CrackLord

What Is CrackLord?

A management system for taking powerful hardware resources (GPU crackers, Cloud systems, etc.) and sharing them across groups of people with one location to manage them.

View on GitHub Get Source Download

About Cracklord

Over the past several years the world of password cracking has exploded with new tools and techniques. These new techniques have made it easier than ever to reverse captured password hashes. With the addition of powerful techniques, from GPGPU cracking to rainbow tables, it is easier than ever to access the plaintext for fun and profit. Furthermore, during our day jobs we have found that many other processes can benefit from distributed access to the resources of high powered systems. With many people requesting access to this, CrackLord was born. CrackLord provides a scalable, pluggable, and distributed system for both password cracking as well as any other jobs we need. Better said, CrackLord is a way to load balance the resources, such as CPU and GPU, from multiple hardware systems into a single queueing service across two primary services: the Resource and Queue. It doesn't speed up any individual tasks or jobs, but does make it a lot easier to manage everything across all your resources.

Queue

The Queue is a service that runs on a single system, providing an interface for users to submit, pause, resume, and delete jobs. These jobs are then processed and sent to available Resources to perform the actual work and handle the results.

Resources

The Resource is a service that runs on various systems, providing access to their underlying hardware. Resources utilize Tools to run jobs using the local GPU or CPU.

Tools

Tools are a set of plugins, configured on resources, that perform the underlying tasks such as running oclHashcat to crack passwords . Tools are written in the Go programming language and have a standard interface to make them easy to write or enhance.

Getting Started

For Users

First, you'll need to determine what your server configuration will look like. There are two different servers that need to be run, the Queueserver and Resourceserver. Both can be run on the same system or they can be run separately, either is fine. You can also have multiple resource servers that all connect to the same Queue server. The Tools on each can be different as well, but because Go is statically compiled, all Tools are built into the resource server at compile time; however, you can turn them off in the configs. There is a lot of flexibility in the configuration, which is both good and bad as it can be hard to get started. To try and help, we have put together some basic configuration files and instructions below. To help ease the deployment of CrackLord, we have created a set of Debian Packages that will work for Ubuntu, Debian, and Kali.

Queue Server
  1. Add our package repository to your system using apt:
    • curl -s https://packagecloud.io/install/repositories/emperorcow/cracklord/script.deb.sh | sudo bash
    Note: You really shouldn't trust a random script, see here for more detailed instructions if you're security conscious.
  2. Now you can install the debian package for the Queue Daemon:
    • apt-get install cracklord-queued
  3. This will install the queue, the web GUI, and create a set of self-signed certificates you can use to authenticate resources you may want to connect in the future. If you have a resource on the same system, we've also tried to make it easy and have created that cert for you.
  4. You should now look at /etc/cracklord/queued.conf and the config files in /etc/cracklord/resourcemanagers/. You will have to change any settings that you'd like for your environment.
  5. Now you can start up the queue server by issuing the following command
    • service cracklord-queued start
  6. At this point, you'll want to get some resource servers configured and connected. If you have your own hardware, you'll need to connect to it within the GUI. Your other option is to use AWS instances that you can deploy automatically from the GUI. Be careful about watching your charges for EC2 instances in AWS!
Resource Server and Tools
  1. If you haven't already, you should install our apt repository:
    • curl -s https://packagecloud.io/install/repositories/emperorcow/cracklord/script.deb.sh | sudo bash
    Note: You really shouldn't trust a random script, see here for more detailed instructions if you're security conscious.
  2. Now you can install the debian package for the Resource Daemon:
    • apt-get install cracklord-resourced
  3. You will now need to edit the default configuration file at /etc/cracklord/resourced.conf, including enabling any relevant tool plugins. You will also need to configure the tools in /etc/cracklord/plugins/ for their specific settings.
  4. You can now run the resource server. Please note that there may be individual configuration needs for various tools, such as getting X11 running for oclHashcat, or installing nmap, etc. See the Tool list below for links to additional information. To run the server, just:
    • service cracklord-resourced start
  5. Finally, you need to connect the resource to the queue. Resources authenticate to the Queue server using certificates. These are also used to secure communications between the queue and resource, as the transmission may contain highly sensitive information, such as hashes.
  6. If your resource and queue are on the same system, we've already created a hash for you. You can go to https://<QUEUESERVER> and, under resources, click connect to add the resource using localhost. If not, please see https://github.com/jmmcatee/cracklord/wiki/Creating-Resource-Certificates for additional information.

For Developers

There are several ways you can develop for CrackLord. The reason you're probably here is because you need a specific Tool or plugin. There's also several other components that you may want to customize or enhance. If you have any questions, don't hestiate to submit an issue if you have a problem or reach out if you have questions.

Write A Tool

The whole idea behind CrackLord was to have lots of tools available. There is a standard interface for the Tasker and Tooler that each plugin uses. Additionally, we've put together a guide showing how we wrote one of our own tools that should be way more helpful than the go docs. If you do write one, send us a pull request or let us know, we'd love to integrate it!

Scripting Functions

The Queue server uses a standard API and although we already have a default GUI, there's nothing preventing you from scripting this out. It's a standard RESTful API that uses JSON data types which are supported in numerous languages. Checkout our API documentation to get started.

Create A New Interface

We've already put together a graphical user interface, but there's nothing preventing you from putting together a new one! If it's awesome, we'll link to it so people can find it. Take a look at our API documentation to get started and let us know if you have any questions.

Enhance the Code

So you'd like to dive right in and improve CrackLord itself? We owe you hugs because you're awesome! First, we'd suggest you check out this huge diagram we put together showing all the parts of the internal code. From there, the GitHub Issue list is probably the best place to dive right in and see what needs fixing.

Plugins, Addons, and Tools

Tools

Here is a list of all of the tool that have been configured wrapped for use within the resource server. If you have one you'd like to see, you can either write it yourself and we'll get it in, or put in a request in our GitHub repository and we'll do our best to get it written, but we may need your help to figure out how. We'll try and keep this list up to date with everything included in releases or any links sent to us.

Resource Managers

This is a listing of all of the resource managers that have been included within the service, which allow for the creation, management, and removal of resources by the manager.