Cryptohaze Multiforcer Parameters
This is a complete list of all command line parameters supported in the Cryptohaze Multiforcer, with a relatively detailed description of what they do, and when to use them. They're ordered based on their order in the CHCommandLineData.cpp file (so roughly in order added).
Hash Type: -h, --hashtype <hashtype>
The type of hash is set with the "-h" option. This is followed by one of the supported hash types. Example: "-h NTLM" This sets the hash type for the cracking instance, and will set the hash type for all clients connecting if this is a server.
Single charset file: -c, --charsetfile <filename>
For a single charset file, use the "-c" option. This will read the first line from the charset file and use it for all positions in the password. The charset file should have a single line with the desired characters on it. Example: "-c charsets/charsetsnumeric"
Per-position charset file: -u, --charsetfilemulti <filename>
For a per-position charset file, use the "-u" option. This will read a newline-separated file and use the character set found on each line for the corresponding position in the password. If the password length is longer than the number of lines in the charset file, the program will not continue. Example: "-u charsets/charsetlikely"
Found hashes output file: -o, --outputfile <filename>
The "-o" option sets the name of a file to append found hashes to. Hashes will be written to the file as found, so this can be used for a script to monitor progress. Note that hashes will be appended to the file, so if the file exists, hashes will be added to the end and will not overwrite the old file.
Unfound hashes output file: -n, --notfoundfile <filename>
The "-n" option sets the name of a file to output all unfound hashes to. At the end of execution, hashes that were not found will be written to this file, overwriting all previous content in the file. This can be used to script a chain of executions, each checking a different space. This may not work perfectly yet with all hash types - if you find a hash type it does not work properly with, either submit a patch or file a bug. Thanks!
Hash file: -f, --hashfile <filename>
The input list of hashes is set with the "-f" option. This references a file of the hashes to crack in the format required by the specific hash type. Example: "-f test_hashes/Hashes-NTLM-Full.txt"
Verbose: -v, --verbose: Depreciated
This option no longer appears to be used, and has been replaced by "--debug" and "--devdebug". It will be removed in a future release.
Use large lookup table: -l, --lookup
The option "-l" forces the use of a 512MB bitmap in device global memory that speeds cracking of multiple hashes. This option is always enabled on Fermi and later GPUs, and should be used on any GPU with at least 1GB RAM. A future fix should enable this for all GPUs with sufficient memory, regardless of shader model. This is submitted as a feature request.
Password lengths to try: --min, --max <password length>
The options "--min" and "--max" set the minimum and maximum password lengths to test. Default behavior, if these are not specified, is to start at length 1 & continue until the maximum supported length of the hash. Example: "--min 5 --max 8" (checks passwords of lengths 5, 6, 7, 8). The two can be the same to only check one length.
Device ID: -d, --device <device ID>
In debug mode, this specifies which device to use. Has no effect in normal operation - all available GPUs are used right now.
Kernel execution time: -m, --ms <desired kernel time in ms>
This option sets the target kernel execution time in ms. This is useful to tune the performance - lower options improve screen responsiveness and allow the system to be used during cracking, while larger options increase performance but make the system GUI unusable. The default for a GPU with a display attached is 50, and the default for a GPU with no display attached is 500. Smaller intervals such as 10 or 20 will improve the responsiveness of the display, while larger values improve performance. If the speed of a GPU drops to 0, this value may be too small. In general, this parameter should not need tweaking unless you've done something like fool a headless GPU into believing there is a display attached so you can control the fan speed.
CUDA Threads, blocks: -t, --threads, -b, --blocks <thread or block count>
These options set the CUDA thread and block count. They should only be altered if you are familiar with CUDA parameters, or the defaults do not work for your device. If you get a "Cuda error: invalid configuration argument" or "Cuda error: too many resources requested for launch", try smaller sizes. A default that should work on all cards is "--threads 128 --blocks 60" - but if you do get the "too many resources" error with the stock settings, I'd really appreciate details of your setup so I can fix the defaults.
Max threads: --maxthreads: Depreciated
Legacy from 0.72, will use the maximum number of threads a GPU supports. This does nothing right now.
Autotune: --autotune: Depreciated
Used to search for optimum thread/block size. Now we just use sane defaults instead. This does nothing right now.
Silent: --silent: Depreciated
This used to silence all found output except hashes. Replaced by output file option ("-o"). This does nothing right now.
If set, this will only use a single GPU specified by the device option, and will not use the curses display. This is mostly useful for developers as you can printf from code without making a mess of the display.
Developer Debug: --devdebug
Implies --debug. Adds some seriously verbose output at places as well as eliminating the curses display. This is useful for people developing code, trying to understand inner operations, and those who are insane. Otherwise, don't bother with it.
Bits per workunit: --bits <workunit bits>
This allows changing the number of bits used to size workunits. Workunit size is determined as 2^(bits). For very large problem spaces, the default may require too much memory. If you get the error "Please use more bits per unit or a smaller problem size," increase the number of bits. The default for most hash types is 32.
Zero copy memory: --zerocopy
If the GPU device supports this, it will use zero-copy memory. If you have integrated memory (such as on a laptop), this may help performance. I don't typically see much of a difference either way.
Enable Network Server: --enableserver
This enables the network server and puts the multiforcer into server mode, where it listens for clients to connect. Currently, not all hash types are supported in this mode, but unsalted hashes should be.
Server Only: --serveronly
This is used in combination with the network server and prevents the server daemon from using any GPUs. This allows the server to be run on a system that has no CUDA capable GPUs, and is also useful to prevent a GPU device crash from taking down the server.
Network port: -p, --port <network port>
Specifies a port number for both the client and server to use. The default is 12410.
Network client: mode: --remoteip <hostname>
This option puts the multiforcer into client mode and connects to the specified remote hostname. No other option should be specified if this is used.
Exit after N passwords found: --onlyfind <number to find>
This will cause the multiforcer to exit after finding the specified number of passwords out of the hashfile.
Hex output: --hexoutput
This adds the password in hexadecimal after the printed password. Response to a blog post here: http://securitynirvana.blogspot.com/2011/08/cryptohaze-gpu-rainbow-cracker-test-1.html
Daemon mode: --daemon
For network clients, this will cause it to sit quietly and not display much output. Useful for machines that run the client in addition to other software.
Device query: -q, --device-query
Running the multiforcer with "-q" as the only option will list all CUDA devices detected in your system.
This displays some basic help and a list of supported hash types.
Resume from file: --resumefile
This will cause the Multiforcer to resume from the specified .mfr file. If this is used, do not specify the hash type, hash file, charset, etc - this is all stored in the resume file header.