Today I discovered a crossplatform GPU based MD5 cracker called CUDA Multiforcer. This CUDA-based software works on OS X, Linux, and Windows and allows the user to specify a charset (single byte only at this time, no unicode) as well as n hashes to brute force.

In testing on my unibody Macbook Pro I was able to get stepping rates of 24-25 million per second using the 9400M and 35-36 million per second with the 9600M. Not spectacular, but pretty good for unoptimized software running on a laptop! At the latter rate the 96 char key space for a 6 character MD5 hash would be exhausted in just over 6 hours. Of course, none of this is particularly new, but it’s nice to see tools like this increasingly making their way to OS X/Linux.

If you’d like to play with some hashes generated on your own here’s a quick script. Please note that the passwords generated are in no way cryptographically random since it uses PHP’s rand().


?@[\]^_`{|}~";
	for($i=0;$i<$length;$i++) {
		$rand = rand(0,95);
		$password .= $charset[$rand];
	}
	return $password;
}
for($j=0;$j<100;$j++) {
	$pass = generateRandomPassword(5);
	$passwords[] = $pass;
	$hashes[] = md5($pass);
}
file_put_contents("passwords.txt",implode("\n",$passwords));
file_put_contents("hashes.txt",implode("\n",$hashes));
?>

You can change the password length generated by altering the integer passed to generateRandomPassword()