Building a 30,000$ password cracking rig in the cloud for pennies.
If you work or are interested in Offensive Security, chances are you have already tried to crack a hash and retrieve the original password. Whether you are trying to pivot laterally in a network or gain an initial foothold by leveraging a leaked hash, cracking hashes is very common part of security testing during pentests or other offensive security assessments.
However passwords cracking is an expensive process that is very resource intensive. Building a custom cracking rig to get faster results is not an option for everybody, and while I would love to, definitely not an option for me.
What exactly are the downsides of building your own rig?
- Computing power is expensive. Especially nowadays, GPU prices have reached all time highs and with the AI boom, will probably not go down anytime soon.
- The uptime doesn’t always justify the spending. I personally don’t run my cracking tool 24/7. I usually only try and crack hashes during my engagements, and there are not millions of them to crack. Spending 10K on a machine that runs only runs a few times a week (or even month), might not be the best investment.
- In 10 years, the newest super pricey equipment in my rig will not be so new or performant anymore, if it still even runs by then.
The Solution
For all these reasons, a pay per use solution seems more adapted, and that is exactly what the Cloud offers.
- I do not need to front huge amounts of money for my setup: I only pay for what I use, when I use it.
- I am not set to one piece of hardware: I can use expensive and super performant resources if I need fast results, or slower and more cost effective resources when it can wait.
- Whenever newer, faster resources are released by my cloud provider, I can easily switch to those without replacing my costly on premise GPU.
- This also allows to be hardware failure resistant: if a GPU fails, I don’t need to spend thousands of dollars replacing it, my cloud provider will do it transparently for me.
Introducing HashCloud
HashCloud is a tool that acts as a Cloud layer on top of the very famous password cracking tool Hashcat. It is built on AWS (simply for personal familiarity) and leverages a few resources:
- S3 , to store the password lists used for dictionary attacks. S3 supports file sizes up to 5TB, which allows to use massive wordlists, not only the simple everyday rockyou.txt.
- Fargate to manage the Docker container and underlying resources that will run our cracking jobs.
- AWS Batch, to orchestrate the cracking jobs independently.
The idea behind this tool is to make use of cloud resources to run Hashcat as transparently as possible for the end user, meaning no complicated setup or commands to run it. HashCloud offers a few intuitive commands to:
- Build and tear down the cloud resources.
- Submit cracking jobs.
- Fetch the results.
HashCloud uses the exact same options as Hashcat, allowing users to leverage all of Hashcat’s efficiency, backed by the power provided by the cloud.
Limitations and Future Improvements
The current architecture relies on containers and Fargate to run the cracking tasks. While this setup is great for parallelism and task automation it has one major bottleneck: the resources we can use with Fargate are capped to 16 vCPUs and 120GB Memory. Even though this is already a decent amount of resources, it doesn’t come close to the performance of a cracking rig. As a comparison point, AWS currently offers the X1 EC2 instance that comes with 128 vCPUs and 2TB Memory.
But the real kick comes from the possibility to use GPUs. AWS recommends a few instances that support massive GPUs, including the Tesla V100 (currently listed on Amazon at more than 4000 £!). Furthermore, we can use up to 8 of this GPU on a single instance, giving our cloud rig a ton of raw computing power to play with.
With such a setup, we could run up to 125 trillion single-precision floating point multiplications per second. Source: AWS article.
Finally, a nice upgrade for HashCloud would be to support other cloud providers, as they might have similar, or even better offerings to get more computing power, at a cheaper rate.
References
Thanks for reading! Let me know what you think!
If you are interested and would like to see more articles on cybersecurity, make sure to follow me on Medium, Twitter and LinkedIn!
Building a 30,000$ password cracking rig in the cloud for pennies. was originally published in InfoSec Write-ups on Medium, where people are continuing the conversation by highlighting and responding to this story.
目录
最新
- How I found S3 buckets in Bug bounties
- Bypass HackerOne 2FA requirement and reporter blacklist
- Reverse Engineering Chinese Social Media for Fun (REDNote App)
- Is Carding Still a Thing in 2025
- From Uncovering to Securing: Tackling Three Vulnerabilities in Educational Domain
- Splunk Series: Installation Guide for Windows and Linux (Part 1)
- Sofia Santos: OSINT Exercise #004
- Insecure Randomness on TryHackMe: Practical Guide Using a Windows Machine