Distributed Password Cracker

A distributed password cracking system built in Go where a central server partitions a keyspace into batches and assigns them to stateless worker nodes that crack in parallel.

The server acts as the sole orchestrator: it maintains an assignment map of [min, max) index ranges, hands them out to nodes on connection, and tracks progress through a heartbeat channel. Nodes are intentionally idempotent: they receive an assignment, spin up concurrent PasswordWorker goroutines against the character set, and stream heartbeats back as they advance through the range. The node knows nothing about the overall job state; it only knows its current batch.

Fault tolerance is built into the assignment lifecycle. When a node disconnects mid-assignment, the server marks that assignment as ABANDONED and immediately requeues it to the next available node. This means no work is lost and the system can survive node churn without coordination overhead. The server supports multiple hash algorithms (yescrypt, bcrypt, SHA-256, SHA-512, MD5) by parsing the standard $algo$params$salt$hash format and routing each batch to the appropriate hash function.

Highlights

• Designed a clean server/node split: server owns all state and scheduling; nodes are pure workers with no shared memory or cross-node coordination.
• Implemented an assignment lifecycle (ACTIVE → ABANDONED → ACTIVE) to recover in-flight work when nodes disconnect, ensuring full keyspace coverage.
• Built channel-based concurrency in Go for heartbeat processing, node registration, and password-found signaling, all handled by a pool of task resolver goroutines.
• Supported yescrypt, bcrypt, SHA-256, SHA-512, and MD5 via a single hash parser that dispatches based on the PHC string format.