Hack and / - Password Cracking with GPUs, Part II: Get Cracking
The first attack you should try is a dictionary attack. With a dictionary attack, you provide the cracking software with a dictionary full of possible passwords to try, such as all the words in the English dictionary. The cracking software then tries each dictionary word until one matches your hash. Since the number of combinations in a dictionary attack is much smaller than with a brute-force attack, dictionary attacks complete much faster. As an example, when I was first researching this article, I let a brute-force attack run for days against a sample set of hashes without cracking one of them. I was able to crack three out of the five hashes with a dictionary attack in less than a minute.
To run a dictionary attack with oclHashcat-plus, first run the command
--help argument. That will provide you with the number that
corresponds to the hash algorithm you want to crack. In the case of phpass,
that number is 400. Then, run the command a second time and specify the
password hash to use with the
-m option, the file in
which to store the recovered
passwords with the
-o option, and then list the file that contains your
hashes and the file or files you want to use as a dictionary. Here's
an example dictionary attack against phpass hashes:
/path/to/oclHashcat-plus32.bin -m 400 -o recovered_hashes ↪example400.hash example.dict
If I had multiple dictionaries, I could list all of them on the command line or even use a shell glob. A dictionary attack is only as good as its dictionaries, but a number of good password dictionaries are available on the Web that you can find with a quick search for "password cracking wordlist".
Calculating Cracking Speed
Before I discuss brute-force attacks in detail, it's important to learn how to estimate how long a particular brute-force attack will take. With a brute attack, you aren't just going through a dictionary of words, you are actually trying all possible combinations of a set of characters. In researching the article, I wasted days attempting a brute-force attack against an eight-character password before I finally did the math and realized it was completely impractical.
The first step is to figure out how fast your hardware can crack a particular type of hash. As you will discover, the number of comparisons per second your hardware can perform will vary widely depending on the hash type, so start a sample brute-force attack just long enough to get a bit of progress output, and then press Ctrl-c to exit. In my case, because I'm using oclHashcat-plus, I needed to download and extract the maskprocessor software from hashcat.net, so it, combined with oclHashcat-plus, could perform a brute-force attack against phpass (don't worry about the command syntax for now, I discuss the specifics later):
/path/to/mp32.bin -1 ?d?l?u ?1?1?1?1?1?1 | \ /path/to/oclHashcat-plus32.bin -m 400 \ -o recovered_hashes phpass-hashes oclHashcat-plus v0.06 by atom starting... Hashes: 6 Unique salts: 6 Unique digests: 6 Bitmaps: 8 bits, 256 entries, 0x000000ff mask, 1024 bytes Rules: 1 GPU-Loops: 128 GPU-Accel: 16 Password lengths range: 1 - 15 Platform: AMD compatible platform found Watchdog: Temperature limit set to 90c Device #1: Cayman, 2048MB, 0Mhz, 22MCU Device #1: Allocating 264MB host-memory Device #1: Kernel ./kernels/4098/m0400.Cayman.32.kernel (274238 bytes) Starting attack in wordlist stdin mode... Status.......: Running Input.Mode...: Piped Hash.Type....: phpass, MD5(Wordpress), MD5(phpBB3) Time.Running.: 10 secs Time.Util....: 10001.4ms/180.8ms Real/CPU, 1.8% idle Speed........: 315.3k c/s Real, 351.4k c/s GPU Recovered....: 0/6 Digests, 0/6 Salts Progress.....: 3153920 Rejected.....: 0 HW.Monitor.#1: 96% GPU, 54c Temp
The output line to pay attention to is the line that begins with
you can see from that output, my GPU can do around 350,000 comparisons
per second, so I'll use that number for the rest of my calculations.
One good site I've found for doing cracking estimates is http://www.lockdown.co.uk/?pg=combi. This site describes all sorts of different character sets and password lengths, and it describes how long anything from a single Pentium CPU to a mythical government supercomputer might take to brute-force all combinations. Otherwise, the math is pretty straightforward. Just take the number of characters in your character set (for instance, all lowercase letters would equal 26), then figure out how long of a password you want to brute-force, then raise the first number to the power of the second.
So, for instance, all mixed-case alphanumeric characters (A–Za–z0–9) equals 62 characters. If I wanted to brute force a six-character password, that would be 626 = 57 billion combinations.
If you divide 57 billion combinations by a system that can do 350,000 comparisons a second, you get approximately 45 hours to complete the brute-force attack. That's not bad, but let's do the same math for eight-character passwords: 628 = 218 trillion combinations.
At 350,000 comparisons per second, it would take me approximately 7,200 days, or 19 years, to complete the attack. On the plus side, for another $250, I could complete the attack in less than 10 years! If you add symbols to your brute-force attack, the number jumps to 7.2 quadrillion combinations, or around 652 years.
Once you've figured out whether a brute-force attack will complete in your lifetime, the next step is to run maskprocessor and tell it what kind of word list to generate. The maskprocessor command supports a number of common character sets by default with the following symbols:
?d= all decimals (0–9).
?l= lowercase characters (a–z).
?u= uppercase characters (A–Z).
You also can define a custom character set with
and then use
?1 to use that custom set. For instance, if I wanted to
enumerate through all three-character passwords made up of lowercase
characters and numbers, I could type:
/path/to/mp32.bin -1 ?d?l ?1?1?1 000 001 . . . zzy zzz
In my example brute-force attack, I wanted to run through all combinations of uppercase, lowercase and numbers in a six-character password. The resulting maskprocessor command would be:
/path/to/mp32.bin -1 ?d?l?u ?1?1?1?1?1?1
Then, I would pipe the output of that command to oclHashcat-plus:
/path/to/mp32.bin -1 ?d?l?u ?1?1?1?1?1?1 | \ /path/to/oclHashcat-plus32.bin -m 400 \ -o recovered_hashes phpass-hashes
As with my dictionary attack, the
-m option specifies I want to crack
phpass hashes, the
-o lists the file in which I want to
store my recovered hashes, and finally, I specify the file that contains the phpass hashes to
crack. On my hardware, it took around two days to run fully through the
above brute-force attack.
Now you should be ready to get cracking, but as you'll find, the world of password cracking can get pretty dense, pretty quickly. In my next and final part of the series, I will discuss how you can tune the above attacks to get better performance, and also how to blend both dictionary and brute-force attacks to get the best of both worlds.
Password Recovery Speeds: http://www.lockdown.co.uk/?pg=combi
Password photo via Shutterstock.com
Kyle Rankin is VP of engineering operations at Final, Inc., the author of many books including Linux Hardening in Hostile Networks, DevOps Troubleshooting and The Official Ubuntu Server Book, and a columnist for Linux Journal. Follow him @kylerankin
- Machine Learning Everywhere
- Own Your DNS Data
- Understanding OpenStack's Success
- Natalie Rusk's Scratch Coding Cards (No Starch Press)
- Simple Server Hardening
- Bash Shell Script: Building a Better March Madness Bracket
- Returning Values from Bash Functions
- Understanding Firewalld in Multi-Zone Configurations
- Ensono M.O.
- From vs. to + for Microsoft and Linux