SlideShare a Scribd company logo

GPU Cracking on the Cheap

Karl Fosaaen
Karl Fosaaen
Technology
1 of 44
GPU Cracking - On the Cheap Karl Fosaaen Eric Gruber
Introductions • Who are we? ‒Karl Fosaaen ‒Eric Gruber • What do we do? ‒Pen Test ‒Crack Passwords ‒Blog
GPU Cracking on the Cheap • Defining Terms ‒Science Project ‒GPU ‒Bitcoin ‒Hashes
GPU Cracking on the Cheap •Hashes ‒ Password123 = 58A478135A93AC3BF058A5EA0E8FDB71 ‒ Password1234 = 8C3EFC486704D2EE71EEBE71AF14D86C 58A478135A93AC3BF058A5EA0E8FDB71 ≠ 8C3EFC486704D2EE71EEBE71AF14D86C
GPU Cracking on the Cheap • Overview ‒Why do we want to GPU crack ‒Ideal Setup ‒Hardware Selection ‒Construction ‒Operating System ‒Methodology
GPU Cracking on the Cheap • Why do we want to crack? ‒Pen Testing ‒Password Auditing •Why do we want to use GPUs? ‒CPU versus GPU ‒Trade Offs ‒The Cloud?
Performance: Brute Force (6 Characters) 0 100 200 300 400 500 600 Minutes for Six Character Brute Force CPU GPU
Performance: Brute Force (6 Characters)
Performance • Brute Force Power (8 Characters) Hash Type Speed NetNTLMv2 1,877.8 MH/s SHA1 9,515.4 MH/s descrypt 11,060.1 kH/s MD5 19,834.3 MH/s NTLM 32,930.2 MH/s
GPU Cracking: The Ideal Set Up • The Ideal Set Up ‒ If Money is no object
GPU Cracking: The Ideal • Buy one of these ‒ Case, Motherboard, and Power ($3,599.99) • TYAN B7015F72V2R ‒ Case, Motherboard, and Power ($ 4,649.99) • Tyan FT77AB7059 (B7059F77AV6R-2T)
GPU Cracking: The Practical Option • But I’m more like this shadow guy…
GPU Cracking: Building the Rig Our Current Set Up
GPU Cracking: Building the Rig
GPU Cracking: The Hardware • GPU Selection ‒ What do we want? • Reference card versus non-reference • Stream Processors • Card Cores • Processor Speed • Overclocking • AMD versus NVIDIA • Crossfire and SLI – Doesn’t matter here • These are the Most Important Part of the Rig ‒ So spend some money
GPU Cracking: The Hardware • 7970 Option ‒ MSI Radeon HD 7970 Twin Frozr ($529.99*) • Core Clock: 1000MHz • Stream Processors: 2048 Stream Processors • Memory Size: 3GB GDDR5 • 7950 Option ‒ XFX Double D Radeon HD 7950 ($419.99*) • Core Clock: 925MHz • Stream Processors: 1792 Stream Processors • Memory Size: 3GB GDDR5 *Newegg prices as of February 2014
GPU Cracking: The Hardware • Motherboard ‒What to look for • PCI Express slots • 16x versus 1x • Power to the board • Some have additional power for cards • Onboard power switch • Handy for open air cases
GPU Cracking: The Hardware • Motherboard ‒ ASRock H81 Pro BTC ($130-190*) *Amazon price variance during January 2014
GPU Cracking: The Hardware • Risers ‒ Ribbon cable versus USB 3 ‒ Preferred: USB 3 risers • The ribbons are not as reliable
GPU Cracking: The Hardware •Power for the cards
GPU Cracking: The Hardware • Power Supply ‒ 1500W is ideal for a couple of cards ‒ Could probably get closer to 1000W • Just not recommended, or get two ‒ Modular is the easiest to manage
GPU Cracking: The Hardware • Other Hardware Selection ‒ Processor • A reasonably powered Intel (i3,i5,i7) ‒ Hard Drive • SSD for OS • Non-SSD for cold storage (Dictionaries, etc.) ‒ RAM • What ever you can afford to put in • These can all be relatively generic
GPU Cracking: The Case • Case ‒ This can be pretty open ended ‒ Start with server rack shelving ‒ Check out your local hardware store • Wire shelving cubes • Aluminum Rails ‒ Zip ties, bailing wire, bits of string
GPU Cracking: The Case •Case, case, no case
GPU Cracking: Airflow
GPU Cracking: Building the Rig • Plan everything out!
GPU Cracking: Building the Rig • The Initial End Result
GPU Cracking: Building the Rig • Another Angle
GPU Cracking: Building the Rig The Current Set Up
GPU Cracking: Building the Rig
GPU Cracking: Final Costs • Parts list: Parts Est. Cost Motherboard $160 Processor (Intel Celeron) $50 RAM (4 GB) $40 Hard Drives $150 Risers (4) $160 Power Supply (1500 W) $360 Video Cards (4) $2,116 Case Materials $20 Total $3,056
GPU Cracking: Final Costs • Parts list: Parts Est. Cost Motherboard $160 Processor (Intel Celeron) $50 RAM (4 GB) $40 Hard Drives $150 Risers (4) $160 Power Supply (1500 W) $360 Video Cards (4) $2,116 Case Materials $20 Total $3,056
GPU Cracking: Software Side • Operating System • Cracking Software
Essentially comes down to this
Driver support • Windows support is generally good for both AMD and Nvidia • Linux support is getting better • Both are good options, unless you’re Linus…
Server Setup • Windows and Linux work very well for server setups • Both can be setup as a headless server • We prefer Linux ‒ Easy to manage ‒ Lightweight ‒ Free
Cracking Software • We want something free ‒ John ‒ oclHashcat • John/oclHashcat support GPU cracking with CUDA/OpenCL • We use oclHashcat ‒ Frequently updated ‒ Best performance ‒ Supports large number of hash types
Methodology • Wielding the power responsibly ‒ Brute force isn’t always the best option
Methodology • Dictionary Attacks ‒ Add in some mangling rules • Leet Speak • Password => P@$$vv0rd • Append Numbers • Password => Password2014 ‒ Double up on dictionaries • PasswordPassword ‒ Sources • Wikipedia • Urban Dictionary • Alexa Domain Lists • Crackstation, SkullSecurity, etc.
Methodology • Masking Attacks ‒ Commonly Used Patterns ‒ Netspi1234 = ?u?l?l?l?l?l?d?d?d?d • One Upper • Five Lower • Four Digits • Ten characters total, meets complexity ‒ Easy to generate • Based off of previous cracks, leaks, etc.
Demo
Conclusions • It can be done • It’s not that expensive • Learn from our mistakes
Questions Questions? Karl Fosaaen (@kfosaaen) Eric Gruber (@egru) http://www.netspi.com/blog
Questions Thanks! Karl Fosaaen (@kfosaaen) Eric Gruber (@egru)

