Passware Kit Agent for Linux supports 64-bit systems and GPU acceleration. Passware Kit can connect Windows and Linux versions of Passware Kit Agents simultaneously, which means that you can use all the hardware in your network environment effectively for password-recovery processes.
Below are the steps to install it on your Linux machine. The same Readme file is available within the tar.gz archive.
CONTENTS
--------
1. INSTALLING PASSWARE KIT AGENT FOR LINUX
2. SETTING UP THE WORKING ENVIRONMENT
2.1. Installing GPU drivers
2.2. Setting up the permissions for GPU
2.3. Installing additional libraries
2.4. Setting up the environment for core dump generation
3.1. Setting up the permissions of the corresponding directories
3.2. Passware Kit Agent modes
3.3. Hardware acceleration controls
4.1. Shell wrapper
4.2. Init-scripts (init-*.sh)
5. LAUNCHING PASSWARE KIT AGENT FOR LINUX
6. LOGGING PASSWARE KIT AGENT FOR LINUX
7. SYSTEMD MANAGED SYSTEMS
8. AGENT COMMANDS
9. CONTACT SUPPORT
1. INSTALLING PASSWARE KIT AGENT FOR LINUX
------------------------------------------
1. Unpack the installation distributive file to the application working directory, e.g., /home/user
2. Install the init-script
a. Installation of the init.d-script on Debian/Ubuntu. Run the following commands as root:
sudo cp init-debian.sh /etc/init.d/passware-kit-agent
sudo update-rc.d passware-kit-agent defaults
b. Installation of the init.d-script on CentOS (RedHat-clones). Run the following commands as root:
cp init-centos.sh /etc/init.d/passware-kit-agent
chkconfig passware-kit-agent on
3. Copy the configuration file of Passware Kit Agent to the corresponding directory or keep it in the current directory
4. Set the corresponding paths in agentwrapper.sh and init-*.sh if they differ from the default values (see sections [4.1. Shell wrapper] and [4.2. init-scripts])
5. Set up the environment (see section [2. SETTING UP THE WORKING ENVIRONMENT])
6. Customize the configuration file (see section [3. CONFIGURATION FILE])
2. SETTING UP THE WORKING ENVIRONMENT
-------------------------------------
2.1. Installing GPU drivers
---------------------------
If your system has GPU cards, you can use them to accelerate password recovery processes. The corresponding GPU driver (of the latest stable version, not beta) should be downloaded from the official NVIDIA or AMD website. Installation of this driver will enable hardware acceleration on your system automatically.
2.2. Setting up the permissions for GPU
---------------------------------------
To enable GPU acceleration for Passware Kit Agent for Linux, you need to set up the permissions for using the GPU cards for the default user. In many cases, you just need to include this user to the video group. To make sure that Passware Kit Agent can access your GPU cards, run it with the "-l" key as the default user. The system will list all the GPU cards available for this application. If you need to disable some of your GPU cards or CPU, see section [3.3. Hardware acceleration controls].
2.3. Installing additional libraries
------------------------------------
* You may get the following message when starting Passware Kit Agent:
user@localhost ~]$ ./passware-kit-agent
-bash: ./passware-kit-agent: /lib/ld-linux.so.2: bad ELF interpreter: No such file or directory
This message means that you are using a 64-bit version of Linux, which does not support 32-bit applications. In this case, you need to install the 32-bit compatibility libraries. For example, for CentOS 6, you need to run the following command as root:
yum install glibc.i686 glibc-devel.i686 glibc-static.i686
2.4. Setting up the environment for core dump generation
--------------------------------------------------------
As Passware Kit Agent for Linux runs, it might unexpectedly shut down due to some errors. In such cases, the system can save the memory image of the process in a core dump file. Passware Kit Agent will automatically restart and use this core dump file to send the error report to Passware Kit Server. To enable core dump generation, the system should be configured as described below:
a. Run the following command as root:
echo 'core.%t.%e.%p' > /proc/sys/kernel/core_pattern
b. Make sure your system safety policy does not have restrictions on the size of the core dump file.
