sy14r / cryptbreaker Goto Github PK

Improvement to specify complexity requirements on a per character class basis (2 upper, 2 lower, etc) and then also to specify at least 2 of the 4 complexity requirements met. (IE if complexity is 2 upper, 2 lower, 2 symbols, 2 numbers and the uses specifies at least 3 of the 4 met then we want 2 upper, 2 lower, 2 symbols to be marked compliant as well as 2 upper, 2 symbols, and 2 numbers)

Thought this was dealt with but need to update so that the empty LM hash doesn't pollute statistics (it is still showing up on the Pass Reuse Stats for uploaded group files)

I now get all the way to the point where I select attempt to crack but still receive an error stating "Job failed - Need to configure Spot Instances in AWS." The database I am using is very small so I'm not understanding why I need to do this. Nevertheless, I configured spot instances and requested the increase. I get a little bit of round around from AWS before they think they have it configured only to then be told I need to "Please launch a t2.micro EC2 instance in the desired region to activate it.
Once region is active we can increase your Spot limits." I'm not an AWS guy so I'm a little lost on why I need to do this and how, not to mention there is no mention of this need here in the guidance provided.
Is anyone else seeing this issue or is it just me?

For teams who have already invested in GPU rigs, it would be great to be able to use those in place of AWS instances, and have the benefits of the API and cobalt strike integration that exist with this project.

The dockerized version of CB doesn't support M1 macs, need to build a container image which supports this architecture for easier use on that platform

Provide docker build and instructions (docker-compose.yml)

Desktop Docker version: 2.2.0.3 (42716)
Cryptbreaker version 1.1
Infrastructure environment: Maybe 15 users counting service accounts (lab environment - VMware)
OS: Windows Server 2019

I loaded the zipped data from the export of ntdsutil and that took longer than I expected. (10 minutes)
Clicked 'attempt to crack', received the 'retrieving price data' dialog and then it hangs and never gets past that point.
The display shows the following:
Hashes cracked: 0
Different Hashes: 57
Total Hashes: 158

PowerShell (Docker) window states level=error msg="error waiting for container: EOF" and then reverted to the system32 prompt.

Demo looks like an awesome program. Any help would be appreciated.

Can more broadly support different regions if this is worked out

Add an 'enhanced logging' feature that results in more verbose logging of cracking status and ec2 status updates.

Instead of building wordlists on each box have an automated process and repo to build the wordlists once a day and reference that repo in all instances that run, should decrease per box runtimes

Hi, will there be Azure support in the near future? Or is it possible to use it in an Azure cloud environment?

^ from fake lab test data

Improve discovery of hash files within a zip upload (initially targeted for IFM backup work for auditing but eventually arbitrary hash files)

This will enable improved billing tracking in AWS and also allow for AWS limits out of band of the tool to delete long running instances. CB will need to also be able to handle when AWS resources are yanked out from under it as well.

Creating an AMI for cracking to avoid having build/configuration time built into all cracking jobs.

Occasionally output from hashcat isn't properly parsed and we get overly verbose status messages that don't accurately/succinctly reflect the current state of the tool. Need to id and avoid these issues by improving parsing

Add a 'nuke from orbit' feature that allows for a crack job to be instantly cancelled. Forcefully deleting all related cloud resources.

Occasionally CB fails to tag created resources properly... will want to update where the tagging occurs to avoid this problem.

Can't recreate the hanging bug but lets add an additional protection to ensure no run-away resource issues. A configurable serverless function run on a schedule to find and kill tagged resources that have a run time of > X hours (or minutes or whatever....)

ToDo

• Ensure EC2 instances are tagged with the 'Cryptbreaker' tag and a 'CBID' tag that is the installation id for the particular CB install
• Create a default scheduled serverless function to every 5 min check for resources that have been up more than 2 hours and kill them
• Delete S3 resources tagged for that job as well
• Expose configuration options for the serverless protection task in the CB admin panel
  • Enable/Disable
  • Configurable threshold time
  • Configurable schedule rate (X minutes, X hours)

Note

We will want the Job UI to gracefully handle when resources just disappear (either admin killed via AWS or the serverless job killed it)

Need to add support for P4 cracking generation in AWS

This is a default feature to cap max expense if desired....