CloudCracker provides a series of REST APIs that allow developers to integrate our cloud-based password cracking solution directly into their applications and services.

Using the API

The CloudCracker API provides a distinct JSON-based REST endpoint for each supported format. Those endpoints provide four major pieces of functionality: querying an endpoint for the available dictionary options, submitting a cracking job, submitting payment for a cracking job, and querying the status of a submitted job.

Every API call supports an alternative "test" URL that can aid in the development of CloudCracker clients by simulating functionality without creating actual crack jobs or costing money. To use the test API, simply prepend "/test/" to the path of an API call. Once test jobs are created and "paid," they will immediately return fake results.

GET /api/<format>/dictionaries

Returns the dictionary options for an endpoint. Each endpoint provides a number of dictionaries, where each dictionary might be available in different sizes. This API call will enumerate the dictionaries for an endpoint, describing what sizes for each dictionary are available, as well as the cost and time to run a job for a particular dictionary and size.

Below is an example response from the wpa endpoint:


[{"name" : "english",
  "description" : "Passwords derived from English words.",
  "sizes" : [{"count" : "604",
             "time" : "60",
             "price" : "1700"},

	     {"count" : "1208",
	      "time" : "60",
	      "price" : "3400"},

             {"count" : "2418",
              "time" : "60",
              "price" : "6800"},

             {"count" : "4832",
              "time" : "120",
              "price" : "13600"}]

 },
 {"name" : "2WIRE",
  "description" : "Passwords matching the default 2WIRE format.",
  "sizes" : [{"count" : "604",
              "time" : "60",
	      "price" : "1700"},
	      ...
	    ]
 }, ...
]
      

The response includes an array of root elements describing the available dictionaries. The values are:

nameThe dictionary identifier.
descriptionA human readable description of how the dictionary is composed.
sizesThe list of available sizes a dictionary is available in.

The sizes array contains elements describing the available dictionary sizes. Those values are:

countThe number of words in the dictionary, expressed in millions.
timeThe amount of time a job of this size will take to complete, expressed in minutes.
priceThe cost of a job of this size, expressed in cents.

POST /api/<format>/job

Submits a cracking job to the endpoint for a given format. This API call expects multipart/form-data encoded parameters, which are specific to each endpoint.

The wpa endpoint expects the following parameters:

pcapA file containing a network capture with a WPA handshake in it.
essidThe ESSID of the network you would like to crack.
emailThe email address where you would like your cracking results delivered.
dictionaryThe name of the dictionary you would like to use (as specified in the GET /api/wpa/dictionaries call above).
sizeThe size of the specified dictionary you would like to use (as specified in the GET /api/wpa/dictionaries call above).

The ntlm, cryptsha512, and cryptmd5 endpoints expects the following parameters:

hashes
  • For NTLM: A file containing a list of LM/NTLM hashes in 'PWDUMP' format.
  • For SHA512(Unix): A file containing a hash in crypt() format ($6$<salt (up to 16 characters)>$<hash (86 characters)>)
  • For MD5(Unix): A file containing a hash in crypt() format ($1$<salt (up to 16 characters)>$<hash (22 characters)>)
  • For MS-CHAPv2: A file containing a CloudCracker token from 'chapcrack' output.
emailThe email address where you would like your cracking results delivered.
dictionaryThe name of the dictionary you would like to use (as specified in the GET /api/ntlm/dictionaries call above).
sizeThe size of the specified dictionary you would like to use (as specified in the GET /api/ntlm/dictionaries call above).

If your job submission parameters validate correctly, you will receive a 200 response with a reference ID for the submitted job:


	  {"reference" : "wpa-abcdefghijklmnopqrstuvwxyzaejeil"}
      

If your job submission parameters do not validate correctly, you will receive a non-200 response with a human-readable error string:


	  {"error" : "An error message!"}
      

POST /api/<format>/payment/<job_reference>

Submits a credit card payment for a cracking job. job_reference is the reference ID for the cracking job you are submitting payment for (as returned from the POST /api/<format>/job call above).

Payment is provided in the form of a Stripe token. Your client application will need to prompt the user for their credit card information, make a Stripe call to create a one-use token (libraries available in JavaScript, Python, Java, Ruby, and PHP), from that credit card information, then submit that token to CloudCracker. The production "publishable key" you should use in the Stripe call is: 'pk_20ttbZnhitSluV5t3qWTp2nvwfbsw'.

When using the developer test API, the "publishable key" you should use is: 'pk_XW3m8FFAXOCI8sz3aHKWsfGowofO4', which you can safely use with any CC# that passes the Luhn check (such as 4242424242424242), any three or four digit CVC, and any expiration date in the future — without incurring an actual charge.

This API call expects the following multipart/form-data encoded parameters:

stripeTokenThe single-use card token retrieved from the Stripe API.

If your payment submission processes correctly, you will receive an empty 200 response and your job will begin. If there is an error processing your payment submission, you will receive a non-200 response with a human-readable error string:


	  {"error" : "An error message!"}
      

GET /api/<format>/payment/<job_reference>

If you'd like to submit payment for a job via Bitcoin rather than credit card, this API call returns the price in BTC as well as the Bitcoin address to remit payment to. Once the quoted amount in BTC has been transferred to that address, the job will automatically begin.

job_reference is the reference ID for the cracking job you are submitting payment for (as returned from the POST /api/<format>/job call above).

On success, you will receive an application/json encoded 200 response that looks like:


	  {
           "bitcoinAddress" : "15TUpE7Qtehxzrx2gMdE6jbHdQa42Edk4G"
           "bitcoinPrice" : 312000000
          }
      

Where bitcoinAddress is a uniquely-generated address to send payment to and bitcoinPrice is the integer representation of the BTC quote for the job. The double-precision floating point representation can be calculated as bitcoinPrice / 10e8. In this example, '3.12'.

GET /api/<format>/job/<job_reference>

Returns the status of a submitted job. A request for a valid job will return a 200 response:


{"status" : 1, "elapsedTime" : 0, "results" : null, "progress" : 0.0}
      

The response fields are:

status A job's current status. Possible status codes are:
0The job has been submitted, but valid payment has not yet been received
1The job has been submitted and valid payment has been received.
2The job has started running.
3The job has completed.
elapsedTimeIf the job is currently running (status '2'), this will contain the number of milliseconds the job has been running for.
resultsThis will contain any results the job has cracked thus far, otherwise null.
progressIf the job is currently running (status '2'), this will contain the percentage of the keyspace the job has attempted thus far.