Network is coming back…

… and this time it stays.

Another major feature of upcoming version 0.2.5 made it’s way to svn for testing: Pyrit’s storage code was abstracted and refactored which makes it possible to use relational databases like postgresql or mysql as storage devices for Pyrit. The actual database code is fully transparent and there is no visible difference for the client.

The benefit: Create a central mysql/pgsql/mssql/oracle/firebird/sqlite-server somewhere on your network and let multiple Pyrit-clients access and work on the central server for good; enjoy the blessings of ACID, partitioning, automatic backup, replication and fine-grained user authentication.

Here is a rough guideline on creating a postgresql-server for Pyrit.:

* Install and start the postgresql-server.
* Install sqlalchemy and psycopg2
* Switch to user postgres (‘su – postgres‘) and start the interactive shell  (‘psql template1‘)
* Create a new user (‘create user pyrit;‘) and a new database (‘create database pyrit owner pyrit;‘). You do not need to create any tables, Pyrit will do that for you.
* Edit /var/lib/pgsql/data/pg_hba.conf (may be a different path for you) and add the lines “host  pyrit  pyrit  trust” and “host  pyrit  pyrit  trust” to the top of the file; this allows password-less access to the pyrit database on the local network. Restart the postgresql-server. See postgresql’s documentation for more information about authentication.
* Use the new option ‘-u‘ to tell Pyrit that it should use a server (instead of the default filesystem-driven storage). This option takes a URL which includes protocol, host, user, password and database to use. The special protocol ‘file://‘ refers to the filesystem, all other URLs are passed directly to sqlalchemy. You may want to see the documentation for details about the syntax.
* Run ‘pyrit -u postgres://pyrit:@ -e test create_essid‘ to test the connection and create a new ESSID ‘test‘ in the database. All other of Pyrit’s functions also work as usual.

I’ve tried sqlite- (‘-u sqlite:///mydb.db‘), postgresql- and mysql-databases; all other rdms should work as well as long as they are supported by sqlalchemy. You should expect some rough behaviour (read: crashes with tracebacks) in case you do something which Pyrit does not expect to magically happen – deleting a ESSID from the database while a client is processing it falls under that definition.



  1. you really are the man…

  2. […] storage code was abstracted and refactored which makes it possible to use relational databases like firebird The benefit: […]

  3. so when is it comming out? hopefully it will be included with bt4 final

    • I can’t tell as I’m currently off for other projects :-(

  4. im using pyrit 0.2.4 and i have to report that import of huge quantity of passwords – i.e. 250Million of password – using command “pyrit -f passwords.txt import_passwords” takes about one hour of time: it start fast but then the ratio of key/sec slow dont till stop for several seconds, then restart then slowdown again and so on. it is normal? instead, export in cowpatty format takes only 14-15 minutes. I run a CPU with 4 core at 2.8GHz.

    By the way, when pyrit 0.2.5 will be released as stable, it will be possible to have both version (0.2.4 and 0.2.5) on the same pc? i am curious and I wish to run comparative tests of different version.


    • This is normal behavior.

      Pyrit guarantees that all passwords remain unique in the database. As you import new passwords into the database, the amount of data Pyrit has to compare the currently buffered data against increases. Therefor the periods where Pyrit seems to hang increase…

      It will not be possible to run 0.2.5 and 0.2.4 at the same time as the files overwrite each other…

      • hi ebfe,
        I am sure that passwords are unique because i generate then with for-next script, then charge in pyrit, elaborate with batch, export to cowpatty format, then i delete the .pyrit/../blobspace/* and restart with a new block of passwords and so on.
        Question: it is possible to pass some flag to speed up the import_password? maybe, something like “-force_import_without_check” it is an option you can insert into incaming 0.2.5.

        by the way, any prevision about the date of 0.2.5 stable release?

  5. You can use Pyrit’s “passthrough” for such needs. For example:

    ‘pyrit -i passwords.txt -e myESSID -o mESSID.cow.gz passthrough’

    See the reference-manual for more details.

    • -i and -o options gave me error ( i run 0.2.4) so i suppose you talk about svn.
      I will try svn then.

  6. so just doing some thinking nvidia/ati anr suporting opencl. now they say even my laptop gpu (9500m gs) has it as well with the latest drivers. windows at least.
    so that being said would you really need multiple packages. couldn’t you just relese 1 with pyrit and opencl and abandon the nvidia/ati packages.

    • The Stream/CUDA-packages will no longer be part of Pyrit as soon as OpenCL is fully supported by ATI/Nvidia. ATI’s latest OpenCL implementation “Stream 2.0” has a compiler bug which causes bogus results to be computed. On Nvidia’s side, OpenCL is not yet part of the regular drivers.

  7. […] setup fairly easily. After installing Pyrit (getting the source from SVN and installing sqlalchemy described here), we need to configure Pyrit to use a database for storage. I'm using sqlite in this example by […]

  8. Hmmm… wanted to give it a try, but it fails and I can’t see if there might be something I did wrong (last lines of trace):

    File “…/”, line 970, in create_essid
    AttributeError: ‘Sess’ object has no attribute ‘add’

    Will try on to get this working, but if you have an idea…
    btw. this is with r212

    • Please use for this.

      What version of sqlalchemy do you use?

      • 0.4.6 as this is the latest I got via backtracks packet-management.

        Which one would you suggest me to use?

      • 0.5.6 should be fine

  9. I’ve been trying to get my postgresql database up and working for some time now, and still get the error below: Does anyone have any suggestions? (FYI: I am running BT4R2)

    ImportError: /usr/lib/python2.5/site-packages/psycopg2/ undefined symbol: lo_truncate

    This is the last line of the traceback, which looks familiar to msf3’s failed database connections to a postgresql-8.3 database. I have setup the pyrit user and password correctly; so I’m stumped…

    • You should ask such questions on the mailing list. Nobody will answer here.

Comments RSS TrackBack Identifier URI

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

  • RSS Unknown Feed

    • An error has occurred; the feed is probably down. Try again later.