hashtopolis v0.12 released: A Hashcat wrapper for distributed hashcracking
Hashtopolis is a multi-platform client-server tool for distributing hashcat tasks to multiple computers. The main goals for Hashtopolis’s development are portability, robustness, multi-user support, and multiple groups management. The application has two parts:
- Agent Multiple clients (C#, Python), easily customizable to suit any need.
- Server several PHP/CSS files operating on two endpoints: an Admin GUI and an Agent Connection Point
Aiming for high usability even on restricted networks, Hashtopolis communicates over HTTP(S) using a human-readable, hashing-specific dialect of JSON.
The server part runs on PHP using MySQL as the database backend. It is vital that your MySQL server is configured with performance in mind. Queries can be very expensive and proper configuration makes the difference between a few milliseconds of waiting and disastrous multi-second lags. The database schema heavily profits from indexing. Therefore, if you see a hint about pre-sorting your hashlist, please do so.
The web admin interface is the single point of access for all client agents. New agent deployments require a one-time password generated in the New Agent tab. This reduces the risk of leaking hashes or files to rogue or fake agents.
- Easy and comfortable to use
- Accessible from anywhere via web interface
- Server component highly compatible with common web hosting setups
- Unattended agents
- File management for word lists, rules, …
- Self-updating of both Hashtopolis and Hashcat
- Cracking multiple hashlists of the same hash type as though they were a single hashlist
- Running the same client on Windows, Linux and OS X
- Files and hashes marked as “secret” are only distributed to agents marked as “trusted”
- Many data import and export options
- Rich statistics on hashes and running tasks
- Visual representation of chunk distribution
- Multi-user support
- User permission levels
- Various notification types
- Small and/or CPU-only tasks
- Group assignment for agents and users for fine-grained access-control
- Compatible with crackers supporting certain flags
- Generic preprocessor integration to allow inclusion of any preprocessor supporting chunking.
- Dark mode added.
- Fixed increasing the superhashlist cracked count if there are cracks running one of the hashlists alone.
- Fixed hidden superhashlists on task creation page due to filtering.
- Fixed reporting result of health check which resulted in endless loop depending on the used IDs.
- Fixed reporting outdated speed on tasks page when agent is put inactive directly.
- Fixed recalculation of benchmark when changing chunk time.
- Fixed discord notification to work again.
- Fixed missing index structure on speed measurements table.
- Agents can be assigned to tasks via user API.
- Server can be configured to provide ‘isComplete’ flag on the user API when requesting all tasks.
- Certain agent errors can be whitelisted to be completely ignored (for such who don’t affect the running).
- Hashlists can be moved to other Access Groups after creation.
- Health checks can now be deleted.
- API keys can get masked if admin is not assigned to them.
- Agent data for temperature and util are split into separate graphs and have more different colors.
- Files can now be selected for either the cracker task or the preprocessor and are filled in the corresponding field.
- Included new Hashcat modes included in newest beta.
- Adjusted to new format of Hashcat printing cracked WPA hashes.
- Adjusted to PMKID handling of Hashcat.
Copyright (C) s3inlc