GPU Cracking - On the Cheap

788
-1

Published on

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
788
On Slideshare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
0
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

GPU Cracking - On the Cheap

  1. 1. GPU Cracking - On the Cheap Karl Fosaaen Eric Gruber
  2. 2. Introductions • Who are we? ‒Karl Fosaaen ‒Eric Gruber • What do we do? ‒Pen Test ‒Crack Passwords ‒Blog
  3. 3. GPU Cracking on the Cheap • Defining Terms ‒Science Project ‒GPU ‒Bitcoin ‒Hashes
  4. 4. GPU Cracking on the Cheap •Hashes ‒ Password123 = 58A478135A93AC3BF058A5EA0E8FDB71 ‒ Password1234 = 8C3EFC486704D2EE71EEBE71AF14D86C 58A478135A93AC3BF058A5EA0E8FDB71 ≠ 8C3EFC486704D2EE71EEBE71AF14D86C
  5. 5. GPU Cracking on the Cheap • Overview ‒Why do we want to GPU crack ‒Ideal Setup ‒Hardware Selection ‒Construction ‒Operating System ‒Methodology
  6. 6. GPU Cracking on the Cheap • Why do we want to crack? ‒Pen Testing ‒Password Auditing •Why do we want to use GPUs? ‒CPU versus GPU ‒Trade Offs ‒The Cloud?
  7. 7. Performance: Brute Force (6 Characters) 0 100 200 300 400 500 600 Minutes for Six Character Brute Force CPU GPU
  8. 8. Performance: Brute Force (6 Characters)
  9. 9. Performance • Brute Force Power (8 Characters) Hash Type Speed NetNTLMv2 1,877.8 MH/s SHA1 9,515.4 MH/s descrypt 11,060.1 kH/s MD5 19,834.3 MH/s NTLM 32,930.2 MH/s
  10. 10. GPU Cracking: The Ideal Set Up • The Ideal Set Up ‒ If Money is no object
  11. 11. GPU Cracking: The Ideal • Buy one of these ‒ Case, Motherboard, and Power ($3,599.99) • TYAN B7015F72V2R ‒ Case, Motherboard, and Power ($ 4,649.99) • Tyan FT77AB7059 (B7059F77AV6R-2T)
  12. 12. GPU Cracking: The Practical Option • But I’m more like this shadow guy…
  13. 13. GPU Cracking: Building the Rig Our Current Set Up
  14. 14. GPU Cracking: Building the Rig
  15. 15. GPU Cracking: The Hardware • GPU Selection ‒ What do we want? • Reference card versus non-reference • Stream Processors • Card Cores • Processor Speed • Overclocking • AMD versus NVIDIA • Crossfire and SLI – Doesn’t matter here • These are the Most Important Part of the Rig ‒ So spend some money
  16. 16. GPU Cracking: The Hardware • 7970 Option ‒ MSI Radeon HD 7970 Twin Frozr ($529.99*) • Core Clock: 1000MHz • Stream Processors: 2048 Stream Processors • Memory Size: 3GB GDDR5 • 7950 Option ‒ XFX Double D Radeon HD 7950 ($419.99*) • Core Clock: 925MHz • Stream Processors: 1792 Stream Processors • Memory Size: 3GB GDDR5 *Newegg prices as of February 2014
  17. 17. GPU Cracking: The Hardware • Motherboard ‒What to look for • PCI Express slots • 16x versus 1x • Power to the board • Some have additional power for cards • Onboard power switch • Handy for open air cases
  18. 18. GPU Cracking: The Hardware • Motherboard ‒ ASRock H81 Pro BTC ($130-190*) *Amazon price variance during January 2014
  19. 19. GPU Cracking: The Hardware • Risers ‒ Ribbon cable versus USB 3 ‒ Preferred: USB 3 risers • The ribbons are not as reliable
  20. 20. GPU Cracking: The Hardware •Power for the cards
  21. 21. GPU Cracking: The Hardware • Power Supply ‒ 1500W is ideal for a couple of cards ‒ Could probably get closer to 1000W • Just not recommended, or get two ‒ Modular is the easiest to manage
  22. 22. GPU Cracking: The Hardware • Other Hardware Selection ‒ Processor • A reasonably powered Intel (i3,i5,i7) ‒ Hard Drive • SSD for OS • Non-SSD for cold storage (Dictionaries, etc.) ‒ RAM • What ever you can afford to put in • These can all be relatively generic
  23. 23. GPU Cracking: The Case • Case ‒ This can be pretty open ended ‒ Start with server rack shelving ‒ Check out your local hardware store • Wire shelving cubes • Aluminum Rails ‒ Zip ties, bailing wire, bits of string
  24. 24. GPU Cracking: The Case •Case, case, no case
  25. 25. GPU Cracking: Airflow
  26. 26. GPU Cracking: Building the Rig • Plan everything out!
  27. 27. GPU Cracking: Building the Rig • The Initial End Result
  28. 28. GPU Cracking: Building the Rig • Another Angle
  29. 29. GPU Cracking: Building the Rig The Current Set Up
  30. 30. GPU Cracking: Building the Rig
  31. 31. GPU Cracking: Final Costs • Parts list: Parts Est. Cost Motherboard $160 Processor (Intel Celeron) $50 RAM (4 GB) $40 Hard Drives $150 Risers (4) $160 Power Supply (1500 W) $360 Video Cards (4) $2,116 Case Materials $20 Total $3,056
  32. 32. GPU Cracking: Final Costs • Parts list: Parts Est. Cost Motherboard $160 Processor (Intel Celeron) $50 RAM (4 GB) $40 Hard Drives $150 Risers (4) $160 Power Supply (1500 W) $360 Video Cards (4) $2,116 Case Materials $20 Total $3,056
  33. 33. GPU Cracking: Software Side • Operating System • Cracking Software
  34. 34. Essentially comes down to this
  35. 35. Driver support • Windows support is generally good for both AMD and Nvidia • Linux support is getting better • Both are good options, unless you’re Linus…
  36. 36. Server Setup • Windows and Linux work very well for server setups • Both can be setup as a headless server • We prefer Linux ‒ Easy to manage ‒ Lightweight ‒ Free
  37. 37. Cracking Software • We want something free ‒ John ‒ oclHashcat • John/oclHashcat support GPU cracking with CUDA/OpenCL • We use oclHashcat ‒ Frequently updated ‒ Best performance ‒ Supports large number of hash types
  38. 38. Methodology • Wielding the power responsibly ‒ Brute force isn’t always the best option
  39. 39. Methodology • Dictionary Attacks ‒ Add in some mangling rules • Leet Speak • Password => P@$$vv0rd • Append Numbers • Password => Password2014 ‒ Double up on dictionaries • PasswordPassword ‒ Sources • Wikipedia • Urban Dictionary • Alexa Domain Lists • Crackstation, SkullSecurity, etc.
  40. 40. Methodology • Masking Attacks ‒ Commonly Used Patterns ‒ Netspi1234 = ?u?l?l?l?l?l?d?d?d?d • One Upper • Five Lower • Four Digits • Ten characters total, meets complexity ‒ Easy to generate • Based off of previous cracks, leaks, etc.
  41. 41. Demo
  42. 42. Conclusions • It can be done • It’s not that expensive • Learn from our mistakes
  43. 43. Questions Questions? Karl Fosaaen (@kfosaaen) Eric Gruber (@egru) http://www.netspi.com/blog
  44. 44. Questions Thanks! Karl Fosaaen (@kfosaaen) Eric Gruber (@egru)

×