Recommended

Autodesk EAGLE and OSH Park
Autodesk EAGLE and OSH ParkAutodesk EAGLE and OSH Park
Autodesk EAGLE and OSH ParkDrew Fustini
 
Automating everything with PowerShell, Terraform, and AWS
Automating everything with PowerShell, Terraform, and AWSAutomating everything with PowerShell, Terraform, and AWS
Automating everything with PowerShell, Terraform, and AWSChris Brown
 
StackiFest16: Building a Cart
StackiFest16: Building a CartStackiFest16: Building a Cart
StackiFest16: Building a CartStackIQ
 
StackiFest16: Building a Cluster with Stacki - Greg Bruno
StackiFest16: Building a Cluster with Stacki - Greg BrunoStackiFest16: Building a Cluster with Stacki - Greg Bruno
StackiFest16: Building a Cluster with Stacki - Greg BrunoStackIQ
 
Cassandra Day Chicago 2015: DataStax Enterprise & Apache Cassandra Hardware B...
Cassandra Day Chicago 2015: DataStax Enterprise & Apache Cassandra Hardware B...Cassandra Day Chicago 2015: DataStax Enterprise & Apache Cassandra Hardware B...
Cassandra Day Chicago 2015: DataStax Enterprise & Apache Cassandra Hardware B...DataStax Academy
 
The new AMD EPYC solutions from OVHcloud: what benefits?
The new AMD EPYC solutions from OVHcloud: what benefits?The new AMD EPYC solutions from OVHcloud: what benefits?
The new AMD EPYC solutions from OVHcloud: what benefits?OVHcloud
 
The latest developments from OVHcloud’s bare metal ranges
The latest developments from OVHcloud’s bare metal rangesThe latest developments from OVHcloud’s bare metal ranges
The latest developments from OVHcloud’s bare metal rangesOVHcloud
 
Luci, ricci and the rac bc
Luci, ricci and the rac bcLuci, ricci and the rac bc
Luci, ricci and the rac bcfauzg
 

Recommended

Autodesk EAGLE and OSH Park
Autodesk EAGLE and OSH ParkAutodesk EAGLE and OSH Park
Autodesk EAGLE and OSH ParkDrew Fustini
 
Automating everything with PowerShell, Terraform, and AWS
Automating everything with PowerShell, Terraform, and AWSAutomating everything with PowerShell, Terraform, and AWS
Automating everything with PowerShell, Terraform, and AWSChris Brown
 
StackiFest16: Building a Cart
StackiFest16: Building a CartStackiFest16: Building a Cart
StackiFest16: Building a CartStackIQ
 
StackiFest16: Building a Cluster with Stacki - Greg Bruno
StackiFest16: Building a Cluster with Stacki - Greg BrunoStackiFest16: Building a Cluster with Stacki - Greg Bruno
StackiFest16: Building a Cluster with Stacki - Greg BrunoStackIQ
 
Cassandra Day Chicago 2015: DataStax Enterprise & Apache Cassandra Hardware B...
Cassandra Day Chicago 2015: DataStax Enterprise & Apache Cassandra Hardware B...Cassandra Day Chicago 2015: DataStax Enterprise & Apache Cassandra Hardware B...
Cassandra Day Chicago 2015: DataStax Enterprise & Apache Cassandra Hardware B...DataStax Academy
 
