A presentation at the Passwords^12 Conference in Oslo, Norway, has
moved the goalposts, again. Speaking on Monday, researcher Jeremi Gosney
(a.k.a epixoip) demonstrated a rig that leveraged the Open Computing
Language (OpenCL) framework and a technology known as Virtual OpenCL
(VCL) to run the HashCat password cracking program across a cluster of
five, 4U servers equipped with 25 AMD Radeon GPUs and communicating at
10 Gbps over Infiniband switched fabric.
Gosney's system elevates password cracking to the next level, and
effectively renders even the strongest passwords protected with weaker
encryption algorithms, like Microsoft's LM and NTLM, obsolete.
In a test, the researcher's system was able to churn through 348 billion NTLM password hashes per second. That renders even the most secure password vulnerable to compute-intensive brute force and wordlist (or dictionary) attacks. A 14 character Windows XP password hashed using LM, for example, would fall in just six minutes, said Per Thorsheim, organizer of the Passwords^12 Conference
In a test, the researcher's system was able to churn through 348 billion NTLM password hashes per second. That renders even the most secure password vulnerable to compute-intensive brute force and wordlist (or dictionary) attacks. A 14 character Windows XP password hashed using LM, for example, would fall in just six minutes, said Per Thorsheim, organizer of the Passwords^12 Conference
Note of clarification from Jeremi: "LM Is what is used on Win
XP, and LM converts all lowercase chars to uppercase, is at most 14
chars long, and splits the password into two 7 char strings before
hashing -- so we only have to crack 69^7 combinations at most for LM. At
20 G/s we can get through that in about 6 minutes. With 348 billion
NTLM per second, this means we could rip through any 8 character
password (95^8 combinations) in 5.5 hours." ]
“Passwords on Windows XP? Not good enough anymore,” Thorsheim said.
Tools like Gosney’s GPU cluster aren’t suited for an “online” attack
scenario against a live system. Rather, they’re used in “offline”
attacks against collections of leaked or stolen passwords that were
stored in encrypted form, Thorsheim said. In that situation, attackers
aren’t limited to a set number of password attempts – hardware and
software limitations are all that matter.
(slides available here - PDF)
The clustered GPUs clocked impressive speeds against more sturdy
hashing algorithms as well, including MD5 (180 billion attempts per
second, 63 billion/second for SHA1 and 20 billion/second for passwords
hashed using the LM algorithm. So called “slow hash” algorithms fared
better. The bcrypt (05) and sha512crypt permitted 71,000 and 364,000 per
second, respectively.
In an IRC chat with Security Ledger, Gosney said he has been working
on CPU clustering for about five years and GPU clustering for the last
four years.
“Then we just started trying to build the biggest GPU rigs we could,
packing as many GPUs into a single server as possible so that we
wouldn’t have to deal with clustering or distributing load,” Gosney
wrote..
Password Cracking 25 GPU Monster Devours Passwords Real Fast
Fuente: www.guru3d.com
No hay comentarios:
Publicar un comentario