OctoPass™ - Distributed Password Recovery System

This software is currently available as BETA. Please send us your feedback to beta@lastbit.net. This beta version will expire on January 31st, 2009. You can order the software now at a special reduced price (50% off!). As soon as OctoPASS is released, you will get a free upgrade (all upgrades are free within a year after the purchase).

OctoPass™ is a new powerful password recovery system made for recovering forgotten or lost passwords using distributed computing. The current version supports brute force attack only.
 

Who and Why Needs OctoPASS?

Password Recovery is extremely resource-consuming task. If a password protection is well done, brute force attack may be the only recovery method available. If the password is long enough, it may take a lot of time to break it. By using the power of multiple computers, you can reduce the recovery time. OctoPASS first of all, targets security professionals and forensic examinators. Naturally, utilizing OctoPASS makes sense only when several computers are available. The more computers you have, the higher search speed and better results you obtain.

OctoPass Key Features

• Scalable architecture optimized for the best performance.
• OctoPass™ supports remote web-based management.
• Highly optimized recovery engines that support all major algorithms.
• OctoPASS Agents (worker) interacts with OctoPASS Server through the common HTTP protocol. OctoPASS Agents and OctoPASS Server could be installed in different LAN segments or even interact through a global WAN.
• Lightweight installation size, ease deployment.
• Special hardware support. We offer special versions for IBM Cell processor (available in Sony PlayStation 3) and GPU Password Recovery Engine for NVIDIA video cards

Supported algorithms

OctoPASS supports distributed brute force attack for the following algorithms:

• MD4 (ASCII and UNICODE)
• MD5 (ASCII and UNICODE)
• SHA1 (ASCII and UNICODE)
• OneNote (2003 and 2007)
• Access 2007¹
• MS Money²
• PDF
• PowerPoint (all versions through 2007)
• Act!
• Quicken
• Quickbooks³
• WinRar⁴
• VBA
• Word 97 - 2007⁵
• Excel 97 - 2007⁵

Notes:

1. Password protection in the earlier versions of Access (prior to 2007) is weak; all passwords could be recovered instantly without brute force attack.
2. Passwords to old MS Money files could be recovered instantly.
3. It is possible to reset password on a Quickbooks document, so brute force attack is required only if only you need to find the original password.
4. Currently we support the recovery of WinRAR passwords, only if file names in the archive are encrypted.
5. There are five different types of passwords used in Word and Excel:

1. Modification passwords, document protection passwords, workbook passwords, and all other passwords - except document access passwords - all these passwords are recoverable instantly, and OctoPASS is not required for handling them.
2. Access passwords to the old Office (95 and earlier) documents - these passwords are also recoverable instantly.
3. Access passwords to Office 97 - 2003 documents - these passwords are supported by OctoPASS; however, please keep in mind that you can take advantage of the Express Recovery service to recover these passwords quicker.
4. Advanced encryption passwords available as an option in Office XP and 2003. By default, Office XP/2003 uses Office 97-compatible password protection mode; however, user can choose the "advanced options" and change the encryption settings. Express Recovery will not handle such documents.
5. Office 2007 passwords. These passwords are very hard to crack, so OctoPASS can be extremely useful in breaking such passwords.

OctoPass Architecture

OctoPass consists of the following components:

1. OctoPass Server
   OctoPass Server is to be installed on a single computer, which would coordinate the recovery process. OctoPASS Server carries out three functions: 1) Receives password recovery tasks, 2) Hands out the tasks and coordinates the performance of agents in the network, 3) Allows administering and managing the recovery process.
2. OctoPass Agent
   OctoPass Agent is to be installed on all computers connected to the network. OctoPass Agent carries out the password recovery job utilizing the power of the computer it is installed on .

   Since OctoPASS Server consumes very little computing power, literally any computer can be used as the server. To utilize the computing power of the server, install OctoPASS Agent on it also.

3. Password Recovery Modules (Engines)
   The components that immediately execute the password recovery algorithms.
4. Password Recovery Software
   Password Recovery Software - the program that analyzes password-protected document , generates password recovery task and submits it to OctoPASS Server. The password recovery task contains user-selected parameters of the brute force attack (password length, character set, etc.) and DocumentData - the information extracted from the password-protected document, necessary and sufficient for the recovery of the password. In case of hash algorithms (MD4, MD5, SHA1), DocumentData contains the actual hash. With the purchase of the OctoPASS license, you will obtain the full versions of all of our password recovery programs.

