DMG Password Recovery
DMG Password by Thegrideon Software is a feature-rich and highly-optimized password recovery tool for OS X and macOS Disk Image files (.dmg, .sparseimage). Both 128 and 256 bit AES encryption methods are supported. Please note: DMG Password is a Windows only software. You may also check Password Search FAQ.
DMG Password Recovery Features:
- Several attacks can be configured and queued:
- advanced mixed attacks for precise search range setup:
- multi-position modifications to cover modern password policies;
- simple modifications: add part(s) copy, add reversed copy, etc.
- typing errors generation with new multi-position options;
- brute-force attacks based on a charset and length selected:
- limit max number of equal, capital and special chars as well as digits;
- number ranges (e.g. 1-31, 1-12, 2003-2018, etc.);
- dictionary attacks with modifications (several wordlists are included):
- password in reverse, capitalized, uppercased, lowercased;
- adjustable mixed-case mode;
- preset or custom char replacements: Ss with $, Ii with !, Aa with 4, etc.
- advanced keyboard layouts-aware recovery technique;
- "Save passwords to a file" option to verify search settings, generate new wordlist, etc.
- Audio, script or web address based post-search notification.
- Highly optimized code (SSE, AVX, AVX2, AVX-512) guarantees best performance.
- Utilizes NVIDIA and AMD Graphics processing units with a high-performance methods.
- Supports up to 64 simultaneous processing threads (multi-CPU, multi-GPU).
- Windows 7 - Windows 10.
.dmg and .sparseimage disk image files password protection is based on PBKDF2 key derivation function and AES-128 or AES-256 encryption algorithms. Passwords are hashed with thousands of iterations, thus recovery speed is limited, but we did our best to enhance this tool performance (recovery speed) with some advanced methods. DMG Password allows you to setup a very precise search range to exploit known password details (parts and patterns) and reduce the search time required in comparison to traditional attacks. Just check mixed attacks for example.
Disk Image encryption complexity (number of hash iterations) is variable from file to file (from 1000 upto 300000). The following tables are based on .dmg files with 100000 iterations.
The final password recovery speed is equal to CPUspeed + GPU(1)speed + ... + GPU(N)speed.
For example: Intel Core i3 + AMD R9 270 = 250 + 3500 = ~3750 p/s.
|Intel® Core™2 Duo
T7500 @ 2.20GHz
|Intel® Core™ i3
2100 @ 3.10GHz
|Intel® Core™ i3
4130 @ 3.40GHz
|Amazon EC2 "c5.large"
Xeon® Platinum core
Compute units or stream multiprocessors (CU, SM, SMX, SMM) are the main building blocks of GPU calculation power, thus 32xCU GPU card is almost 2 times faster than 16xCU GPU card of the same family and architecture running on the same frequency.
For cards with compute capability sm_35 (Kepler 2.0) and above (Maxwell, Pascal, Volta, Turing) you can expect approximately 300-400 p/s per every SM running at 1000Mhz. Test results below are shown to be very close to this estimation.
|GT 640 (sm_35)
2xSMX, 1045 MHz
|GTX 470 (sm_20)
14xSM, 625 MHz
|Tesla M60 (sm_52)
16xSMx, 1150 MHz
|+ 670 p/s||+ 1200 p/s||+ 7700 p/s|
AMD GPUs are very "password recovery friendly" and consistent with architecture change from VLIW5 to VLIW4 and now to GCN. You can expect approximately 150-200 p/s per every CU running at 1000Mhz.
10xCU, 850 Mhz
20xCU, 945 MHz
36xCU, 1266 MHz
|+ 1750 p/s||+ 3500 p/s||+ 7000 p/s|
It is important to mention that AMD and NVIDIA architectures are quite different and although AMD per CU performance is lower, there are more CUs per card in a similar price range. Moreover GPU performance is somewhat variable with number of factors including GPU/CPU combination and even a driver version. Please contact us if your recovery speed is noticeable different from the data above.
Trial version is available to check format and hardware compatibility. It allows you to setup and test run any password search for up to 15 min per run. Recovered passwords are hidden behind the asterisks.