Navigation




Hash Suite Droid (Hash Suite for Android). Free and Open Source.

Hash Suite Droid is, as far as we're aware, the first multi-hash cracker developed specifically for Android devices (as compared to the rather rough unofficial builds of John the Ripper for Android). Features highlight:

  • UI optimizes to screen size: The UI changes depending on the screen size. For example, with small-screen smartphones Hash Suite Droid shows 3 tabs (fig 1, 2, 3), whereas with tablets it shows all functionality on one screen (fig 4).
  • Cracking On: Pressing the power button while cracking shuts down the screen, but the cracking continues. Cracking also continues if the user starts another app. To stop the attack, users need to press the Stop action item or close Hash Suite Droid.
  • Battery aware: Hash Suite Droid automatically stops attacks when the battery's charge drops below or the temperature raises above a user-defined threshold.
  • Common "config.db" file: Users can import/export (interchange) the config.db file and use it either on the PC or on the phone or tablet. For example, users can begin an attack on their smartphone/tablet and finish it with Hash Suite for Windows on a PC, or vice versa.
  • Features similar to the PC version: Rules, compressed wordlists, ability to resume interrupted attacks, high performance (hand-crafted ARM NEON assembly code, GPU cracking via OpenCL), etc. Reports is the only feature currently not supported.
Hash Suite Droid 1.2 running on a Samsung Galaxy S5 Active.
Hashes Tab
Fig 1: Hashes Tab.
Status Tab
Fig 2: Status Tab.
Params Tab
Fig 3: Params Tab.
Hash Suite Droid in landscape mode
Fig 4: Hash Suite Droid in landscape mode.

SHA-256 of .apk: 2B400EC8492A8E6095ABEFC67AF2A308DA96A788B3DEA26FA87D9A8DDB9CE8B2

Requirements:

  • Android 3.0 or newer.
  • ARM CPU supporting armeabi-v7a.
  • INTERNET permission to download wordlists.
  • WRITE_EXTERNAL_STORAGE permission to export files.
  • WAKE_LOCK permission to prevent Android from putting the CPU to sleep while cracking.

Performance

Hash Suite Droid 1.2 uses 231MB of RAM cracking 1 million NTLM hashes.

Hash Suite Droid 1.2 performance, running on a Qualcomm Snapdragon 801, was compared with an Intel Core i5-4670. Both SOCs are modern, popular, have 4 cores, SIMD capabilities (AVX2 vs Neon) and an integrated GPU. Performance is measured in millions of candidate passwords tested per second.

Reference System
Logo
Processor Name Frequency L1 L2 L3 RAM Other Information
Core i5-4670
Intel Core i5-4670 3.40GHz 64KB 256KB 6MB 8GB DDR3-1600 Windows 8.1 Professional 64-bit
Intel HD 4600 1.2GHz 8KB 2MB 6MB 1.2GB Driver 10.18.10.3621
Snapdragon 801 Krait 400 2.46GHz 32KB 2MB 0 2GB LPDDR3-933 Samsung Galaxy S5 with Android 5.0
Adreno 330 578MHz 32KB 0 0 853MB Driver Build: 10/28/14

Desktop/Mobile comparative performance by number of hashes
Format Ratio* Processor Name 1 10 100 1000 104 65536 105 106
LM 9.0 | 11 Intel Core i5-4670 621 567 540 499 496 462 439 229
Krait 400 66.6 65.9 59.9 54.9 47.3 40.5 37.9 21.8
10 | 11 Intel HD 4600 175 170 151 154 160 160 156 150
Adreno 330 15.9 16.3 16.3 15.5 15.6 15.2 14.8 11.5
NTLM 6.9 | 9.9 Intel Core i5-4670 454 451 446 435 438 429 410 284
Krait 400 66.5 67.6 65 60.9 50.9 46.2 42 23.7
2.3 | 4.1 Intel HD 4600 434 289 290 288 286 286 284 282
Adreno 330 215 127 128 113 103 83.9 85.1 41.5
MD5 7.0 | 9.0 Intel Core i5-4670 307 303 302 299 303 296 285 217
Krait 400 44.1 45.9 42.7 41.9 37.9 33.5 31.6 21.2
2.7 | 5.0 Intel HD 4600 255 209 209 209 208 208 207 205
Adreno 330 125 72.2 75.6 70.8 61.3 42.9 43.1 29.4
SHA1 9.0 | 10.2 Intel Core i5-4670 184 184 183 181 177 174 169 140
Krait 400 21.7 21 20 19.3 18 16.8 16.4 13.6
2.4 | 4.9 Intel HD 4600 88.2 87.6 87.6 87.6 87.6 87.6 87.6 87.1
Adreno 330 44.6 35.8 36.2 30.9 22.6 19.7 20.1 12.6
SHA256 10 | 10.9 Intel Core i5-4670 93.5 93.5 93.1 92.7 92.2 91.1 89.2 82.6
Krait 400 9.35 9.65 9.24 9.16 8.72 8.33 8.21 7.46
2.8 | 5.6 Intel HD 4600 34.7 33.8 33.7 33.5 33.9 34 33.7 34.1
Adreno 330 17 12.3 12.6 8.91 6.57 6.22 6.29 5.25
SHA512 10 | 10.7 Intel Core i5-4670 34.8 34.8 34.7 34.6 34.4 33.7 33.5 31.2
Krait 400 3.54 3.55 3.4 3.37 3.15 3.16 3.12 3.02
4.9 | 5.5 Intel HD 4600 11 10.5 10.5 10.4 10.5 10.5 10.5 10.6
Adreno 330 2.44 2.04 2.05 2.09 1.94 1.93 1.97 1.8
Format Ratio* Processor Name 1 4 16 64
DCC 9.8 Intel Core i5-4670 294 131 39.1 10.5
Krait 400 33.8 14.6 3.83 0.925
3.1 Intel HD 4600 136 60.5 16.3 4.05
Adreno 330 57.8 25.7 4.19 1.13
DCC2 11.4 Intel Core i5-4670 10.5K 2.62K 0.654K 0.162K
Krait 400 1.08K 0.252K 0.055K 0.012K
2.1 Intel HD 4600 3.37K 0.819K 0.205K 0.051K
Adreno 330 1.6K 0.396K 0.099K 0.024K
WPA-PSK 10.1 Intel Core i5-4670 13K 3.2K 0.81K 0.2K
Krait 400 1.39K 0.325K 0.080K 0.018K
2.1 Intel HD 4600 4.04K 1.02K 0.255K 0.063K
Adreno 330 1.94K 0.486K 0.121K 0.030K
BCRYPT 4.8 Intel Core i5-4670 5.5K 1.37K 0.342K 0.085K
Krait 400 1.15K 0.294K 0.071K 0.017K
11.9 Intel HD 4600 575 144 36 9
Adreno 330 43 11 3 1
*Ratio = AVERAGE_4_FIRST(desktop/mobile) | AVERAGE_4_LAST(desktop/mobile)

