The past week I have been playing around with an interesting set of tools along with an eye opening real-life concept that may surprise some of you. What if I could crack your 10 character ramdom alphanumeric NTLM or MD5 password hash in about half a day? The best part, what if I could do this for under say, £400? No need for fancy social engineering tactics, no exploits, no vulnerabilities, just pure hammer and fist virtual brute force attacking. Rainbow tables have been around for a while now, along with dictionary attacks and are still used for many password cracking situations; but brute forcing has always been a slow and painfully long process.

Modern graphics card are tremendous power houses that have some serious pixel pushing grunt. Traditionally, graphic cards were used only for rendering graphical output, rendering frames in games and other purposes related to graphics. Lately, people started realising that GPUs are far more efficient at handling highly parallel tasks and that there should be a way to code graphic cards to help offload calculations.

GP-GPU or General-Purpose computation on Graphics Processing Units was designed to offload calculations that were traditionally handled by the CPU by the addition of programmable stages and higher precision arithmetic to the rendering pipelines, which allows software developers to use stream processing on non-graphics data. In less of a mouth sense, todays GPUs are much more efficient at handling highly parallel calculations and can perform the calculations in a fraction of time compared to the modern consumer CPU.

Let’s put this into perspective;

My main system I use for day to day tasks consists of an Intel i7 920 CPU and a NVidia ASUS GeForce GTX 580 DirectCU II.

The CPU runs overclocked at a speed of 3.2GHz, has 4 cores with multithreading, and has a total FLOPs of around 8.5 gigaFLOPS.

The GPU runs at again overclocked at 840Mhz, has 512 cores, and a massive 1.5 teraFLOPS, yes TERA.

In other words, the GPU can perform higher floating points calculations per clock cycle of nearly all IBM mainframes in the 1980's, 1990's and even some Supercomputers. From a price to performance point, the GPU costs £400, compared to the 1998 Supercomputer ASCI Red which consisted of 9,298 Pentium II OverDrive processors, each clocked at 333 MHz, located in 104 cabinets, taking up about 2500 square feet and required 850 kW of power - oh the cost, no change expected from £110 million.

So we have access to some very powerful number crunchers today and by using a parallel computing architecture by NVidia called CUDA, we can dramatically speed up video conversion, video processing, doing scientific calculations, folding at home and the best bit, password hash cracking.

Let me introduce you to a fantastic piece of software call ighashgpu by a guy called Ivan Golbubev http://www.golubev.com/blog/. His command line tool uses CUDA to allow you to unleash GP-GPU processing on a number of password hashes such as plain MD5, SHA1, Windows NTLM, Orcale, MySQL and MSSQL.

Let’s give it a go - the results are amazing yet shocking.

To demonstrate the performace differences between GP-GPU and CPU brute force attacks, I will use an application familiar to all C|EH and hackers out there called Cain & Abel. Since this application only allows for CPU processing (for now) this is an excellent way of demonstrating the speed differences.

5 Character Password:

First let’s start with a simple 5 character alphanumeric password "2GUn2"

The NTLM hash for this is;

Testuser2:"":"":E8EE05EC2813FAC8AAD3B435B51404EE:B38902DC6808D3D88B63BC689050DCDF:::

 I have set Cain to brute force to a maxium of 5 caharacters, using a charter set "a-z""A-Z""0-9

Still quite fast. 13 million passwords a second, taking just over a minute to brute force the hash.

Now, by using ighashgpu on the GTX 580 GPU the results start to show the power of GP-GPU processing.

The code for the hash is;

ighashgpu.exe -h:B38902DC6808D3D88B63BC689050DCDF -t:md4 -max:5 -c:a -unicode

pause

1 second to crack with over 3 Billion passwords a second!

6 Character Password:

Moving on to a simple 6 Character password "3duL1O"

The NTLM hash is;

Testuser3:"":"":0EEBA1A32AD87BF3AAD3B435B51404EE:CEF37C65C985842769DE716ABC0EC025:::

Cain:

This is just taking over an hour to brute force.

ighashgpu:

And again, just over 1 second. Scary stuff.

7 Character Password with Symbols:

Let start to heat things up.  Ramdom 7 Character password using, both alphanumeric, numeric and symbols "8s0@*Ml"

We need to change the character set in both Cain and ihashgpu to allow for symbols. This is done simply by added the switch "-c:a"

The NTLM hash is;

Testuser4:"":"":077DD475743782F0AAD3B435B51404EE:47F2DCDD32156820C9D2CE64304D4ED1:::

Cain:

13 days. Still not a silly amount of time to wait if you needed to crack that hash.

ighashgpu:

Even a password that seems complex to the average user is now cracked in less than half a day.

Simple Dictionary Password:

What if a user beat your complexity requirements policy by using this simple password.  Lets try an 8 character dictionary word using numerical subsitution - "pa55w0rd"

NTLM hash is;

Testuser5:"":"":24037fc64518592e4a3b108f3fa6cb6d:c995ea5f1132b65afad2a3a28eec5e9c:::

Cain:

Compared to ighashgpu:

Simple answer to that is not to allow users to bypass your password requiments by using numeric substitution.

10 Character Password:

Now, lets try a nice 10 character ramdom password that we wish all of our users could use with out writing it down!  "iNk7ZNwVaR"

The NTLM hash is;

Testuser6:"":"":869BD16C710978FF749D82E317B30E8D:429C0852971677E2B462B23BC3CBC66A:::

Cain:

I think you now get the idea.

All I can say after this is you have been warned. This has crept up on us in the background and it is time to think long and hard about password security as a whole process, and how you now do your authentication. A simple user name and password to protect your company’s assets is no longer enough. What are the solutions? To be honest, I do not have an answer. A combination of TPM, biometrics, third factor devices such as RSA tags, and maybe something else entirely new will be needed. But it’s clear that a complex password that users will actually accept for day-to-day authentication, and keep secret, might be history - let’s face it, the I.T professional that manages to get their users to remember a 15 character password such as "Y#1CY"8sta"<EbN" without in ending on up a post-it note stuck to the screen or underneath a keyboard, will be in my eyes, be a genius.

Dan

(one of my old root passwords for a few years back - good luck even to GP-GPU processing, for now!)

Update on Wednesday, July 13, 2011 at 6:39PM by Dan Tinsley

As requested;

This is the GPU used;