Password Cracking for Fun and Profit
With the huge drops in GPUs lately, I decided to revisit my password cracking box and update a couple of the GPUs cards. In doing so, I ended up putting a whole machine together. What I bought might be a little overkill for just password cracking, as cracking relies mostly on GPUs, but I wanted something that could also be used for other purposes (and not make me deaf). I could have gone down the route of building out a 6 GPU case, but it wasn’t reasonable in this setting.
When originally building this new computer, I focused on the GPUs and went with the R9 295×2, which are just two ATI R9 290X GPUs. This is pretty much the best money can buy and due to the heat of two GPUs, also comes already water-cooled.
My setup:
 |
 |
Here are the exact hardware specs:
- Cooler Master Hyper 212 EVO – CPU Cooler with 120mm
- Sapphire Radeon R9 295X2 8GB GDDR5 DVI-D
- THM COMPOUND ARCTIC COOLING AC-MX4
- Corsair Vengeance Series C70 Arctic White Steel ATX Mid
- BLU-RAY BURNER LG
- CORSAIR Vengeance Pro 16GB (2 x 8GB) 240-Pin DDR3 SDRAM DDR3 1600
- SAMSUNG 840 EVO MZ-7TE500BW 2.5″ 500GB SATA III TLC Internal Solid State Drive (SSD)
- Intel Core i7-4790K Haswell Quad-Core 4.0GHz LGA 1150 Desktop Processor
- SILVERSTONE ST1500 1500W ATX 12V 2.3 & EPS 12V SLI Ready 80 PLUS SILVER Certified
- ASUS MAXIMUS VII FORMULA/WATCH DOGS LGA 1150
It took about an hour to put together and it luckily booted up on the first run. Just for kicks, I ran Microsoft’s performance rating software and it rated 7.8 out of 7.9. So close to a perfect score…
 |
But what really matters is how it will perform for password cracking. I downloaded oclHashcat (oclHashcat-1.31) and ran some of the baseline password checks. Here are the checks that really matter to me:
|
Hashtype: WPA/WPA2 Hashtype: MD5 Speed.GPU.#1.: 10563.8 MH/s Hashtype: SHA1 Speed.GPU.#1.: 3653.6 MH/s Hashtype: SHA256 Speed.GPU.#1.: 1468.0 MH/s Hashtype: NTLM Speed.GPU.#1.: 19479.6 MH/s Hashtype: NetNTLMv2 |
Hashtype: Kerberos 5 AS-REQ Pre-Auth etype 23 Speed.GPU.#1.: 55167.2 kH/s Hashtype: Office 2013 Speed.GPU.#1.: 4240 H/s Hashtype: MSSQL(2005) Speed.GPU.#1.: 3597.0 MH/s Hashtype: MSSQL(2012) Speed.GPU.#1.: 571.8 MH/s Hashtype: PostgreSQL Speed.GPU.#1.: 10501.3 MH/s |
For example, we can crack NTLM (Windows hashes) at 41373.9 million hashes a second. The ATI 7970, which had been my favorite these past few years, only ran 15261.7 MH/s. We are looking at almost 3 times the power of that card. My biggest worry of course is heat, as I have heard that the 295×2 cards will stop at 75C. Running different tests and baselines, my GPUs stayed between 50 to 65 degrees. I’ll have to do a little further testing on this.
 |
One hiccup I had with this card was that some hashes caused the GPU drivers to crash. For example, if I tried to baseline SHA-3(Keccak), my driver for this card consistently crashed. More to come on this.
So what’s next? I’m going to take some of the really large hashdumps I’ve done and run them against certain wordlists and investigate the benefits of the PRINCE (http://hashcat.net/tools/princeprocessor/prince-attack.pdf) attack. Stay tuned and don’t forget to pickup The Hacker Playbook: http://www.amazon.com/dp/1494932636/.
Happy Hacking,
Peter
Recently