Wrathion

A GPU accelerated document password recovery tool.

Authors

Jan Schmied, Radek Hranicky, Vladimir Vesely, Peter Gazdik

License

Wrathion is licensed under the MIT license.

Building

Wrathion was successfully compiled and tested under Ubuntu 14.04 LTS and Windows 8.1 CPU-only version should work on all common Intel CPUs. GPU-accelerated version was DEVELOPED PRIMARILY for AMD cards, but also works with NVIDIA cards.

The easiest way of getting Wrathion operational is to use a PC with AMD GPU, fresh installation of Ubuntu 14.04 LTS, and following steps I-a., II., and III.

Ia. Prerequisities - Ubuntu 14.04 LTS (Detailed "how-to cookbook")

In Ubuntu 14.04 LTS ALL prerequisities should be obtainable in the form of packages which you install by sudo apt-get install PACKAGENAME or by using Synaptic package manager - type: sudo apt-get install synaptic, sudo apt-get update, and run synaptic.

1. Install packages for Wrathion core:

build-essential
cmake
ubuntu-drivers-common
doxygen (optional)

2. Install packages required by ZIP module:

zlib1g
zlib1g-dev

3. Install packages required by PDF module:

libpoppler44
libpoppler-dev
libpoppler-private-dev
libpoppler-glib8
poppler-data

4. IMPORTANT: Execute the following command (solves error in poppler-goo):

#!bash
sudo cp /usr/include/poppler/poppler-config.h /usr/include

5a. IF you use AMD GPU:

FOR AMD CARDS: Radeon(TM) R9 Fury, R9 300, R9 200, R7 300, HD 7000, HD 6000, and HD 5000 Series. Was tested on: R9 290X and R9 Fury X

Install the following packages (Proprietary driver, etc.):

fglrx-updates
fglrx-updates-core
fglrx-updates-dev
fglrx-amdcccle-updates
ocl-icd-libopencl1
ocl-icd-opencl-dev
opencl-headers

(5b). IF you use NVIDIA GPU, you need following packages:

SHOULD WORK ON ALL NVIDIA cards that support OpenCL Was tested on: GeForce 660Ti

Install the following packages (Proprietary driver, etc.):

xserver-xorg-video-nouveau
nvidia-331-updates
nvidia-331-updates-uvm
nvidia-331-updates-dev
nvidia-opencl-icd-311-updates
nvidia-prime
nvidia-settings
ocl-icd-dev
opencl-headers

(NOTE: Newer drivers MAY also work with your GPU. Drivers denoted above were tested with GeForce 660Ti)

IF YOU PROCEEDED THROUGH STEPS 1-5, YOU SHOULD BE NOW ABLE TO COMPILE AND RUN WRATHION!

Ib. Prerequisities - Other GNU/Linux OS

Depending on your Linux distribution, you need to install dependencies in the similar way as shown in section I-a. The type of OpenCL library and OpenCL kernel compilation are GPU-dependent, thus, we highly recommend to use proprietary drivers from your GPU manufacturer. Using non-proprietary drivers may cause troubles with kernel compilation which may limit Wrathion to CPU-only version.

IF your distribution does not support AMD Catalyst (fglrx) / NVIDIA drivers in the form of package, you may need to download and install them manually from your GPU manufacturer's website.

Poppler library may be obtained from: http://poppler.freedesktop.org/ (tested with v0.39)
ZLib library may be obtained from: http://www.zlib.net/
OpenCL headers may be obtained from Khronos OpenCL Registry: https://www.khronos.org/registry/cl/

Ic. Prerequisities - Windows 8.1 (or other)

NOTE: Compiling Wrathion of Windows is a bit more tricky than on GNU/Linux. With steps below, we compiled and tested Wrathion on Windows 8.1 N:

1. WHAT YOU NEED:

Proprietary AMD Catalyst / NVIDIA graphics driver
MinGW with GCC compiler: http://www.mingw.org/ (We recommend to use automated mingw-get-setup.exe obtainable from https://sourceforge.net/projects/mingw/files/latest/download)
MSYS (Minimalist GNU for Windows): http://www.mingw.org/wiki/msys
POSIX Threads for Windows: http://sourceforge.net/projects/pthreads4w/
LibPoppler 0.39 or higher - we recommend to use precompiled binaries: http://sourceforge.net/projects/poppler-win32/
OpenCL headers: https://www.khronos.org/registry/cl/
For AMD you MAY NEED AMD APP SDK: http://developer.amd.com/tools-and-sdks/opencl-zone/amd-accelerated-parallel-processing-app-sdk/
cmake and make (for Windows) - we recommend installing by mingw-get-setup.exe: https://github.com/cpluspluscom/ChessPlusPlus/wiki/MinGW-Build-Tutorial

2. ENSURE that you have all dependencies in the correct (bin, lib, include) directories:

.h and .hpp files go to include directory
.dll files go to bin directory
.a and .lib files go to lib directory

FOR EXAMPLE:

#!bat
C:\MinGW\x86_64-w64-mingw32\include\pthread.h
C:\MinGW\x86_64-w64-mingw32\include\poppler\*
C:\MinGW\x86_64-w64-mingw32\include\poppler\cpp\*
C:\MinGW\x86_64-w64-mingw32\include\poppler\CL\cl.h
C:\MinGW\x86_64-w64-mingw32\include\poppler\CL\cl.hpp
...
C:\MinGW\x86_64-w64-mingw32\bin\libpoppler.dll
C:\MinGW\x86_64-w64-mingw32\bin\zlib1.dll
C:\MinGW\x86_64-w64-mingw32\bin\OpenCL.dll
...
C:\MinGW\x86_64-w64-mingw32\lib\libpthread.a
C:\MinGW\x86_64-w64-mingw32\lib\libpthread.dll.a
C:\MinGW\x86_64-w64-mingw32\lib\libpoppler.a
C:\MinGW\x86_64-w64-mingw32\lib\libpoppler.dll.a
C:\MinGW\x86_64-w64-mingw32\lib\OpenCL.lib
...

