SecurityXploded Blog

FireMasterLinux with Hybrid Crack Method

FireMasterLinux is the Linux port of popular FireMaster tool, an initiative by the elite members of  “rainbowsandpwnies” security group.  The team is headed by Broseidon along with fellow members.

FireMaster is the first ever built tool to recover the lost master password of Firefox on Windows platform.  Now the Linux version, FireMasterLinux is taking better shape day by day. This version is not only aimed at supporting new platform but also make it faster than ever so that master password can be recovered in realistic time frame.

The latest version of FireMasterLinux 0.3 is released few days back by Broseidon that has support for advanced Hybrid crack method. ‘password’ will now yield {passworD, passwoRd, passwoRD … PASSWORd, PASSWORD}.  This is something different from FireMaster as it has only basic hybrid crack method without case sensitive permutation.

It now supports Hybrid Cracking with the following options:

Hybrid Crack Options:    (-h)
-f    dictionary file to use for hybrid modification (defaults to -0)
-0    shift Cracking on individual characters i.e. ‘a’->’A’ ‘1’->’!’
-1    prefix i.e. ‘pass’ -> ‘1pass’
-2    append i.e. ‘pass’ -> ‘pass2’
-a    number of characters to append/prefix (required for -1 and -2)

You are welcome to test this latest version and report any issues or inputs.

Current version does a good job when it comes to recovering simple and average length password. But to recover complex passwords with length more than 10, it can span upto days or months. To make it faster or realistic, its necessary to utilize multi threading with GPU capabilities and Linux is best suited platform for these tasks.

Here is the list of immediate work being planned,

  • Multi threading support for Brute Force Method
  • Utilizing GPU capabilities to speed up the recovery speed
  • Parallelism using the RNP cluster node

We are actively looking for people who have expertise in any of the above areas to contribute to the project. If you are interested in contributing to this project and make a difference, please contact either me or Broseidon. In case if you have any suggestions or inputs, please feel free to write to us.

Many thanks to Broseidon for taking initiative in starting, leading and developing this project along with fellow members. Together with above features, the day is not far when FireMasterLinux will be one of the top tool in forensic field.

Leave a Reply