CrackLord Maximizing Password Cracking Boxes

Channel:
United States All Hacking Cons
Subscribers:
5,970
Published on ● Video Link: https://www.youtube.com/watch?v=irX9aI5BZg8


Duration: 23:47
12 views
0

Over the past several years the world of password cracking has exploded with new tools and techniques. These new techniques have made it easier than ever to reverse captured password hashes. Based on our experience, within the past few years passwords have often become the first step into compromising the entire network. New techniques such as LLMNR/NetBIOS response have reduced the efficacy of pass the hash techniques, again increasing the necessity of actually cracking the hashes. With the addition of powerful techniques, from GPGPU cracking to rainbow tables, it is easier than ever to access the plaintext for fun and profit.

Heavy utilization of GPUs has increased the power of these tools exponentially. Many organizations and individuals have built massive GPU password cracking rigs and cloud based services, such as AWS GPU instances, have also placed high performance cracking into the realm of affordability. Although the current tools do an amazing job providing heavy utilization for individual hardware, they have not kept pace with the need for distributed cracking services. Additionally, these tools can often make the sharing of expensive hardware difficult, requiring manual job tracking, GNU screen, or scripts put together to queue cracking jobs.

CrackLord attempts to change this by providing a scalable, pluggable, and distributed password cracking system. Better said, CrackLord is a way to load balance the resources, such as GPUs and CPUs, from multiple hardware systems into a single queuing service. CrackLord uses two primary services: the Resource and Queue. The Resource is a service that runs on individual systems, providing access to their underlying hardware. Resources utilize various tools, such as Hashcat, John the Ripper, rcrack, or others, to run jobs and use the local CPU or GPU to crack hashes. The Queue is a service that runs on a single system, providing an interface for users to submit cracking jobs. These jobs are then processed and sent to available Resources to perform the actual crack. Users are able to create, pause, resume, and delete jobs in the Queue which will communicate with the Resource to handle the results. Finally, the system is designed to be extensible providing standard interfaces and libraries allowing new tools, resource types, and management interfaces to be written and added as necessary.

PRESENTED BY
Lucas Morris, Michael McAtee

Black Hat - USA - 2015 Hacking conference
#hacking, #hackers, #infosec, #opsec, #IT, #security



Other Videos By All Hacking Cons


2022-01-03Certifi gate Front Door Access To Pwning Millions Of Androids
2022-01-03Emanate Like A Boss Generalized Covert Data Exfiltration With Funtenna
2022-01-03Attacking Hypervisors Using Firmware And Hardware
2022-01-03Cloning 3G4G SIM Cards With A PC And An Oscilloscope Lessons Learned
2022-01-03Internet Facing PLCs A New Back Orifice
2022-01-03Exploiting Out of Order Execution For Covert Cross VM Communication
2022-01-03Commercial Mobile Spyware Detecting The Undetectable
2022-01-03Internet Plumbing Gor Security Professionals The State Of BGP Security
2022-01-03Automated Human Vulnerability Scanning With AVA
2022-01-03Exploiting The DRAM Rowhammer Bug To Gain Kernel Privileges
2022-01-03CrackLord Maximizing Password Cracking Boxes
2022-01-03Internet Scale File Analysis
2022-01-03BGP Stream
2022-01-03Back Doors And Front Doors Breaking The Unbreakable System
2022-01-03Exploiting XXE Vulnerabilities In File Parsing Functionality
2022-01-03Is The NSA Still Listening To Your Calls A Surveillance Debate
2022-01-03Faux Disk Encryption Realities Of Secure Storage On Mobile Devices
2022-01-03Battle Of The SKM And IUM How Windows 10 Rewrites OS Architecture
2022-01-03Big Game Hunting The Peculiarities Of Nation State Malware Research
2022-01-03FileCry The New Age Of XXE
2022-01-03Forging The USB Armory, An Open Source Secure Flash Drive Sized Computer


Tags:
data
hacker
security
computer
cyber
internet
technology
hacking
attack
information
hack
online
password
code
concept
thief
network
scam
fraud
malware
secure
software
access
system
firewall
communication
business
privacy
binary
account
spy
programmer
program
spyware
hacked
hacking conference
conference
learn
how to
2022
2021
cybersecurity
owned
break in
google
securing
exploit
exploitation
recon
social engineering
password cracking
CrackLord
boxes
Lucas Morris
Michael McAtee