if (debug) printf("Debug: Failed removing precalc index file: %s\n", sCurrentPrecalcIndexPathName.c_str()); - - } -} - -bool CChainWalkSet::FindInFile(uint64* pIndexE, unsigned char* pHash, int nHashLen) -{ - int gotPrecalcOnLine = -1; - char precalculationLine[255]; - sprintf(precalculationLine, "%s_%s#%d-%d_%d_%d:%s\n", m_sHashRoutineName.c_str(), m_sPlainCharsetName.c_str(), m_nPlainLenMin, m_nPlainLenMax, m_nRainbowTableIndex, m_nRainbowChainLen, HexToStr(pHash, nHashLen).c_str() ); - string precalcString(precalculationLine); - - string sCurrentPrecalcPathName = ""; - string sCurrentPrecalcIndexPathName = ""; - long unsigned int offset; - - int i; - for (i = 0; i < (int)vPrecalcFiles.size() && gotPrecalcOnLine == -1; i++) - { - sCurrentPrecalcPathName = vPrecalcFiles[i]; - sCurrentPrecalcIndexPathName = sCurrentPrecalcPathName + ".index"; - - offset = 0; - - vector precalcLines; - if (ReadLinesFromFile(sCurrentPrecalcIndexPathName.c_str(), precalcLines)) - { - int j; - for (j = 0; j < (int)precalcLines.size(); j++) - { - if (precalcString.compare(0, precalcString.size()-1, precalcLines[j]) == 0) - { - gotPrecalcOnLine = j; - break; - } - - // Parse - vector vPart; - if (SeperateString(precalcLines[j], "___:", vPart)) - { - // add to offset - offset += ((atoi(vPart[3].c_str())-1) * sizeof(uint64)); - } - else { - // corrupt file - printf("Corrupted precalculation file!\n"); - gotPrecalcOnLine = -1; - break; - } - } - } - } - - if (gotPrecalcOnLine > -1) - { - if (debug) printf("Debug: Reading pre calculations from file, line %d offset %lu\n", gotPrecalcOnLine, offset); - - FILE* fp = fopen(sCurrentPrecalcPathName.c_str(), "rb"); - - if (fp!=NULL) { - fseek(fp, offset, SEEK_SET); - - // We should do some verification here, for example by recalculating the middle chain, to catch corrupted files - if(fread(pIndexE, sizeof(uint64), (unsigned long)m_nRainbowChainLen-1, fp) != (unsigned long)m_nRainbowChainLen-1) - printf("File read error."); - fclose(fp); - } - else - printf("Cannot open precalculation file %s.\n", sCurrentPrecalcPathName.c_str()); - - //printf("\npIndexE[0]: %s\n", uint64tostr(pIndexE[0]).c_str()); - //printf("\npIndexE[nRainbowChainLen-2]: %s\n", uint64tostr(pIndexE[m_nRainbowChainLen-2]).c_str()); - - return true; - } - - return false; -} - -void CChainWalkSet::StoreToFile(uint64* pIndexE, unsigned char* pHash, int nHashLen) -{ - if (debug) printf("\nDebug: Storing precalc\n"); - - string sCurrentPrecalcPathName = CheckOrRotatePreCalcFile(); - string sCurrentPrecalcIndexPathName = sCurrentPrecalcPathName + ".index"; - - FILE* fp = fopen(sCurrentPrecalcPathName.c_str(), "ab"); - if(fp!=NULL) - { - if(fwrite(pIndexE, sizeof(uint64), (unsigned long)m_nRainbowChainLen-1, fp) != (unsigned long)m_nRainbowChainLen-1) - printf("File write error."); - else - { - FILE* file = fopen(sCurrentPrecalcIndexPathName.c_str(), "a"); - if (file!=NULL) - { - char precalculationLine[255]; - sprintf(precalculationLine, "%s_%s#%d-%d_%d_%d:%s\n", m_sHashRoutineName.c_str(), m_sPlainCharsetName.c_str(), m_nPlainLenMin, m_nPlainLenMax, m_nRainbowTableIndex, m_nRainbowChainLen, HexToStr(pHash, nHashLen).c_str() ); - fputs (precalculationLine, file); - fclose (file); - } - } - fclose(fp); - } - else - printf("Cannot open precalculation file %s\n", sCurrentPrecalcPathName.c_str()); -} - -uint64* CChainWalkSet::RequestWalk(unsigned char* pHash, int nHashLen, - string sHashRoutineName, - string sPlainCharsetName, int nPlainLenMin, int nPlainLenMax, - int nRainbowTableIndex, - int nRainbowChainLen, - bool& fNewlyGenerated, - bool setDebug, - string sPrecalc) -{ - debug = setDebug; - sPrecalcPathName = sPrecalc; - - if ( m_sHashRoutineName != sHashRoutineName - || m_sPlainCharsetName != sPlainCharsetName - || m_nPlainLenMin != nPlainLenMin - || m_nPlainLenMax != nPlainLenMax - || m_nRainbowTableIndex != nRainbowTableIndex - || m_nRainbowChainLen != nRainbowChainLen) - { - DiscardAll(); - - m_sHashRoutineName = sHashRoutineName; - m_sPlainCharsetName = sPlainCharsetName; - m_nPlainLenMin = nPlainLenMin; - m_nPlainLenMax = nPlainLenMax; - m_nRainbowTableIndex = nRainbowTableIndex; - m_nRainbowChainLen = nRainbowChainLen; - - ChainWalk cw; - memcpy(cw.Hash, pHash, nHashLen); - cw.pIndexE = new uint64[nRainbowChainLen - 1]; - m_lChainWalk.push_back(cw); - - // Only update this list when we search through another rainbow table - updateUsedPrecalcFiles(); - - if (!FindInFile(cw.pIndexE, pHash, nHashLen)) - fNewlyGenerated = true; - else - fNewlyGenerated = false; - return cw.pIndexE; - } - - list::iterator it; - for (it = m_lChainWalk.begin(); it != m_lChainWalk.end(); it++) - { - if (memcmp(it->Hash, pHash, nHashLen) == 0) - { - fNewlyGenerated = false; - return it->pIndexE; - } - } - - ChainWalk cw; - memcpy(cw.Hash, pHash, nHashLen); - cw.pIndexE = new uint64[nRainbowChainLen - 1]; - m_lChainWalk.push_back(cw); - - if (!FindInFile(cw.pIndexE, pHash, nHashLen)) - fNewlyGenerated = true; - else - fNewlyGenerated = false; - return cw.pIndexE; -} - -void CChainWalkSet::DiscardWalk(uint64* pIndexE) -{ - list::iterator it; - for (it = m_lChainWalk.begin(); it != m_lChainWalk.end(); it++) - { - if (it->pIndexE == pIndexE) - { - delete it->pIndexE; - m_lChainWalk.erase(it); - return; - } - } - - printf("debug: pIndexE not found\n"); -} +/* + * rcracki_mt is a multithreaded implementation and fork of the original + * RainbowCrack + * + * Copyright (C) Zhu Shuanglei + * Copyright Martin Westergaard Jørgensen + * Copyright 2009, 2010 Daniël Niggebrugge + * Copyright 2009, 2010 James Nobis + * + * This file is part of rcracki_mt. + * + * rcracki_mt is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 2 of the License, or + * (at your option) any later version. + * + * rcracki_mt is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with rcracki_mt. If not, see . + */ + +#if defined(_WIN32) && !defined(__GNUC__) + #pragma warning(disable : 4786) +#endif + +#include "ChainWalkSet.h" + +CChainWalkSet::CChainWalkSet() +{ + m_sHashRoutineName = ""; + m_sPlainCharsetName = ""; + m_nPlainLenMin = 0; + m_nPlainLenMax = 0; + m_nRainbowTableIndex = 0; + m_nRainbowChainLen = 0; + debug = false; + sPrecalcPathName = ""; + preCalcPart = 0; +} + +CChainWalkSet::~CChainWalkSet() +{ + DiscardAll(); +} + +void CChainWalkSet::DiscardAll() +{ + //printf("debug: discarding all walk...\n"); + + list::iterator it; + for (it = m_lChainWalk.begin(); it != m_lChainWalk.end(); it++) + delete [] it->pIndexE; + m_lChainWalk.clear(); +} + +string CChainWalkSet::CheckOrRotatePreCalcFile() +{ + char sPreCalcFileName[255]; + + // 255 files limit to be sure + for (; preCalcPart < 255; preCalcPart++) + { + sprintf(sPreCalcFileName, "%s.%d", sPrecalcPathName.c_str(), preCalcPart); + string sReturnPreCalcPath(sPreCalcFileName); + + long fileLen = 0; + + FILE* file = fopen(sReturnPreCalcPath.c_str(), "ab"); + if(file!=NULL) + { + fileLen = GetFileLen(file); + long unsigned int nextFileLen = fileLen + (sizeof(uint64) * (m_nRainbowChainLen-1)); + // Rotate to next file if we are going to pass 2GB filesize + if (nextFileLen < ((unsigned)2 * 1024 * 1024 * 1024)) + { + // We might want to vPrecalcFiles.push_back(sReturnPreCalcPath) if we just created this file + // We don't as only newly generated chainwalksets will be stored to this new file, so we don't have to look there + if (debug) printf("Debug: Using for precalc: %s\n", sReturnPreCalcPath.c_str()); + fclose(file); + return sReturnPreCalcPath; + } + fclose(file); + } + } + + return string(""); +} + +void CChainWalkSet::updateUsedPrecalcFiles() +{ + // we might also use this function to search a wildcard path of precalc files + vPrecalcFiles.clear(); + char sPreCalcFileName[255]; + + int i; + // 255 files max + for (i = 0; i < 255; i++) + { + sprintf(sPreCalcFileName, "%s.%d", sPrecalcPathName.c_str(), i); + string sTryPreCalcPath(sPreCalcFileName); + FILE* file = fopen(sTryPreCalcPath.c_str(), "rb"); + if(file!=NULL) { + vPrecalcFiles.push_back(sTryPreCalcPath); + fclose(file); + } + else { + break; + } + } +} + +void CChainWalkSet::removePrecalcFiles() +{ + if (debug) printf("Debug: Removing precalc files.\n"); + updateUsedPrecalcFiles(); + string sCurrentPrecalcPathName = ""; + string sCurrentPrecalcIndexPathName = ""; + + int i; + for (i = 0; i < (int)vPrecalcFiles.size(); i++) + { + sCurrentPrecalcPathName = vPrecalcFiles[i]; + sCurrentPrecalcIndexPathName = sCurrentPrecalcPathName + ".index"; + + if (debug) printf("Debug: Removing precalc file: %s\n", sCurrentPrecalcPathName.c_str()); + + if (remove(sCurrentPrecalcPathName.c_str()) != 0) + if (debug) printf("Debug: Failed removing precalc file: %s\n", sCurrentPrecalcPathName.c_str()); + + if (debug) printf("Debug: Removing precalc index file: %s\n", sCurrentPrecalcIndexPathName.c_str()); + + if (remove(sCurrentPrecalcIndexPathName.c_str()) != 0) + if (debug) printf("Debug: Failed removing precalc index file: %s\n", sCurrentPrecalcIndexPathName.c_str()); + + } +} + +bool CChainWalkSet::FindInFile(uint64* pIndexE, unsigned char* pHash, int nHashLen) +{ + int gotPrecalcOnLine = -1; + char precalculationLine[255]; + sprintf(precalculationLine, "%s_%s#%d-%d_%d_%d:%s\n", m_sHashRoutineName.c_str(), m_sPlainCharsetName.c_str(), m_nPlainLenMin, m_nPlainLenMax, m_nRainbowTableIndex, m_nRainbowChainLen, HexToStr(pHash, nHashLen).c_str() ); + string precalcString(precalculationLine); + + string sCurrentPrecalcPathName = ""; + string sCurrentPrecalcIndexPathName = ""; + long unsigned int offset; + + int i; + for (i = 0; i < (int)vPrecalcFiles.size() && gotPrecalcOnLine == -1; i++) + { + sCurrentPrecalcPathName = vPrecalcFiles[i]; + sCurrentPrecalcIndexPathName = sCurrentPrecalcPathName + ".index"; + + offset = 0; + + vector precalcLines; + if (ReadLinesFromFile(sCurrentPrecalcIndexPathName.c_str(), precalcLines)) + { + int j; + for (j = 0; j < (int)precalcLines.size(); j++) + { + if (precalcString.compare(0, precalcString.size()-1, precalcLines[j]) == 0) + { + gotPrecalcOnLine = j; + break; + } + + // Parse + vector vPart; + if (SeperateString(precalcLines[j], "___:", vPart)) + { + // add to offset + offset += ((atoi(vPart[3].c_str())-1) * sizeof(uint64)); + } + else { + // corrupt file + printf("Corrupted precalculation file!