OK, so at my work place we’ve just got some new laptops and they have a proper GPU for a change (we’ve in the past had intel GPUs). I was lucky enough (or unlucky enough) to be given the job of spec’ing these laptops and my hunt was to include a decent GPU for hash cracking. I strived for an ATI chip but with budget in mind and with the options provided we ended up with an NVidia 660M, SWEET!
So, not knowing much about NVidia’s I thought I’d have a play and see how these GPUs perform. As I train in MMA I get whacked on the head a lot so had to refresh my memory about hashcat so it made sense to blog about it in case I get hit on the head again next week!
So the fist thing to do was to find some hashes, step in KoreLogic(@CrackMeIfYouCan)! I decided to use these hashes as they looked like MD5 and would be easy to work with and there is only 2911 lines (not sure where they came from).
So the firtst thing to do was download the latest version of Hashcat, at the time of writing it was 0.09. The first thing to try is a basic wordlist attack:
1 | cudaHashcat-plus64.exe -m 0 C:\Users\pentest\Desktop\hashes.txt ..\..\Wordlists\rockyou.txt |
This took a measly 3 seconds to rack and resulted in 157 ofg the 2312 hashes cracked.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 | Status.......: Exhausted Input.Mode...: File (..\..\Wordlists\rockyou.txt) Hash.Target..: File (C:\Users\pentest\Desktop\hashes.txt) Hash.Type....: MD5 Time.Running.: 3 secs Time.Left....: 0 secs Time.Util....: 3229.0ms/1778.2ms Real/CPU, 122.6% idle Speed........: 4442.3k c/s Real, 62858.6k c/s GPU Recovered....: 157/2312 Digests, 0/1 Salts Progress.....: 14344391/14344391 (100.00%) Rejected.....: 19/14344391 (0.00%) HWMon.GPU.#1.: 1% Util, 52c Temp, N/A Fan Started: Sat Dec 29 20:16:38 2012 Stopped: Sat Dec 29 20:16:44 2012 |
Now that I know the cracking is working 🙂 I need to remove the cracked hashes from the list and add them to a new file in order to try some fresh attacks/dictionaries. We will add the -o cracked.txt and –remove flags
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 | cudaHashcat-plus64.exe -m 0 -o C:\Users\pentest\Desktop\cracked.txt --remove C:\Users\pentest\Desktop\hashes.txt ..\..\Wordlists\rockyou.txt Status.......: Exhausted Input.Mode...: File (..\..\Wordlists\rockyou.txt) Hash.Target..: File (C:\Users\pentest\Desktop\hashes.txt) Hash.Type....: MD5 Time.Running.: 3 secs Time.Left....: 0 secs Time.Util....: 3254.1ms/1727.6ms Real/CPU, 113.2% idle Speed........: 4408.1k c/s Real, 56112.0k c/s GPU Recovered....: 157/2312 Digests, 0/1 Salts Progress.....: 14344391/14344391 (100.00%) Rejected.....: 19/14344391 (0.00%) HWMon.GPU.#1.: 0% Util, 50c Temp, N/A Fan Started: Sat Dec 29 20:23:39 2012 Stopped: Sat Dec 29 20:23:45 2012 |
Now I will try a rule based attacked with will try 64 alterations based on each line in the wordlist. We will add the flag -r rules\best64.rule
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 | cudaHashcat-plus64.exe -m 0 -o C:\Users\pentest\Desktop\cracked.txt --remove C:\Users\pentest\Desktop\hashes.txt ..\..\Wordlists\rockyou.txt -r rules\best64.rule Status.......: Exhausted Rules.Type...: File (rules\best64.rule) Input.Mode...: File (..\..\Wordlists\rockyou.txt) Hash.Target..: File (C:\Users\pentest\Desktop\hashes.txt) Hash.Type....: MD5 Time.Running.: 8 secs Time.Left....: 0 secs Time.Util....: 8297.0ms/1878.3ms Real/CPU, 29.3% idle Speed........: 134.9M c/s Real, 185.4M c/s GPU Recovered....: 97/2155 Digests, 0/1 Salts Progress.....: 1118862498/1118862498 (100.00%) Rejected.....: 1482/1118862498 (0.00%) HWMon.GPU.#1.: 6% Util, 53c Temp, N/A Fan Started: Sat Dec 29 20:29:01 2012 Stopped: Sat Dec 29 20:29:12 2012 |
This results in 97 more cracked passwords. Now we will try a slightly larger rule (best64 only contains 64 iterations of the original line). Trying the passwordspro.rule gets another 64 passwords:
1 2 3 4 5 6 7 8 9 10 11 12 13 | Status.......: Exhausted Rules.Type...: File (rules\passwordspro.rule) Input.Mode...: File (..\..\Wordlists\rockyou.txt) Hash.Target..: File (C:\Users\pentest\Desktop\hashes.txt) Hash.Type....: MD5 Time.Running.: 3 mins, 51 secs Time.Left....: 0 secs Time.Util....: 231599.7ms/2159.8ms Real/CPU, 0.9% idle Speed........: 194.5M c/s Real, 194.3M c/s GPU Recovered....: 64/2058 Digests, 0/1 Salts Progress.....: 45055732131/45055732131 (100.00%) Rejected.....: 59679/45055732131 (0.00%) HWMon.GPU.#1.: 0% Util, 55c Temp, N/A Fan |
Leave a Reply
You must be logged in to post a comment.