How To Make a Password Cracking Cluster

[SDK]

Originally posted here by NeuTron
You need to boot all of the nodes with ClusterKnoppix. This automatically creates an OpenMosix cluster. You only have to start the password cracker on one node but you run it will several instances. The other nodes in the cluster will see that one node has too many processor intensive programs running and they will autmatically lessesn the burden by migrating the extra processes over to themselves.

You still need a program that is written to run a on cluster, right? You were unable to run John.

[NeuTron]

You need a program that you can run multiple instances of while it is processing from one source. It is tough to make john do this, but not impossible. Cisilia makes it incredibly simpler.
-NeuTron

[AO-Protected]

NeuTron, quick Q: pwdump2 is not working for me getting the following:

Unable to adjust token privileges: 5
Failed enabling Debug privilege. Proceeding anyway
Failed to open lsass: 5. Exiting.


So my Q is: If using knoppix I get the SAM file, through C:\windows\system32\config\SAM

and rename it to lets say passwd.txt, would that do the job ?

Second issue: You mentioned that the work load is automatically synchronized among all the nodes of the cluster, is that true for all applications ? do they have all to support this specific OpenMosis kernel ??

Thanks for any feedback you may provide

[Und3ertak3r]

so what your saying is that a 50 node cluster needs 50 copies of clusterknoppix.....its gonna be a LONG night

Only if you have one burner.. if you have 5 or more burners.. you have a choice as to how you go about it.. did 5 copies using 3 machines in half an hour this afternoon .. with delays.. will play with the disks 2morrow.. saturday..yay.. I dont care abot the pwd cracking.. it is the simple clustering.. I got a nu toy..

[Maestr0]

Actually you only need ONE cd. The clusterknoppix distro comes with a DHCP and PXE server which will allow you to net boot all your clients into the cluster after the PXEserver is started. Worked great for me on about 10 machines I used for a test run, I plan to do about 90 tonight,


-Maestr0


PS. Ao-Protected, you need to use an account that has Admin and Debug privileges to dump the LSA secrets. The SAM file itself is not what you want as it contains much more info than just the usernames and pwd hashes.

[hexadecimal]

ive burned 5 copies already and plan on using them on my net in my room...gonna get my dad's sam and crack it hehehe

right now what me and my friend are trying to do is get our school to let us use the science computer lab during lunch time and use live distros to mess around....theres more to it but 50 P4 w 256 DDR all networked over a 4mbs connection....gonna be fun

<edit>

sorry forgot to mention my dad forgot his password and wants on his computer with access to his files...did not mean any bad display...my error...yes i deserve the negs

</edit>

[Maestr0]

Cluster night went well, had lots of fun with OpenMosix. I was able to crack 15 passwords between 7 and 15 characters alphanumeric, using Cisilia all were cracked within 2 hours. Unfortunately I was unable to get Cisilia to spawn more than 13 processes (I believe this is a problem in her code), so many of the 90 nodes were set on POVray and other valuable processes wasting tasks . I had some limited success getting JtR to run parallel, there are some tricks you can use for dictionary attacks but the secret of brute forcing eludes me for now. There are two programs to aid in this 'pljohn' (a perl script that wraps multiple JtR processes and uses a pipe) or its C counterpart 'forkjohn'. Some of the nodes were booted into X, some booted using the CHAOS kernel. The 2.6 Kernel on the clusterknoopix CD does not appear to support OpenMosix correctly but the 2.4 worked fine. All nodes were booted from the OpenMosicTerminalServer (DHCP,PXE). There's nothing quite like seeing the 90GB of available RAM. Thanks for the fun tip NeuTron, I'd like to hear if anyone else experiments with this. Also credit goes to my 2 lab monkeys appearing in the photos for their help in booting 90 machines repeatedly.

-Maestr0


All nodes were running on DELL GX-270's, running 2.8Ghz P4's with 1 GB RAM and e1000 gigabit network cards.

[BigDick]

Maestr0,
You just wish you could live the life of a lab monkey for ever...

BigDick (you know who)

[w0ob]

Now this was a very nice post.. However i have a couple of questions that i hope somone could help me with

I have recently installed a w-lan at home and i want to test the security on my router.
Im using a 128 bit wep encryption.. is there anyway to make a cluster that could help me with trying to crack that wep key?

thnx for a nice post

[NeuTron]

Actually, there is a tool which was designed to audit WEP keys using multiple machines(like a cluster). Its called SCOUT.

the cracker part of the tool can be comfortably parallelized and run on a cluster or a grid.

http://www.security.iitk.ac.in/IITKH...apers/cp01.pdf