Configuring a Password Cracking Computer

  • “Be willing to be a beginner every single morning.” —Meister Eckhart
Disclaimer: While the reason I'm writing this is because I was lucky enough to win a new cracking rig from Netmux's Hash Crack Challenge, I want to state for the record that he never asked me to blog about it, and all of the good things I say are 100% of my own choosing and not contingent on me receiving any prize.

2nd Disclaimer: I plan on this being a "living" blog entry as I continue to update and use my new computer. Since install procedures change over time, for the record I started to perform my install on September 7th 2018. I'll try to date my entries as I write them to help anyone trying to follow this so they can estimate how useful these instructions are.

ChangeLog:
  • September 12, 2018, (rearranged sections, added MDXFind, updated installing OpenCL instructions)

September 7, 2018 (Computer Arrives):

Wow, I suddenly and unexpectedly found myself in possession of a dedicated password cracking machine! For more background how that happened, please refer to my post on Netmux's Hash Cracking Challenge here. For the record, Netmux was amazing when it came to promptly shipping my portable cracking rig and keeping me in the loop. I'll admit I was a bit hesitant to hand out my home address to professional pen-tester and password cracker I met on the internet, but I've made a lot worse threat modeling decisions in the past, (There is a story behind the first picture that gets everyone who knows and cares about me legit angry for the stupid trust I've put in absolute strangers before). Long story short, Netmux was professional in shipping the server, kept me in the loop, and when it showed up I was super excited! As some background, while I study password cracking, develop and analyze password cracking tools, and participate in password cracking challenges, I've never been willing to personally invest in a dedicated password cracking rig. Mostly I've made do with a 2010 MacBook Pro, and a Windows machine with a GTX970 that I'll freely admit spends more time running Excel and playing World of Warcraft than cracking hashes. Which is another way of saying please take all my advice with a grain of salt, and the understanding that I'm planning on using this new server for research. I'm not optimizing it as a pure password cracking rig. But also this is a way of saying that I no longer have any excuses in how much I contribute in password cracking challenges in the future! This gift has inspired me to start a few new research projects so I want to give yet another huge thanks to Netmux!!! If you see me post additional blog content in the next few months or update my PCFG cracker, please give credit to him!

A Quick Aside on my New Password Cracking Rig:

Let me first say that it arrived in perfect shape so of course the first thing I did was crack it open and look at the inside...
My new rig from Netmux
Super excited!!!
The wiring was very well done, the whole rig is water cooled, the case certainly adds hacker creds, and little things were taken care of such as having good filters over the air vents which is pretty much a make or break requirement for this cat owner. I'm *very* happy with it, and would recommend it to someone else.

As far as the specs go:
CPU: Intel i5-7600k, 1 processor; 4 cores
RAM: 16GB
Storage: 500GB SSD
GPU: GeForce GTX 1070

Installing the OS:

Netmux's cracking rig came pre-installed with Ubuntu, but I figured I might as well re-install everything from scratch. After consulting with several password cracking experts I'm lucky to know, my end decision was to re-install Ubuntu. The version I used was 18.04.1 LTS. I plan on using this server for research as well so I went with a full graphical desktop. If you are hardcore and want 100% of your machine devoted to cracking then by all means go with a server deployment, but this guide probably won't help you to much since I *love* GUIs. Spoiler alert, I recommend installing a GUI git client like GitKracken, so that's where this guide is taking you.

Building the Boot USB (September 7, 2018):
Like anyone has a DVD anymore... The very first step I took was to create a bootable USB.

Steps:
  1. You can download an Ubunto ISO from here
  2. Since I already was running Ubuntu, I could use Startup Disk Creator  to create a bootable USB drive. You can perform a search, (use the Windows key), for that application if you are running Ubuntu already.
  3. Follow the options to create a bootable USB using the ISO that you previously downloaded
Installing Ubuntu fro USB (September 7, 2018):
  1. Use multiple swear words and reboot several times until you find the BIOS option to change your boot preference to start with your USB drive. In my case it was hitting F2.
  2. Once you boot from the USB, follow the steps in the Ubuntu installer and configure it how you want.
  3. If you are going to configure full hard drive encryption, (this will be a real portable rig that will potentially be unattended in your car when you make a restroom stop, or you are worried about legal issues), this is the time to configure full hard drive encryption. Just saying.

