Summary In this post I will talk about how to make password cracking accessible to people who don't want to make the investment in video cards and GPU hardware resources. This post will mostly be a tutorial, geared toward people who are in a pinch and need to quickly standup a powerful hashcat environment.
The problem that led me down this path
I was recently working on an issue that required me to recover the password of a zip file. The zip file was created programmatically by a utility; which I had to the source code for. This meant I had the character set used and a fixed password length. I decided to fire up hashcat on my Mac Book Pro with my AMD Radeon Pro 560X. To my surprise, I was greeted with the error below;
Against the advice of the error message, I used the --force syntax to override the error. This yielded no usable results, it ended up making hashcat unstable and produced some false positives (I thought I had cracked the hash quickly).
After trying the to borrow some video hardware from a few co-workers (windows machines), I quickly determined I was going to need a lot more power!
Enter vast.ai
After some research online, I discovered
Vast.ai.
Vast.ai is a docker-based peer GPU rental market. The premise behind the business is they will rental you video cards of your choosing for an hourly rate. The video card resources are provided by users of their platform, and there is a large quantity of options to choose from.
Getting started
First you will need to create an account on vast.ai, and add some money. The payment information is handled via stripe, and you can add notification on when your balance gets below a certain point. I started off with a small balance for testing.
Generate an ssh key-pair for access
Access to your docker image will be handled over an SSH connection. I find it easiest to establish the ssh connection from a computer running linux or MacOS (You could use puttygen on a windows machine). We will need to generate an ssh key-pair from the computer you will connect with.
Open a terminal on a linux or macOS and issue the command below:
ssh-keygen -t rsa -b 4096 -C "vast.ai"
You will be prompted for a location and password. (hitting enter will use the default location):
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/user/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /Users/user/.ssh/id_rsa.
Your public key has been saved in /Users/user/.ssh/id_rsa.pub.
Copy the contents of the file /Users/user/.ssh/id_rsa.pub.
Log into your vast.ai account. On the left hand menu, navigate to Account -> Change SSH Key. Paste the contents of your /Users/user/.ssh/id_rsa.pub file here and click "Set SSH Key".
Find a docker image with hashcat configured
We need to search docker hub and find a docker image that has hashcat setup. In a web browser navigate to https://hub.docker.com/
In the search bar, type "hashcat". Select one of the images and copy the docker hub path name.
Configuring your vast.ai GPU to use your hashcat docker image
Now that we have our ssh access credentials configured, and found a hashcat docker image, we need to point our vast.ai GPU resource pool to it. In your vast.ai account, on the left hand menu, navigate to Client -> Create. Then click on the "EDIT IMAGE & CONFIG" button.
On the "Select an OS Image" screen, scroll down to "Enter the name of the docker image. May be anything support by docker run". In the text area past the path to the docker hub image. Then click select. You instance configuration should now be updated to the hashcat docker image.
Select the GPU resource you'd like to rent and connect to you instance
After selecting the GPU resource to rent, you will see it appear in
https://vast.ai/console/instances/ page. The resource should only take a few minutes to setup. Once it is finished, select the "connect" button and copy the ssh connection string presented.
Paste the ssh connection string into the terminal of the computer that you generated the ssh-key pair on. Hit the enter key key and enter the password you selected during the ssh-key pair generation.
You are now logged into the hashcat docker image.
Running hashcat
Now that you are logged into the docker image running hashcat, you can copy the hash to a file, and begin cracking. I found the quickest way was to echo the hash out to file (echo 'HASHSTRING' > hash.txt).
My hashcat execution string looked something like this (minus the increment info);
hashcat -m17220 hash.txt -o cracked.txt -a3 -1 CHARACTERSET LENGTH
Conclusion
I was really impressed with the performance of the GPU's I rented. For someone who was crunched for time, this was a really easy way to stand-up a machine for hashcat. My instance was processing 30 billion hashes a second! I initially added $50.00 (US) to do testing. This was enough money to run the the two nvidia RTX 3090's for 55 hours.
Thank you for all the data I want.
ReplyDeleteFirst depositors can take a spin of their wheel and earn up to as} $1400 in bonus cash. When selecting an internet roulette web site, it is important to look out for a web site with an excellent catalog of roulette video games and other casino video games if possible. This is as a result of|as a end result of} it's simpler to keep your funds in 코인카지노 a selected casino you belief and like.
ReplyDeleteFurthermore, the mixing of blockchain know-how has also affected market development positively. The blockchain can make secure funds ensuring transparency in playing activity. Gambling through cryptocurrency presents vast alternatives as they are quick and safe transactions. Owing to fewer restrictions imposed on cryptocurrency transactions, they are now closely used in online playing. In playing generates the simulation of environment; customers can work together with them in an actual way with special gear like 카지노사이트.online gloves with sensors.
ReplyDelete