The new AMD EPYC solutions from OVHcloud: what benefits?
The new AMD EPYC solutions from OVHcloud: what benefits?The new AMD EPYC solutions from OVHcloud: what benefits?
The new AMD EPYC solutions from OVHcloud: what benefits?OVHcloud
 
The latest developments from OVHcloud’s bare metal ranges
The latest developments from OVHcloud’s bare metal rangesThe latest developments from OVHcloud’s bare metal ranges
The latest developments from OVHcloud’s bare metal rangesOVHcloud
 
Luci, ricci and the rac bc
Luci, ricci and the rac bcLuci, ricci and the rac bc
Luci, ricci and the rac bcfauzg
 
Ceph Day Taipei - Delivering cost-effective, high performance, Ceph cluster
Ceph Day Taipei - Delivering cost-effective, high performance, Ceph cluster Ceph Day Taipei - Delivering cost-effective, high performance, Ceph cluster
Ceph Day Taipei - Delivering cost-effective, high performance, Ceph cluster Ceph Community
 
Hostingultraso com (1)
Hostingultraso com (1)Hostingultraso com (1)
Hostingultraso com (1)ayan Maity
 
Overclocking & Economy
Overclocking & EconomyOverclocking & Economy
Overclocking & EconomyAsad Salihi
 
Nuevo Portafolio QNAP 2017
Nuevo Portafolio QNAP 2017Nuevo Portafolio QNAP 2017
Nuevo Portafolio QNAP 2017Fernando Barrientos
 
Ceph Day KL - Delivering cost-effective, high performance Ceph cluster
Ceph Day KL - Delivering cost-effective, high performance Ceph clusterCeph Day KL - Delivering cost-effective, high performance Ceph cluster
Ceph Day KL - Delivering cost-effective, high performance Ceph clusterCeph Community
 
MySQL Head-to-Head
MySQL Head-to-HeadMySQL Head-to-Head
MySQL Head-to-HeadPatrick McGarry
 
Managing server secrets at scale with SaltStack and a vaultless password manager
Managing server secrets at scale with SaltStack and a vaultless password managerManaging server secrets at scale with SaltStack and a vaultless password manager
Managing server secrets at scale with SaltStack and a vaultless password managerIgnat Korchagin
 
ceph-barcelona-v-1.2
ceph-barcelona-v-1.2ceph-barcelona-v-1.2
ceph-barcelona-v-1.2Ranga Swami Reddy Muthumula
 
Performance analysis with_ceph
Performance analysis with_cephPerformance analysis with_ceph
Performance analysis with_cephAlex Lau
 
Oracle Closed World 2010: Graphing the AAS ala EM + doing some cool linear re...
Oracle Closed World 2010: Graphing the AAS ala EM + doing some cool linear re...Oracle Closed World 2010: Graphing the AAS ala EM + doing some cool linear re...
Oracle Closed World 2010: Graphing the AAS ala EM + doing some cool linear re...Kristofferson A
 
Overclocking | Going Down the Rabbit Hole
Overclocking | Going Down the Rabbit HoleOverclocking | Going Down the Rabbit Hole
Overclocking | Going Down the Rabbit HoleHWBOT
 
Ironic
IronicIronic
IronicHaomeng Wang
 
NCompass Live: Let's Get Real About Virtual Reality
NCompass Live: Let's Get Real About Virtual Reality NCompass Live: Let's Get Real About Virtual Reality
NCompass Live: Let's Get Real About Virtual Reality Nebraska Library Commission
 
The Database Sizing Workflow
The Database Sizing WorkflowThe Database Sizing Workflow
The Database Sizing WorkflowKristofferson A
 
Build your own computer!
Build your own computer!Build your own computer!
Build your own computer!Martin LaGrow
 
The steps to building a computer
The steps to building a computerThe steps to building a computer
The steps to building a computerjtmccollum
 
The steps to building a computer
The steps to building a computerThe steps to building a computer
The steps to building a computerjtmccollum
 
Mohammad cv 16.5.2013
Mohammad cv 16.5.2013Mohammad cv 16.5.2013
Mohammad cv 16.5.2013mohammadalbdour
 
Externally Testing Modern AD Domains - Arcticcon
Externally Testing Modern AD Domains - ArcticconExternally Testing Modern AD Domains - Arcticcon
Externally Testing Modern AD Domains - ArcticconKarl Fosaaen
 
Mobius lab Review
Mobius lab ReviewMobius lab Review
Mobius lab ReviewMuseum Planning, LLC
 
Flip book
Flip bookFlip book
Flip bookMichelle Saikali
 
Stampa 3D: La III Rivoluzione Industriale? - 3D Printing: The 3rd Industrial ...
Stampa 3D: La III Rivoluzione Industriale? - 3D Printing: The 3rd Industrial ...Stampa 3D: La III Rivoluzione Industriale? - 3D Printing: The 3rd Industrial ...
Stampa 3D: La III Rivoluzione Industriale? - 3D Printing: The 3rd Industrial ...Marco Alici
 

