GPU Password Cracking
Download
Report
Transcript GPU Password Cracking
Not for noobs…
What even is a GPU?
A GPU (Graphics Processing Unit) is
piece of hardware(single chip processor)
primarily used for computing 3D
functions.
Such things are lighting effects, object
transformations, and 3D motion.
www.techterms.com/definition/gpu
CPU vs. GPU
Simple look at architecture
CPU Vs. GPU speeds
Why is this important?
Currently the first 80 of the top 500
super computers are there due to
(general purpose) GPGPUs.
This shows how powerful GPUs have
become and their usability.
What choices do we have?
Nvidia
These are slightly more expensive
graphics cards.
Nvidia is required if your attempting to
get on the top 500 supercomputers list.
(this is due to CUDA)
Higher clock shader clock speeds, along
with more complex ALUs
ATI
ATI is competing technology against
Nvidia.
Has potential to be faster than Nvidia in
password cracking applications.
Cheaper
Slower shader clock speeds, but more
ALUs on chip
Cloud Based and Distributed
Networks
On solution is to pay for time on cloud
based services. Ex. (Amazon AWC/
EC2, Nimbix, Peer1, Penguin)
Join a Distributed network
Distributed.net
Folding@home
Boinc (freerainbowtables.net)
SETI@home
What is feasible?
The cost of running a cloud based
service is more for those with deeper
pockets.
Instead a locally hosted machine is
more affordable
That leaves us with Nvida Vs. ATI
The most common question….
WHICH IS
BETTER?!
Nvidia cant compete…
Nvidia design for example on the GTX
590 has 2 GTX 580s on a single card.
This means it has 512 cores x 2 = 1024
cores * 8 cells = 8192 steams.
While this is a lot of steams (meaning
more password cracking pipelines)
mapping to each stream is done by only
the first cell.
This does not utilize the GPU as much
as it can be.
Another blow is that the BIT_ALIGN_INT
operator must be emulated on Nvidia
cards requiring 2 shifts + 1 add
This means Nvidia cards must use 3
instructions instead of 1 for some
hashing functions as compared to ATI
cards.
Comparisons
ATI Radeon HD6990
3072 ALUs x 830 MHz = 2550 billion 32-bit
instructions per second
Nvidia GTX 590
1024 ALUs x 1214 MHz = 1243 billion 32-bit
instructions per second
Winner?
As seen in the previous slide ATI takes
the cake for password cracking
applications.
Due to BIT_ALIGN_INT, more ALUs,
and cost to power efficiency, ATI has
approximately 3x-5x performance boost.
en.bitcoin.it
What even is?
The differences between the card
architecture translates into a direct
increase in password cracking speed for
ATI cards.
Simpler ALUs at lower clocks == less
energy consumption.
Scalability
Adding another GPU actually increases
how many password can be cracked
more than 100%
Ex. 2x Radeons HD6990 != 2550 billion
instructions per second * 2
Its actually faster! (minutely though)
Password Cracking Software
GPU cracking
Oclhashcat
IghashGPU
WhitePixel
Extreme GPU Bruteforcer
CUDA – MULTIFORCER
Lightning hash cracker
Distributed solutions
LastBit
Elecomsoft
Durandural
Password cracker of choice
OclHashcat
Advanced mask processing
○ Character per position attacks (using
**clues**)
Rule engine
○ Manipulate wordlists based on rules on the fly
Hybrid dictionary + mask attacks
○ Use wordlists and masks together to hit more
passwords
Finger Printing attack
○ Psychology of humans based attack
Mask Engine
?d – Digits
?l – lower case alpha
?u – uppercase
?s – symbols
?h – hex 0xc0 – 0xff
?D-German alphabet
?F-French alphabet
?R-Russian alphabet
Lets try it out.
We will manipulate the string and use a
mask to hit our hashes
ichidor
Command:
echo ichidor | expander | sort -u > outfile
Common human convention is to
append numbers within the string
Some examples of wordlist + ‘?d?d’
Chido06
Dori09
hido30
chidori15
ichi91
hidori24