Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Tips on speeding up bkcrack #124

Open
jgrahamc opened this issue Jun 17, 2024 · 6 comments
Open

Tips on speeding up bkcrack #124

jgrahamc opened this issue Jun 17, 2024 · 6 comments
Labels
question

Comments

@jgrahamc
Copy link

I've successfully used bkcrack to get the decryption key for an old PKZIP file. Thank you. I am currently trying to obtain the original password and I am running into difficulty. Currently I am running:

bkcrack -k $KEY -r 1..16 '?p' -j 10

on a Apple M1 Pro. Although bkcrack has found 'passwords' (collisions) along the way none are the original password (which is definitely only printable ASCII). I am current about 30% through passwords of length 14.

What are the best tips for speeding this up? Has anyone looked at a distributed or GPU optimized version of bkcrack?
@kimci86
Copy link
Owner

kimci86 commented Jun 17, 2024

I believe there would be a great speed up by running the password recovery on GPU but it is not implemented at the moment. I hope to implement it eventually (see #75).

There is an implementation of the password recovery algorithm on GPU in hashcat. The speed up compared to bkcrack depends on your GPU. See discussion #69 for more details about this. I don't know how fast the GPU in Apple M1 Pro would be for this. If you try, I would be curious to see some time measurement.

@kimci86
Copy link
Owner

kimci86 commented Jun 17, 2024

Maybe the most important tip is to select the smallest character set that contains all the password characters. Of course, it requires some guesswork because the password is unknown, but a smaller character set is explored much faster.
For example, if you believe the password has only lowercase or uppercase letters, use ?l?u. If you believe it can also contain some underscore characters, use ?l?u_. Note you are not limited to predefined characters set, you can list characters explicitly to define the character set you want.

@jgrahamc
Copy link
Author

Thanks.

I've been trying a lot of things around the character set since I have some idea of what the password was like.

I am also using hashcat at the same time as bkcrack (CPU and GPU maxed out). I have an issue with hashcat that I can't run a mask attack of more than a certain number of characters because it runs out of integer space.

I think my issue is that the password is looking like it's 14 or more characters and that's a big search space.

@kimci86
Copy link
Owner

kimci86 commented Jun 18, 2024
edited
Loading

Implementing mask attack for password recovery could also save a lot of time if you have more precise knowledge about what the password looks like. It is not implemented at the moment in bkcrack (#55) but you got me thinking about it again. Maybe I will give it a try in the coming days or weeks 🤞

@jgrahamc
Copy link
Author

I am pretty sure that the password is "some number of upper case letters followed by a small number of digits".

@kimci86 kimci86 mentioned this issue Jun 27, 2024
Draft
@nelolka
Copy link

nelolka commented Sep 9, 2024

Also it would be great to speed up keys searching with GPU

Repository owner deleted a comment from jeturgavli Sep 25, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jgrahamc @kimci86 @nelolka