More Related Content

What's hot

Ceph Day Taipei - Delivering cost-effective, high performance, Ceph cluster
Ceph Day Taipei - Delivering cost-effective, high performance, Ceph cluster Ceph Day Taipei - Delivering cost-effective, high performance, Ceph cluster
Ceph Day Taipei - Delivering cost-effective, high performance, Ceph cluster Ceph Community
 
Hostingultraso com (1)
Hostingultraso com (1)Hostingultraso com (1)
Hostingultraso com (1)ayan Maity
 
Overclocking & Economy
Overclocking & EconomyOverclocking & Economy
Overclocking & EconomyAsad Salihi
 
Ceph Day KL - Delivering cost-effective, high performance Ceph cluster
Ceph Day KL - Delivering cost-effective, high performance Ceph clusterCeph Day KL - Delivering cost-effective, high performance Ceph cluster
Ceph Day KL - Delivering cost-effective, high performance Ceph clusterCeph Community
 
Managing server secrets at scale with SaltStack and a vaultless password manager
Managing server secrets at scale with SaltStack and a vaultless password managerManaging server secrets at scale with SaltStack and a vaultless password manager
Managing server secrets at scale with SaltStack and a vaultless password managerIgnat Korchagin
 
Performance analysis with_ceph
Performance analysis with_cephPerformance analysis with_ceph
Performance analysis with_cephAlex Lau
 
Oracle Closed World 2010: Graphing the AAS ala EM + doing some cool linear re...
Oracle Closed World 2010: Graphing the AAS ala EM + doing some cool linear re...Oracle Closed World 2010: Graphing the AAS ala EM + doing some cool linear re...
Oracle Closed World 2010: Graphing the AAS ala EM + doing some cool linear re...Kristofferson A
 
Overclocking | Going Down the Rabbit Hole
Overclocking | Going Down the Rabbit HoleOverclocking | Going Down the Rabbit Hole
Overclocking | Going Down the Rabbit HoleHWBOT
 
NCompass Live: Let's Get Real About Virtual Reality
NCompass Live: Let's Get Real About Virtual Reality NCompass Live: Let's Get Real About Virtual Reality
NCompass Live: Let's Get Real About Virtual Reality Nebraska Library Commission
 
The Database Sizing Workflow
The Database Sizing WorkflowThe Database Sizing Workflow
The Database Sizing WorkflowKristofferson A
 
Build your own computer!
Build your own computer!Build your own computer!
Build your own computer!Martin LaGrow
 
The steps to building a computer
The steps to building a computerThe steps to building a computer
The steps to building a computerjtmccollum
 
The steps to building a computer
The steps to building a computerThe steps to building a computer
The steps to building a computerjtmccollum
 

What's hot (17)

Ceph Day Taipei - Delivering cost-effective, high performance, Ceph cluster
Ceph Day Taipei - Delivering cost-effective, high performance, Ceph cluster Ceph Day Taipei - Delivering cost-effective, high performance, Ceph cluster
Ceph Day Taipei - Delivering cost-effective, high performance, Ceph cluster
 
Hostingultraso com (1)
Hostingultraso com (1)Hostingultraso com (1)
Hostingultraso com (1)
 
Overclocking & Economy
Overclocking & EconomyOverclocking & Economy
Overclocking & Economy
 
Nuevo Portafolio QNAP 2017
Nuevo Portafolio QNAP 2017Nuevo Portafolio QNAP 2017
Nuevo Portafolio QNAP 2017
 
Ceph Day KL - Delivering cost-effective, high performance Ceph cluster
Ceph Day KL - Delivering cost-effective, high performance Ceph clusterCeph Day KL - Delivering cost-effective, high performance Ceph cluster
Ceph Day KL - Delivering cost-effective, high performance Ceph cluster
 
MySQL Head-to-Head
MySQL Head-to-HeadMySQL Head-to-Head
MySQL Head-to-Head
 
Managing server secrets at scale with SaltStack and a vaultless password manager
Managing server secrets at scale with SaltStack and a vaultless password managerManaging server secrets at scale with SaltStack and a vaultless password manager
Managing server secrets at scale with SaltStack and a vaultless password manager
 
ceph-barcelona-v-1.2
ceph-barcelona-v-1.2ceph-barcelona-v-1.2
ceph-barcelona-v-1.2
 
Performance analysis with_ceph
Performance analysis with_cephPerformance analysis with_ceph
Performance analysis with_ceph
 
Oracle Closed World 2010: Graphing the AAS ala EM + doing some cool linear re...
Oracle Closed World 2010: Graphing the AAS ala EM + doing some cool linear re...Oracle Closed World 2010: Graphing the AAS ala EM + doing some cool linear re...
Oracle Closed World 2010: Graphing the AAS ala EM + doing some cool linear re...
 
Overclocking | Going Down the Rabbit Hole
Overclocking | Going Down the Rabbit HoleOverclocking | Going Down the Rabbit Hole
Overclocking | Going Down the Rabbit Hole
 
Ironic
IronicIronic
Ironic
 
NCompass Live: Let's Get Real About Virtual Reality
NCompass Live: Let's Get Real About Virtual Reality NCompass Live: Let's Get Real About Virtual Reality
NCompass Live: Let's Get Real About Virtual Reality
 
The Database Sizing Workflow
The Database Sizing WorkflowThe Database Sizing Workflow
The Database Sizing Workflow
 
Build your own computer!
Build your own computer!Build your own computer!
Build your own computer!
 
