You want to crack a hash but your system speed is low?! No need to
worry..! Here is solution for you , “Distributed Password Cracking”. Let
me introduce a new tool called “Ravan” developed by LavaKumar.
Ravan now supports MD5,SHA1,SHA256,SHA512 hashes.
Once the hash is submitted the master creates arrays of slots (each array contains 5 slots), this is submitted to the web backend. Each slot represents a small part of the keyspace, this is how the entire activity is broken down in to multiple tiny tasks. A single slot represents 1 million combinations.
The master constantly polls the web backend to check on the progress of the cracking process. As the existing list of slots is completed by the workers the master allots more slots. When a worker cracks the hash and returns the clear-text value the master confirm this and then signals all workers to stop cracking.
Here is the tool
About Ravan:
Ravan is a JavaScript based Distributed Computing system that can
perform brute force attacks on salted hashes by distributing the task
across several browsers. It makes use of HTML5 WebWorkers to start
background JavaScript threads in the browsers of the workers, each
worker computes a part of the hash cracking activity.Ravan now supports MD5,SHA1,SHA256,SHA512 hashes.
How it works?
Ravan has three components:
Master:
The hash, salt, hashing algorithm, position of the salt (before or
after salt) and the charset are submitted by the user. These are
submitted to the web backend and it returns a ‘hash id’ which is unique
to every submitted hash. It also supplies a ‘worker url’ specific to
this hash that must be sent to potential workers.Once the hash is submitted the master creates arrays of slots (each array contains 5 slots), this is submitted to the web backend. Each slot represents a small part of the keyspace, this is how the entire activity is broken down in to multiple tiny tasks. A single slot represents 1 million combinations.
The master constantly polls the web backend to check on the progress of the cracking process. As the existing list of slots is completed by the workers the master allots more slots. When a worker cracks the hash and returns the clear-text value the master confirm this and then signals all workers to stop cracking.
Web Backend:
The web backend acts as a proxy between the master and the workers.
It does not perform any actual computation but validates the data
submitted by both the parties and passes information between them.
Worker:
The worker performs the actual hard work of cracking the hashes. Each
hash has a unique worker URL and this page explicitly asks for the user
permission before the cracking process is started. Once the user
accepts and clicks ‘Start’ the worker polls the web backend for
available slots, the web backend returns an array of slots from its
database. The worker cracks each slot and sends the result to the web
backend. After completing all the slots it polls the web backend for
more slots.Here is the tool
0 comments:
Post a Comment