Lets Learn To Decode Password Hash Using CPU & GPU to Plain Text
Password hashing is used to store passwords in a secure manner for security reasons.
How Secure is Password Hashing
Hasing is one way process which means the Algorithm used to generate hases cannot be reversed to obtain the plain text.
Today we will learn about Cracking the Hashes using CPU and GPU.
- CPU: Central Processing Unit
- GPU: Graphical Processing Unit
We will cover:
- What is a Hash ?
- What is the need of a Hash ?
- Why Hash over Encryption or Encoding ?
- Hardware configuration
- Tools required
- Hash cracking [CPU]
- Hash cracking [GPU]
- Hash cracking using Search engine
- Why such a difference ?
What Is A Hash ?
A. A Cryptographic function that converts a data or file of arbitrary length or size to a fixed length, which is considered practically impossible to invert. see Wikipedia
What Is The Need Of A Hash ?
A major use of Hash is in the security field. To provide security or privacy to the user who is using any service of a company.
For example: You are using Gmail, Facebook, Twitter, eBay, Amazon or Online payment portals like Paypal. Where you use the service by providing your credentials(username/password)
There are basically 2 reasons:
- Making it difficult for hackers to recover/retrieve Password, Online service(Gmail,eBay etc) or even Wi-Fi.
- Checking for the file verification.
Even If company’s security is breached (Hacked), then also the user’s credentials are safe(only if you use strong password)
Why Hash Over Encryption And Encoding ?
Imagine a scenario, which perhaps happen to almost every Big banner, take it Google, Facebook, Yahoo! etc.
A website is compromised and User’s data(credentials) is compromised.
What is the thing that will make you worry when you come to know that, if you are a registered user on that site ? Yes! your Password (might be master password, for all your accounts).
Now, It is in service provider’s hand to provide security to their consumers. Hence, Hashing is the solution.
How? well, you might be familiar with these terms:
and now, Hashing
Not going into the details, I will tell you a basic and most important feature of Hash which makes Hash much different and important over Encoding and Decoding. and that is :
Encoded text/file can be Decoded, Encrypted text/file can be Decrypted, But hashed text/file can never be De-hashed.
Yes, Hash unlike Encryption/Encoding, is a One way process i.e when a text/file go through the Cryptographic hash function, it is converted into a fixed character length.
Example: md5 type hash has character length of 32, where
SHA1 has character length of 40.If we hash a string, say “test123″, md5 and SHA1 hash for “test123″ will be
md5(“test123″) : CC03E747A6AFBBCBF8BE7668ACFEBEE5
SHA1(“test123″) : 7288EDD0FC3FFCBE93A0CF06E3568E28521687BC
Length differs from md2, md4 to SHA256, SHA512 and so on.Hashing your Wi-Fi password is also secured using hash function named PBKDF2(Password Based Key Derivation Function)
Hardware used in this tutorial:
- Laptop with 4 GB RAM
- nVidia Graphic card 1 GB
Software used in this tutorial:
- Windows 8, 32-bit
- Cain & abel (CPU based cracker), download here
- igHashGPU (GPU based cracker), download here
- nVidia graphics driver, for igHashGPU, download here
Hash Cracking [CPU]
Cain & abel is a multi-purpose tool. It is used for various purpose like
- Hash calculating
- Hash recovery(this tutorial)
- ARP spoofing
- WiFi hacking, using a hardware called AirPcap
- and so on.
We will take MD5(Message Digest 5) cracking as an example to keep it simple and easy to understand. Install Cain & abel, then follow the instruction along, step-by-step:
- Open Cain & abel
- Press Alt+C to open Hash calculator
- Type in “test123” and hit [ENTER], here “test123″ is our test string
- You should see something similar,
- Here we got the MD5, and other Hash for string “test123″ i.e CC03E747A6AFBBCBF8BE7668ACFEBEE5. select and copy the MD5 hash. NOTE: Hashing is Case sensitive, Hash for “Test123” will be absolutely different.
- Click on Cracker tab, then select MD5 Hashes column in the left.
Hash Cracking [GPU]
igHashGPU is a password recovery tool specialized for ATI (RV) and nVidia (Cuda) based cards. It recovers password of hashes which are used over internet(weak), example md4/md5/SHA1.
Lets get started,
We have the MD5 string for test123 i.e CC03E747A6AFBBCBF8BE7668ACFEBEE5
Follow the instructions along, step-by-step:
- Download and extract igHashGPU. Go to folder
- Right click and edit the file “example.cmd“. It is the example file for testing GPU speed of recovering MD5 password.
- Paste the MD5 code in the file after \h: and it should look like this : ighashgpu.exe /h:CC03E747A6AFBBCBF8BE7668ACFEBEE5 /t:md5 /c:sd /min:4 /max:7
- Close file. Click save and yes.
- Select “Example.cmd” and hit [ENTER].
- A command prompt window will open like this .
Just 5 minutes and 53 seconds. See how much time we saved by using GPU. From 3+ hrs to just 5 minutes. isn’t it amazing ?
also see the average speed also, 62,847 Million passwords/second.
CPU: ~3 hrs with 6M pass/sec GPU: ~6 min with 195M pass/sec
You might ask , Hey! can we crack this even faster ? well, the answer is Yes you can(not always though). How ?
Hash Cracking Using Search Engine [Google]
We had MD5 string copied, right? what you need to do is very simple.
Just paste and search the MD5 string i.e CC03E747A6AFBBCBF8BE7668ACFEBEE5 on Google. and you’re done!
Why Such A Difference ?
Difference in the speed is due to the architecture of the 3.
- CPU: Uses 4 cores(Shared with system processes) at maximum, 8-cores in some cases.
- GPU: Used 96 cores (In this case).
All the 96 cores(Parallel processing units) were 100% dedicated for the password recovery process unlike CPU, which was simultaneously handling the complete OS including background processes, GUI(mapping of pixels on screen),and many other processes.
Even if the CPU stop handling those, then also it won’t match GPU’s performance. difference because of the #of cores i.e 96 vs. 4 or 8
Latest GPU’s that I have seen comes with more than 400 cores. It can take you more than a billion passwords/second to recover the MD5 hashed string.
Google Don’t Crack The Hash.
Yes!, Google doesn’t crack/recover the string.It sends request for the specific Text input i.e the hash in our case, to all the servers, takes the response back and displays the result according to the page rank of the site.
There are plenty of online crackers, which can be used to crack a variety of hashes. They search their Database for the hash you have entered.
If the string of hash is already recovered by them, they will give it to you, else you have to pay to avail the service.
An email is sent if the string has been recovered.
So, what google does is sending request to all these servers and displaying you the result. Result of the hash already cracked.
It certainly becomes the Top priority for hash cracking.Search google first, if you didn’t find the password, go for GPU cracking.
Still didn’t succeed ? Try CloudCraker, crackStation, HashKiller
You can google “Online hash cracker” for more results.
Note: Cracking speed varies depending on factors like:
GPU configuration, ATI graphics cards are the best for this task.