The steps to building a computer
The steps to building a computerThe steps to building a computer
The steps to building a computer
 
The steps to building a computer
The steps to building a computerThe steps to building a computer
The steps to building a computer
 

Viewers also liked

Externally Testing Modern AD Domains - Arcticcon
Externally Testing Modern AD Domains - ArcticconExternally Testing Modern AD Domains - Arcticcon
Externally Testing Modern AD Domains - ArcticconKarl Fosaaen
 
Stampa 3D: La III Rivoluzione Industriale? - 3D Printing: The 3rd Industrial ...
Stampa 3D: La III Rivoluzione Industriale? - 3D Printing: The 3rd Industrial ...Stampa 3D: La III Rivoluzione Industriale? - 3D Printing: The 3rd Industrial ...
Stampa 3D: La III Rivoluzione Industriale? - 3D Printing: The 3rd Industrial ...Marco Alici
 
Motivational week 1 disc. 2
Motivational week 1 disc. 2Motivational week 1 disc. 2
Motivational week 1 disc. 2suesmith74
 
Hacking iOS Applications with Proxies
Hacking iOS Applications with ProxiesHacking iOS Applications with Proxies
Hacking iOS Applications with ProxiesKarl Fosaaen
 
Malicious MDM - Secure360
Malicious MDM - Secure360Malicious MDM - Secure360
Malicious MDM - Secure360Karl Fosaaen
 
Hacking iOS with Proxies - dc612
Hacking iOS with Proxies - dc612Hacking iOS with Proxies - dc612
Hacking iOS with Proxies - dc612Karl Fosaaen
 
Malicious MDM - AppSecCA
Malicious MDM - AppSecCAMalicious MDM - AppSecCA
Malicious MDM - AppSecCAKarl Fosaaen
 
Slide kombis
Slide kombisSlide kombis
Slide kombisNining Rn
 
Conception avec pic
Conception avec pic Conception avec pic
Conception avec pic nawzat
 
Attacking ADFS Endpoints - DerbyCon
Attacking ADFS Endpoints - DerbyConAttacking ADFS Endpoints - DerbyCon
Attacking ADFS Endpoints - DerbyConKarl Fosaaen
 
Automating Attacks Against Office365 - BsidesPDX 2016
Automating Attacks Against Office365 - BsidesPDX 2016Automating Attacks Against Office365 - BsidesPDX 2016
Automating Attacks Against Office365 - BsidesPDX 2016Karl Fosaaen
 
FreeCAD il cad 3D libero
FreeCAD il cad 3D liberoFreeCAD il cad 3D libero
FreeCAD il cad 3D liberoMarco Alici
 

Viewers also liked (17)

Mohammad cv 16.5.2013
Mohammad cv 16.5.2013Mohammad cv 16.5.2013
Mohammad cv 16.5.2013
 
Externally Testing Modern AD Domains - Arcticcon
Externally Testing Modern AD Domains - ArcticconExternally Testing Modern AD Domains - Arcticcon
Externally Testing Modern AD Domains - Arcticcon
 
Mobius lab Review
Mobius lab ReviewMobius lab Review
Mobius lab Review
 
Flip book
Flip bookFlip book
Flip book
 
Stampa 3D: La III Rivoluzione Industriale? - 3D Printing: The 3rd Industrial ...
Stampa 3D: La III Rivoluzione Industriale? - 3D Printing: The 3rd Industrial ...Stampa 3D: La III Rivoluzione Industriale? - 3D Printing: The 3rd Industrial ...
Stampa 3D: La III Rivoluzione Industriale? - 3D Printing: The 3rd Industrial ...
 
Motivational week 1 disc. 2
Motivational week 1 disc. 2Motivational week 1 disc. 2
Motivational week 1 disc. 2
 
Hacking iOS Applications with Proxies
Hacking iOS Applications with ProxiesHacking iOS Applications with Proxies
Hacking iOS Applications with Proxies
 
Malicious MDM - Secure360
Malicious MDM - Secure360Malicious MDM - Secure360
Malicious MDM - Secure360
 
Hacking iOS with Proxies - dc612
Hacking iOS with Proxies - dc612Hacking iOS with Proxies - dc612
Hacking iOS with Proxies - dc612
 
Malicious MDM - AppSecCA
Malicious MDM - AppSecCAMalicious MDM - AppSecCA
Malicious MDM - AppSecCA
 
new media
new medianew media
new media
 
Lismar delgado
Lismar delgadoLismar delgado
Lismar delgado
 
Slide kombis
Slide kombisSlide kombis
Slide kombis
 
Conception avec pic
Conception avec pic Conception avec pic
Conception avec pic
 
Attacking ADFS Endpoints - DerbyCon
Attacking ADFS Endpoints - DerbyConAttacking ADFS Endpoints - DerbyCon
Attacking ADFS Endpoints - DerbyCon
 
