Friday, January 16, 2009

SHAbr, the SHA-1 password brute forcer

Today I finished my SHA-1 password brute forcer, SHAbr. It is optimized for passwords with a length < 16 characters. It supports multiple cores/processors and uses SSE2 to hash 4 plaintexts simultaneously, per thread.

Yesterday I got a little above 40 Mhashes/s with 4 cores (Q9450@3.2Ghz), tonight just before going to sleep I thought of some new attempts for optimizations. That got me close to 50 Mhashes/s. This morning when I woke up another idea popped up, and just before I thought I was done, another one... now I am close to 60 Mhashes/s :)

The main issue is that I can't fully unroll all the loops, this actually slows things down. This might have something to do with cache misses. The last changes mainly comprised of reordering some instructions and partially unrolling the loops.

This was my first attempt at using SSE2, and my first attempt at actually implementing a cryptographic hashing algorithm on my own. I used several sources of information and used some ideas from other SHA-1 implementations, such as the one in OpenSSL and RFC3174.

It is very well possible that my code can be optimized even more, or even a lot more, but as far as I know, SHAbr is currently the fastest SHA-1 password brute forcer around. You might also see some strange coding habits, I'm not a professional coder... feel free to drop me some remarks, I'd be happy to learn from it :)

Currently it only takes one hash for cracking and I haven't tested it with Linux. I expect it not to work straight away under Linux, but it shouldn't be that much work. I have it on my ToDo list, but I won't fix it in the upcoming month. I'd also like to implement support for multiple hashes later on.

Download:
shabr_win_32bit_binary.zip
shabr_src.zip

You might also need to install the Microsoft Visual C++ 2008 Redistributable Package.

Feel free to leave a comment, and I'd love to hear some of the speeds you gain.

tip: playing around with -B and -Q might render different speeds... also I noticed that somehow speed sometimes is like 2 Mhashes/s slower or faster after restarting the program.

7 comments:

  1. Cool. And you provide the source too, very cool.

    I have a better name suggestion: SHAber (rhymes with saber).

    ReplyDelete
  2. I like the pronunciation in Dutch ;)
    but thx for the suggestion.

    ReplyDelete
  3. I only get ~12M hashes per second using a core2 Duo e6750 @2.66Ghz. What hardware did you use?

    ReplyDelete
  4. Anonymous said...

    "I only get ~12M hashes per second using a core2 Duo e6750 @2.66Ghz. What hardware did you use?"

    Sorry for my late response. The code might be very optimized for my own system, i was often on the edge of code size and such. My own system is a core2 quad Q9450 @3.2Ghz.

    ReplyDelete
  5. Could you choose another mirror like mediafire for your binaries? TBHost.eu looks like f*** up

    ReplyDelete
  6. tbhost.eu seems to be down for the moment, i hope it'll be up again soon.

    ReplyDelete