Overview
Elcomsoft Distributed Password Recovery (EDPR) is a commercial tool for high-performance, distributed password and encryption-key recovery across networks. It supports GPU acceleration (NVIDIA, AMD, Intel iGPU), heterogeneous clusters, and over 300 file/container formats (Office, PDF, ZIP/7zip/RAR, BitLocker/LUKS/VeraCrypt/PGP/FileVault, password managers, etc.).
Setup (practical steps)
- Acquire license appropriate for number of agents and features from ElcomSoft.
- On a dedicated management machine install the EDPR Server/Console (Windows).
- On worker machines install the EDPR Agent (Windows). Agents can be mixed hardware (CPU-only and GPU-equipped).
- Ensure network connectivity between server and agents (LAN recommended). Minimal bandwidth required; use stable wired connections for large clusters.
- Install GPU drivers (latest compatible NVIDIA/AMD/Intel) and verify CUDA/OpenCL support where applicable.
- From Console create a new job, add target files/containers, choose attack type (dictionary, brute-force, mask, hybrid, rule-based, group). Assign agents to the job and start.
Optimization tips
- Use GPUs when possible: GPU acceleration often yields 50–250× speedups vs CPU. Prefer modern NVIDIA/AMD GPUs and keep drivers updated.
- Heterogeneous acceleration: EDPR supports different GPU models in the same cluster; balance jobs across faster and slower units.
- Intelligent load balancing: Enable EDPR’s load balancing so the server factors CPU/GPU performance and avoids GPU starvation.
- Choose targeted attacks first: Start with dictionary, mask, and rule-based attacks using known patterns (dates, keyboard patterns, substitutions) before full brute force.
- Use quality wordlists and rules: Combine curated wordlists with transformation rules to recover many passwords orders of magnitude faster than brute force.
- Mask attacks: If you know partial structure (length, character classes, prefixes), use masks to drastically reduce keyspace.
- Benchmark hardware: Run EDPR benchmarks to estimate passwords/sec per format and scale cluster size accordingly.
- Avoid throttling: Ensure no background tasks or OS power-saving modes limit CPU/GPU performance; set high-performance power profiles.
- Thermals and stability: Monitor GPU/CPU temps and ensure adequate cooling to avoid throttling and crashes during long runs.
- Agent grouping: Group similar-performance machines in the same job to improve throughput predictability.
- Use incremental strategy: Start with fast, low-cost attacks and progressively increase complexity only if earlier attempts fail.
Common troubleshooting
- Agents not appearing: check firewall, port access, and correct server address; verify agent service is running.
- Low GPU utilization: update drivers, confirm EDPR supports the target format on GPU, enable load balancing, check for CPU bottlenecks.
- Crashes/freezes: check for overheating, driver instability, or incompatible GPU models; test agents individually.
- Slow network effects: while EDPR needs low bandwidth, extremely high-latency/unstable links can hurt coordination—use LAN or reliable VPN.
Legal & ethical note
Use EDPR only on data you own or are authorized to analyze. Unauthorized password cracking is illegal.
Quick reference table (key choices)
| Topic | Recommendation |
|---|---|
| Hardware | Modern GPUs (NVIDIA/AMD) + up-to-date drivers |
| Attack order | Dictionary → Mask/Rule → Hybrid → Brute force |
| Cluster | Mix GPUs OK; group similar performers |
| Performance tuning | Enable load balancing, set power profile, ensure cooling |
| Network | LAN or stable connections; open required ports/firewall rules |
Leave a Reply