Cracking hashes in the cloud – how can you speed it up?

You got those pesky hashes after a while setting in the customer networks. But your laptop GPU is not good enough to crack them in reasonable time? If so read further as this will be a quick reference on how to step by step start cracking hashes in the cloud using P2 powerful AWS instances from your console.

Disclamer:

Remember to check your ROE or NDA whether there is an information if you can exfiltrate customer password hashes to external entities like AWS Cloud. If not sure ask…

First things first. What do we need?

  • AWS Account – if you don’t have one – create one for free. Add your or your company Credit Card details.
  • Few $$$ depends on how long you want to use your cloud instance, or how big budget of your project you will want to spend on it. Will use P2 instances below their current price model as of today 1/29/2020

Launching P2 Instance

  • Sign in to AWS account
  • Services > Compute > EC2
  • “Launch Instance”
  • Type ubuntu in search box and scroll down to “Ubuntu Server 18.04 LTS (HVM), SSD Volume Type – ami-02df9ea15c1778c9c (64-bit x86) / ami-07a3c7461cc82f8ff (64-bit Arm) ” > Select (64 bit (x86)
AMI selection in AWS - Cracking hashes in the cloud
AMI Ubuntu Image which worked for me
  • Scroll down to “p2.XXXXX” > “Review and Launch”
  • Launch
  • “Create a new key pair” > you will need to SSH to your box and download
  • Acknowledge you got the key pair and “Launch Instances”
  • Click View Instances

Login to your box

After a while you will see that you have your instance state running. You can login and start configuring

$ chmod 400 yourdownloaded_key_pair.pem
$ ssh -i yourdownloaded_key_pair.pem ubuntu@DNS_OF_YOUR_INSTANCE

Configuration

Get necessary packages

$ sudo apt-get update && sudo apt-get install -y build-essential linux-source linux-headers-$(uname -r) p7zip-full linux-image-extra-virtual

Disable Nouveau driver

Since we will use Nvidia drivers we need to disable Nouveau kernel driver.

$ echo "blacklist nouveau
 blacklist lbm-nouveau
 options nouveau modeset=0
 alias nouveau off
 alias lbm-nouveau off" | sudo tee -a /etc/modprobe.d/blacklist-nouveau.conf >/dev/null
$ echo options nouveau modeset=0 | sudo tee -a /etc/modprobe.d/nouveau-kms.conf >/dev/null
$ sudo update-initramfs -u

Get Nvidia driver

For latest drivers check here: http://download.nvidia.com/XFree86/Linux-x86_64/latest.txt

$ wget http://us.download.nvidia.com/XFree86/Linux-x86_64/440.44/NVIDIA-Linux-x86_64-440.44.run
$ chmod +x NVIDIA-Linux-x86_64-440.44.run
$ sudo ./NVIDIA-Linux-x86_64-440.44.run  --ui=none --no-questions --silent -X
$ sudo reboot

Check driver is working after reboot

$ sudo nvidia-smi
Nvidia drivers working - Cracking hashes in the cloud
Drive loaded into p2.xlarge instance

Get Hashcat and unzip

$ wget https://hashcat.net/files/hashcat-5.1.0.7z
$ 7za x hashcat-5.1.0.7z

Check hashcat if it see your GPU

$ cd hashcat-5.1.0
$ sudo ./hashcat64.bin -I 
Hashcat detecting GPUs - Cracking hashes in the cloud
Hashcat detected GPU on p2.xlarge instance

Perform benchmark

$ sudo ./hashcat64.bin -b
Hashcat benchmark - Cracking hashes in the cloud

Download or upload your wordlists

$ wget https://github.com/danielmiessler/SecLists/raw/601038eb4ea18c97177b43a757286d3c8a815db8/Passwords/merged.txt.tar.gz
$ tar xf merged.txt.tar.gz 

Upload or paste in your hashes

$ scp -i yourdownloaded_key_pair.pem hashes.txt ubuntu@DNS_OF_YOUR_INSTANCE:~/hashcat/

Start cracking your hashes depends on your needs…

$ sudo ./hashcat64.bin -w 3 -m 500 -o cracked.txt hashes.txt merged.txt -r ./rules/best64.rule

Conslusions

I hope you find it useful on how to start cracking hashes from the cloud when you are out of fast GPUs and want to get jobs done.

Stopping problem – vCPU capacity limits

Sopping problem of vCPU's - Cracking hashes in the cloud
If you will get this below message, you may need to request a limit increase so that you are allowed to launch the p2 instances.

Depends on your subscription plan and its history you might get above message while starting p2 instance

Got to your EC2 dashboard -> Limits -> Calculate vCPU limit
then select your instance type you wish to run for example: p2.8xlarge. For that case I needed new limit of 32 vCPUs

New Limit required 32 vCPUs calculated

After that hit: Request limit increase you will be taken to support center to fill up case (ticket).
Pick your region, select Primary instance type (for us All P instances) and fill new value limit you had calculated in previous step (example 32 vCPUs). In “case description” field write why you need it, For me description: “cracking hashes” was good enough.

Support case creation incase you vCPU limit is capped.

Wait for response from support, it didn’t took long them long. For me it was around 30 minutes and I could start instance. But all that depends on your AWS account history, for new account they might propose you a lower values of vCPU’s “for start”