Crackq


Crackq is an online distributed GPU-accelerated password cracker designed to help penetration testers and network auditors check for weak passwords. It supports a number of hash types and we are actively adding new algorithms.

This service must be used for legal purposes only. We are not liable for any loss or damage caused as a result of using this service.

Public queue utilisation: 0/10

Update your client to v0.19b

This is a standard FIFO queue with a maximum size of 10 submissions. Note that the private queue submissions have a priority over the public queue.

To submit your hashes, download the crackqcli python script. You will need your API key which can be found on the user details page once you login. The results will be emailed to your registered email address. For more details, refer to the FAQ page.

For example, the following command can be used to submit the md5 hash 06aa3b7d55df43e7d7fa4aef94811e4a:

$ git clone https://github.com/vnik5287/Crackq.git && cd Crackq
$ ./crackqcli.py -t md5 06aa3b7d55df43e7d7fa4aef94811e4a

The currently supported algorithms along with their time to completion (TTC) are shown below. Note that we are actively adding new dictionary files, GPU nodes, custom rules, etc. This may affect the completion times shown below.

  • NTLM (~6 min)
  • LM (~30 min) - full ASCII keyspace
  • MD5 (~11 min)
  • WPA / WPA2 (~8 min)
  • Cisco Type 7 (Instant)
  • Windows Group Policy Preferences (GPP) (Instant)

Private queue utilisation: 0/10

Similar to the public queue, this is a standard FIFO queue with a maximum size of 10 submissions. However, unlike the public queue, brute-force and hybrid attacks performed by the private queue are more extensive (which also makes completion times longer) and are optimised for specific algorithms.

The private queue submission process is similar to the public queue except for the -q privq switch. For example, the following command can be used to submit the hccap file containing your captured WPA/WPA2 handshake to the private queue:

$ ./crackqcli.py -q privq -t wpa PATH_TO_YOUR_HCCAP 

You can view and purchase your private queue submission quota on the user details page once you login.

The currently supported algorithms along with their time to completion (TTC) are shown below. Note that we are actively adding new dictionary files, GPU nodes, custom rules, etc. This may affect the completion times shown below.

  • NTLM (~1.2 hours)
  • MD5 (~2.1 hours)
  • SHA1 (~2.5 hours)
  • WPA / WPA2 (~2 hours)
  • VPN IPSec IKE (aggressive mode) MD5 (~2 hours)
  • DESCRYPT / DES(Unix) (~2 hours)
  • MD5CRYPT / FreeBSD MD5 / Cisco IOS MD5 / MD5(Unix) (~45 min)

Projects

Updates

  1. 26/03/2015: crackqcli.py is now supported on Windows. The private queue adds VPN IPSec IKE (aggressive mode) MD5 psk cracking support: hashcrack.org/crackq/page?n=ike.
  2. 16/03/2015: Added upper- and lower-case 8 hex char brute-force to the private queue.
  3. 04/03/2015: Added SHA1 support to the private queue.
  4. 03/03/2015: Crackq client v0.18b is released. Added support for Cisco type 7 and Windows Group Policy Preferences (GPP) hashes. There is no processing time involved since these are reversible encodings.
  5. 25/02/2015: Crackq client v0.17 is released. Added support for DESCRYPT / DES (Unix) and MD5CRYPT / MD5(Unix) to the private queue.
  6. 24/02/2015: Crackq client v0.16b is released. Added support for the private queue.
  7. 18/02/2015: Fixed the essid issue. Essid values with non-ASCII characters are now properly terminated.
  8. 17/02/2015: Crackq client v0.15b is released.
  9. 12/02/2015: Added a new dictionary file with some custom rules to our WPA/WPA2 handshake cracking queue. The time to completion (TTC) for a single handshake is now ~8 min.
  10. 01/02/2015: Added support for LM (LanMan) hashes. Full keyspace is brute-forced in ~30 min (both password halves). Both halves are submitted as a single hash but brute-forced independently (see FAQ for details).
  11. 13/01/2015: Fixed issues related to requests with hashes that have already been cracked.
  12. 07/01/2015: The WPA/WPA2 queue now adds 8-digit brute-force support to its hybrid dictionary attacks which brings TTC to ~8 min.
  13. 03/01/2015: Crackq is now distributed (using Open MPI).
  14. 24/12/2014: The GPU overheating issues causing premature termination should now be fixed.