3. ENSURE that the PATH to make, cmake, etc. is set properly, e.g.:

#!bat
SET PATH=c:\MinGW\bin;%PATH%

4. RUN MSYS (not MinGW) CONSOLE - e.g.: `c:\msys\1.0\msys.bat`

You will use UNIX commands from now!
Ensure that MinGW directory is mounted properly, if not - do it (e.g.: mount c:/mingw /mingw)
Go to the Wrathion source directory
Proceed to section II.

II. COMPILATION

Wrathion framework can be compiled using CMake (version 2.8 and above).

On Windows (tested on MinGW MSYS)

#!bash
cmake -G"MSYS Makefiles"
make

On Linux (tested on Ubuntu 13.10 and 14.04)

#!bash
cmake -G"Unix Makefiles"
make

SOLUTION OF POSSIBLE PROBLEMS

IF you see any undefined reference to pthread_..., re-run the cmake and make again (Radek: 2016-01-21: SHOULD BE FIXED NOW, should not occur again.)
IF there was already cmake command executed before, you can erase the configuration by deleting CMakeCache.txt and CMakeFiles in all Wrathion subdirectories.
IF you encounter any other errors, please check if ALL prerequisities are satisfied (section I.).

All binary files are placed into bin directory. OpenCL kernels are copyed from its directories inside mudules into bin/kernels dorectory. This happens when running cmake command. If you delete contents of bin/kernels directory its content is not restored by running make. Re-run cmake or restore contents manualyl.

If youhave doxygen installed, you can generate a documentation of Wrathion by typing:

doxygen doxygen.config

HOW TO TEST OPENCL AVAILABILITY

After the compilation (see below), you may also check the correctness of your build by typing

./wrathion -s

or

wrathion.exe -s

in your bin/ directory. The output should contain all your OpenCL-compatible GPUs installed in your computer. Another useful command for OpenCL details about your GPUs is clinfo.

III. Usage

After the compilation, there should be a binary executable file wrathion or wrathion.exe in bin/ directory.

It supports the following arguments:

    -h - prints this help
    -f - input file
    --modules -l - list loaded modules
    --devices -s - list platforms and devices
    --cpu-cracker -c - prefer CPU cracker over GPU generator
    --map -d - devices to use <platform>:<device>[:<GWS>][,<platform>:<device>[:<GWS>],...]
    --chars -p - chars for creating passwords (default: abcdefghijklmnopqrstuvwxyz)
    -u (alternative of --chars) - file with unicode characters in hex form
    -m - maximum length of password (default: 10)
    --dict=file, -r - dictionary for dictinary attack
    --threads=NUMTHREADS, -t - number of threads for CPU Cracking
    -v - verbose mode (more information is displayed)

Markov attack
    -S, --statistics        file with statistics
    -T, --thresholds=glob[:pos]
                            number of characters per position
          - glob - global value for every position in password (default 95)
          - pos - positional comma-separated values(overwrites global value)
    -L, --length=min:max    length of password (default 1:50)
    -M, --mask              mask
    -X, --model             type of Markov model:
          - classic - First-order Markov model (default)
          - layered - Layered Markov model
    -I - return password on given index (only for experiments)
    -C, --cpu-generator - prefer CPU generator over GPU generator (works only
                          with a Markov generator)

Example:

./wrathion -vd 0:0 -f testfiles/orig/aes256.zip -S stats/rockyou.wstat -L 1:10
           -X layered -T 26 -M ?u?l?l?l?l?l?d?d?d?d (on Ubuntu 14.04)

Or:

wrathion.exe -vd 0:0 -f testfiles/orig/aes256.zip -S stats/rockyou.wstat -L 1:10
           -X layered -T 26 -M ?u?l?l?l?l?l?d?d?d?d  (on Windows 8.1)

Detailed decription of Markov attack you can find in MANUAL.md (only in Slovak).

The directory /bin/testfiles contains examples of various encrypted documents. The directory /bin/uchars contains examples of unicode alphabet files. The directory /bin/stats contains various files with statistics for First-order and Layered Markov model.

Unicode alphabet files contain the definition of characters in Unicode U+ hex notation (e.g. U+0042). The # symbol can be used for comments. Any character sequence beginning with # symbol and ending with an end of the line, is ignored.

Wrathion is also able to save its generator state and resume the work later. The generator state is saved automatically in [filename].passgen file after receiving SIGINT signal. If launched again with the same parameters, Wrathion will continue its previous job from the saved state. If you wish to re-run the whole job from the beginning, just delete or rename the .passgen file.

Radek Hranicky - Last update: 2016-05-20

Name		Name	Last commit message	Last commit date
Latest commit History 53 Commits
bin		bin
core		core
include		include
modules		modules
.gitignore		.gitignore
CHANGES		CHANGES
CMakeLists.txt		CMakeLists.txt
MANUAL.md		MANUAL.md
README.md		README.md
main.cpp		main.cpp

gazdik/bp-wrathion

Folders and files

Latest commit

History

Repository files navigation