Hack and / - Password Cracking with GPUs, Part II: Get Cracking

May 29, 2012 By Kyle Rankin  inHOW-TOsSecurity Your hardware is ready. Now, let's load up some software and get cracking.

In Part I of this series, I explained how password cracking works in general terms anddescribed my specific password-cracking hardware. In this article, I diginto the software side of things and describe how to put that hardware touse cracking passwords. I also discuss the two main types of attacks:dictionary and brute-force attacks. As I describe each attack, I alsogive specific examples of how I used the software to attack phpass, thehashing algorithm currently used for PHP-based software like WordPress.

For the purposes of this article, I created a sample WordPress blog onmy server and created a few custom accounts—some with weak passwordsand others with truly random passwords. Then, I went into the databasefor the site and pulled out the phpass password hashes for each accountand put them into a file that looked like this:$P$BpgwVqlfEwuaj.FlM7.YCZ6GQMu15D/$P$BGMZP8qAHPjTTiTMdSxGhjfQMvkm2D1$P$BOPzST0vwsR86QfIsQdspt4M5wUGVh.$P$BjAZ1S3pmcGOC8Op808lOK4l25Q3Ph0$P$BPlIiO5xdHmThnjjSyJ1jBICfPkpay1$P$BReStde51ZwKHVtiTgTJpB2zzmGJW91

The above hashes are legitimate phpass hashes created from six-characterpasswords. I could tell you the passwords, but that would defeat thefun of cracking them yourself.

Proprietary Video Drivers

For those of you who, like me, believe in open-source software, this nextsection may be a bit disappointing. To get hardware-accelerated password-cracking software working on your system, you need to install theproprietary video drivers from either AMD or NVIDIA. That said, if youalready have been using your system for Bitcoin mining, you already havethe drivers and libraries you need, so you can skip to the next sectionabout Hashcat. Honestly, you also could just follow the Bitcoin miningHOWTOs for Linux, and that would describe how to get all the drivers andlibraries you need.

Many modern desktops make it relatively easy to pull down and install theproprietary video drivers. For instance, an Ubuntu desktop will promptyou that restricted drivers are available to install both for AMD andNVIDIA cards. Most other popular distributions provide good documentationon how to pull down the proprietary drivers as well. In the worst case,you may have to download the software directly from the AMD or NVIDIA andinstall it that way—they both have clear instructions and softwareavailable for Linux just like for other OSes.

Once you have the proprietary drivers installed, you also needthe AMD APP SDK for its OpenCL libraries or the NVIDIA CUDAlibraries, depending on who made your video card. You likely will need toget these librariesdirectly from AMD or NVIDIA Web sites. Theinstall is straightforward though. In my case, I downloaded theAMD-APP-SDK-v2.5-lnx32.tgz file from AMD, extracted it, and ran theprovided Install-AMD-APP.sh shell script as root.


Many different password-cracking suites exist both for CPU-and GPU-based cracking. After reviewing all the options, I decided on theHashcat family of cracking tools available at http://hashcat.net. On thesite, you will see that a number of different tools are available. Atfirst glance, it can be a bit confusing, as you can choose from hashcat,oclHashcat, oclHashcat-plus, oclHashcat-lite and even software calledmaskprocessor. Each program has its purpose though, depending on whatyou intend to do.


CPU-based, so slower than the GPU-based software.

Supports the widest range of hashing algorithms.


GPU-based password cracker.

Supports a moderate number of hashing algorithms.

Built-in support for dictionary, brute-force and mask attacks.



Supports the most hashing algorithms of the GPU-based hashcat crackers.

Optimized for dictionary attacks against multiple hashes.

Can support dictionary input from a pipe, so brute-force is possible.



Optimized for attacks against a single password hash.

Fastest of the hashcat family, but with the most-limited password hash support.


Generates dictionaries based on patterns you supply.

Not a password cracker in its own right, but can pipe output tooclHashcat-plus for a brute-force attack.

Even with the above lists, it may not always be clear which software touse. Basically, it comes down to what type of password you want to crackand what kind of attack you want to use. The page on hashcat.net devotedto each piece of software provides a list of the hashing algorithms theysupport along with benchmark speeds of how many comparisons they can doper second on different types of hardware. For a given password hash,go through those pages and see which type of Hashcat software supportsyour hash and has the highest benchmarks. Beyond that, use oclHashcat formask or brute-force attacks against multiple hashes, oclHashcat-lite forsingle hashes or oclHashcat-plus if, as was the case with me, it's theonly GPU-accelerated version that supported your hash.

Once you decide which type of Hashcat software to use, installation isrelatively simple, if old-school. Just download the .7z package thatcorresponds to the software, and use the 7za command-line tool (whichshould be packaged for your distribution) to extract it. The softwarewill extract into its own directory that provides 32- and 64-bit versionsfor both Linux and Windows. If you have NVIDIA hardware, you will usethe binaries that begin with cuda; otherwise, you will use the versionsthat start with ocl. The directory also will contain a number of examplehashes and dictionaries and example shell scripts you can use to makesure your libraries and drivers are in place. For instance, here's theexample provided with the oclHashcat-plus software for cracking a phpasshash on a 64-bit system:cat example.dict

View the Original article

No comments:

Post a Comment

Thank You , For Immediate Assistance Plz Put Email Copy to Deviceporting@gmail.com