Scallion lets you create vanity GPG keys and .onion addresses (for Tor’s hidden services) using OpenCL. It runs on Mono (tested in Arch Linux) and .NET 3.5+ (tested on Windows 7 and Server 2008).
It is currently in beta stage and under active development. Nevertheless, we feel that it is ready for use. Improvements are expected primarily in performance, user interface, and ease of installation, not in the overall algorithm used to generate keys.
FAQ
Here are some frequently asked questions and their answers:
Also Read – LOLBITS : C# Reverse Shell Using BITS As Communication Protocol
Dependencies
Build Linux
Prerequisites
sudo apt-get update sudo apt-get install libssl-dev mono-devel
sudo apt-get install ocl-icd-opencl-dev
sudo apt-get install nvidia-opencl-dev nvidia-opencl-icd
msbuild scallion.sln
Docker Linux (nvidia GPUs only)
docker build -t scallion -f Dockerfile.nvidia .
docker run --runtime=nvidia -ti --rm scallion -l
screenshot of expected output Build Windows
Multipattern Hashing
Scallion supports finding one or more of multiple patterns through a primitive regex syntax. Only character classes (ex. [abcd]
) are supported. The .
character represents any character. Onion addresses are always 16 characters long and GPG fingerprints are always 40 characters. You can find a suffix by putting $
at the end of the match (ex. DEAD$
). Finally, the pipe syntax (ex. pattern1|pattern2
) can be used to find multiple patterns. Searching for multible patterns (within reason) will NOT produce a significant decrease in speed. Many regexps will produce a single pattern on the GPU and result in no speed reduction.
Some use cases with examples:
mono scallion.exe prefix[234567]
mono scallion.exe -c prefix scallion hashes mono scallion.exe -c "prefix|scallion|hashes"
mono scallion.exe .........badbeef mono scallion.exe --gpg badbeef$ # Generate GPG key
mono scallion.exe "suffixa$|suffixb$|prefixa|prefixb|a.suffix$|a.test.$"
How Does It work?
At a high level Scallion works as follows:
The basic algorithm is described above. Speed / performance is the result of massive parallelization, both on the GPU and the CPU.
Speed / Performance
It is important to realize that Scallion preforms a probabilistic search. Actual times may very significantly from predicated
The inital RSA key generation is done the CPU. An ivybridge i7 can generate 51 keys per second using a single core. Each key can provide 1 gigahash worth of exponents to mine and a decent CPU can keep up with several GPUs as it is currently implemented.
SHA1 hashing is done on the GPU. The hashrates for several GPUs we have tested are below (grouped by manufacturer and sorted by power):
GPU | Speed |
---|---|
Intel i7-2620M | 9.9 MH/s |
Intel i5-5200U | 118 MH/s |
NVIDIA GT 520 | 38.7 MH/s |
NVIDIA Quadro K2000M | 90 MH/s |
NVIDIA GTS 250 | 128 MH/s |
NVIDIA GTS 450 | 144 MH/s |
NVIDIA GTX 670 | 480 MH/s |
NVIDIA GTX 970 | 2350 MH/s |
NVIDIA GTX 980 | 3260 MH/s |
NVIDIA GTX 1050 (M) | 1400 MH/s |
NVIDIA GTX 1070 | 4140 MH/s |
NVIDIA GTX 1070 TI | 5100 MH/s |
NVIDIA GTX TITAN X | 4412 MH/s |
NVIDIA GTX 1080 | 5760 MH/s |
NVIDIA Tesla V100 | 11646 MH/s |
AMD A8-7600 APU | 120 MH/s |
AMD Radeon HD5770 | 520 MH/s |
AMD Radeon HD6850 | 600 MH/s |
AMD Radeon RX 460 | 840 MH/s |
AMD Radeon RX 470 | 957 MH/s |
AMD Radeon R9 380X | 2058 MH/s |
AMD FirePro W9100 | 2566 MH/s |
AMD Radeon RX 480 | 2700 MH/s |
AMD Radeon RX 580 | 3180 MH/s |
AMD Radeon R9 Nano | 3325 MH/s |
AMD Vega Frontier Edition | 7119 MH/s |
MH/s = million hashes per second
Its worth noting that Intel has released OpenCL drivers for its processors and short collisions can be found on the CPU.
To calculate the number of seconds required for a given partial collision (on average), use the formula:
Type | Estimated time |
---|---|
GPG Key | 2^(4*length-1) / hashspeed |
.onion Address | 2^(5*length-1) / hashspeed |
For example on my nVidia Quadro K2000M, I see around 90 MH/s. With those speed I can generate an eight character .onion prefix in about 1h 41m, 2^(5*8-1)/90 million = 101 minutes
.
Workgroup Size
Scallion will use your devices reported preferred work group size by default. This is a reasonable default but experimenting with the workgroup may increase performance.
Security
The keys generated by Scallion are quite similar to those generated by shallot. They have unusually large public exponents, but they are put through the full set of sanity checks recommended by PKCS #1 v2.1 via openssl’s RSA_check_key function. Scallion supports several RSA key sizes, with optimized kernels for 1024b, 2048b, and 4096b. Other key sizes may work, but have not been tested.
bomber is an application that scans SBOMs for security vulnerabilities. So you've asked a vendor…
Embed a payload within a PNG file by splitting the payload across multiple IDAT sections.…
Exploit-Street, where we dive into the ever-evolving world of cybersecurity with a focus on Local…
Shadow Dumper is a powerful tool used to dump LSASS (Local Security Authority Subsystem Service)…
shadow-rs is a Windows kernel rootkit written in Rust, demonstrating advanced techniques for kernel manipulation…
Extract and execute a PE embedded within a PNG file using an LNK file. The…