Release 1.3 is a minor release featuring some UI and backend optimizations intended to reduce wasted time per hash crack request and increase software stability. Changes included:
docker-composefor suggested use which persists database contents allowing for updating without losing data
For those curious and for the sake of discussion here are some more details around a couple of the improvements
This release contains a recommended
docker-compose.yml file that can be used to run the main Cryptbreaker and MongoDB database instances in seperate containers. The provided configuration also creates a volume which is mounted to the database container allowing for data to persist even if you stop/remove the running containers. Since the
docker-compose file references the latest version of the Cryptbreaker docker image you can now receive future updates simply by using this
docker-compose file and running
docker-compose stop followed by
docker-compose rm and then
docker-compose up. This will stop and remove both containers, download the newest versions of each, and then relaunch the tool, loading the previous database contents into the new database container.
This update introduces the use of pre-generated default wordlists and the use of a custom Cryptbreaker AMI (Amazon Machine Image) that has been built and shared in AWS. Previously, Cryptbreaker would install Nvidia drivers and Hashcat as part of each cracking job. Now, I’ve already done those steps and saved the image to Amazon for quick retrieval, eliminating the need to install those packages and perform a system reboot. Additionally, Cryptbreaker gets it’s default workdlists from Daniel Miessler’s SecLists project. Previously, a few minutes of each cracking job were used to download this repository, extract compressed contents, combine all the Password pass lists, and de-duplicate into the wordlist to use for cracking. Now, I’ve performed this action and uploaded the relavent output to a file in S3 which the instance simpley copies and unzips. By performing both of these more ‘administrative’ actions before hand Cryptbreaker can be even more efficient with the time you’re paying for when you use it.