Building a password cracking rig in the cloud

There were many times I had to break a password, but sometimes my gaming rig was not remotely available to do so. This is about setting up a password cracking box in the Google cloud platform with GPUs and Hashcat.

When it comes to Password cracking, GPUs are everything. GPUs are better at processing mathematical computations. High res video or graphics rendering can be considered as a set of mathematical calculations. CPUs are faster. But compared to CPUs, GPUs can perform mathematical calculations in parallel which makes it perfect to crack hashes.

We are going to create a Linux VM with GPUs in the Google cloud today, then install Hashcat and break a sample set of hashes.

Keep in mind that, this is an expensive solution. Do this only when there is no other way and make sure you have sufficient cloud credits. Its always better to rely on our old gaming rigs for hash cracking.

Login to your GCP account, navigate to Compute Engine then Create an instance. Choose the Machine type, vCPU and Memory and click on the CPU platform and GPU to select the required GPU. Refer the below given snapshot.

I had selected NVIDIA Tesla v100 with two GPUs. I’m choosing this card as an example only. The cost would be USD 3.279 per hour, that’s too expensive. A detailed specs can be found here : https://www.nvidia.com/en-us/data-center/v100/

Once the machine is up and running, SSH into it and install the drivers required for the NVIDIA GPU.

curl -O http://developer.download.nvidia.com/compute/cuda/repos/ubuntu1604/x86_64/cuda-repo-ubuntu1604_10.0.130-1_amd64.deb
sudo dpkg -i cuda-repo-ubuntu1604_10.0.130-1_amd64.deb
sudo apt-key adv --fetch-keys http://developer.download.nvidia.com/compute/cuda/repos/ubuntu1604/x86_64/7fa2af80.pub

Update the package list and install CUDA toolkit, which includes the NVIDIA drivers.

sudo apt-get update
sudo apt-get install cuda

After completing the installation steps, verify that the drivers installed properly. Use the below given command.

nvidia-smi

The result will look something similar to the given screenshot.

Its time to install Hashcat!

Download and install Hashcat. Follow the instructions from https://hashcat.net/hashcat/

Execute hashcat in benchmark mode sudo ./hashcat64.bin -b to analyze everything is in place.

The cloud instance can be used for many things. It also very easy to access it from anywhere to feed hashes. But its always better to have a proper hardware rig for password/hash cracking and it would provide a better result.

Happy hash-cracking!