Skip to content

Brute Force Password Cracker *

Static Badge Static Badge

In a world where digital security is paramount, understanding and testing password vulnerabilities is a powerful skill. This project aims to build a brute-force password cracker capable of systematically trying every possible combination of characters to break a given password.

Running the Program:

  • The program can be run in different modes (sequential, parallel, distributed/CUDA) by specifying a parameter.
  • The system should accept a password hash as input and attempt to find the matching password.
  • Allow users to define a mask (e.g., certain known characters or positions) to narrow the search space and speed up the process.
  • Combine brute-force with a dictionary attack by trying common passwords or phrases before attempting all combinations.
  • The program must measure the runtime needed to crack the password and log the number of attempts made.
  • A “time to crack” metric should be output after each successful cracking attempt, giving the user feedback on performance in different modes.

Problem-Specific Requirements:

  • GPU Acceleration: Implement GPU-based acceleration using CUDA as an alternative to the distributed version for increased performance.
  • The implementation must attempt every possible combination of characters within the specified character set and password length.
  • The program must automatically adapt to the hardware it is running on (number of cores, memory, etc.).
  • The program should report real-time progress and allow the user to interrupt the process at any point.

Graphical Interface

  • Users can specify the following parameters:
    • Target: Hash of the password to be cracked (provided as input) and its type (e.g., MD5 or SHA256).
    • Character Set: Define allowed characters for the brute-force attack (e.g., lowercase a-z, uppercase A-Z, digits 0-9, and special characters).
    • Maximum Password Length: Set the upper bound for the password length that will be attempted.
  • The graphical interface should allow users to input the target password hash, select parameters (character set, length, etc.), and view the progress of the cracking process in real-time.
  • A progress bar or text output should show the status of cracking attempts.
  • The interface should display the cracked password and the total time taken upon successful cracking.

Testing

All three versions (sequential, parallel, and distributed) must be thoroughly tested under different configurations and workloads, focusing on measuring the system’s ability to handle increasing complexity:

Password Length Testing - Set the character set to lowercase letters (a-z) and test cracking passwords of increasing lengths (e.g., 4, 5, 6, 7 characters). - Measure the time required to crack each password in sequential, parallel, and distributed modes.

Character Set Testing - Set the password length to a fixed value (e.g., 6 characters) and vary the character set (e.g., lowercase, lowercase + digits, full alphanumeric, alphanumeric + special characters). - Measure the time required to crack the password for each character set and mode.

Dictionary Attack Test - Test the implementations by providing a sufficiently large dictionary of potential passwords, ensuring the target password can be found within the dictionary.

Present results with informative charts/figures, including both numeric and graphical representations, and explain them in detail.