\n"); + gotPrecalcOnLine = -1; + break; + } + } + } + } + + if (gotPrecalcOnLine > -1) + { + if (debug) printf("Debug: Reading pre calculations from file, line %d offset %lu\n", gotPrecalcOnLine, offset); + + FILE* fp = fopen(sCurrentPrecalcPathName.c_str(), "rb"); + + if (fp!=NULL) { + fseek(fp, offset, SEEK_SET); + + // We should do some verification here, for example by recalculating the middle chain, to catch corrupted files + if(fread(pIndexE, sizeof(uint64), (unsigned long)m_nRainbowChainLen-1, fp) != (unsigned long)m_nRainbowChainLen-1) + printf("File read error."); + fclose(fp); + } + else + printf("Cannot open precalculation file %s.\n", sCurrentPrecalcPathName.c_str()); + + //printf("\npIndexE[0]: %s\n", uint64tostr(pIndexE[0]).c_str()); + //printf("\npIndexE[nRainbowChainLen-2]: %s\n", uint64tostr(pIndexE[m_nRainbowChainLen-2]).c_str()); + + return true; + } + + return false; +} + +void CChainWalkSet::StoreToFile(uint64* pIndexE, unsigned char* pHash, int nHashLen) +{ + if (debug) printf("\nDebug: Storing precalc\n"); + + string sCurrentPrecalcPathName = CheckOrRotatePreCalcFile(); + string sCurrentPrecalcIndexPathName = sCurrentPrecalcPathName + ".index"; + + FILE* fp = fopen(sCurrentPrecalcPathName.c_str(), "ab"); + if(fp!=NULL) + { + if(fwrite(pIndexE, sizeof(uint64), (unsigned long)m_nRainbowChainLen-1, fp) != (unsigned long)m_nRainbowChainLen-1) + printf("File write error."); + else + { + FILE* file = fopen(sCurrentPrecalcIndexPathName.c_str(), "a"); + if (file!=NULL) + { + char precalculationLine[255]; + sprintf(precalculationLine, "%s_%s#%d-%d_%d_%d:%s\n", m_sHashRoutineName.c_str(), m_sPlainCharsetName.c_str(), m_nPlainLenMin, m_nPlainLenMax, m_nRainbowTableIndex, m_nRainbowChainLen, HexToStr(pHash, nHashLen).c_str() ); + fputs (precalculationLine, file); + fclose (file); + } + } + fclose(fp); + } + else + printf("Cannot open precalculation file %s\n", sCurrentPrecalcPathName.c_str()); +} + +uint64* CChainWalkSet::RequestWalk(unsigned char* pHash, int nHashLen, + string sHashRoutineName, + string sPlainCharsetName, int nPlainLenMin, int nPlainLenMax, + int nRainbowTableIndex, + int nRainbowChainLen, + bool& fNewlyGenerated, + bool setDebug, + string sPrecalc) +{ + debug = setDebug; + sPrecalcPathName = sPrecalc; + + if ( m_sHashRoutineName != sHashRoutineName + || m_sPlainCharsetName != sPlainCharsetName + || m_nPlainLenMin != nPlainLenMin + || m_nPlainLenMax != nPlainLenMax + || m_nRainbowTableIndex != nRainbowTableIndex + || m_nRainbowChainLen != nRainbowChainLen) + { + DiscardAll(); + + m_sHashRoutineName = sHashRoutineName; + m_sPlainCharsetName = sPlainCharsetName; + m_nPlainLenMin = nPlainLenMin; + m_nPlainLenMax = nPlainLenMax; + m_nRainbowTableIndex = nRainbowTableIndex; + m_nRainbowChainLen = nRainbowChainLen; + + ChainWalk cw; + memcpy(cw.Hash, pHash, nHashLen); + cw.pIndexE = new uint64[nRainbowChainLen - 1]; + m_lChainWalk.push_back(cw); + + // Only update this list when we search through another rainbow table + updateUsedPrecalcFiles(); + + if (!FindInFile(cw.pIndexE, pHash, nHashLen)) + fNewlyGenerated = true; + else + fNewlyGenerated = false; + return cw.pIndexE; + } + + list::iterator it; + for (it = m_lChainWalk.begin(); it != m_lChainWalk.end(); it++) + { + if (memcmp(it->Hash, pHash, nHashLen) == 0) + { + fNewlyGenerated = false; + return it->pIndexE; + } + } + + ChainWalk cw; + memcpy(cw.Hash, pHash, nHashLen); + cw.pIndexE = new uint64[nRainbowChainLen - 1]; + m_lChainWalk.push_back(cw); + + if (!FindInFile(cw.pIndexE, pHash, nHashLen)) + fNewlyGenerated = true; + else + fNewlyGenerated = false; + return cw.pIndexE; +} + +void CChainWalkSet::DiscardWalk(uint64* pIndexE) +{ + list::iterator it; + for (it = m_lChainWalk.begin(); it != m_lChainWalk.end(); it++) + { + if (it->pIndexE == pIndexE) + { + delete it->pIndexE; + m_lChainWalk.erase(it); + return; + } + } + + printf("debug: pIndexE not found\n"); +} diff --git a/Client Applications/rcracki_mt/ChainWalkSet.h b/Client Applications/rcracki_mt/ChainWalkSet.h index f402dd8..7578007 100644 --- a/Client Applications/rcracki_mt/ChainWalkSet.h +++ b/Client Applications/rcracki_mt/ChainWalkSet.h @@ -1,77 +1,77 @@ -/* - * rcracki_mt is a multithreaded implementation and fork of the original - * RainbowCrack - * - * Copyright (C) Zhu Shuanglei - * Copyright Martin Westergaard Jørgensen - * Copyright 2009, 2010 Daniël Niggebrugge - * Copyright 2009, 2010 James Nobis - * - * This file is part of rcracki_mt. - * - * rcracki_mt is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 2 of the License, or - * (at your option) any later version. - * - * rcracki_mt is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with rcracki_mt. If not, see . - */ - -#ifndef _CHAINWALKSET_H -#define _CHAINWALKSET_H - -#include "Public.h" - -struct ChainWalk -{ - unsigned char Hash[MAX_HASH_LEN]; - //int nHashLen; // Implied - uint64* pIndexE; // mapStartPosIndexE, Len = nRainbowChainLen - 1 -}; - -class CChainWalkSet -{ -public: - CChainWalkSet(); - virtual ~CChainWalkSet(); - -private: - string m_sHashRoutineName; // Discard all if not match - string m_sPlainCharsetName; // Discard all if not match - int m_nPlainLenMin; // Discard all if not match - int m_nPlainLenMax; // Discard all if not match - int m_nRainbowTableIndex; // Discard all if not match - int m_nRainbowChainLen; // Discard all if not match - list m_lChainWalk; - bool debug; - string sPrecalcPathName; - int preCalcPart; - vector vPrecalcFiles; - -private: - void DiscardAll(); - bool FindInFile(uint64* pIndexE, unsigned char* pHash, int nHashLen); - string CheckOrRotatePreCalcFile(); - void updateUsedPrecalcFiles(); - -public: - uint64* RequestWalk(unsigned char* pHash, int nHashLen, - string sHashRoutineName, - string sPlainCharsetName, int nPlainLenMin, int nPlainLenMax, - int nRainbowTableIndex, - int nRainbowChainLen, - bool& fNewlyGenerated, - bool setDebug, - string sPrecalc); - void DiscardWalk(uint64* pIndexE); - void StoreToFile(uint64* pIndexE, unsigned char* pHash, int nHashLen); - void removePrecalcFiles(); -}; - -#endif +/* + * rcracki_mt is a multithreaded implementation and fork of the original + * RainbowCrack + * + * Copyright (C) Zhu Shuanglei + * Copyright Martin Westergaard Jørgensen + * Copyright 2009, 2010 Daniël Niggebrugge + * Copyright 2009, 2010 James Nobis + * + * This file is part of rcracki_mt. + * + * rcracki_mt is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 2 of the License, or + * (at your option) any later version. + * + * rcracki_mt is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with rcracki_mt. If not, see . + */ + +#ifndef _CHAINWALKSET_H +#define _CHAINWALKSET_H + +#include "Public.h" + +struct ChainWalk +{ + unsigned char Hash[MAX_HASH_LEN]; + //int nHashLen; // Implied + uint64* pIndexE; // mapStartPosIndexE, Len = nRainbowChainLen - 1 +}; + +class CChainWalkSet +{ +public: + CChainWalkSet(); + virtual ~CChainWalkSet(); + +private: + string m_sHashRoutineName; // Discard all if not match + string m_sPlainCharsetName; // Discard all if not match + int m_nPlainLenMin; // Discard all if not match + int m_nPlainLenMax; // Discard all if not match + int m_nRainbowTableIndex; // Discard all if not match + int m_nRainbowChainLen; // Discard all if not match + list m_lChainWalk; + bool debug; + string sPrecalcPathName; + int preCalcPart; + vector vPrecalcFiles; + +private: + void DiscardAll(); + bool FindInFile(uint64* pIndexE, unsigned char* pHash, int nHashLen); + string CheckOrRotatePreCalcFile(); + void updateUsedPrecalcFiles(); + +public: + uint64* RequestWalk(unsigned char* pHash, int nHashLen, + string sHashRoutineName, + string sPlainCharsetName, int nPlainLenMin, int nPlainLenMax, + int nRainbowTableIndex, + int nRainbowChainLen, + bool& fNewlyGenerated, + bool setDebug, + string sPrecalc); + void DiscardWalk(uint64* pIndexE); + void StoreToFile(uint64* pIndexE, unsigned char* pHash, int nHashLen); + void removePrecalcFiles(); +}; + +#endif diff --git a/Client Applications/rcracki_mt/ChangeLog.txt b/Client Applications/rcracki_mt/ChangeLog.txt index ecebd60..056d2ab 100644 --- a/Client Applications/rcracki_mt/ChangeLog.txt +++ b/Client Applications/rcracki_mt/ChangeLog.txt @@ -1,82 +1,87 @@ -[rcracki_mt ChangeLog] - -0.6.5.1 (25 Oct 2010, 15:50:10): -* rti2 fixes courtesy of PowerBlade - -0.6.5 (24 Oct 2010, 18:21:25): -* code changes to allow building via mingw and avoid VC++ -* linux thread priority set to nice value of 2 -* rti2 support -* replaced clock_t usage with gettimeofday -* add pre-calculation timing per feature request #3025688 from sourceforge -* fix bug #3050821 from sourceforge - missing break for non x86/x86_64 arch -* improve hash performance by moving off openssl to the local faster methods -* sha1 local implementation was *slower* than openssl for x86/x86_64 - -0.6.4 (05 Jul 2010, 03:12): -* add -m to allow users to limit memory usage - courtesy of uroskn -* fix memory code that made incorrect assumptions about the MemoryPool -* fix linux memory code - using only info.freeram is incorrect -* cleanup of the nested if/elif/else stuctures -* annotate x86 specific sections of code -* licensing review and GPLv2 compliance -* cleanup of unused items -* restructure Makefile -* cleanup memory leaks - -0.6.3 (21 Oct 2009, 21:05): -* Fixed x86_64 linux compilation -* Fixed x86_64 linux segmentation fault -* Fixed 64bit support in md4 code -* Added support for: FreeBSD, NetBSD, OpenBSD, and MacOSX - -0.6.2 (2 Jul 2009, 13:37): -* Fixed linux support (tty stuff and now actually compiles) -* Fixed precalculation code - -0.6.1 (14 May 2009, 22:12): -* bug fixed where the list of rainbow tables is doubled when you resume a session and you have default RT locations in your ini - -0.6 (14 May 2009, 20:47): -* Finding .rti files recursively -* Fixed memory allocation bugs (also trying to save appropriate amount of memory for chainwalksets... these can become really large with the new tables) -* Real pause/resume function, you can resume a session with -r -* Session support, use -s session_name. Combine this with -r to resume a session other then the default -* Ini file support, store some default values such as rainbow table directories. -* Tab separated results (stdout) -* Support pause during cracking and 'skip' during unicode correction for Linux -* A readme / 'manual' ! - -0.5 (16 Apr 2009, 22:47): -* Support for the old non-indexed .rt format, it should work with both type of tables in one run... I