With Catalyst 10.1 all I got was a blank screen after starting X. If you get an error like
[fglrx:fireglAsyncioIntDisableMsgHandler] *ERROR* IRQMGR returned error 1 when trying to disable interrupt source ff000066
you may want to try disabling Catalyst’s ACPI-functionality and remove some magic file:
aticonfig –acpi-services=off
mv /etc/ati/amdpcsdb /etc/ati/~amdpcsdb
It made my Xorg work again….
Word of advice: Do not update to ATI’s 10.1 drivers. Besides glitches (like ATI apparently forgot to update the driver’s identification string so it still looks like 9.12) the driver seems to just not work for most people and leave them with nonworking systems. This includes myself :-(
More on this on AMD’s Praise-And-Glory blog where the announcement is completed by (as the time of writing) 134 comments mostly about bugs and crashes…
You should check out ATI’s Stream 2.0 driver stack if you own a compatible GPU and happen to be able to jump through all the hoops required to get it working. My HD4850 did around 8.000 PMKs/s on Stream 1.4 (aka Brook+) and now does around 17.000 PMKs/s on Stream 2.0 (OpenCL).
Finally there is a benefit to ruin your system-installation with ATIs broken driver packages…
I’ve just submitted code to svn that brings a long-awaited feature to 0.2.5: Using SSE2 to compute the Key Confirmation Key and the Message Integrity Code when attacking a EAPOL-handshake. Long story short: The commands attack_cowpatty and attack_db (aka “cracking the password via precomputed tables“) are MUCH faster than before. Using Pyrit 0.2.5-svn r208, my MacBook Pro 2×2.5Ghz and a precomputed database I got around 300.000 keys per second. With r209 I get around 1.000.000 keys per second; we are more than 3x as fast as before.
I’ve also fixed a stupid performance regression and improved the performance of the storage-backend. All in all you should see some flying wheels with r209.
Two new cli-functions have found their way into svn recently:
For example:
The server on 192.168.0.100 (where all the data is):
pyrit -u sqlite:////var/local/pyrit.db serveA client on another host (with the big GPU):
pyrit -u http://192.168.0.100:17934 batch
Please note that “cpyrit-stream” will be removed from trunk and is no longer supported. ATI now provides a “stable” (in ATI-terms) OpenCL-driver that is supported through “cpyrit-opencl”
Favourite Hack: Analysis of DECT implementation flaws and attacks against DECT-Standard-Cipher
DECT (Digital Enhanced Cordless Telecommunications) is a standard for cordless phones. The goal of deDECTed.org is to better understand DECT and its security and to create an Open Source implementation of the DECT standard. (http://www.dedected.org)
Favourite release: Fedora 12
Fedora is a Linux-based operating system that showcases the latest in free and open source software. Fedora is always free for anyone to use, modify, and distribute. (http://www.fedoraproject.org)
Favourite music-album: Cryptik Howling – Them
… and this time it stays.
Another major feature of upcoming version 0.2.5 made it’s way to svn for testing: Pyrit’s storage code was abstracted and refactored which makes it possible to use relational databases like postgresql or mysql as storage devices for Pyrit. The actual database code is fully transparent and there is no visible difference for the client.
The benefit: Create a central mysql/pgsql/mssql/oracle/firebird/sqlite-server somewhere on your network and let multiple Pyrit-clients access and work on the central server for good; enjoy the blessings of ACID, partitioning, automatic backup, replication and fine-grained user authentication.
Here is a rough guideline on creating a postgresql-server for Pyrit.:
* Install and start the postgresql-server.
* Install sqlalchemy and psycopg2
* Switch to user postgres (‘su – postgres‘) and start the interactive shell (‘psql template1‘)
* Create a new user (‘create user pyrit;‘) and a new database (‘create database pyrit owner pyrit;‘). You do not need to create any tables, Pyrit will do that for you.
* Edit /var/lib/pgsql/data/pg_hba.conf (may be a different path for you) and add the lines “host pyrit pyrit 127.0.0.1/32 trust” and “host pyrit pyrit 192.168.0.1/24 trust” to the top of the file; this allows password-less access to the pyrit database on the local network. Restart the postgresql-server. See postgresql’s documentation for more information about authentication.
* Use the new option ‘-u‘ to tell Pyrit that it should use a server (instead of the default filesystem-driven storage). This option takes a URL which includes protocol, host, user, password and database to use. The special protocol ‘file://‘ refers to the filesystem, all other URLs are passed directly to sqlalchemy. You may want to see the documentation for details about the syntax.
* Run ‘pyrit -u postgres://pyrit:@127.0.0.1/pyrit -e test create_essid‘ to test the connection and create a new ESSID ‘test‘ in the database. All other of Pyrit’s functions also work as usual.
I’ve tried sqlite- (‘-u sqlite:///mydb.db‘), postgresql- and mysql-databases; all other rdms should work as well as long as they are supported by sqlalchemy. You should expect some rough behaviour (read: crashes with tracebacks) in case you do something which Pyrit does not expect to magically happen – deleting a ESSID from the database while a client is processing it falls under that definition.
I’ve just updated the Wiki with new entries about two of the visible changes in upcoming version 0.2.5 which are already in svn.
The new command attack_cowpatty takes PMKs from a file in cowpatty-format to attack a handshake found in a capture-file. The cowpatty-database may have been generated by genpmk or (more likely :-)) by export_cowpatty; the file can be gzip-compressed. This new command allows you to use cowpatty-databases as a more easily movable and/or manageable storage device than Pyrit’s own database. After computation has completed, you may export your PMKs to a cowpatty-file (export_cowpatty), put that single file on DVD and use it later on with attack_cowpatty…
The other new command is stripLive. As the name suggests, it works very similar to strip but is targeted more towards live capture sources. Kismet for example can create a fifo (a pseudo-file) that can be read by Pyrit. The packets captured from the air through Kismet are then fed directly into Pyrit which filters the relevant packets and immediately writes them to a new dump file. This turns Pyrit into a decent packet-sinkhole that only writes those few packets to disk that are really interesting.
Please see the manual for examples.
I finally got ATI’s drivers working on my 64bit-fedora11. All you currently got to do in order to have a working ATI-environment:
* Follow these steps to get the driver working.
* Don’t forget to rebuild your initrd if you are on Fedora11. Otherwise your screen freezes when X starts.
* Add ‘Option “SWCursor” “true”‘ to your xorg.conf. Otherwise your screen freezes after a few seconds.
* Fix brtvector.hpp like this.
* Fix brtarray.hpp by adding “#include <cstdio>” to the beginning of the file
* Symlink libbrook.so and libbrook_cal.so
You’re done. Ain’t that some quality software ?
Subversion commits to project pyrit on Google Code Downloads for project pyrit on Google Code