Skip to content

psk-crack (ike-scan) CUDA add-on

by foip on July 6th, 2012

UPDATE: Thinks are moving well on Hashcat.net ! https://hashcat.net/trac/ticket/5

Hello,

If you are familiar with ike-scan and you hold NVidia card(s), you could be interested by cracking Pre-Shared Keys with your GPU(s).

As it is my first CUDA/GPU implementation and that I have limited knowledge of cryptography, this code must not be considered as optimized. Technically, I only reused basic source codes of MD5 and SHA-1 inside a CUDA code. Don’t blame me. I was working on a pentest and I thought : “Cracking this PSK could be nice for my report, let’s do ‘man cuda’ .. ”

To give you an idea of the improvement, brute-forcing the PSK “hello1“requires about:

  • 2 hours and 50 minutes with CPU (HP EliteBook 8440p – 2.5GHz Intel Core 5)
  • 2 minutes and 40  seconds with GPUs (GTX480 + GTX570)

It’s not that bad for a first try, even if the occupancy rate of the cards is low.

Unfortunately, an unexpected event recently happened… Due to a short-circuit in the power supply (with a nice little smoke), my two Nvidia GTX cards died … (note that I was not running my code when it happened :) )

  • The good news is that I bought two new ATI cards which give amazing results with oclHashcat :-)
  • The bad news is that I’m not excited anymore to continue developing this code. I’m even not sure that I will start an OpenCL version for my ATI cards.

So.

  1. Consider this code as BETA.
  2. Bugs have been reported for compute capability < 2.0  (check out this link to see which capabilities your cards support: http://developer.nvidia.com/cuda-gpus). Unfortunately, I was not able to reproduce these issues. For me, everything was working well on my cuda box (with the GTX cards, compute capability 2.0) and my Laptop (Nvidia GT218, compute capability 1.2).
  3. The README file contains everything you need to know about the procedure to follow (patching, compiling, and testing). Sample PSK files are also provided.
  4. Consider that I will not be able to assist you if something goes wrong (my CUDA environment is gone).
  5. If you are a CUDA/Crypto master, don’t hesitate to improve this development.
  6. If you’re atom‘s girlfriend, tell him that we need his talent.

Sample output with GPU:

$ time mp64.bin -i -1 ?l?d ?1?1?1?1?1?1 | ./psk-crack --gpu /tmp/psk_sha1
Starting psk-crack [ike-scan 1.9] (http://www.nta-monitor.com/tools/ike-scan/)
Running in brute-force cracking mode
GPU Mode: on
CUDA-capable device count: 2
 - GPU[0] : "GeForce GTX 480"
 - GPU[1] : "GeForce GTX 570"
Init GPU(s) and structures
 - GPU[0] is ready
 - GPU[1] is ready
Running ...

MATCH 'hello1'

Clean up GPU(s)
 - GPU[0]
 - GPU[1]

real	2m39.148s
user	2m58.950s
sys	0m8.720s

Same test on CPU

$ time ./psk-crack -b 6 -c abcdefghijklmnopqrstuvwxyz0123456789 /tmp/psk_sha1
Starting psk-crack [ike-scan 1.9] (http://www.nta-monitor.com/tools/ike-scan/)
Running in brute-force cracking mode
Brute force with 36 chars up to length 6 will take up to 2176782336 iterations
key "hello1" matches SHA1 hash 6b7c8600c2348d5235fe2b02f6e7f9919032c323
Ending psk-crack: 1656629000 iterations in 10200.623 seconds (162404.69 iterations/sec)

real	170m0.625s
user	169m46.849s
sys	0m5.552s

Download the source code here : ike-scan-gpu-0.3.tar.gz

See README.gpu.txt for instructions.

Hope it will be useful to some of you. Enjoy.

Foip.

1 Star2 Stars3 Stars4 Stars5 Stars (4 votes, average: 4.00 out of 5)
Loading...

© 2012 – 2014, foip. All rights reserved.

Comments are closed.

© 2010-2024 Fun Over IP All Rights Reserved -- Copyright notice by Blog Copyright