psk-crack (ike-scan) CUDA add-on
UPDATE: Thinks are moving well on Hashcat.net ! https://hashcat.net/trac/ticket/5
If you are familiar with ike-scan and you hold NVidia card(s), you could be interested by cracking Pre-Shared Keys with your GPU(s).
As it is my first CUDA/GPU implementation and that I have limited knowledge of cryptography, this code must not be considered as optimized. Technically, I only reused basic source codes of MD5 and SHA-1 inside a CUDA code. Don’t blame me. I was working on a pentest and I thought : “Cracking this PSK could be nice for my report, let’s do ‘man cuda’ .. ”
To give you an idea of the improvement, brute-forcing the PSK “hello1“requires about:
- 2 hours and 50 minutes with CPU (HP EliteBook 8440p - 2.5GHz Intel Core 5)
- 2 minutes and 40 seconds with GPUs (GTX480 + GTX570)
It’s not that bad for a first try, even if the occupancy rate of the cards is low.
Unfortunately, an unexpected event recently happened… Due to a short-circuit in the power supply (with a nice little smoke), my two Nvidia GTX cards died … (note that I was not running my code when it happened )
- The good news is that I bought two new ATI cards which give amazing results with oclHashcat
- The bad news is that I’m not excited anymore to continue developing this code. I’m even not sure that I will start an OpenCL version for my ATI cards.
- Consider this code as BETA.
- Bugs have been reported for compute capability < 2.0 (check out this link to see which capabilities your cards support: http://developer.nvidia.com/cuda-gpus). Unfortunately, I was not able to reproduce these issues. For me, everything was working well on my cuda box (with the GTX cards, compute capability 2.0) and my Laptop (Nvidia GT218, compute capability 1.2).
- The README file contains everything you need to know about the procedure to follow (patching, compiling, and testing). Sample PSK files are also provided.
- Consider that I will not be able to assist you if something goes wrong (my CUDA environment is gone).
- If you are a CUDA/Crypto master, don’t hesitate to improve this development.
- If you’re atom‘s girlfriend, tell him that we need his talent.
Sample output with GPU:
$ time mp64.bin -i -1 ?l?d ?1?1?1?1?1?1 | ./psk-crack --gpu /tmp/psk_sha1 Starting psk-crack [ike-scan 1.9] (http://www.nta-monitor.com/tools/ike-scan/) Running in brute-force cracking mode GPU Mode: on CUDA-capable device count: 2 - GPU : "GeForce GTX 480" - GPU : "GeForce GTX 570" Init GPU(s) and structures - GPU is ready - GPU is ready Running ... MATCH 'hello1' Clean up GPU(s) - GPU - GPU real 2m39.148s user 2m58.950s sys 0m8.720s
Same test on CPU
$ time ./psk-crack -b 6 -c abcdefghijklmnopqrstuvwxyz0123456789 /tmp/psk_sha1 Starting psk-crack [ike-scan 1.9] (http://www.nta-monitor.com/tools/ike-scan/) Running in brute-force cracking mode Brute force with 36 chars up to length 6 will take up to 2176782336 iterations key "hello1" matches SHA1 hash 6b7c8600c2348d5235fe2b02f6e7f9919032c323 Ending psk-crack: 1656629000 iterations in 10200.623 seconds (162404.69 iterations/sec) real 170m0.625s user 169m46.849s sys 0m5.552s
Download the source code here : ike-scan-gpu-0.3.tar.gz
See README.gpu.txt for instructions.
Hope it will be useful to some of you. Enjoy.
© 2012 – 2013, foip. All rights reserved.