Core OS Drivers and Important Tools for Other Capabilities:

Installing OpenCL drivers (Originally installed September 7, 2018, updated September 12):
Special thanks to WinXP5421. The following section was written by him, though I tested it on my system and made minor edits based on my experiences and formatting it for this blog
  1. Download the appropriate Opencl Drivers for your system. We are specifically looking for “Intel® Xeon™ Processors OR Intel® Core™ Processors OpenCL runtime” drivers.  
  2. Extract the archive:
    • tar -xvzf opencl_runtime*.tgz
  3. The opencl runtime requires `lsb-core` to be installed on the ubuntu machine:
    • sudo apt install lsb-core
  4. Now install the drivers:
    • Go to the intel directory that you extracted in step #2
    • sudo ./install.sh
    • Work your way through the installer answering questions as needed. The install script will complain that your Ubuntu operating system is not supported this is fine continue with the installation anyway.
  5. Let’s verify we have a working Opencl environment by installing and running `clinfo`
    • Note: clinfo was already installed on my machine, but one of the other tools I installed later may have installed it -- Matt
    • sudo apt install clinfo
    • clinfo
    • The output of clinfo should display detailed information about each CPU core you have on your system. Simply put “Lots of output = all good” If OpenCL did not install properly you will see short and specific errors after running clinfo. 
Installing NVidia Drivers (September 7, 2018):
  1. Run: ubuntu-drivers devices
  2. Select the driver from the list you want to install. In my case it was: 
    1. sudo apt-get install nvidia-driver-396
Install basic GIT (September 7, 2018):
I usually only use a command line git when something goes horribly wrong, but having it ready helps a lot when that happens.
  1. Sudo apt-get install git
Install a GUI GIT Client (September 7, 2018):
I've used a lot of git GUIs in the past. The following is purely personal preference, but I would highly recommend using a graphical git GUI if you are doing any development. Having the ability to easily view changes, manage merge requests, fork, etc, I've found to be invaluable in all my work.

My favorite git GUI of all time has been the official github client from several years ago. Unfortunately since then they re-based everything in a web layout, it completely broke my workflow. I've tried to use Atlassian's SourceTree, but after a few horribly failed merges was told to never use it again by several co-workers. I currently use GitKracken, and am very happy with it. GitKracken is not free for commercial use. I've been told to use SmartGit by several people but don't have experience with it. If you are using this tutorial for commercial use and don't have funding to pay for GitKracken please check it out. Otherwise, I've found GitKracken to be great for non-profit and personal use.
  1. Install GitKracken from https://www.gitkraken.com/
  2. Run the following command or gitkracken will never actually start: sudo apt install libgnome-keyring0
  3. Once GitKracken is installed, log in to your github account using it
  4. Now add your computer's SSH key to your github account using: File->Preferences->Authentication->Github.com->Add_SSH_Public_Key
Installing Password Cracking Programs:

