Enneract

25th August 2018

Motivation

Orchestrate Cracking Task and Distribute It Easily
We know that password recovery procedure is a complex task. However, Enneract software is here to help you with every step! Starting with metadata extraction, you can rely on our tool to get proper hash from the encrypted document. Enneract recognizes the plethora of different file formats and takes into account even their (sub)versions when obtaining requested hash. If you are cracking many password-protected documents on multiple machines at once, then you need a system that offers easy control and automatic distribution of your running jobs. And what about infrastructure outages? Our system offers not only resiliency (snapshotting of cracking process) but also dynamic rescheduling of remaining work packages over available machines.
Use well-known tools

Enneract acts as a hypervisor, which distributes cracking jobs over your nodes (i.e., GPU/HPC servers such as Tansy). Enneract’s inner logic slices the keyspace onto more manageable work units that are delivered as independent tasks to your nodes. Enneract is aware of each node’s performance and dynamically adjusts a tasks in order to maximize the potential of your infrastructure. Enneract is empowered with open-source and easily manages tools like Hashcat or John the Ripper. Enneract decides based on knowledge of cracked format, which tool to use and how.

 

Specification

Easy to use

Enneract is a powerful application that allows users to manage connected nodes. Adding a node to Enneract is a simple and straightforward process. The newly added node is then automatically recognized and benchmarked by Enneract, which asses node capabilities and performance in the frame of the whole infrastructure.

Enneract’s web portal is a graphical user interface easily accessible from desktops and mobile devices due to its responsive design. Nevertheless, Enneract also offers a REST API, which can fully control the whole system and allows integration with other applications. By employing this API, you can create fully automated pipeline processing incoming encrypted documents according to priority and automatically applying various cracking strategies on them.

Enneract has built-in AAA (authentication, authorization, accounting) model. This allows user segregation into groups with different rights and access levels to resources.

Feature rich

Enneract leverages full-potential of open-source tools like Hashcat, John the Ripper or Wrathion. Moreover, thanks to its API it can be integrated with other tools available in your institution.

Enneract supports various types of attacks with different magnitudes impacting potential keyspace:

  • brute-force – testing the largest keyspace by creating permutations over the password alphabet;
  • dictionary – testing the smallest keyspace in the form of a dictionary file (e.g., containing known passwords obtained from various leaks and security breaches);
  • rule-based – testing the keyspace generated by employing grammars, Markov chains or substitutional rules;
  • hybrid – combining previous approaches in order to create unique keyspaces based on encrypted container metadata (e.g., user’s language and charset).

Enneract allows you to create templates (applies for same containers) and superjobs (forming batches of attack), which simplify the user experience and improve the chance of successful attack.

For appropriate encrypted containers, Enneract is aware of passwords containing national characters. The user can easily specify existing charset or create customized one. Charsets support encoding with fixed (e.g., ISO-8859-2) and variable lengths (e.g., UTF-8).

Reliably extract hashes

Enneract maintains own codebase of format validating tools. This allows us to reliably extract hash from whatever version of encrypted container you encounter. Neither you need to bother with third-party application scripts, nor you must conduct pesky preprocessing to obtain the hash. Moreover, Enneract validator offers integrity checks that would tell you if the integrity of the container is correct. How can this be helpful? For instance, you upload an unknown file with a DOC extension. Enneract would inspect metadata and the content of the file revealing that it is actually PDF revision 1.4.

To our best customers, we offer this validator as a standalone application, which can be used independently on Enneract.

Deployment aspects

We usually deliver Enneract hypervisor installed on a barebone server configured according to customer needs (e.g., taking into account the number of connected nodes or with storage large enough to support huge dictionaries). Nevertheless, we offer also virtualized installations.

Enneract installation involves deployment of:

  • Hypervisors – A single hypervisor can handle tens of nodes depending on infrastructure configuration. Dual hypervisors are recommended for high-availability and fault-tolerant scenarios.
  • Nodes – A single node is usually server packed with GPU cards (e.g., Tansy). A special Enneract manager software is needed for interaction with the hypervisor. Once the manager is installed, all other orchestration of your infrastructure (including updates) is fully automated.

Enneract hypervisor is run on the Linux-based operating system (CentOS). Enneract application for nodes is supported for both Linux and Windows environment.

Do not hesitate to contact us, if you are interested in receiving a quote for your tailored Enneract installation!