OctoPass Server is a CGI application running under on HTTP server. Please note that requests are always sent from agents to server; server never sends requests to agents. The network settings must provide that agents' HTTP requests are not blocked and able to reach server. To add a new computer to an OctoPASS network, simply install OctoPASS Agent on that computer; no other settings or configurations are necessary . OctoPASS Agent can be installed in the completely automatic silent mode; simply run a single application that doesn't require any configurations. This lightens the deployment of OctoPASS on a large number of computers .

System Requirements

OctoPASS Server

• Windows 2000/XP/2003/2008/Vista

OctoPASS Agent

• Windows 98/Me/2000/XP/2003/2008/Vista
• High-performance CPU is recommended. The faster CPU is, the better are the results. Multicore, multiCPU is a plus. Other PC components (RAM, HDD, ets) do not affect the performance.

Licensing Terms

The free demo version of the software is available for the evaluation only. The demo mode doesn't have restrictions on the number of agents allowed to be in an OctoPASS network; however, the only algorithm supported by the demo version is MD4 (ASCII). No restrictions are imposed on password length . Each OctoPASS license purchased entitles user to install OctoPASS on one server. We offer several types of licenses , which differ by the number of agents supported in an OctoPASS network. You can place an order here: www.LastBit.com/octopass.asp

With the purchase of an OctoPASS license, you also obtain LastBit Software MegaPack - all our password recovery programs .

Installing OctoPASS

The installation procedure is described here: www.LastBit.com/OctoPASS-setup.asp

Using OctoPASS

Check list:

• Complete the installation of OctoPASS Server on the server computer that will coordinate the performance of all other computers.
• The selected server must be available to all workstations. The interaction between the workstations (OctoPASS Agents) and the server is carried out through the HTTP (TCP port 80, but you can change the port number) protocol; please configure your firewall and network settings as necessary to ensure the interaction is not hindered. OctoPASS Server must be to all computers running OctoPASS Agent.
• After OctoPASS has been installed, install OctoPASS Agent on all computers connected to the network.
• After the OctoPASS software is installed, use a regular Web browser for managing it. For that purpose, open this Web address: http://servername/installdir/OctoPASS.exe  (enter the server name and the folder name instead);

  for example, http://localhost/cgi-bin/OctoPASS.exe If your browser offers to download the octopass.exe instead of opening the web page, it means that CGI is not properly configured on your server. You should allow running CGI programs for the directory where OctoPASS server is installed.

   

If the installation has been completed successfully, when you open OctoPASS Server in your browser you will see OctoPASS' Main Screen. There are four information blocks on the main screen:

1. Brief information about the software: version number, license information, short introductory information.
2. Status of the current password recovery task. If the password is found it is displayed here.
3. Recent Records: latest records from OctoPASS log file.
4. Command Menu. Using these commands, you can control OctoPASS Server and the recovery process.

Once the installation of OctoPASS is complete, the server runs in the Idle State and expects to receive a task . You can submit it the test task, designed specifically to quick check the functioning of OctoPASS, using the Command menu.

To make use of OctoPASS in solving the real tasks , you will need the corresponding Password Recovery Software available on our website at www.LastBit.com .

• Run the password recovery application (for example, Word Password).
• Select the password-protected document that you want to recover.
• Choose the Custom (user-defined) password recovery mode.
• Choose "Brute Force Attack" (OctoPASS is designed for brute-force attacks only).
• Set up brute force attack options, such as the password length and character set.
• At the last step, choose "Submit the recovery task to the Distributed Password Recovery Engine (OctoPASS Server)".
• Enter the URL of the OctoPASS server; for example, http://computername/cgi-bin/octopass.exe . If OctoPASS is installed in the /cgi-bin directory, you can just enter the computer name; for example, MyPC .
• If you have installed OctoPASS Server to be protected with a password, you will have to enter the correct password in order to submit a password recovery task.
• Click 'Next' and then click 'Finish'. The task will be submitted automatically to OctoPASS Server. You can also submit the task manually. To do that, tick off the 'Show detailed submit information' checkbox. On the information screen that appears, copy the request string. Now you can use the 'Submit New Task' command on the main OctoPASS Server screen to submit the task. Normally, you should submit password recovery tasks automatically.
• Now open OctoPASS Server in your Web Browser, so you can monitor and manage the recovery process.