Install Hashcat (September 7, 2018):
Yes there are pre-built binaries for Hashcat, but I highly recommend using the github based source code to stay up to date with all the latest changes, fixes, and features.
  1. Install Hashcat using your git tool of choice. If you are using GitKracken, import the following repo: git@github.com:hashcat/hashcat.git
  2. Full instuctions for installing Hashcat can be found at: https://github.com/hashcat/hashcat/blob/master/BUILD.md
  3. You'll need to update the OpenCL Header submodule. This can be done in GitKracken by importing Hashcat using the above link and then in gitkracken "viewing Left Hand Side" at SubModules, right clicking on the deps/OpenCl-Headers, and selecting "Create" or "Update", If you are not using GitKracken, follow the instructions listed in step #2
  4. In a terminal, select "make", and then "make install"
  5. By building from source, you can periodically pull from the Hashcat repository and re-build it to add new features before an "official" release is published
Benchmarking Hashcat With New Install, (and gratuitous plug for NetMux's Hashcracking Manual which is awesome)
Install John the Ripper (September 7, 2018):
John the Ripper is my favorite password cracking program. If you are doing any sort of academic research or tool development, I can't suggest it enough. I'll admit though that if I'm only concerned with cracking standard hashes I generally use Hashcat instead. Regardless, I'd recommend installing John the Ripper on any password cracking rig you configure. Furthermore, you really need to install the magnum-ripper bleeding edge version of John the Ripper since the base version hasn't been updated in years. New patches, fixes, and features are normally pushed weekly, so building it from source, and constantly re-building it is highly recommended.
  1. Install the following branch of John the Ripper: https://github.com/magnumripper/JohnTheRipper./
  2. Install SSL libraries: sudo apt-get install libssl-dev
  3. cd ./JohnTheRipper/src/
  4. ./configure
  5. Note: The following does not have OpenCL support. I'll try to circle back to this later to figure out how to add it.
  6. make -s clean && make -sj4
  7. cd ../run/
  8. ./john --test
Install MDXFind (September 12th 2018):
I've been told I really need to start using MDXFind so since I'm starting a new cracking platform this is certainly the right time to install it. 

A quick aside, most people might question why I need three different password cracking programs on the same computer. I'm sure it's a lot like how chefs view their kitchen knife collection. Yes they all cut, but the right one depends on what you are trying to do.

While certainly not set in stone, as a general rule of thumb I use John the Ripper for research, CPU cracking sessions, cracking file encryption "hashes", and a few other hash types that don't translate well to GPU like SCrypt/BCrypt. It also has the best support for non-English data-sets.

I use Hashcat for most GPU cracking that I do. Yes, John the Ripper GPU support has been getting more robust, but I've had better luck with Hashcat. For example, I'm cracking large lists of unsalted MD5, Hashcat is my go-to cracking program.

MDXFind seems tailored to cracking large "messy" data-sets. Think of a lot of the major password dumps that become public. It's fast and can handle data-sets going into the millions of password hashes. It also has support for cracking nested hashes which have a way of ending up in some of these dumps. Oh, and it seems to be the password cracking tool of choice for CynoSurePrime and they know a few things...
  1. Obtain the latest copy of the source-code from https://hashes.org/mdxfind.php
    • MDXFind is only provided as a pre-compiled binary so you don't need to build it. Grab the 64bit Linux variant.
    • Download and copy the file to the directory you want to install MDXFind into
  2. Make MDXFind executable
    • chmod +x mdxfind
  3. Install required dependencies
    • sudo apt install libjudydebian1 libmhash2 librhash0
  4. Test MDXFind
    • ./mdxfind 
Other Quality of Life Installations:

Install Text Editor:
  1. I like Kate. To install it: sudo apt-get install kate
  2. You might also want to install Atom which has more features. I'm hesitant to recommend it with Microsoft buying GitHub, but it is free and has a ton of features: https://atom.io/
Change Login Background (September 7th 2018):
Not really important, but I always do this because it helps my gumption level:
  1. Find a picture you want to see when typing your login picture.
  2. sudo cp Pictures/FILENAME_OF_PCITURE_YOU_WANT_TO_USE /usr/share/backgrounds/login.jpg
  3. vim /etc/alternatives/gdm3.css
  4. Find: #lockDialogGroup  background: #2c001e url(resource:///org/gnome/shell/theme/noise-texture.png) background-repeat: repeat; }
  5. Replace it with
    #lockDialogGroup {  background: #2c001e url(file:///usr/share/backgrounds/login.jpg);
      background-repeat: no-repeat;
      background-size: cover;
      background-position: center; }

Comments

Popular posts from this blog

Tool Deep Dive: PRINCE

Cracking the MySpace List - First Impressions

The RockYou 32 Million Password List Top 100