didn't test this feature thoroughly -* Using some other pieces of code for algorithms -* Support for .lst files from Cain as input (patch from James Dickson) - use for example -c LMNT.lst -* Fixed some bugs -* Dunno anymore, left this version lying around for too long... - -0.4 (oops, a second 0.4) (13 Dec 2008, 18:20): -* Improved file reading performance - -0.4 (27 Nov 2008, 00:09): -* Source included -* Memory usage down to about 50% (tnx sc00bz for pointing out the inefficiency, tnx jci for helping with the code) -* Works under Linux! (using pthreads now instead of Windows threads) -* Speed up: implemented MD4 reference implementation, not using OpenSSL for NTLM anymore (tnx Bitweasil for supplying 98% of the code) -* Speed up: using OpenSSL a lot faster (tnx jci for pointing that out) -* Probably some more small things i forgot - -0.3 (16 Nov 2008, 01:01): -* Improved command line argument parsing (order no longer matters) -* Option to write (temporary) output to a file, use -o pick_a_nice_filename.txt -* Option to pause, press 'P' to pause/unpause (Windows only) -* For pwdump searches: unicode correction is done when case correction fails - -0.2 (28 Oct 2008, 01:42): -* False alarm checking now also multi threaded -* Search one level of subdirectories for rainbow table files - -0.1 (27 Oct 2008, 00:14): -* Initial multithreaded version, using Windows threads. -* Using multiple threads for the pre-calculation part. -* Added a simple 'progress' message, so you can see how many hashes are being pre-calculated - +[rcracki_mt ChangeLog] + +0.6.5.2 (06 Nov 2010, 20:40:05): +* rti2 fixes part 2 +* UINT4 -> uint32 +* memory long/unsigned cleanup + +0.6.5.1 (25 Oct 2010, 15:50:10): +* rti2 fixes courtesy of PowerBlade + +0.6.5 (24 Oct 2010, 18:21:25): +* code changes to allow building via mingw and avoid VC++ +* linux thread priority set to nice value of 2 +* rti2 support +* replaced clock_t usage with gettimeofday +* add pre-calculation timing per feature request #3025688 from sourceforge +* fix bug #3050821 from sourceforge - missing break for non x86/x86_64 arch +* improve hash performance by moving off openssl to the local faster methods +* sha1 local implementation was *slower* than openssl for x86/x86_64 + +0.6.4 (05 Jul 2010, 03:12): +* add -m to allow users to limit memory usage - courtesy of uroskn +* fix memory code that made incorrect assumptions about the MemoryPool +* fix linux memory code - using only info.freeram is incorrect +* cleanup of the nested if/elif/else stuctures +* annotate x86 specific sections of code +* licensing review and GPLv2 compliance +* cleanup of unused items +* restructure Makefile +* cleanup memory leaks + +0.6.3 (21 Oct 2009, 21:05): +* Fixed x86_64 linux compilation +* Fixed x86_64 linux segmentation fault +* Fixed 64bit support in md4 code +* Added support for: FreeBSD, NetBSD, OpenBSD, and MacOSX + +0.6.2 (2 Jul 2009, 13:37): +* Fixed linux support (tty stuff and now actually compiles) +* Fixed precalculation code + +0.6.1 (14 May 2009, 22:12): +* bug fixed where the list of rainbow tables is doubled when you resume a session and you have default RT locations in your ini + +0.6 (14 May 2009, 20:47): +* Finding .rti files recursively +* Fixed memory allocation bugs (also trying to save appropriate amount of memory for chainwalksets... these can become really large with the new tables) +* Real pause/resume function, you can resume a session with -r +* Session support, use -s session_name. Combine this with -r to resume a session other then the default +* Ini file support, store some default values such as rainbow table directories. +* Tab separated results (stdout) +* Support pause during cracking and 'skip' during unicode correction for Linux +* A readme / 'manual' ! + +0.5 (16 Apr 2009, 22:47): +* Support for the old non-indexed .rt format, it should work with both type of tables in one run... I didn't test this feature thoroughly +* Using some other pieces of code for algorithms +* Support for .lst files from Cain as input (patch from James Dickson) - use for example -c LMNT.lst +* Fixed some bugs +* Dunno anymore, left this version lying around for too long... + +0.4 (oops, a second 0.4) (13 Dec 2008, 18:20): +* Improved file reading performance + +0.4 (27 Nov 2008, 00:09): +* Source included +* Memory usage down to about 50% (tnx sc00bz for pointing out the inefficiency, tnx jci for helping with the code) +* Works under Linux! (using pthreads now instead of Windows threads) +* Speed up: implemented MD4 reference implementation, not using OpenSSL for NTLM anymore (tnx Bitweasil for supplying 98% of the code) +* Speed up: using OpenSSL a lot faster (tnx jci for pointing that out) +* Probably some more small things i forgot + +0.3 (16 Nov 2008, 01:01): +* Improved command line argument parsing (order no longer matters) +* Option to write (temporary) output to a file, use -o pick_a_nice_filename.txt +* Option to pause, press 'P' to pause/unpause (Windows only) +* For pwdump searches: unicode correction is done when case correction fails + +0.2 (28 Oct 2008, 01:42): +* False alarm checking now also multi threaded +* Search one level of subdirectories for rainbow table files + +0.1 (27 Oct 2008, 00:14): +* Initial multithreaded version, using Windows threads. +* Using multiple threads for the pre-calculation part. +* Added a simple 'progress' message, so you can see how many hashes are being pre-calculated + diff --git a/Client Applications/rcracki_mt/CrackEngine.cpp b/Client Applications/rcracki_mt/CrackEngine.cpp index 0343588..8cc5305 100644 --- a/Client Applications/rcracki_mt/CrackEngine.cpp +++ b/Client Applications/rcracki_mt/CrackEngine.cpp @@ -999,6 +999,7 @@ void CCrackEngine::SearchRainbowTable(string sPathName, CHashSet& hs) FILE* file = fopen(sPathName.c_str(), "rb"); if (file != NULL) { + // XXX file type detection code needs a serious overhaul // File length check bool doOldFormat = CChainWalkContext::isOldFormat(); bool doRti2Format = CChainWalkContext::isRti2Format(); @@ -1011,7 +1012,6 @@ void CCrackEngine::SearchRainbowTable(string sPathName, CHashSet& hs) else sizeOfChain = 8; - //if (nFileLen % 8 != 0 || nRainbowChainCount * 8 != nFileLen) if ( ( (unsigned long)nFileLen % sizeOfChain != 0 || nRainbowChainCount * sizeOfChain != (unsigned long)nFileLen) && doRti2Format == false ) printf("file length mismatch\n"); else @@ -1030,10 +1030,7 @@ void CCrackEngine::SearchRainbowTable(string sPathName, CHashSet& hs) { RTI2Reader *pReader = NULL; - if(doRti2Format) { - pReader = new RTI2Reader(sPathName); - - } + if(doRti2Format) if (debug) { @@ -1045,11 +1042,11 @@ void CCrackEngine::SearchRainbowTable(string sPathName, CHashSet& hs) static CMemoryPool mp(bytesForChainWalkSet, debug, maxMem); RainbowChainO* pChain = NULL; - if(doRti2Format) { + if(doRti2Format) pChain = (RainbowChainO*)mp.Allocate(pReader->GetChainsLeft() * 16, nAllocatedSize); - } else { + else pChain = (RainbowChainO*)mp.Allocate(nFileLen, nAllocatedSize); - } + #if defined(_WIN32) && !defined(__GNUC__) if (debug) printf("Allocated %I64 bytes, filelen %ld\n", nAllocatedSize, nFileLen); #else @@ -1091,11 +1088,12 @@ void CCrackEngine::SearchRainbowTable(string sPathName, CHashSet& hs) printf("%u bytes read, disk access time: %.2f s\n", nDataRead, fTime); m_fTotalDiskAccessTime += fTime; - int nRainbowChainCountRead = nDataRead / 16; + int nRainbowChainCountRead; - if(doRti2Format) { + if(doRti2Format) nRainbowChainCountRead = nDataRead / 8; - } + else + nRainbowChainCountRead = nDataRead / 16; // Verify table chunk if (!fVerified) @@ -1241,7 +1239,6 @@ void CCrackEngine::SearchRainbowTable(string sPathName, CHashSet& hs) { nAllocatedSize = nAllocatedSize / sizeOfChain * sizeOfChain; // Round to sizeOfChain boundary - //fseek(file, 0, SEEK_SET); //bool fVerified = false; uint32 nProcessedChains = 0; while ( ftell(file) != nFileLen @@ -1373,6 +1370,7 @@ void CCrackEngine::Run(vector vPathName, CHashSet& hs, int i_maxThreads, // Reset statistics ResetStatistics(); + // XXX it's not like the STL has a sort method... // Sort vPathName (CChainWalkSet need it) uint32 i, j; for (i = 0; i < vPathName.size() - 1; i++) @@ -1435,7 +1433,7 @@ float CCrackEngine::GetStatTotalPrecalculationTime() return m_fTotalPrecalculationTime; } -int CCrackEngine::GetStatTotalChainWalkStep() +uint64 CCrackEngine::GetStatTotalChainWalkStep() { return m_nTotalChainWalkStep; } @@ -1445,7 +1443,7 @@ int CCrackEngine::GetStatTotalFalseAlarm() return m_nTotalFalseAlarm; } -int CCrackEngine::GetStatTotalChainWalkStepDueToFalseAlarm() +uint64 CCrackEngine::GetStatTotalChainWalkStepDueToFalseAlarm() { return m_nTotalChainWalkStepDueToFalseAlarm; } diff --git a/Client Applications/rcracki_mt/CrackEngine.h b/Client Applications/rcracki_mt/CrackEngine.h index 7fdf459..daaa364 100644 --- a/Client Applications/rcracki_mt/CrackEngine.h +++ b/Client Applications/rcracki_mt/CrackEngine.h @@ -1,98 +1,98 @@ -/* - * rcracki_mt is a multithreaded implementation and fork of the original - * RainbowCrack - * - * Copyright (C) Zhu Shuanglei - * Copyright Martin Westergaard Jørgensen - * Copyright 2009, 2010 Daniël Niggebrugge - * Copyright 2009, 2010 James Nobis - * Copyright 2010 uroskn - * - * This file is part of rcracki_mt. - * - * rcracki_mt is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 2 of the License, or - * (at your option) any later version. - * - * rcracki_mt is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with rcracki_mt. If not, see . - */ - -#ifndef _CRACKENGINE_H -#define _CRACKENGINE_H - -#include "Public.h" -#include "HashSet.h" -#include "ChainWalkContext.h" -#include "MemoryPool.h" -#include "ChainWalkSet.h" -#include "rcrackiThread.h" -#ifdef _WIN32 -#include -#include -#endif -#include - -class CCrackEngine -{ -public: - CCrackEngine(); - virtual ~CCrackEngine(); - -private: - CChainWalkSet m_cws; - int maxThreads; - uint64 maxMem; - bool writeOutput; - bool resumeSession; - string outputFile; - string sSessionPathName; - string sProgressPathName; - string sPrecalcPathName; - //string sPrecalcIndexPathName; - bool debug; - bool keepPrecalcFiles; - - // Statistics - float m_fTotalDiskAccessTime; - float m_fTotalCryptanalysisTime; - float m_fTotalPrecalculationTime; - int m_nTotalChainWalkStep; - int m_nTotalFalseAlarm; - int m_nTotalChainWalkStepDueToFalseAlarm; - FILE *m_fChains; - -private: - void ResetStatistics(); - RainbowChain *BinarySearch(RainbowChain *pChain, int nChainCountRead, uint64 nIndex, IndexChain *pIndex, int nIndexSize, int nIndexStart); - int BinarySearchOld(RainbowChainO* pChain, int nRainbowChainCount, uint64 nIndex); - void GetChainIndexRangeWithSameEndpoint(RainbowChainO* pChain, - int nRainbowChainCount, - int nChainIndex, - int& nChainIndexFrom, - int& nChainIndexTo); - void SearchTableChunk(RainbowChain* pChain, int nRainbowChainLen, int nRainbowChainCount, CHashSet& hs, IndexChain *pIndex, int nIndexSize, int nChainStart); - void SearchTableChunkOld(RainbowChainO* pChain, int nRainbowChainLen, int nRainbowChainCount, CHashSet& hs); - //bool CheckAlarm(RainbowChain* pChain, int nGuessedPos, unsigned char* pHash, CHashSet& hs); - //bool CheckAlarmOld(RainbowChainO* pChain, int nGuessedPos, unsigned char* pHash, CHashSet& hs); - -public: - void SearchRainbowTable(string sPathName, CHashSet& hs); - void Run(vector vPathName, CHashSet& hs, int i_maxThreads, uint64 i_maxMem, bool resume, bool bDebug); - float GetStatTotalDiskAccessTime(); - float GetStatTotalCryptanalysisTime(); - float GetStatTotalPrecalculationTime(); - int GetStatTotalChainWalkStep(); - int GetStatTotalFalseAlarm(); - int GetStatTotalChainWalkStepDueToFalseAlarm(); - void setOutputFile(string sPathName); - void setSession(string sSessionPathName, string sProgressPathName, string sPrecalcPathName, bool keepPrecalc); -}; - -#endif +/* + * rcracki_mt is a multithreaded implementation and fork of the original + * RainbowCrack + * + * Copyright (C) Zhu Shuanglei + * Copyright Martin Westergaard Jørgensen + * Copyright 2009, 2010 Daniël Niggebrugge + * Copyright 2009, 2010 James Nobis + * Copyright 2010 uroskn + * + * This file is part of rcracki_mt. + * + * rcracki_mt is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 2 of the License, or + * (at your option) any later version. + * + * rcracki_mt is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with rcracki_mt. If not, see . + */ + +#ifndef _CRACKENGINE_H +#define _CRACKENGINE_H + +#include "Public.h" +#include "HashSet.h" +#include "ChainWalkContext.h" +#include "MemoryPool.h" +#include "ChainWalkSet.h" +#include "rcrackiThread.h" +#ifdef _WIN32 +#include +#include +#endif +#include + +class CCrackEngine +{ +public: + CCrackEngine(); + virtual ~CCrackEngine(); + +private: + CChainWalkSet m_cws; + int maxThreads; + uint64 maxMem; + bool writeOutput; + bool resumeSession; + string outputFile; + string sSessionPathName; + string sProgressPathName; + string sPrecalcPathName; + //string sPrecalcIndexPathName; + bool debug; + bool keepPrecalcFiles; + + // Statistics + float m_fTotalDiskAccessTime; + float m_fTotalCryptanalysisTime; + float m_fTotalPrecalculationTime; + uint64 m_nTotalChainWalkStep; + int m_nTotalFalseAlarm; + uint64 m_nTotalChainWalkStepDueToFalseAlarm; + FILE *m_fChains; + +private: + void ResetStatistics(); + RainbowChain *BinarySearch(RainbowChain *pChain, int nChainCountRead, uint64 nIndex, IndexChain *pIndex, int nIndexSize, int nIndexStart); + int BinarySearchOld(RainbowChainO* pChain, int nRainbowChainCount, uint64 nIndex); + void GetChainIndexRangeWithSameEndpoint(RainbowChainO* pChain, + int nRainbowChainCount, + int nChainIndex, + int& nChainIndexFrom, + int& nChainIndexTo); + void SearchTableChunk(RainbowChain* pChain, int nRainbowChainLen, int nRainbowChainCount, CHashSet& hs, IndexChain *pIndex, int nIndexSize, int nChainStart); + void SearchTableChunkOld(RainbowChainO* pChain, int nRainbowChainLen, int nRainbowChainCount, CHashSet& hs); + //bool CheckAlarm(RainbowChain* pChain, int nGuessedPos, unsigned char* pHash, CHashSet& hs); + //bool CheckAlarmOld(RainbowChainO* pChain, int nGuessedPos, unsigned char* pHash, CHashSet& hs); + +public: + void SearchRainbowTable(string sPathName, CHashSet& hs); + void Run(vector vPathName, CHashSet& hs, int i_maxThreads, uint64 i_maxMem, bool resume, bool bDebug); + float GetStatTotalDiskAccessTime(); + float GetStatTotalCryptanalysisTime(); + float GetStatTotalPrecalculationTime(); + uint64 GetStatTotalChainWalkStep(); + int GetStatTotalFalseAlarm(); + uint64 GetStatTotalChainWalkStepDueToFalseAlarm(); + void setOutputFile(string sPathName); + void setSession(string sSessionPathName, string sProgressPathName, string sPrecalcPathName, bool keepPrecalc); +}; + +#endif diff --git a/Client Applications/rcracki_mt/HashAlgorithm.h b/Client Applications/rcracki_mt/HashAlgorithm.h index 401784f..a6b77b5 100644 --- a/Client Applications/rcracki_mt/HashAlgorithm.h +++ b/Client Applications/rcracki_mt/HashAlgorithm.h @@ -1,64 +1,64 @@ -/* - * rcracki_mt is a multithreaded implementation and fork of the original - * RainbowCrack - * - * Copyright (C) Zhu Shuanglei - * Copyright Martin Westergaard Jørgensen - * Copyright 2009, 2010 Daniël Niggebrugge - * Copyright 2009, 2010 James Nobis - * - * This file is part of rcracki_mt. - * - * rcracki_mt is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 2 of the License, or - * (at your option) any later version. - * - * rcracki_mt is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with rcracki_mt. If not, see . - */ - -#ifndef _HASHALGORITHM_H -#define _HASHALGORITHM_H - -void HashLM(unsigned char* pPlain, int nPlainLen, unsigned char* pHash); -void HashNTLM(unsigned char* pPlain, int nPlainLen, unsigned char* pHash); -//void HashMD2(unsigned char* pPlain, int nPlainLen, unsigned char* pHash); -void HashMD4(unsigned char* pPlain, int nPlainLen, unsigned char* pHash); -void HashMD5(unsigned char* pPlain, int nPlainLen, unsigned char* pHash); -void HashDoubleMD5(unsigned char* pPlain, int nPlainLen, unsigned char* pHash); -void HashSHA1(unsigned char* pPlain, int nPlainLen, unsigned char* pHash); -//void HashRIPEMD160(unsigned char* pPlain, int nPlainLen, unsigned char* pHash); -void HashMSCACHE(unsigned char *pPlain, int nPlainLen, unsigned char* pHash); - -//**************************************************************************** -// MySQL Password Hashing -//**************************************************************************** - -void HashMySQL323(unsigned char* pPlain, int nPlainLen, unsigned char* pHash); -void HashMySQLSHA1(unsigned char* pPlain, int nPlainLen, unsigned char* pHash); - -//**************************************************************************** -// Cisco PIX Password Hashing -//**************************************************************************** - -void HashPIX(unsigned char* pPlain, int nPlainLen, unsigned char* pHash); - -//**************************************************************************** -// (HALF) LM CHALL hashing -void HashLMCHALL(unsigned char* pPlain, int nPlainLen, unsigned char* pHash); -void HashHALFLMCHALL(unsigned char* pPlain, int nPlainLen, unsigned char* pHash); - -// From mao -void HashNTLMCHALL(unsigned char* pPlain, int nPlainLen, unsigned char* pHash); -void HashORACLE(unsigned char* pPlain, int nPlainLen, unsigned char* pHash); - -#if !defined(_WIN32) || defined(__GNUC__) -char *strupr(char *s1); -#endif -#endif +/* + * rcracki_mt is a multithreaded implementation and fork of the original + * RainbowCrack + * + * Copyright (C) Zhu Shuanglei + * Copyright Martin Westergaard Jørgensen + * Copyright 2009, 2010 Daniël Niggebrugge + * Copyright 2009, 2010 James Nobis + * + * This file is part of rcracki_mt. + * + * rcracki_mt is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 2 of the License, or + * (at your option) any later version. + * + * rcracki_mt is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with rcracki_mt. If not, see . + */ + +#ifndef _HASHALGORITHM_H +#define _HASHALGORITHM_H + +void HashLM(unsigned char* pPlain, int nPlainLen, unsigned char* pHash); +void HashNTLM(unsigned char* pPlain, int nPlainLen, unsigned char* pHash); +//void HashMD2(unsigned char* pPlain, int nPlainLen, unsigned char* pHash); +void HashMD4(unsigned char* pPlain, int nPlainLen, unsigned char* pHash); +void HashMD5(unsigned char* pPlain, int nPlainLen, unsigned char* pHash); +void HashDoubleMD5(unsigned char* pPlain, int nPlainLen, unsigned char* pHash); +void HashSHA1(unsigned char* pPlain, int nPlainLen, unsigned char* pHash); +//void HashRIPEMD160(unsigned char* pPlain, int nPlainLen, unsigned char* pHash); +void HashMSCACHE(unsigned char *pPlain, int nPlainLen, unsigned char* pHash); + +//**************************************************************************** +// MySQL Password Hashing +//**************************************************************************** + +void HashMySQL323(unsigned char* pPlain, int nPlainLen, unsigned char* pHash); +void HashMySQLSHA1(unsigned char* pPlain, int nPlainLen, unsigned char* pHash); + +//**************************************************************************** +// Cisco PIX Password Hashing +//**************************************************************************** + +void HashPIX(unsigned char* pPlain, int nPlainLen, unsigned char* pHash); + +//**************************************************************************** +// (HALF) LM CHALL hashing +void HashLMCHALL(unsigned char* pPlain, int nPlainLen, unsigned char* pHash); +void HashHALFLMCHALL(unsigned char* pPlain, int nPlainLen, unsigned char* pHash); + +// From mao +void HashNTLMCHALL(unsigned char* pPlain, int nPlainLen, unsigned char* pHash); +void HashORACLE(unsigned char* pPlain, int nPlainLen, unsigned char* pHash); + +#if !defined(_WIN32) || defined(__GNUC__) +char *strupr(char *s1); +#endif +#endif diff --git a/Client Applications/rcracki_mt/HashRoutine.h b/Client Applications/rcracki_mt/HashRoutine.h index eaa10ce..2d53125 100644 --- a/Client Applications/rcracki_mt/HashRoutine.h +++ b/Client Applications/rcracki_mt/HashRoutine.h @@ -1,55 +1,55 @@ -/* - * rcracki_mt is a multithreaded implementation and fork of the original - * RainbowCrack - * - * Copyright (C) Zhu Shuanglei - * Copyright Martin Westergaard Jørgensen - * Copyright 2009, 2010 Daniël Niggebrugge - * Copyright 2009, 2010 James Nobis - * - * This file is part of rcracki_mt. - * - * rcracki_mt is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 2 of the License, or - * (at your option) any later version. - * - * rcracki_mt is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with rcracki_mt. If not, see . - */ - -#ifndef _HASHROUTINE_H -#define _HASHROUTINE_H - -#include -#include - -#include "global.h" - -using namespace std; - -typedef void (*HASHROUTINE)(unsigned char* pPlain, int nPlainLen, unsigned char* pHash); - -class CHashRoutine -{ -public: - CHashRoutine(); - virtual ~CHashRoutine(); - -private: - vector vHashRoutineName; - vector vHashRoutine; - vector vHashLen; - void AddHashRoutine(string sHashRoutineName, HASHROUTINE pHashRoutine, int nHashLen); - -public: - string GetAllHashRoutineName(); - void GetHashRoutine(string sHashRoutineName, HASHROUTINE& pHashRoutine, int& nHashLen); -}; - -#endif +/* + * rcracki_mt is a multithreaded implementation and fork of the original + * RainbowCrack + * + * Copyright (C) Zhu Shuanglei + * Copyright Martin Westergaard Jørgensen + * Copyright 2009, 2010 Daniël Niggebrugge + * Copyright 2009, 2010 James Nobis + * + * This file is part of rcracki_mt. + * + * rcracki_mt is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 2 of the License, or + * (at your option) any later version. + * + * rcracki_mt is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with rcracki_mt. If not, see . + */ + +#ifndef _HASHROUTINE_H +#define _HASHROUTINE_H + +#include +#include + +#include "global.h" + +using namespace std; + +typedef void (*HASHROUTINE)(unsigned char* pPlain, int nPlainLen, unsigned char* pHash); + +class CHashRoutine +{ +public: + CHashRoutine(); + virtual ~CHashRoutine(); + +private: + vector vHashRoutineName; + vector vHashRoutine; + vector vHashLen; + void AddHashRoutine(string sHashRoutineName, HASHROUTINE pHashRoutine, int nHashLen); + +public: + string GetAllHashRoutineName(); + void GetHashRoutine(string sHashRoutineName, HASHROUTINE& pHashRoutine, int& nHashLen); +}; + +#endif diff --git a/Client Applications/rcracki_mt/HashSet.h b/Client Applications/rcracki_mt/HashSet.h index f7f37b2..d3f410a 100644 --- a/Client Applications/rcracki_mt/HashSet.h +++ b/Client Applications/rcracki_mt/HashSet.h @@ -1,59 +1,59 @@ -/* - * rcracki_mt is a multithreaded implementation and fork of the original - * RainbowCrack - * - * Copyright (C) Zhu Shuanglei - * Copyright Martin Westergaard Jørgensen - * Copyright 2009, 2010 Daniël Niggebrugge - * Copyright 2009, 2010 James Nobis - * - * This file is part of rcracki_mt. - * - * rcracki_mt is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 2 of the License, or - * (at your option) any later version. - * - * rcracki_mt is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with rcracki_mt. If not, see . - */ - -#ifndef _HASHSET_H -#define _HASHSET_H - -#include "Public.h" - -class CHashSet -{ -public: - CHashSet(); - virtual ~CHashSet(); - -private: - vector m_vHash; - vector m_vFound; - vector m_vPlain; - vector m_vBinary; - -public: - void AddHash(string sHash); // lowercase, len % 2 == 0, MIN_HASH_LEN * 2 <= len <= MAX_HASH_LEN * 2 - bool AnyhashLeft(); - bool AnyHashLeftWithLen(int nLen); - void GetLeftHashWithLen(vector& vHash, int nLen); - - void SetPlain(string sHash, string sPlain, string sBinary); - bool GetPlain(string sHash, string& sPlain, string& sBinary); - - int GetStatHashFound(); - int GetStatHashTotal(); - - string GetHashInfo(int i); - void AddHashInfo(string sHash, bool found, string sPlain, string sBinary); -}; - -#endif +/* + * rcracki_mt is a multithreaded implementation and fork of the original + * RainbowCrack + * + * Copyright (C) Zhu Shuanglei + * Copyright Martin Westergaard Jørgensen + * Copyright 2009, 2010 Daniël Niggebrugge + * Copyright 2009, 2010 James Nobis + * + * This file is part of rcracki_mt. + * + * rcracki_mt is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 2 of the License, or + * (at your option) any later version. + * + * rcracki_mt is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with rcracki_mt. If not, see . + */ + +#ifndef _HASHSET_H +#define _HASHSET_H + +#include "Public.h" + +class CHashSet +{ +public: + CHashSet(); + virtual ~CHashSet(); + +private: + vector m_vHash; + vector m_vFound; + vector m_vPlain; + vector m_vBinary; + +public: + void AddHash(string sHash); // lowercase, len % 2 == 0, MIN_HASH_LEN * 2 <= len <= MAX_HASH_LEN * 2 + bool AnyhashLeft(); + bool AnyHashLeftWithLen(int nLen); + void GetLeftHashWithLen(vector& vHash, int nLen); + + void SetPlain(string sHash, string sPlain, string sBinary); + bool GetPlain(string sHash, string& sPlain, string& sBinary); + + int GetStatHashFound(); + int GetStatHashTotal(); + + string GetHashInfo(int i); + void AddHashInfo(string sHash, bool found, string sPlain, string sBinary); +}; + +#endif diff --git a/Client Applications/rcracki_mt/Public.h b/Client Applications/rcracki_mt/Public.h index d359371..f5fc32c 100644 --- a/Client Applications/rcracki_mt/Public.h +++ b/Client Applications/rcracki_mt/Public.h @@ -109,6 +109,7 @@ void tty_done(); void tty_init(); void tty_flush(void); // end nmap code + #endif #if defined(_WIN32) && !defined(__GNUC__) diff --git a/Client Applications/rcracki_mt/README.txt b/Client Applications/rcracki_mt/README.txt index 875cf56..3719dd6 100644 --- a/Client Applications/rcracki_mt/README.txt +++ b/Client Applications/rcracki_mt/README.txt @@ -1,171 +1,171 @@ -[rcracki_mt README] - -USAGE -================ -example: rcracki_mt -h 5d41402abc4b2a76b9719d911017c592 -t 4 -o save.txt C:\md5 - -Start rcracki_mt without any arguments to view usage information in short. This README describes the various -options in more detail. Many options can be set to a default value by editing rcracki_mt.ini. Command line -arguments get priority over settings in the ini file. - -INPUT ----------------- -rcracki_mt takes one hash on the command line (using -h) or an input file containing the hashes. rcracki_mt supports -three formats for the input file. Use one of the following options to specify the format followed by the filename: - --l: specify a list of hashes (one hash per line) --f: specify a pwdump file --c: specify a .lst file (format in which Cain stores hashes and results) - -SELECTING RAINBOW TABLES ----------------- -Any command line argument that is not an option will be interpreted as a directory to search for rainbow tables, -multiple directories can be specified. rcracki_mt recursively scans all specified directories for *.rti (indexed) -and *.rt (old/original) files. You can use .rt & .rti files at once, but this hasn't been tested thoroughly. - -You can set default locations to search for rainbow tables in rcracki_mt.ini. You need to use these in combination -with the command line argument -a [algorithm]. See the comments in the ini file for examples. - -SESSIONS & RESUMING ----------------- -Rcracki_mt has session support, which means that it stores its progress. This allows you to interrupt the session -and resume later on. This also allows sessions that stopped because of a crash (application or even system) to -resume. To use this feature, start rcracki_mt with all the options you'd like, then specify a session name with: - --s session_name: specify a session name - -Now during cracking, all your valuable precalculations are stored to disk, as well as progress (which files have -been checked) and cracked hashes. If you decide to interrupt the session (using CTRL+C), you can resume it using -the -r option. For example: - -rcracki_mt -r -s my_personal_hashes - -While resuming rcracki_mt you can/have to specify the less important options again, like number of threads and -showing debug information. Usually you will have these settings set to a default value in the .ini file anyway. -Session are deleted after the run is completed. You can choose to keep the precalculation work on disk, for example -if you want to reuse your session later on. Use the '-k' option to enable this feature. - -Rcracki_mt has a default session which gets overwritten every time you start a new job without specifying a session -name. It might be interesting to always keep precalculation work by enabling this feature in rcracki_mt.ini. But -pay attention, these precalculations can become quite large on disk. Currently there is a maximum of around 500 GB -of storage for these precalculations. You can always decide to manually remove the .precalc and .precalc.index -files from disk. Always remove both at the same time, you will screw up your results if you don't. A possible -'todo' for development is to do some verification before using stored precalculations. - -OPTIONAL ----------------- --t: Number of threads to use (for precalculation and false alarm checking) -Note: In Windows the crack threads run with lower priority. - --o: specify an output file to store found hashes in a colon (:) separated format. - Hashes are saved immediately when found. Especially useful if you have a large list of hashes. - --v: Show more information during cracking, for debugging purposes. Please use this flag if you want to show -output and report a bug. - - -EXTRA FEATURES ----------------- -You can pause a running rcracki_mt by using 'P'. It might not pause right away, it actually pauses after doing -precalculation or false alarm checking for one hash. Resume by pressing 'P' again. This pause option is different -from the session/resume feature, as this just pauses a running job, you don't stop rcracki_mt this way. - -If you are trying to crack a pwdump or Cain (.lst) file, containing both LM and NTLM hashes, rcracki_mt will try -and crack the LM hashes. The result will be an uppercase password, which rcracki_mt will then try to correct with -the right casing, using the NTLM hashes. If this fails it will try and perform Unicode correction, using a built-in -mapping. If you happen to have an LM hash coupled with the wrong NTLM hash, this attempt to perform Unicode -correction might take 'forever'. You can press 'S' to skip this step for the current hash. - - -HISTORY AND AUTHORS -================ -rcracki_mt originally started as a modification of a modification (rcracki) of the original RainbowCrack (rcrack). -These programs are all used to perform a rainbow table attack on password hashes, implementing Philippe Oechslin's -faster time-memory trade-off technique. - -Original rcrack code was written by Zhu Shuanglei . - -Martin Westergaard Jørgensen wrote rcracki (improved) to support the rainbow tables -generated by the distributed project www.freerainbowtables.com. These tables are perfected and indexed, making them -faster and smaller. Rcracki also supported hybrid tables. - -Daniël Niggebrugge further enhanced this version and made it multi threaded, creating rcracki_mt. More -features were added over time, making it less of an unofficial version with every release. - -James Nobis - improved *nix compatibility and 64-bit compatability and -continues work on the project. - - -SUPPORTED HASH ALGORITHMS -================ -Hash types supported by rcracki_mt are: LM, NTLM, MD2, MD4, MD5, DoubleMD5, SHA1, RIPEMD160, MSCACHE, MySQL323, -MySQLSHA1, PIX, LMCHALL, HALFLMCHALL, NTLMCHALL, ORACLE - -Actual indexed&perfected tables that were generated by the Free Rainbow Tables project: LM, MD5, NTL, FASTLM, -HALFLMCHALL, SHA1 - - -SUPPORTED PLATFORMS -================ -Rcracki_mt is released both as win32 binary and as source package. Rcracki_mt should work on any Microsoft Windows system, but is only tested on a 32 bit Windows XP. - -The source should work on Linux distributions. It has been tested on: -32-bit Ubuntu -32-bit Debian GNU/Linux -64-bit Debian GNU/Linux - -The source should also work on other platforms and has been tested on: -32-bit MacOSX - -32-bit FreeBSD -64-bit FreeBSD -32-bit NetBSD -32-bit OpenBSD - you must install and use eg++ from ports -64-bit OpenBSD - -Only compilation has been tested on: -64-bit MacOSX - -Please note that to compile under the BSDs you must use gmake. - -OpenBSD threading is a work in progress. - -'OPTIONAL' TODO -================ -- verification of an endpoint when restoring a chainwalkset from disk. -- read multiple chainwalksets from disk at once to try and speed up this process. -- read next table (part) from disk while doing cryptanalysis - - -LINKS -================ -rcracki_mt @ SourceForge: https://sourceforge.net/projects/rcracki/ -Original rcrack: http://www.antsight.com/zsl/rainbowcrack/ -Free Rainbow Tables: http://www.freerainbowtables.com/ -My personal blog: http://blog.distracted.nl/ -Download free rainbow tables: http://tbhost.eu/ -Download free rainbow tables (mirror): http://freerainbowtables.mirror.garr.it/mirrors/freerainbowtables/ - - -THANKS -================ -the_drag0n Writing part of this README - Patch to support Cain .lst files -Joao Inacio Supplying some faster algorithm implementations - - -FAQ -================ -Q: Why do I get this message all the time? "this table contains hashes with length 8 only" -A: You are probably trying to crack LM hashes. You have to split up the hash in 2 parts of 16 hex characters each. - -Q: rcracki_mt is so slow when I'm cracking 5000 hashes, why is that? -A: Rainbow table attacks are only useful for a certain amount of hashes, mainly because of the precalculations that -are needed for every hash you are cracking. At a certain point it is faster to brute force the same key space then -to try and use rainbow tables. Especially if you use a GPU enabled brute forcer, this limit might be reached very -soon. Play around with these to find you limits. - -Q: How can I speed up rcracki_mt? -A: This depends on quite some factors. If your jobs usually comprise of disk access time, you can try and speed up -your storage. For example by using RAID and/or by using solid state disks. If you are trying to crack many hashes -at the same time, you might be better off with buying a faster CPU. +[rcracki_mt README] + +USAGE +================ +example: rcracki_mt -h 5d41402abc4b2a76b9719d911017c592 -t 4 -o save.txt C:\md5 + +Start rcracki_mt without any arguments to view usage information in short. This README describes the various +options in more detail. Many options can be set to a default value by editing rcracki_mt.ini. Command line +arguments get priority over settings in the ini file. + +INPUT +---------------- +rcracki_mt takes one hash on the command line (using -h) or an input file containing the hashes. rcracki_mt supports +three formats for the input file. Use one of the following options to specify the format followed by the filename: + +-l: specify a list of hashes (one hash per line) +-f: specify a pwdump file +-c: specify a .lst file (format in which Cain stores hashes and results) + +SELECTING RAINBOW TABLES +---------------- +Any command line argument that is not an option will be interpreted as a directory to search for rainbow tables, +multiple directories can be specified. rcracki_mt recursively scans all specified directories for *.rti (indexed) +and *.rt (old/original) files. You can use .rt & .rti files at once, but this hasn't been tested thoroughly. + +You can set default locations to search for rainbow tables in rcracki_mt.ini. You need to use these in combination +with the command line argument -a [algorithm]. See the comments in the ini file for examples. + +SESSIONS & RESUMING +---------------- +Rcracki_mt has session support, which means that it stores its progress. This allows you to interrupt the session +and resume later on. This also allows sessions that stopped because of a crash (application or even system) to +resume. To use this feature, start rcracki_mt with all the options you'd like, then specify a session name with: + +-s session_name: specify a session name + +Now during cracking, all your valuable precalculations are stored to disk, as well as progress (which files have +been checked) and cracked hashes. If you decide to interrupt the session (using CTRL+C), you can resume it using +the -r option. For example: + +rcracki_mt -r -s my_personal_hashes + +While resuming rcracki_mt you can/have to specify the less important options again, like number of threads and +showing debug information. Usually you will have these settings set to a default value in the .ini file anyway. +Session are deleted after the run is completed. You can choose to keep the precalculation work on disk, for example +if you want to reuse your session later on. Use the '-k' option to enable this feature. + +Rcracki_mt has a default session which gets overwritten every time you start a new job without specifying a session +name. It might be interesting to always keep precalculation work by enabling this feature in rcracki_mt.ini. But +pay attention, these precalculations can become quite large on disk. Currently there is a maximum of around 500 GB +of storage for these precalculations. You can always decide to manually remove the .precalc and .precalc.index +files from disk. Always remove both at the same time, you will screw up your results if you don't. A possible +'todo' for development is to do some verification before using stored precalculations. + +OPTIONAL +---------------- +-t: Number of threads to use (for precalculation and false alarm checking) +Note: In Windows the crack threads run with lower priority. + +-o: specify an output file to store found hashes in a colon (:) separated format. + Hashes are saved immediately when found. Especially useful if you have a large list of hashes. + +-v: Show more information during cracking, for debugging purposes. Please use this flag if you want to show +output and report a bug. + + +EXTRA FEATURES +---------------- +You can pause a running rcracki_mt by using 'P'. It might not pause right away, it actually pauses after doing +precalculation or false alarm checking for one hash. Resume by pressing 'P' again. This pause option is different +from the session/resume feature, as this just pauses a running job, you don't stop rcracki_mt this way. + +If you are trying to crack a pwdump or Cain (.lst) file, containing both LM and NTLM hashes, rcracki_mt will try +and crack the LM hashes. The result will be an uppercase password, which rcracki_mt will then try to correct with +the right casing, using the NTLM hashes. If this fails it will try and perform Unicode correction, using a built-in +mapping. If you happen to have an LM hash coupled with the wrong NTLM hash, this attempt to perform Unicode +correction might take 'forever'. You can press 'S' to skip this step for the current hash. + + +HISTORY AND AUTHORS +================ +rcracki_mt originally started as a modification of a modification (rcracki) of the original RainbowCrack (rcrack). +These programs are all used to perform a rainbow table attack on password hashes, implementing Philippe Oechslin's +faster time-memory trade-off technique. + +Original rcrack code was written by Zhu Shuanglei . + +Martin Westergaard Jørgensen wrote rcracki (improved) to support the rainbow tables +generated by the distributed project www.freerainbowtables.com. These tables are perfected and indexed, making them +faster and smaller. Rcracki also supported hybrid tables. + +Daniël Niggebrugge further enhanced this version and made it multi threaded, creating rcracki_mt. More +features were added over time, making it less of an unofficial version with every release. + +James Nobis - improved *nix compatibility and 64-bit compatability and +continues work on the project. + + +SUPPORTED HASH ALGORITHMS +================ +Hash types supported by rcracki_mt are: LM, NTLM, MD2, MD4, MD5, DoubleMD5, SHA1, RIPEMD160, MSCACHE, MySQL323, +MySQLSHA1, PIX, LMCHALL, HALFLMCHALL, NTLMCHALL, ORACLE + +Actual indexed&perfected tables that were generated by the Free Rainbow Tables project: LM, MD5, NTL, FASTLM, +HALFLMCHALL, SHA1 + + +SUPPORTED PLATFORMS +================ +Rcracki_mt is released both as win32 binary and as source package. Rcracki_mt should work on any Microsoft Windows system, but is only tested on a 32 bit Windows XP. + +The source should work on Linux distributions. It has been tested on: +32-bit Ubuntu +32-bit Debian GNU/Linux +64-bit Debian GNU/Linux + +The source should also work on other platforms and has been tested on: +32-bit MacOSX + +32-bit FreeBSD +64-bit FreeBSD +32-bit NetBSD +32-bit OpenBSD - you must install and use eg++ from ports +64-bit OpenBSD + +Only compilation has been tested on: +64-bit MacOSX + +Please note that to compile under the BSDs you must use gmake. + +OpenBSD threading is a work in progress. + +'OPTIONAL' TODO +================ +- verification of an endpoint when restoring a chainwalkset from disk. +- read multiple chainwalksets from disk at once to try and speed up this process. +- read next table (part) from disk while doing cryptanalysis + + +LINKS +================ +rcracki_mt @ SourceForge: https://sourceforge.net/projects/rcracki/ +Original rcrack: http://www.antsight.com/zsl/rainbowcrack/ +Free Rainbow Tables: http://www.freerainbowtables.com/ +My personal blog: http://blog.distracted.nl/ +Download free rainbow tables: http://tbhost.eu/ +Download free rainbow tables (mirror): http://freerainbowtables.mirror.garr.it/mirrors/freerainbowtables/ + + +THANKS +================ +the_drag0n Writing part of this README + Patch to support Cain .lst files +Joao Inacio Supplying some faster algorithm implementations + + +FAQ +================ +Q: Why do I get this message all the time? "this table contains hashes with length 8 only" +A: You are probably trying to crack LM hashes. You have to split up the hash in 2 parts of 16 hex characters each. + +Q: rcracki_mt is so slow when I'm cracking 5000 hashes, why is that? +A: Rainbow table attacks are only useful for a certain amount of hashes, mainly because of the precalculations that +are needed for every hash you are cracking. At a certain point it is faster to brute force the same key space then +to try and use rainbow tables. Especially if you use a GPU enabled brute forcer, this limit might be reached very +soon. Play around with these to find you limits. + +Q: How can I speed up rcracki_mt? +A: This depends on quite some factors. If your jobs usually comprise of disk access time, you can try and speed up +your storage. For example by using RAID and/or by using solid state disks. If you are trying to crack many hashes +at the same time, you might be better off with buying a faster CPU. diff --git a/Client Applications/rcracki_mt/RTI2Reader.cpp b/Client Applications/rcracki_mt/RTI2Reader.cpp index b1d5f96..62b96d7 100644 --- a/Client Applications/rcracki_mt/RTI2Reader.cpp +++ b/Client Applications/rcracki_mt/RTI2Reader.cpp @@ -85,7 +85,7 @@ RTI2Reader::~RTI2Reader(void) } -unsigned int RTI2Reader::GetChainsLeft() +uint32 RTI2Reader::GetChainsLeft() { long len = GetFileLen(m_pFile); return len / m_chainsizebytes - m_chainPosition; @@ -105,6 +105,7 @@ int RTI2Reader::ReadChains(unsigned int &numChains, RainbowChainO *pData) while(true) // Fast forward to current position { + /// XXX // ALERT: Possible problem here if m_indexrowsizebytes > 1 as pNumChains is a unsigned char. unsigned int NumChainsInRow = (unsigned int)*(pNumChains + indexRow * m_indexrowsizebytes); if(m_indexrowsizebytes > 1) diff --git a/Client Applications/rcracki_mt/RTI2Reader.h b/Client Applications/rcracki_mt/RTI2Reader.h index e0f5ed4..0d8823c 100644 --- a/Client Applications/rcracki_mt/RTI2Reader.h +++ b/Client Applications/rcracki_mt/RTI2Reader.h @@ -60,7 +60,7 @@ public: RTI2Reader(string Filename); ~RTI2Reader(void); int ReadChains(uint32 &numChains, RainbowChainO *pData); - unsigned int GetChainsLeft(); + uint32 GetChainsLeft(); static RTI2Header *GetHeader() { return m_pHeader; } }; diff --git a/Client Applications/rcracki_mt/RainbowCrack.cpp b/Client Applications/rcracki_mt/RainbowCrack.cpp index 8120354..77f333c 100644 --- a/Client Applications/rcracki_mt/RainbowCrack.cpp +++ b/Client Applications/rcracki_mt/RainbowCrack.cpp @@ -720,10 +720,9 @@ int main(int argc, char* argv[]) } } } - - // (Over)write session data if we are not resuming - if (!resumeSession) + else { + // (Over)write session data if we are not resuming FILE* file = fopen(sSessionPathName.c_str(), "w"); string buffer = ""; @@ -775,9 +774,11 @@ int main(int argc, char* argv[]) printf("total disk access time: %.2f s\n", ce.GetStatTotalDiskAccessTime()); printf("total cryptanalysis time: %.2f s\n", ce.GetStatTotalCryptanalysisTime()); printf("total pre-calculation time: %.2f s\n", ce.GetStatTotalPrecalculationTime()); - printf("total chain walk step: %d\n", ce.GetStatTotalChainWalkStep()); +// printf("total chain walk step: %d\n", ce.GetStatTotalChainWalkStep()); + printf("total chain walk step: %llu\n", ce.GetStatTotalChainWalkStep()); printf("total false alarm: %d\n", ce.GetStatTotalFalseAlarm()); - printf("total chain walk step due to false alarm: %d\n", ce.GetStatTotalChainWalkStepDueToFalseAlarm()); +// printf("total chain walk step due to false alarm: %d\n", ce.GetStatTotalChainWalkStepDueToFalseAlarm()); + printf("total chain walk step due to false alarm: %llu\n", ce.GetStatTotalChainWalkStepDueToFalseAlarm()); // printf("total chain walk step skipped due to checkpoints: %d\n", ce.GetStatTotalFalseAlarmSkipped()); // Checkpoints not used - yet printf("\n"); diff --git a/Client Applications/rcracki_mt/TODO b/Client Applications/rcracki_mt/TODO index ad8273c..9e1f1ed 100644 --- a/Client Applications/rcracki_mt/TODO +++ b/Client Applications/rcracki_mt/TODO @@ -1,3 +1,4 @@ +* make use of prefix index for searching tables - decrease i/o * testing/benchmarking suite * remove openssl dependencies HashAlgorithm.cpp diff --git a/Client Applications/rcracki_mt/lm2ntlm.h b/Client Applications/rcracki_mt/lm2ntlm.h index 3a44334..6a423f5 100644 --- a/Client Applications/rcracki_mt/lm2ntlm.h +++ b/Client Applications/rcracki_mt/lm2ntlm.h @@ -1,80 +1,80 @@ -/* - * rcracki_mt is a multithreaded implementation and fork of the original - * RainbowCrack - * - * Copyright 2009, 2010 Daniël Niggebrugge - * Copyright 2009, 2010 James Nobis - * - * This file is part of rcracki_mt. - * - * rcracki_mt is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 2 of the License, or - * (at your option) any later version. - * - * rcracki_mt is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with rcracki_mt. If not, see . - */ - -#include -#include -#include -#ifdef _WIN32 - #include -#endif -//#include "openssl/md4.h" -#include -#include "signal.h" -#include "Public.h" -#include "md4.h" - -using namespace std; - -class LM2NTLMcorrector -{ -public: - LM2NTLMcorrector(); - -private: - map > m_mapChar; - uint64 progressCurrentCombination; - uint64 totalCurrentCombination; - uint64 counterOverall; - unsigned char NTLMHash[16]; - clock_t startClock; - int countCombinations; - int countTotalCombinations; - int counter; - clock_t previousClock; - unsigned char currentCharmap[16][128]; - bool aborting; - string sBinary; - -private: - bool checkNTLMPassword(unsigned char* pLMPassword, int nLMPasswordLen, string& sNTLMPassword); - bool startCorrecting(string sLMPassword, string& sNTLMPassword, unsigned char* pLMPassword); - void printString(unsigned char* muteThis, int length); - void setupCombinationAtPositions(int length, unsigned char* pMuteMe, unsigned char* pTempMute, int* jAtPos, bool* fullAtPos, int* sizeAtPos); - bool checkPermutations(int length, unsigned char* pTempMute, int* jAtPos, int* sizeAtPos, unsigned char* pLMPassword, string& sNTLMPassword); - - int calculateTotalCombinations(int length, int setSize); - int factorial (int num); - - bool parseHexPassword(string hexPassword, string& sPlain); - bool NormalizeHexString(string& sHash); - void ParseHash(string sHash, unsigned char* pHash, int& nHashLen); - string ByteToStr(const unsigned char* pData, int nLen); - void addToMapW(unsigned char key, unsigned char value1, unsigned char value2); - void fillMapW(); - void checkAbort(); - void writeEndStats(); -public: - bool LMPasswordCorrectUnicode(string hexPassword, unsigned char* NTLMHash, string& sNTLMPassword); - string getBinary(); -}; - +/* + * rcracki_mt is a multithreaded implementation and fork of the original + * RainbowCrack + * + * Copyright 2009, 2010 Daniël Niggebrugge + * Copyright 2009, 2010 James Nobis + * + * This file is part of rcracki_mt. + * + * rcracki_mt is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 2 of the License, or + * (at your option) any later version. + * + * rcracki_mt is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with rcracki_mt. If not, see . + */ + +#include +#include +#include +#ifdef _WIN32 + #include +#endif +//#include "openssl/md4.h" +#include +#include "signal.h" +#include "Public.h" +#include "md4.h" + +using namespace std; + +class LM2NTLMcorrector +{ +public: + LM2NTLMcorrector(); + +private: + map > m_mapChar; + uint64 progressCurrentCombination; + uint64 totalCurrentCombination; + uint64 counterOverall; + unsigned char NTLMHash[16]; + clock_t startClock; + int countCombinations; + int countTotalCombinations; + int counter; + clock_t previousClock; + unsigned char currentCharmap[16][128]; + bool aborting; + string sBinary; + +private: + bool checkNTLMPassword(unsigned char* pLMPassword, int nLMPasswordLen, string& sNTLMPassword); + bool startCorrecting(string sLMPassword, string& sNTLMPassword, unsigned char* pLMPassword); + void printString(unsigned char* muteThis, int length); + void setupCombinationAtPositions(int length, unsigned char* pMuteMe, unsigned char* pTempMute, int* jAtPos, bool* fullAtPos, int* sizeAtPos); + bool checkPermutations(int length, unsigned char* pTempMute, int* jAtPos, int* sizeAtPos, unsigned char* pLMPassword, string& sNTLMPassword); + + int calculateTotalCombinations(int length, int setSize); + int factorial (int num); + + bool parseHexPassword(string hexPassword, string& sPlain); + bool NormalizeHexString(string& sHash); + void ParseHash(string sHash, unsigned char* pHash, int& nHashLen); + string ByteToStr(const unsigned char* pData, int nLen); + void addToMapW(unsigned char key, unsigned char value1, unsigned char value2); + void fillMapW(); + void checkAbort(); + void writeEndStats(); +public: + bool LMPasswordCorrectUnicode(string hexPassword, unsigned char* NTLMHash, string& sNTLMPassword); + string getBinary(); +}; + diff --git a/Client Applications/rcracki_mt/md4.h b/Client Applications/rcracki_mt/md4.h index aeb3822..91753cb 100644 --- a/Client Applications/rcracki_mt/md4.h +++ b/Client Applications/rcracki_mt/md4.h @@ -1,35 +1,35 @@ -/* - * rcracki_mt is a multithreaded implementation and fork of the original - * RainbowCrack - * - * Copyright Bitweasil - * Copyright 2009, 2010 Daniël Niggebrugge - * Copyright 2009, 2010 James Nobis - * - * This file is part of rcracki_mt. - * - * rcracki_mt is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 2 of the License, or - * (at your option) any later version. - * - * rcracki_mt is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with rcracki_mt. If not, see . - */ - -#ifndef MD4_H -#define MD4_H - -#include "global.h" - -#define MD4_DIGEST_LENGTH 16 - -//Main function -void MD4_NEW( unsigned char * buf, int len, unsigned char * pDigest); - -#endif /* !MD4_H */ +/* + * rcracki_mt is a multithreaded implementation and fork of the original + * RainbowCrack + * + * Copyright Bitweasil + * Copyright 2009, 2010 Daniël Niggebrugge + * Copyright 2009, 2010 James Nobis + * + * This file is part of rcracki_mt. + * + * rcracki_mt is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 2 of the License, or + * (at your option) any later version. + * + * rcracki_mt is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with rcracki_mt. If not, see . + */ + +#ifndef MD4_H +#define MD4_H + +#include "global.h" + +#define MD4_DIGEST_LENGTH 16 + +//Main function +void MD4_NEW( unsigned char * buf, int len, unsigned char * pDigest); + +#endif /* !MD4_H */ diff --git a/Client Applications/rcracki_mt/rcrackiThread.cpp b/Client Applications/rcracki_mt/rcrackiThread.cpp index b960bbc..c6bb69a 100644 --- a/Client Applications/rcracki_mt/rcrackiThread.cpp +++ b/Client Applications/rcracki_mt/rcrackiThread.cpp @@ -121,6 +121,7 @@ rcrackiThread::~rcrackiThread(void) void rcrackiThread::PreCalculate() { + //XXX is this correct for multiple threads? for (t_nPos = t_nRainbowChainLen - 2 - t_ID; t_nPos >= 0; t_nPos -= t_count) { t_cwc.SetHash(t_TargetHash); diff --git a/Client Applications/rcracki_mt/rcrackiThread.h b/Client Applications/rcracki_mt/rcrackiThread.h index a53cac2..37fa289 100644 --- a/Client Applications/rcracki_mt/rcrackiThread.h +++ b/Client Applications/rcracki_mt/rcrackiThread.h @@ -1,85 +1,85 @@ -/* - * rcracki_mt is a multithreaded implementation and fork of the original - * RainbowCrack - * - * Copyright 2009, 2010 Daniël Niggebrugge - * Copyright 2009, 2010 James Nobis - * - * This file is part of rcracki_mt. - * - * rcracki_mt is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 2 of the License, or - * (at your option) any later version. - * - * rcracki_mt is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with rcracki_mt. If not, see . - */ - -#ifdef _WIN32 - #pragma once -#endif - -#include "ChainWalkContext.h" -#include "Public.h" -#include "HashSet.h" -//#include -#include - -class rcrackiThread -{ -private: - unsigned char* t_TargetHash; - int t_nPos; - int t_nRainbowChainLen; - CChainWalkContext t_cwc; - vector t_vStartPosIndexE; - int t_ID; - int t_count; - uint64* t_pStartPosIndexE; - int t_nChainWalkStep; - bool falseAlarmChecker; - bool falseAlarmCheckerO; - vector t_pChainsFound; - vector t_pChainsFoundO; - vector t_nGuessedPoss; - unsigned char* t_pHash; - bool foundHash; - int t_nChainWalkStepDueToFalseAlarm; - int t_nFalseAlarm; - string t_Hash; - string t_Plain; - string t_Binary; - -public: - rcrackiThread(unsigned char* TargetHash, int thread_id, int nRainbowChainLen, int thread_count, uint64* pStartPosIndexE); - rcrackiThread(unsigned char* pHash, bool oldFormat = false); - rcrackiThread(void); - ~rcrackiThread(void); - - //void SetWork(unsigned char* TargetHash, int nPos, int nRainbowChainLen); - //static unsigned __stdcall rcrackiThread::rcrackiThreadStaticEntryPoint(void * pThis); - static void * rcrackiThreadStaticEntryPointPthread(void * pThis); - int GetIndexCount(); - int GetChainWalkStep(); - uint64 GetIndex(int nPos); - bool FoundHash(); - void AddAlarmCheck(RainbowChain* pChain, int nGuessedPos); - void AddAlarmCheckO(RainbowChainO* pChain, int nGuessedPos); - int GetChainWalkStepDueToFalseAlarm(); - int GetnFalseAlarm(); - string GetHash(); - string GetPlain(); - string GetBinary(); - -private: - void rcrackiThreadEntryPoint(); - void PreCalculate(); - void CheckAlarm(); - void CheckAlarmO(); -}; +/* + * rcracki_mt is a multithreaded implementation and fork of the original + * RainbowCrack + * + * Copyright 2009, 2010 Daniël Niggebrugge + * Copyright 2009, 2010 James Nobis + * + * This file is part of rcracki_mt. + * + * rcracki_mt is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 2 of the License, or + * (at your option) any later version. + * + * rcracki_mt is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with rcracki_mt. If not, see . + */ + +#ifdef _WIN32 + #pragma once +#endif + +#include "ChainWalkContext.h" +#include "Public.h" +#include "HashSet.h" +//#include +#include + +class rcrackiThread +{ +private: + unsigned char* t_TargetHash; + int t_nPos; + int t_nRainbowChainLen; + CChainWalkContext t_cwc; + vector t_vStartPosIndexE; + int t_ID; + int t_count; + uint64* t_pStartPosIndexE; + int t_nChainWalkStep; + bool falseAlarmChecker; + bool falseAlarmCheckerO; + vector t_pChainsFound; + vector t_pChainsFoundO; + vector t_nGuessedPoss; + unsigned char* t_pHash; + bool foundHash; + int t_nChainWalkStepDueToFalseAlarm; + int t_nFalseAlarm; + string t_Hash; + string t_Plain; + string t_Binary; + +public: + rcrackiThread(unsigned char* TargetHash, int thread_id, int nRainbowChainLen, int thread_count, uint64* pStartPosIndexE); + rcrackiThread(unsigned char* pHash, bool oldFormat = false); + rcrackiThread(void); + ~rcrackiThread(void); + + //void SetWork(unsigned char* TargetHash, int nPos, int nRainbowChainLen); + //static unsigned __stdcall rcrackiThread::rcrackiThreadStaticEntryPoint(void * pThis); + static void * rcrackiThreadStaticEntryPointPthread(void * pThis); + int GetIndexCount(); + int GetChainWalkStep(); + uint64 GetIndex(int nPos); + bool FoundHash(); + void AddAlarmCheck(RainbowChain* pChain, int nGuessedPos); + void AddAlarmCheckO(RainbowChainO* pChain, int nGuessedPos); + int GetChainWalkStepDueToFalseAlarm(); + int GetnFalseAlarm(); + string GetHash(); + string GetPlain(); + string GetBinary(); + +private: + void rcrackiThreadEntryPoint(); + void PreCalculate(); + void CheckAlarm(); + void CheckAlarmO(); +}; diff --git a/Client Applications/rcracki_mt/rcracki_mt.ini b/Client Applications/rcracki_mt/rcracki_mt.ini index 17edb0a..27ab17e 100644 --- a/Client Applications/rcracki_mt/rcracki_mt.ini +++ b/Client Applications/rcracki_mt/rcracki_mt.ini @@ -1,33 +1,33 @@ -# Default settings for rcracki_mt -# Command line arguments override these defaults - -# Specify default amount of threads -Threads=1 - -# Set a default file to store temporary results. -# Set AlwaysStoreResultsToFile=1 or use -o to actually store results. -DefaultResultsFile=e:\default_rcracki_results.txt - -# This option requires DefaultResultsFile to be set to a file -#AlwaysStoreResultsToFile=1 - -# Set some default file locations to search for rainbow tables. -# You need to use these in combination with the command line argument -a [algorithm] -# Or you can set a default algorithm here with 'DefaultAlgorithm'. -# Algorithm is the name you use as specifier after 'DefaultRainbowTablesPath.' -# You can specify multiple lines per algorithm, one path/directory per line. -# Any locations you specify on the command line will be added to the list as well. -# For Windows users: locations in this file with a different case -# as on the command line are treated as separate locations (run through twice) -#DefaultRainbowTablePath.MD5=X:\RTI\MD5 -#DefaultRainbowTablePath.NTLM=X:\RTI\NTLM\ntlm_loweralpha-space#1-9_* - -# This option requires at least one 'DefaultRainbowTablePath.[algorithm]' to be set -#DefaultAlgorithm=MD5 - -# Always show debugging infomation (command line option -v) -# AlwaysDebug=1 - -# Always keep precalculation files after cracking, don't remove them. -# These files are saved by session name. So you can store precalculations over multiple jobs. +# Default settings for rcracki_mt +# Command line arguments override these defaults + +# Specify default amount of threads +Threads=1 + +# Set a default file to store temporary results. +# Set AlwaysStoreResultsToFile=1 or use -o to actually store results. +DefaultResultsFile=e:\default_rcracki_results.txt + +# This option requires DefaultResultsFile to be set to a file +#AlwaysStoreResultsToFile=1 + +# Set some default file locations to search for rainbow tables. +# You need to use these in combination with the command line argument -a [algorithm] +# Or you can set a default algorithm here with 'DefaultAlgorithm'. +# Algorithm is the name you use as specifier after 'DefaultRainbowTablesPath.' +# You can specify multiple lines per algorithm, one path/directory per line. +# Any locations you specify on the command line will be added to the list as well. +# For Windows users: locations in this file with a different case +# as on the command line are treated as separate locations (run through twice) +#DefaultRainbowTablePath.MD5=X:\RTI\MD5 +#DefaultRainbowTablePath.NTLM=X:\RTI\NTLM\ntlm_loweralpha-space#1-9_* + +# This option requires at least one 'DefaultRainbowTablePath.[algorithm]' to be set +#DefaultAlgorithm=MD5 + +# Always show debugging infomation (command line option -v) +# AlwaysDebug=1 + +# Always keep precalculation files after cracking, don't remove them. +# These files are saved by session name. So you can store precalculations over multiple jobs. #AlwaysKeepPrecalcFiles=1 \ No newline at end of file diff --git a/Client Applications/rcracki_mt/sha1.h b/Client Applications/rcracki_mt/sha1.h index 4e27063..231077b 100644 --- a/Client Applications/rcracki_mt/sha1.h +++ b/Client Applications/rcracki_mt/sha1.h @@ -1,33 +1,33 @@ -/* - * rcracki_mt is a multithreaded implementation and fork of the original - * RainbowCrack - * - * Copyright 2009, 2010 Daniël Niggebrugge - * Copyright 2009, 2010 James Nobis - * - * This file is part of rcracki_mt. - * - * rcracki_mt is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 2 of the License, or - * (at your option) any later version. - * - * rcracki_mt is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with rcracki_mt. If not, see . - */ - -#ifndef SHA1_H -#define SHA1_H - -#include "global.h" - -#define SHA1_DIGEST_LENGTH 20 - -void SHA1_NEW( unsigned char * pData, int length, unsigned char * pDigest); - -#endif /* !SHA1_H */ +/* + * rcracki_mt is a multithreaded implementation and fork of the original + * RainbowCrack + * + * Copyright 2009, 2010 Daniël Niggebrugge + * Copyright 2009, 2010 James Nobis + * + * This file is part of rcracki_mt. + * + * rcracki_mt is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 2 of the License, or + * (at your option) any later version. + * + * rcracki_mt is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with rcracki_mt. If not, see . + */ + +#ifndef SHA1_H +#define SHA1_H + +#include "global.h" + +#define SHA1_DIGEST_LENGTH 20 + +void SHA1_NEW( unsigned char * pData, int length, unsigned char * pDigest); + +#endif /* !SHA1_H */ -- 2.39.2