We can make some conclusions from this comparative table.

  • Mobile performance degrades when cracking more than 1000 hashes.
  • LM on mobile GPU has very poor performance.
  • When cracking less than 1000 hashes Neon performance (all formats except BCRYPT) is 9.2x slower than AVX2. Mobile non-vectorized code is only 4.8x slower than desktop.
  • Mobile GPU performance (other than LM and BCRYPT) is only 2.8x slower than desktop when cracking less than 1000 hashes.
  • Mobile GPU performance is 80x slower than high-end desktop GPU (Radeon HD 7970) when cracking 100 NTLM hashes.

Mobile cracking performance is in the order (less than 10x) of medium desktop performance, so mobile cracking is viable if used against a small number of hashes. This is particularly valid for the future given that Moore's Law for desktop is struggling, but for mobile is very much alive. For example the Adreno 430 GPU is theoretically 2.3x faster than the Adreno 330 and the new Adreno 530 GPU is theoretically 3.6x faster.

We recommend SOCs with Adreno GPUs for use with Hash Suite Droid. The majority of mobile vendors use Snapdragon and provide OpenCL drivers already installed (not Nexus, though, because Google blocked OpenCL in their devices). Here's a list of some popular devices:
  • Sony Xperia Z1, Z2, Z3, Z4, Z5.
  • LG G2, G3, G4.
  • HTC One M8, M9.
  • OnePlus One, 2.
  • Samsung Galaxy S5, Note 3, Note 4.

Battery Test

Hash Suite Droid is a power hungry app; we try to measure how it performs on battery. For this test we disabled Wi-Fi, GPS, Bluetooth, and NFC in our Samsung Galaxy S5 Active. We perform an attack on 1000 NTLM hashes beginning with a full charged battery and turning off the screen pressing the power button. The test is performed in a tropical environment with a battery initial temperature of 32C.

  • Cracking with CPU only: The phone warms to 40.9C, performs at 29M and lasts 120 minutes until the battery reaches 20%. The reduction in performance (2.1x) is caused by Android 5.0 reducing the CPU frequency when the phone warms (known as thermal throttling). Note that the same phone with Android 4.4.2 overheats and reboots, making CPU cracking difficult to achieve.
  • Cracking with GPU only: The phone warms to 40.6C, performs at 103M and lasts 176 minutes until the battery reaches 20%.

When on battery, we recommend cracking using only the GPU given that it is 5.4x more efficient (3.6x faster plus 1.5x less power hungry) than the CPU. If you want to use CPU cracking (for example with LM and BCRYPT formats) we recommend to underclock the CPU for better performance per watt (and to avoid overheating). If you plan to use Hash Suite Droid on the go we recommend the use of tablets (for better battery life) or that you travel with your charger (a spare battery could help too).

Feedback

Please provide comments, suggestions, benchmark results (found in /sdcard/Android/data/com.hashsuite.droid/files/benchmark.csv) and any other feedback.

News

Hash Suite 3.4 is out!

June 9, 2016

Version 3.4 is available for download, with new hash types: SSHA and MD5CRYPT.

Hash Suite 3.3 and Droid 1.2 are out!

December 21, 2015

Version 3.3 and Droid 1.2 are available for download, with new hash types: raw SHA-256, raw SHA-512, WPA-PSK, and BCRYPT.

Hash Suite Droid 1.1 is out!

June 4, 2015

Hash Suite Droid 1.1 is available for download, with complete OpenCL support that performs at desktop system level.

Hash Suite 3.2 is out!

June 4, 2015

Version 3.2 is available for download, with new hash types: raw MD5, raw SHA-1, and DCC2.

More news