Auteur Sujet: [FireEye]Introducing GoCrack: A Managed Password Cracking Tool  (Lu 236 fois)

0 Membres et 1 Invité sur ce sujet

En ligne igor51

  • Admin
  • Mega Power Members
  • *****
  • Messages: 10302
Introducing GoCrack: A Managed Password Cracking Tool

FireEye's Innovation and Custom Engineering (ICE) team released a
  tool today called   href="">GoCrack that allows red
  teams to efficiently manage password cracking tasks across multiple
  GPU servers by providing an easy-to-use, web-based real-time UI
  (Figure 1 shows the dashboard) to create, view, and manage tasks.
  Simply deploy a GoCrack server along with a worker on every GPU/CPU
  capable machine and the system will automatically distribute tasks
  across those GPU/CPU machines.


 Figure 1: Dashboard


As readers of this blog probably know, password cracking tools are
  an effective way for security professionals to test password
  effectiveness, develop improved methods to securely store passwords,
  and audit current password requirements. Some use cases for a password
  cracking tool can include cracking passwords on exfil archives,
  auditing password requirements in internal tools, and
  offensive/defensive operations. We’re releasing GoCrack to provide
  another tool for distributed teams to have in their arsenal for
  managing password cracking and recovery tasks.


Keeping in mind the sensitivity of passwords, GoCrack includes an
  entitlement-based system that prevents users from accessing task data
  unless they are the original creator or they grant additional users to
  the task. Modifications to a task, viewing of cracked passwords,
  downloading a task file, and other sensitive actions are logged and
  available for auditing by administrators. Engine files (files used by
  the cracking engine) such as Dictionaries, Mangling Rules, etc. can be
  uploaded as “Shared”, which allows other users to use them in task yet
  do not grant them the ability to download or edit. This allows for
  sensitive dictionaries to be used without enabling their contents to
  be viewed.


Figure 2 shows a task list, Figure 3 shows the “Realtime Status” tab
  for a task, and Figure 4 shows the “Cracked Passwords” tab.


 Figure 2: Task Listing


 Figure 3: Task Status


 Figure 4: Cracked Passwords Tab


GoCrack is shipping with support for hashcat v3.6+, requires no
  external database server (via a flat file), and includes support for
  both LDAP and database backed authentication. In the future, we plan
  on adding support for MySQL and Postgres database engines for larger
  deployments, ability to manage and edit files in the UI, automatic
  task expiration, and greater configuration of the hashcat engine.
  We’re shipping with Dockerfile’s to help jumpstart users with GoCrack.
  The server component can run on any Linux server with Docker
  installed. Users with NVIDIA GPUs can use     href="">NVIDIA Docker to
  run the worker in a container with full access to the GPUs.


GoCrack is available immediately for download along with its source
  code on the project's
    GitHub page
. If you have any feature requests, questions, or bug
  reports, please file an issue in GitHub.


ICE is a small, highly trained, team of engineers that incubate and
  deliver capabilities that matter to our products, our clients and our
  customers. ICE is always looking for exceptional candidates interested
  in solving challenging problems quickly. If you’re interested, check
  out FireEye careers.

Source: Introducing GoCrack: A Managed Password Cracking Tool