If you haven’t seen my previous post on the purpose, design, features, and use of Cryptbreaker you can check it out here. Today I’m excited to announce that version 1.1 of Cryptbreaker is officially released!
First, lets get the release notes out of the way. This release brings a number of features to improve UI flow, cracking options and control, data exploration, password auditing, and data import/export management.
File Upload Improvements
Support for ingestion of ‘Install from Media’ backups (with Impacket tools built in)
Improved Search Filters
Ability to Pause/Resume/Cancel Cracking jobs
Basic Crack Configuration
Password Policy Configuration and Auditing
Import hashes cracked via other tools
Export (Un)cracked hashes for use in other tools
Customizable CSV Export
Export Data in JSON format
The remainder off this blog post will explore the key new features introduced in this version.
Setup of Cryptbreaker has never been easier. As of this release (and for all releases going forward) the preferred way to run Cryptbreaker is via docker. To get started simply run:
docker run -p 3000:3000 sy14r/cryptbreaker
Then, navigate to https://localhost:3000 and create an account the same as before, login and complete setup:
File Upload Improvements
In addition to providing better UI feedback on the status of your file uploads Cryptbreaker now support uploading “Install from Media Backups” created on Windows Domain Controllers for the purposes of cracking and auditing passwords in a corporate environment.
To start, you can create an ifm backup using the following one-liner on a DC as Domain Admin:
ntdsutil "ac i ntds" "ifm" "create full C:\Temp" q q
and then create a ZIP folder containing the 2 created folders (‘Active Directory’ and ‘registry’)
This Zip file can then be directly uploaded into Cryptbreaker where it will automatically unzip the contents and use secretsdump.py from Impacket to recover the LM/NTLM hashes from the backup of the Domain Controller. These hashes will be added to the database to allow quick cracking. (note: the krbtgt has will not be uploaded into the database due to it’s sensitive nature)
Advanced Crack Control and Configuration
With this release you can also now configure whether you want to perform brute force and/or dictionary attacks as well as pause and resume hash crack tasks if needed.
During the configuration of your cracking job just click the ‘Advanced Options’ checkbox to make your changes. To pause/resume/cancel cracking jobs just click the appropriate icon in the Hash Crack Jobs table when it’s available.
Version 1.1 also brings the ability to Import/Export data in more formats and with more flexibility. To export data just use the ‘Import/Export’ button on the Hash File that you want to perform the action on and choose the applicable option in the drop down menu. You can export cracked hashes in hashcat format, uncracked hashes in hashcat format, or all data for the hash file (to include statistics used in the ‘Report’ view) in JSON format.
Additional CSV configuration options are available in the Hash File view. Just select the columns you want when you select to download the table and enjoy.
Password Policy Auditing
Cryptbreaker v1.1 brings support for auditing passwords against a known password policy. Each hash file can have it’s own associated password policy which is configured via the ‘Policy’ button for that hash file. Once a policy is set, all associated passwords are evaluated against the policy requirements to allow you to quickly identify non-compliant accounts via either table or search filters.
These are just the main highlights from this release of Cryptbreaker but feel free to give the tool a try!