3. CONFIGURATION FILE
---------------------
Configuration file (e.g. PasswareKitAgentSettings.ini) is an INI file divided into sections to customize directories, hardware accelerators, and network settings for Passware Kit Agent.
Passware Tip: The default config file PasswareKitAgentSettings.default.ini, with all the values present and explained, can be created by launching Passware Kit Agent from the command line with the --default-settings argument.
3.1. Setting up the permissions for corresponding directories
-------------------------------------------------------------
All Passware Kit Agent's directory settings are located in the General section. Log files are located in the Logging section. The following directories should have writing permissions:
- AgentSettingsFolder - contains Passware Kit Agent's configuration files for hardware acceleration and other settings. By default, this is the folder with the Agent executable file;
- LogsFolder - contains Passware Kit Agent's log files. By default, this is the "logs" folder inside the Agent's executable file folder;
- UpdatesFolder - contains Passware Kit Agent's installation files for updates. By default, this is the "updates" folder inside the Agent's executable file folder.
3.2. Passware Kit Agent Modes
-----------------------------
Passware Kit Agent for Linux can work in two modes: passive (auto) and active (manual). This is specified by the AssignMode option in the Network section.
The passive mode allows any Passware Kit Server to connect the Passware Kit Agent. In this case, the option ServerPort is used, which defines the port for the network connection. The same port should be specified in the Options | Network tab of Passware Kit Server. The default value is 10777 UDP/TCP.
Active mode only allows a particular Passware Kit Server to connect the Passware Kit Agent. The server name or IP address, as well as the port number, should be defined in the ServerAddress option.
3.3. Hardware acceleration controls
-----------------------------------
In order to enable or disable hardware for the password-recovery process, use the Acceleration section. By default, Passware Kit Agent for Linux uses all the hardware, including the CPU. You can disable CPU and/or any GPU card for the password-recovery process in the Exclude variable, where you should type "cpuN" and/or "gpuN" accordingly. The units should be separated with a comma.
"N" is the GPU number. You can check this number by running Passware Kit Agent executable file with the "-l" key. For example:
[user@localhost ~]$ ./passware-kit-agent -l
cpu1 = AMD Ryzen 9 5900X 12-Core Processor x24
gpu1 = OpenCL device [0] AMD GPU gfx1032 (AMD Radeon RX 6600 XT)
3.4. GPU utilization limit
--------------------------
If you need to limit the GPU usage, use the GpuPerformanceThreshold setting and specify the percentage value from 0 to 100. Note: This value represents the approximate level of performance.
3.5. Displaying all Agent settings
----------------------------------
To display all possible settings of the configuration file, run the Agent with the "--default-settings" argument. A PasswareKitAgentSettings.default.ini file will be created. It contains all available settings and their default values.
3.6. Setting the Agent connection password
----------------------------------------------
The "--set-password" argument allows users to set the connection password for the Agent. The encrypted password will be saved in the default Agent configuration file and will be applied at the next Agent launch. You can also specify the password directly in the configuration file using the additional
"--config" argument.
For example:
[user@localhost ~]$ ./passware-kit-agent --config ~/MyAgentSettings.ini --set-password
Enter the new password (Latin letters only):
The password has been saved in file:
/home/user/MyAgentSettings.ini
4. SCRIPTS
----------
The current version of Passware Kit Agent for Linux should be started in a separate dedicated working directory. This directory should contain the executable file and generated core dump files (if any). Make sure you have enough space in the partition where this directory resides. It is not recommended to create this directory in the root (/) or /var partition.
In the examples below, the directory /home/user is used.
4.1. Shell wrapper
------------------
For an easy launch of Passware Kit Agent and monitoring its processes (with auto restart if needed), the agentwrapper.sh script is provided. You can set the following variables at the beginning of this script:
- BINPATH=. - path to Passware Kit Agent executable file
- ARGS="-c $CONFIGFULLPATH" - Passware Kit Agent launch arguments. The required argument is the Agent's configuration file with option "-c".