Automating Attacks Against Office365 - BsidesPDX 2016
Automating Attacks Against Office365 - BsidesPDX 2016Automating Attacks Against Office365 - BsidesPDX 2016
Automating Attacks Against Office365 - BsidesPDX 2016
 
FreeCAD il cad 3D libero
FreeCAD il cad 3D liberoFreeCAD il cad 3D libero
FreeCAD il cad 3D libero
 

Similar to GPU Cracking on the Cheap

Creating desktop for gaming
Creating desktop for gamingCreating desktop for gaming
Creating desktop for gamingJaimin Thakkar
 
GPU databases - How to use them and what the future holds
GPU databases - How to use them and what the future holdsGPU databases - How to use them and what the future holds
GPU databases - How to use them and what the future holdsArnon Shimoni
 
Building a PC Optimized for Gaming and Academics
Building a PC Optimized for Gaming and AcademicsBuilding a PC Optimized for Gaming and Academics
Building a PC Optimized for Gaming and AcademicsJoshLefebvre1
 
How to build a gaming computer
How to build a gaming computerHow to build a gaming computer
How to build a gaming computerDonald Gillies
 
AMD processors
AMD processorsAMD processors
AMD processorssanthu652
 
5 Best Motherboards for Intel Core i7 6700k in 2023 Review
5 Best Motherboards for Intel Core i7 6700k in 2023 Review5 Best Motherboards for Intel Core i7 6700k in 2023 Review
5 Best Motherboards for Intel Core i7 6700k in 2023 ReviewLoura Wind
 
Как построить видеоплатформу на 200 Гбитс / Ольховченков Вячеслав (Integros)
Как построить видеоплатформу на 200 Гбитс / Ольховченков Вячеслав (Integros)Как построить видеоплатформу на 200 Гбитс / Ольховченков Вячеслав (Integros)
Как построить видеоплатформу на 200 Гбитс / Ольховченков Вячеслав (Integros)Ontico
 
Guide to Build A High-Performance Custom Gaming PC
Guide to Build A High-Performance Custom Gaming PCGuide to Build A High-Performance Custom Gaming PC
Guide to Build A High-Performance Custom Gaming PCMemory4 less
 
Servers Technologies and Enterprise Data Center Trends 2014 - Thailand
Servers Technologies and Enterprise Data Center Trends 2014 - ThailandServers Technologies and Enterprise Data Center Trends 2014 - Thailand
Servers Technologies and Enterprise Data Center Trends 2014 - ThailandAruj Thirawat
 
Presentation database on flash
Presentation database on flashPresentation database on flash
Presentation database on flashxKinAnx
 
The 2008 Pc Builders Bible
The 2008 Pc Builders BibleThe 2008 Pc Builders Bible
The 2008 Pc Builders BibleSais Abdelkrim
 
High Performance Hardware for Data Analysis
High Performance Hardware for Data AnalysisHigh Performance Hardware for Data Analysis
High Performance Hardware for Data AnalysisMike Pittaro
 
Mike Pittaro - High Performance Hardware for Data Analysis
Mike Pittaro - High Performance Hardware for Data Analysis Mike Pittaro - High Performance Hardware for Data Analysis
Mike Pittaro - High Performance Hardware for Data Analysis PyData
 
Building an ethereum miner workshop
Building an ethereum miner workshopBuilding an ethereum miner workshop
Building an ethereum miner workshopJose Hernandez
 
Power Saturday 2019 B6 - SQL Server installation cookbook
Power Saturday 2019 B6 - SQL Server installation cookbookPower Saturday 2019 B6 - SQL Server installation cookbook
Power Saturday 2019 B6 - SQL Server installation cookbookPowerSaturdayParis
 
Best laptop values
Best laptop valuesBest laptop values
Best laptop valuesDennis Tan
 
Umbra Ignite 2015: Graham Wihlidal – Adapting a technology stream to ever-evo...
Umbra Ignite 2015: Graham Wihlidal – Adapting a technology stream to ever-evo...Umbra Ignite 2015: Graham Wihlidal – Adapting a technology stream to ever-evo...
Umbra Ignite 2015: Graham Wihlidal – Adapting a technology stream to ever-evo...Umbra Software
 
introduction to computer hardware
introduction to computer hardware introduction to computer hardware
introduction to computer hardwareBikramjeet Sidhu
 
A way to visual the best storage media for an application
A way to visual the best storage media for an applicationA way to visual the best storage media for an application
A way to visual the best storage media for an applicationTony Roug
 

Similar to GPU Cracking on the Cheap (20)

Creating desktop for gaming
Creating desktop for gamingCreating desktop for gaming
Creating desktop for gaming
 
GPU databases - How to use them and what the future holds
GPU databases - How to use them and what the future holdsGPU databases - How to use them and what the future holds
GPU databases - How to use them and what the future holds
 
Building a PC Optimized for Gaming and Academics
Building a PC Optimized for Gaming and AcademicsBuilding a PC Optimized for Gaming and Academics
Building a PC Optimized for Gaming and Academics
 
How to build a gaming computer
How to build a gaming computerHow to build a gaming computer
How to build a gaming computer
 
