Ok if you know what crunch does and what pyrit does this will give you an insite into the command to generate text within a mysql database using crunch instead of a text file. I created approx 7TB of text files zipped when i imported them into pyrit it didnt import correctly. I then tried importing via 150gig text files. This was also taking to looking seeing as it had only imported 20gig in aprox 2 weeks.
So final try. even though pyrit uses a sqlite database by default I have a 3tb external harddrive to store data.
MYSQL changes
First we want to move the mysql database onto the external drive.
because im using kde interface i just went to /var/lib/ and copied the mysql folder to my external drive. This caused a few problems with permissions files were owned by root instead of msyql i was getting "error: 2002: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2) when trying to connect". This took a little research to find out why i couldnt access the mysql database. I changed the mysql config(/etc/mysql/my.conf)
again used kde kwrite to edit the my.conf file
changed
datadir = /var/lib/mysql/
datadir = /media/3TB-Drive/mysql/
This puts the mysql database onto my external harddrive
now create a database for pyrit to use..
at a console prompt type mysql -p (the -p asks for your password)
(if you dont use a password on mysql dont add it)
at the mysql prompt type create database pyrit; (pyrit being my database name)
Pyrit bit
now making pyrit connect to mysql instead of file://
goto your home folder edit ./pyrit/config
you should get an output like this
Change
default_storage = file:// to
default_storage = mysql://username:password@localhost/pyrit
limit_ncpus = 0
rpc_announce = false
rpc_announce_broadcast = false
rpc_knownclients =
rpc_server = false
workunit_size = 75000
at a console command type pyrit eval
if all went well you will not get any errors
good to go next part
CRUNCH
I found a very good tutorial on crunch click here
goto your crunch folder /pentest/passwords/crunch
run this command
./crunch 8 8 -f charset.lst hex -d 2 -e 10010010 -u | pyrit -i - import_unique_words
as you can see from the above command..
./crunch run crunch
8 min size
8 max size
-f charset from charset.lst hex (will create a hex file)
-d 2 (this is the max chars the same)
-e 10010010 (output to end on)
-u (this stops crunch outputting file size)
pyrit (pyrit program)
-i (Filename for input ('-' is stdin))
-
import_unique_words (checkout help files for correct syntax)
I am getting around 210000 to 250000 lines a second.
5091800000 this is 187gig mysql database.(so far and counting :))
unforutately i cant calculate what line or word the import is on as its being directly pumped from crunch. This is however the quickest way ive found so far to create the list i want...
If you have any questions or any easier or quicker ways to generate the words I know i can use john the ripper but is it faster...
Thanks
enjoy...
when importing to DBs (i use sqlite), let say somehow i have to cancel the operation (Ctrl+C). can i resume the operation later with -r ?
ReplyDeleteor i have to start over again ?
can crunch / pyrit detect duplicate wordlist in sqlite dbs for imported passwords ?
thx
Hi Renald,
DeleteI never actually used -r for crunch as I noted where the file ended and continued from there...
I will say I had a massive mysql database running on a 3TB external harddrive and it was just a waste of time as it was just taking so long to write to the database..
from what ive read slqli is good for around 100gig
I am constantly testing other programs I have found that although pyrit is fast hashcat seems to work faster...
Crunch is just a list generate so you can start this off where ever it finished.
Pyrit is very versitile depending on what command you use pyrit will not allow duplicates unless you put a flag in to allow dups..
It has been a while since I've used pyrit as i couldnt get it to work with my new graphics card..
I think import_unique_passwords verifies the passwords not in the list. this takes alot longer to run into a database.
I had quite a big mysql database with pyrit data and it was taking days to verify the data...