By default, the agentwrapper.sh script, executable file and the agent.conf file are located in the /home/user directory, so the current directory for the agentwrapper.sh script should be the same (please make sure that agent.conf file has permission to write to the home directory).
The agentwrapper.sh script recognizes the standard signals - SIGHUP, SIGINT, SIGQUIT, SIGTERM, SIGUSR1, and SIGUSR2 - and sends them to the Passware Kit Agent process.
The command-line arguments of the agentwrapper.sh script (if any) will be passed to the command line of the executable file after the default arguments, i.e., after the ARGS variable contents.
4.2. init-scripts (init-*.sh)
-----------------------------
To run Passware Kit Agent for Linux as a background service (daemon), starting when Linux boots up, use the provided SysV-style init.d script. This script launches agentwrapper.sh and contains several variables that you may need to customize. For example:
- WORKDIR=/home/user - working directory of the Agent
- DAEMON_ARGS="" - additional arguments for the agentwrapper.sh script (optional)
5. LAUNCHING PASSWARE KIT AGENT FOR LINUX
-----------------------------------------
After you install the init-script, you can use the following standard commands to control the Passware Kit Agent for Linux:
service passware-kit-agent start
service passware-kit-agent stop
service passware-kit-agent status
service passware-kit-agent reload
service passware-kit-agent restart
6. LOGGING PASSWARE KIT AGENT FOR LINUX
---------------------------------------
Passware Kit Agent for Linux log files are saved in accordance with the LogsFolder variable. You can change the names of the log files in this directory in the Logging section using the LogFileName variable.
Default: LogsFolder = /tmp
For a system managed system, you can create a unit file:
$ cat passware-kit-agent.service
[Unit]
Description=Passware Kit Agent
# After=syslog.target network.target remote-fs.target nss-lookup.target<
[Service]
Type=simple
WorkingDirectory=/<path_to_installation>/passware-kit-agent-64bit/
ExecStart=/<path_to_installation>/passware-kit-agent-64bit/agentwrapper.sh
PIDFile=/var/run/passware-kit-agent.pid
[Install]
WantedBy=multi-user.target
This file needs to be placed to /etc/systemd/system/.
If your system uses selinux, respective context should be set for the service file.
Should that be done, you can manage Passware Kit Agent with default systemd commands:
systemctl start passware-kit-agent - to start the agent
systemctl stop passware-kit-agent - to stop the agent
systemctl enable passware-kit-agent - to autostart agent at system's start
OPTIONS:
-h, --help [Display usage information and exit]
--version [Display version information and exit]
--, --ignore_rest [Ignore the rest of the labeled arguments following this flag]
-f, --force [Force application start]
-w, --wait [Wait for another agent application to close]
-l, --list-gpu [List all available GPUs]
-s, --server-port=<port number, 0-65535>
[Port number to broadcast when searching the servers (var. PASSWARE_SERVER_PORT, 0=off)]
-a, --agent-port=<port number, 0-65535>
[Port number to listen to by the attack agent (var. PASSWARE_AGENT_PORT)]
-r, --server-address=<address string>
[Address or IP of the Server to connect to (var. PASSWARE_SERVER_ADDRESS)]
-m, --connection-mode=<auto|manual>
[Establish direct connection to the specified Server or connect automatically (var. PASSWARE_CONNECTION_MODE)]
-c, --config=<file> [Configure file in ini format]
9. CONTACT SUPPORT
------------------
If you have any questions or problems using the Passware Kit Agent for Linux, do not hesitate to contact Passware Support.
Make sure to attach the latest log files from the LogsFolder directory to your request.
You may also be asked to upload a core dump file from the working directory of the Agent. You can find the name of the corresponding core dump file in the log tab of Passware Kit Server or the error message of Passware Kit Agent.
Passware Tip: The Edmonton Police Service Technological Crimes Unit (TCU) produces an in-house developed Linux distribution called "TCU Live" which uses Debian sid as its base. Check it here:
https://twitter.com/atdt0
Comments
0 comments
Please sign in to leave a comment.