|Project Description: ||During a Computer Forensic investigation, the investigator must begin evaluating the case by determining the following: Situation (type of case), Nature of the case, Specifics of the case, Type of evidence, Operating System used, Memory Format, and Location of Evidence [Nelson 2010]. Suspects with a weak computer science and/or IT background may use a password that can be found within a dictionary. For such instances, the investigator would be inclined to utilize a dictionary based password recovery tool. Other suspects, that have a computer science and/or IT background would most likely use strong and complex passwords to cover their tracks. Thusly, the nature of the suspect's background decreases the likelihood that they have used a dictionary based password. Consequently, this renders dictionary based methods useless when attempting to recover the password.
The objective of this project is to implement a multithreaded brute-force and dictionary technique based password recover tool using the Odroid-XU, in order to allow an investigator to gain access to a password protected Windows Operating System, and freeing up other resources that would otherwise be in use by this process. While the brute-force method is known for its high processing power and time, it is also recognized as the method that guarantees a successful password recovery. Moreover, a performance gain is expected as well when using an Android development board that utilizes eight cores, and uses Reduced Instruction Set Computing (RISC). Using the RISC type of instruction set results in a lower clock cycle cost. Furthermore, the application will be written in C++ to leverage the inherited performance speeds the programming language offers.