Commands

All these commands appear on the Command Menu of the main screen (open OctoPASS Server in your Web Browser in order to see it).

Refresh
Immediately refresh the main screen (the main screen is updated automatically every 30 seconds).

Submit New Task
Normally, password recovery requests are submitted automatically. However you may submit a password recovery task manually.

Kill Current Task
Cancel the current task. This operation cannot be undone. Once the task has been killed, OctoPASS goes to the idle state. After a task has been killed, the agents will continue running for a while, but after contacting the server they will also go idle.

Pause
Pause the recovery process. OctoPASS Agents will go idle. You can resume the recovery process later. Like in the case with cancelling current task, the agents may continue running for a while before they go idle.

Detailed Statistics
Shows detailed statistics. Here you can see the list of agents and other information.

Setup
Shows configuration information.

Reset
Resets OctoPASS Server. All active tasks will be canceled, and the default settings will be restored.

Take Snapshot

Takes a "snapshot" of the current OctoPASS state and saves it to a specified file. You can restore the state later. Here is a possible application of this command. You "pause" one task in order to run a new, more urgent task and then get back to the previous task.

Rollback

Restores the state. The running recovery task will be cancelled.

Erase Records

Clear the log.

Test Task

Submits a test task. The test task is a brute-force attack on an MD4 (ASCII) hash. The hash is CA2FB1F26ED29FDC8D05BFEA45C351F8 and the program is to find the original string using the brute-force attack (alphanumerical character set, password length: 1..7). The original string is "lastbit". The tesk task is designed for the testing purposes only. You can use it to verify whether OctoPASS is installed and works properly. The task takes about an hour of working time on a single computer (depends on the CPU type and speed). If you have a GPU engine installed, the task should take just a few minutes.

Help

Shows this help.

Special Hardware Support

You can dramatically increase the search speed by using special hardware. Currently we provide software for NVIDIA GPUs (video cards) and IBM Cell processor (Sony PlayStation 3).  You can find more information here. To take advantage of GPU Password Recovery Engine, please download GPU Password Recovery Engine from www.LastBit.com/gpu.asp and install it on each and every computer running OctoPASS Agent. OctoPASS Agent automatically uses GPU Password Recovery Engine if it is installed. To disable GPU Password Recovery Engine, simply uninstall it. If you are interested in the Cell processor version, please contact us for the further information.
 

Using OctoPASS Agent

OctoPASS Agent has been developed to minimize the interaction between the software and user (in the majority of cases, such interactions is not necessary at all; OctoPASS Agent simply utilizes the computer's resources). OctoPASS Agent displays its icon in the tray area; however, during the installation, you can choose to disable displaying the icon. If the icon doesn't show, use the Ctrl-Shift-Alt-O shortcut to open the main window of the application. Also, during the installation you can specify whether or not OctoPASS Agent is to run automatically when Windows starts. Keep in mind that if OctoPASS Agent is not running on some computer, that computer will not participate in the password recovery, and, accordingly, the search speed will decrease. Therefore, our recommendation is to enable the automatic starting of OctoPASS Agent. Right-clicking on the tray icon will show the menu. You can pause the recovery (on this computer only; other computers in the OctoPASS network will continue running). You can adjust the process priority. When the idle priority is selected, OctoPASS Agent works only when the computer is idle. This decreases the search speed, but other programs running on the computer work smoother. User can use the computer for other tasks. If the higher priority is selected, OctoPASS aggressively consumes the computer resources - it works faster; however, other programs may run slower.

Helpful Links

www.LastBit.com - our web site

www.LastBit.com/octopass.asp - OctoPASS' home page

GPU Password Recovery Engine

Password Calculator - estimate the recovery time

Password Recovery Methods

Advanced Topics

Q: How do I change the port number?

A: By default, OctoPASS Server uses the HTTP protocol with its default port 80. You can change the port number if you want. You can do this as follows:

1. Make sure that the HTTP server is configured properly and serves the desired port.
2. During the installation, edit the 'OctoPASS Web URL' textbox and add the new port number. For example: http://MyComputer:880/cgi-bin/octopass.exe
3. When submitting recovery tasks, specify the OctoPASS Server along with the port number.

Q: Silent installation of OctoPASS Agent

A: Run OctoPassAgentSetup.exe with the /s command-line switch to install OctoPASS Agent silently. No questions or confirmations will be shown.

Screenshot (click to enlarge)