AMD processors
AMD processorsAMD processors
AMD processors
 
5 Best Motherboards for Intel Core i7 6700k in 2023 Review
5 Best Motherboards for Intel Core i7 6700k in 2023 Review5 Best Motherboards for Intel Core i7 6700k in 2023 Review
5 Best Motherboards for Intel Core i7 6700k in 2023 Review
 
Как построить видеоплатформу на 200 Гбитс / Ольховченков Вячеслав (Integros)
Как построить видеоплатформу на 200 Гбитс / Ольховченков Вячеслав (Integros)Как построить видеоплатформу на 200 Гбитс / Ольховченков Вячеслав (Integros)
Как построить видеоплатформу на 200 Гбитс / Ольховченков Вячеслав (Integros)
 
Guide to Build A High-Performance Custom Gaming PC
Guide to Build A High-Performance Custom Gaming PCGuide to Build A High-Performance Custom Gaming PC
Guide to Build A High-Performance Custom Gaming PC
 
Servers Technologies and Enterprise Data Center Trends 2014 - Thailand
Servers Technologies and Enterprise Data Center Trends 2014 - ThailandServers Technologies and Enterprise Data Center Trends 2014 - Thailand
Servers Technologies and Enterprise Data Center Trends 2014 - Thailand
 
Presentation database on flash
Presentation database on flashPresentation database on flash
Presentation database on flash
 
The 2008 Pc Builders Bible
The 2008 Pc Builders BibleThe 2008 Pc Builders Bible
The 2008 Pc Builders Bible
 
High Performance Hardware for Data Analysis
High Performance Hardware for Data AnalysisHigh Performance Hardware for Data Analysis
High Performance Hardware for Data Analysis
 
Mike Pittaro - High Performance Hardware for Data Analysis
Mike Pittaro - High Performance Hardware for Data Analysis Mike Pittaro - High Performance Hardware for Data Analysis
Mike Pittaro - High Performance Hardware for Data Analysis
 
Building an ethereum miner workshop
Building an ethereum miner workshopBuilding an ethereum miner workshop
Building an ethereum miner workshop
 
Power Saturday 2019 B6 - SQL Server installation cookbook
Power Saturday 2019 B6 - SQL Server installation cookbookPower Saturday 2019 B6 - SQL Server installation cookbook
Power Saturday 2019 B6 - SQL Server installation cookbook
 
Best laptop values
Best laptop valuesBest laptop values
Best laptop values
 
Umbra Ignite 2015: Graham Wihlidal – Adapting a technology stream to ever-evo...
Umbra Ignite 2015: Graham Wihlidal – Adapting a technology stream to ever-evo...Umbra Ignite 2015: Graham Wihlidal – Adapting a technology stream to ever-evo...
Umbra Ignite 2015: Graham Wihlidal – Adapting a technology stream to ever-evo...
 
Emulating With JavaScript
Emulating With JavaScriptEmulating With JavaScript
Emulating With JavaScript
 
introduction to computer hardware
introduction to computer hardware introduction to computer hardware
introduction to computer hardware
 
A way to visual the best storage media for an application
A way to visual the best storage media for an applicationA way to visual the best storage media for an application
A way to visual the best storage media for an application
 

Recently uploaded

Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Neo4j
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 

Recently uploaded (20)

Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 

GPU Cracking on the Cheap

  • 1. GPU Cracking - On the Cheap Karl Fosaaen Eric Gruber
  • 2. Introductions • Who are we? ‒Karl Fosaaen ‒Eric Gruber • What do we do? ‒Pen Test ‒Crack Passwords ‒Blog
  • 3. GPU Cracking on the Cheap • Defining Terms ‒Science Project ‒GPU ‒Bitcoin ‒Hashes
  • 4. GPU Cracking on the Cheap •Hashes ‒ Password123 = 58A478135A93AC3BF058A5EA0E8FDB71 ‒ Password1234 = 8C3EFC486704D2EE71EEBE71AF14D86C 58A478135A93AC3BF058A5EA0E8FDB71 ≠ 8C3EFC486704D2EE71EEBE71AF14D86C
  • 5. GPU Cracking on the Cheap • Overview ‒Why do we want to GPU crack ‒Ideal Setup ‒Hardware Selection ‒Construction ‒Operating System ‒Methodology
  • 6. GPU Cracking on the Cheap • Why do we want to crack? ‒Pen Testing ‒Password Auditing •Why do we want to use GPUs? ‒CPU versus GPU ‒Trade Offs ‒The Cloud?
  • 7. Performance: Brute Force (6 Characters) 0 100 200 300 400 500 600 Minutes for Six Character Brute Force CPU GPU
  • 8. Performance: Brute Force (6 Characters)
  • 9. Performance • Brute Force Power (8 Characters) Hash Type Speed NetNTLMv2 1,877.8 MH/s SHA1 9,515.4 MH/s descrypt 11,060.1 kH/s MD5 19,834.3 MH/s NTLM 32,930.2 MH/s
  • 10. GPU Cracking: The Ideal Set Up • The Ideal Set Up ‒ If Money is no object
  • 11. GPU Cracking: The Ideal • Buy one of these ‒ Case, Motherboard, and Power ($3,599.99) • TYAN B7015F72V2R ‒ Case, Motherboard, and Power ($ 4,649.99) • Tyan FT77AB7059 (B7059F77AV6R-2T)
  • 12. GPU Cracking: The Practical Option • But I’m more like this shadow guy…
  • 13. GPU Cracking: Building the Rig Our Current Set Up
  • 15. GPU Cracking: The Hardware • GPU Selection ‒ What do we want? • Reference card versus non-reference • Stream Processors • Card Cores • Processor Speed • Overclocking • AMD versus NVIDIA • Crossfire and SLI – Doesn’t matter here • These are the Most Important Part of the Rig ‒ So spend some money
  • 16. GPU Cracking: The Hardware • 7970 Option ‒ MSI Radeon HD 7970 Twin Frozr ($529.99*) • Core Clock: 1000MHz • Stream Processors: 2048 Stream Processors • Memory Size: 3GB GDDR5 • 7950 Option ‒ XFX Double D Radeon HD 7950 ($419.99*) • Core Clock: 925MHz • Stream Processors: 1792 Stream Processors • Memory Size: 3GB GDDR5 *Newegg prices as of February 2014
  • 17. GPU Cracking: The Hardware • Motherboard ‒What to look for • PCI Express slots • 16x versus 1x • Power to the board • Some have additional power for cards • Onboard power switch • Handy for open air cases
  • 18. GPU Cracking: The Hardware • Motherboard ‒ ASRock H81 Pro BTC ($130-190*) *Amazon price variance during January 2014
  • 19. GPU Cracking: The Hardware • Risers ‒ Ribbon cable versus USB 3 ‒ Preferred: USB 3 risers • The ribbons are not as reliable
  • 20. GPU Cracking: The Hardware •Power for the cards
  • 21. GPU Cracking: The Hardware • Power Supply ‒ 1500W is ideal for a couple of cards ‒ Could probably get closer to 1000W • Just not recommended, or get two ‒ Modular is the easiest to manage
  • 22. GPU Cracking: The Hardware • Other Hardware Selection ‒ Processor • A reasonably powered Intel (i3,i5,i7) ‒ Hard Drive • SSD for OS • Non-SSD for cold storage (Dictionaries, etc.) ‒ RAM • What ever you can afford to put in • These can all be relatively generic
  • 23. GPU Cracking: The Case • Case ‒ This can be pretty open ended ‒ Start with server rack shelving ‒ Check out your local hardware store • Wire shelving cubes • Aluminum Rails ‒ Zip ties, bailing wire, bits of string
  • 24. GPU Cracking: The Case •Case, case, no case
  • 26. GPU Cracking: Building the Rig • Plan everything out!
  • 27. GPU Cracking: Building the Rig • The Initial End Result
  • 28. GPU Cracking: Building the Rig • Another Angle
  • 29. GPU Cracking: Building the Rig The Current Set Up
  • 31. GPU Cracking: Final Costs • Parts list: Parts Est. Cost Motherboard $160 Processor (Intel Celeron) $50 RAM (4 GB) $40 Hard Drives $150 Risers (4) $160 Power Supply (1500 W) $360 Video Cards (4) $2,116 Case Materials $20 Total $3,056
  • 32. GPU Cracking: Final Costs • Parts list: Parts Est. Cost Motherboard $160 Processor (Intel Celeron) $50 RAM (4 GB) $40 Hard Drives $150 Risers (4) $160 Power Supply (1500 W) $360 Video Cards (4) $2,116 Case Materials $20 Total $3,056
  • 33. GPU Cracking: Software Side • Operating System • Cracking Software
  • 35. Driver support • Windows support is generally good for both AMD and Nvidia • Linux support is getting better • Both are good options, unless you’re Linus…
  • 36. Server Setup • Windows and Linux work very well for server setups • Both can be setup as a headless server • We prefer Linux ‒ Easy to manage ‒ Lightweight ‒ Free
  • 37. Cracking Software • We want something free ‒ John ‒ oclHashcat • John/oclHashcat support GPU cracking with CUDA/OpenCL • We use oclHashcat ‒ Frequently updated ‒ Best performance ‒ Supports large number of hash types
  • 38. Methodology • Wielding the power responsibly ‒ Brute force isn’t always the best option
  • 39. Methodology • Dictionary Attacks ‒ Add in some mangling rules • Leet Speak • Password => P@$$vv0rd • Append Numbers • Password => Password2014 ‒ Double up on dictionaries • PasswordPassword ‒ Sources • Wikipedia • Urban Dictionary • Alexa Domain Lists • Crackstation, SkullSecurity, etc.
  • 40. Methodology • Masking Attacks ‒ Commonly Used Patterns ‒ Netspi1234 = ?u?l?l?l?l?l?d?d?d?d • One Upper • Five Lower • Four Digits • Ten characters total, meets complexity ‒ Easy to generate • Based off of previous cracks, leaks, etc.
  • 41. Demo
  • 42. Conclusions • It can be done • It’s not that expensive • Learn from our mistakes
  • 43. Questions Questions? Karl Fosaaen (@kfosaaen) Eric Gruber (@egru) http://www.netspi.com/blog