 

Supported encrypted containers

MD4

MD5

Half MD5

SHA1

SHA-224

SHA-256

SHA-384

SHA-512

SHA-3 (Keccak)

BLAKE2b-512

SipHash

RIPEMD-160

Whirlpool

GOST R 34.11-94

Streebog 256-bit

Streebog 512-bit

DES

3DES

Skip32

ChaCha20

phpass

scrypt

PBKDF2-HMAC-MD5

PBKDF2-HMAC-SHA1

PBKDF2-HMAC-SHA256

PBKDF2-HMAC-SHA512

Skype

WPA/WPA2

WPA/WPA2 PMK

iSCSI CHAP, MD5(CHAP)

IKE-PSK MD5

IKE-PSK SHA1

NetNTLMv1

NetNTLMv1+ESS

NetNTLMv2

IPMI2 RAKP

Kerberos5 etype23

DNSSEC (NSEC3)

CRAM-MD5

PostgreSQL CRAM

MySQL CRAM (SHA1)

SIP digest authentication

Kerberos5 TGS-REP

TACACS+

JWT (JSON Web Token)

SMF > v1.1

phpBB3 (MD5)

vBulletin < v3.8.5

vBulletin >= v3.8.5

MyBB 1.2+

IPB2+

WBB3

Joomla < 2.5.18

Joomla >= 2.5.18 (MD5)

WordPress (MD5)

PHPS

Drupal7

osCommerce

xt:Commerce

PrestaShop

Django SHA1

Django PBKDF2

Tripcode

MediaWiki B type

OpenCart

Redmine

PunBB

Atlassian PBKDF2

PostgreSQL

MSSQL (2000)

MSSQL (2005)

MSSQL (2012, 2014)

MySQL323

MySQL4.1/MySQL5

Oracle H: Type 7+

Oracle S: Type 11+

Oracle T: Type 12+

Sybase ASE

Episerver 6.x < .NET 4

Episerver 6.x >= .NET 4

Apache APR

ColdFusion 10+

hMailServer

nsldap, Netscape LDAP

nsldaps, Netscape LDAPs

LDAP {SSHA256}

LDAP {SSHA512}

CRAM-MD5 Dovecot

FileZilla Server >= 0.9.55

CRC32

LM

NTLM

DCC, MS Cache

DCC2, MS Cache 2

DPAPI masterkey file v1

DPAPI masterkey file v2

MS-AzureSync

descrypt

BSDi Crypt

md5crypt, Cisco-IOS

bcrypt, Blowfish (Unix)

sha256crypt

sha512crypt

macOS v10.4-v10.6

macOS v10.7

macOS v10.8+

AIX {smd5}

AIX {ssha1}

AIX {ssha256}

AIX {ssha512}

Cisco-PIX MD5

Cisco-ASA MD5

Cisco-IOS $1$

Cisco-IOS type 4

Cisco-IOS $8$

Cisco-IOS $9$

Juniper NetScreen

Juniper IVE

Juniper/NetBSD

FortiGate (FortiOS)

Samsung Android

Windows Phone 8+

Citrix NetScaler

RACF

GRUB 2

Radmin2

ArubaOS

SAP CODVN B

SAP CODVN F/G

SAP CODVN H

Lotus Notes/Domino 5

Lotus Notes/Domino 6

Lotus Notes/Domino 8

PeopleSoft

PeopleSoft PS_TOKEN

7-Zip

RAR3-hp

RAR5

AxCrypt

AxCrypt in-memory

WinZip

iTunes backup < 10.0

iTunes backup >= 10.0

TrueCrypt

Android FDE <= 4.3

Android FDE DEK

eCryptfs

VeraCrypt

LUKS

MS Office 2003

MS Office 2007

MS Office 2010

MS Office 2013

PDF 1.1 – 1.3

PDF 1.1 – 1.3

PDF 1.4 – 1.6

PDF 1.7 Level 3

PDF 1.7 Level 8

Apple Secure Notes

Password Safe v2

Password Safe v3

LastPass

1Password agilechain

1Password cloudchain

Bitcoin wallet.dat

Blockchain My Wallet

Blockchain My WalletV2

Electrum Wallet

KeePass 1 and KeePass 2

Java Key Store

EtherWallet PBKDF2

EtherWallet SCRYPT

Ether Pre-Sale PBKDF2