longshot: Fast Brute-force search using parallelism

[ algorithm, cryptography, library, mit, parallelism, program, search ] [ Propose Tags ]

Longshot enables to search for preimages from a given hash value using a brute-force method based on parallelism.

Please see the documentation at https://github.com/thyeem/longshot for usage example.


[Skip to Readme]
Versions [faq] 0.1.0.0, 0.1.0.1, 0.1.0.2, 0.1.0.3, 0.1.0.4, 0.1.0.5
Change log ChangeLog.md
Dependencies base (>=4.12.0 && <5), base16-bytestring (>=0.1.0 && <0.2), blake2 (>=0.3.0 && <0.4), blake3 (==0.2.*), bytestring (>=0.10.8 && <0.11), containers (==0.6.*), cryptohash-sha256 (>=0.11.101 && <0.12), cryptonite (>=0.25), deepseq (>=1.4.4 && <1.5), docopt (>=0.7.0 && <0.8), longshot, memory (>=0.14.0 && <0.16), parallel (>=3.2.2 && <3.3), template-haskell (>=2.14.0 && <2.17) [details]
License MIT
Copyright Francis, 2020
Author Francis Lim, Jongwhan Lee
Maintainer thyeem@gmail.com
Category algorithm, search, cryptography, parallelism
Home page https://github.com/thyeem/longshot#readme
Bug tracker https://github.com/thyeem/longshot/issues
Source repo head: git clone https://github.com/thyeem/longshot
Uploaded by thyeem at 2020-10-12T05:57:56Z
Distributions NixOS:0.1.0.5
Executables longshot
Downloads 226 total (226 in the last 30 days)
Rating (no votes yet) [estimated by Bayesian average]
Your Rating
  • λ
  • λ
  • λ
Status Hackage Matrix CI
Docs available [build log]
Last success reported on 2020-10-12 [all 1 reports]

Modules

[Index] [Quick Jump]

Downloads

Maintainer's Corner

For package maintainers and hackage trustees


Readme for longshot-0.1.0.5

[back to package description]
<p align="center"> <img src="longshot.png" height="200"/> </p>

Is it really a long shot to hope that the COVID-19 pandemic will end?

Build Status Hackage

longshot

Search for preimage from a given hash value using Brute-force method based on parallelism

  • Support various search lengths, character sets and hashers.
  • Strict mode: searches only for a given exact length
  • Deep mode: Incrementally searches when you do not know the exact length of search
  • Use CPUs as much as possible. Get the most out of them!
  • Use, however, memory as little as possible.

Enjoy longshot. Good luck!

longshot - Fast Brute-force search using parallelism

Usage:
  longshot run        [--deep | -n SIZE] [-c CHARS] [-a HASHER] HEX
  longshot image      [-a HASHER] KEY

Commands:
  run                 Brute-force search with given hexstring and options
  image               Generate image from given key string and hash algorithm

Arguments:
  HEX                 Specify target hexstring to search
  KEY                 Specify key string as a preimage

Options:
  -h --help           Show this
  --deep              Deep search by increasing length of search
                      Use when you do not know the exact length of preimage
  -n SIZE             Specify search length  [default: 8]   
  -c CHARS            Specify characters available in preimage  [default: 0123456789]
  -a HASHER           Specify hash algorithm  [default: sha256]
                      HASHER available below:
                      md5           sha1          ripemd160     whirlpool
                      sha256        sha3_256      sha3_384      sha3_512
                      blake2s_256   blake2b_256   blake2b_384   blake2b_512
                      blake3_256    blake3_384    blake3_512
                      keccak_256    keccak_384    keccak_512
                      skein_256     skein_384     skein_512

How to build

## Install 'stack' if not any
$ brew install stack

$ git clone https://github.com/thyeem/longshot.git

$ make build 

## Optional: test if installed properly using quickcheck
$ make test

## You can see an executable 'longshot' here
$ cd app

Quick start

## Refer to the following usage:
## Note that the order of arguments and options matter.
$ ./longshot -h

## Generate test hash values
$ ./longshot image 12345
5994471abb01112afcc18159f6cc74b4f511b99806da59b3caf5a9c173cacfc5

$ ./longshot image 12345678
ef797c8118f02dfb649607dd5d3f8c7623048c9c063d532cc95c5ed7a898a64f

## Brute-force search with default options:
## The same as: ./longshot -n 8 -c 0123456789 -a sha256 ef797c..98a64f
$ ./longshot run ef797c8118f02dfb649607dd5d3f8c7623048c9c063d532cc95c5ed7a898a64f
Found  12345678

## Search below fails because default search length is 8.
## In default mode, it searches by the exact length of key.
$ ./longshot run 5994471abb01112afcc18159f6cc74b4f511b99806da59b3caf5a9c173cacfc5
Not found

## If you don't know the exact key length, use deep search. (--deep)
## In most cases, it is difficult to know the length of the preimage.
## It will try to search by increasing length of search
$ ./longshot run --deep 5994471abb01112afcc18159f6cc74b4f511b99806da59b3caf5a9c173cacfc5
Found  12345

These are all about how to use longshot.
See below for more interesting detailed examples.

More examples

## Generate a example image using Blake2b hash algorithm
## Blake2b-hashed sofia (my first daughter!)
$ ./longshot image -a blake2b sofia
bb40f637bb211532318965627f15bb165f701230fd83e0adf8cd673a6ee02830

## Need different character set. Don't forget --deep
$ ./longshot run --deep -c 'abcdefghijklmnopqrstuvwxyz' -a blake2b bb40f6..e02830
Found  sofia

## You should consider the following if there might be more characters in preimage.
## More characters, much longer time to find!
$ ./longshot run --deep -c 'abcdefghijklmnopqrstuvwxyz0123456789' -a blake2b bb40f6..e02830

## Roughly, time spending is proportional to (Number of char available) ^ (char length).
## Exponent 'char length' is surely more dominant! Use long-long password as always!

## Longshot is very efficient and get the most of CPU's power in parallel.
## But this kind of work would need a lot of time even for longshot 
## due to exponentially increased search space.
$ ./longshot run -deep -c 'abcdefghijklmnopqrstuvwxyz0123456789`~!@#$%^&*()-=_+[]{}\|' \
                 -a blake2b bb40f6..e02830 +RTS -s

## '+RTS -s' the end of line is optional, and that is for a summary of CPU time and memory.