AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
John the ripper gpu12/28/2022 ![]() I’m not sure if this was intentional or an accident. I wrote a small Go program to figure this out and correct it. Update: The hash/digest portion of 472 of the PBKDF2-HMAC-SHA256 hashes contained periods (which is an invalid base64 character). I did uncover the pattern (after the contest had ended) and cracked most of them. These hashes were really too difficult for John and my CPU to handle. There were 1,000 but Hashcat only saw 528. That made this attack even slower.įor some reason, Hashcat did not recognize all the the PBKDF2-HMAC-SHA256 hashes. I got a lot of points for these cracks, however, my version of Hashcat did not recognize the keychain hashes, so I had to pipe to John (which meant using the CPU) to crack these. word machine quickly discovered that pattern and I was able to focus on it early in the contest. The keychain hashes were capitalized passphrases such as Abidewithme, Whenpigsfly, and Sonofagun. Anyway, these were mostly cities with area codes appended. I cracked 88% of them, but only 53% were accepted due to some of the passwords being expired/changed on the second day of the contest (no credit for cracking them). I wish I had discovered this pattern sooner. Having more than a dozen hash types to attack and being a one man team (with only one inexpensive GPU) makes it difficult to discover and then spend time focusing on all the patterns in the various hash types. Word Machine discovered Dallas214 in the sha256crypt hashes on the last day of the contest. A sha512crypt crack earned 800,000 points. While simple cryptographic hashes, such as sha1, are much faster to attack, they were not worth many points.Ī raw-sha1 crack earned only 1 point. Sha512crypt is a hard, slow hash to attack and many teams didn’t bother trying. I cracked many of these after the contest ended (see my pot files below). There were a few variations of those words, too, such as 35fucker and fuckYou3. Because of this, I took the lead and held it for awhile. I think I cracked about 1/3 of the sha512crypts on the first day of the contest. Once wm discovered that, I began focusing on just those two words and that specific pattern. The sha512crypt hashes I cracked were largely made up of two words ( fuck and shit) with common numeric appends and prepends. Once I found a pattern for a certain user or type of hash, then I configured wm to focus on that particular pattern for awhile. I used word machine to generate common password patterns. More points are awarded for cracking more difficult hash types. The contest always has a variety of hashes. I may publish the source code someday, but for now, it’s just a private hobby project. The last several years, I’ve only been using the Go version as it performs better and the code is cleaner (Go was the second implementation). $ echo -n word | wm -leet | wm -astring 2021 | wm -app 1 -chars machine does much more than this, but in general, that’s how it works. It’s called Word Machine (wm) and I use it to create candidate passwords in a fashion similar to how humans create passwords. The only oddity is the password generation software that I wrote. The software I used to crack the hashes is pretty standard. In total, it cost about $1,900 US dollars to build this computer and I typically use computers like this for five to seven years before building another. Kernel modules: nvidiafb, nouveau, nvidia_drm, nvidia Memory at d0000000 (64-bit, prefetchable ) Įxpansion ROM at 000c0000 Ĭapabilities: Power Management version 3Ĭapabilities: MSI: Enable+ Count =1/1 Maskable- 64bit+Ĭapabilities: Express Legacy Endpoint, MSI 00Ĭapabilities: Advanced Error ReportingĬapabilities: Vendor Specific Information: ID = 0001 Rev = 1 Len = 024 Ĭapabilities: Secondary PCI Express Memory at c0000000 (64-bit, prefetchable ) Memory at d8000000 (32-bit, non-prefetchable ) GP104 įlags: bus master, fast devsel, latency 0, IRQ 92, NUMA node 0 ![]() Subsystem: ZOTAC International (MCO ) Ltd. 08:00.0 VGA compatible controller: NVIDIA Corporation GP104 (rev a1 ) (prog-if 00 )
0 Comments
Read More
Leave a Reply. |