JTR with MPI Patch
Friday, August 12, 2011 | Author: Deep Flash
Finally got the JTR with MPI patch working on Ubuntu 11.04

System Specs:

Intel Core i7 Q2630M (2 Ghz, Turbo upto 2.9 Ghz)
4 GB RAM

Host OS: Windows 7 Home Premium
Guest OS: Ubuntu 11.04, 32 bit

JTR version, 1.7.3 with a precompiled MPI patch. JTR was built using:

make clean linux-x86-sse2

MPICH2 was installed for MPI support.

I am running Ubuntu inside a Virtual Machine using VMWare Workstation. Now, the tricky part is, by default only 1 processor, 1 core is assigned to the VM Image.

with this, if I run the benchmarks, following are the results:

cat /proc/cpuinfo | grep processor

processor: 0

cat /proc/cpuinfo | grep processor | wc -l

1

./john --format=DES --test

Benchmarking Traditional DES [128/128 BS SSE2]... DONE

Many salts: 2512K c/s real, 2537 c/s virtual
Only one salt: 2101K c/s real, 2118 c/s virtual

mpirun -np 4 ./john --format=DES --test

Benchmarking Traditional DES [128/128 BS SSE2]... DONE

Many salts: 2512K c/s real, 10245K c/s virtual
Only one salt: 2108K c/s real, 8448K c/s virtual

There's no change in the real c/s stats, however, what we expect to see, shows up under virtual c/s stats.

It took some time to figure out, that I had to manually assign more cores to the Virtual Machine using VMWare Workstation settings option.

Below screenshot shows how to:



After this was configured, everything was in place :)

cat /proc/cpuinfo | grep processor

processor: 0
processor: 1
processor: 2
processor: 3

cat /proc/cpuinfo | grep processor | wc -l

4

Now, there's a significant increase in the value of real c/s while benchmarking.

mpirun -np 4 ./john --format=DES --test

Many salts: 8935K c/s real, 8940K c/s virtual
Only one salt: 7594K c/s real, 7602K c/s virtual

Now this looks good :)

I need to check the latest openmpi des patch for JTR 1.7.8 which is supposed to speed up DES by 12% to 14%. New s-box expressions were designed which reduces the number of gates used.

Will I get better speed if I use a 64-bit Ubuntu 11.04 and build JTR using linux-x86-64? This will be tested.

Listening Now: Andraculoid - Lifecycle
DEFCON 2011, Crack Me If You Can
Thursday, August 11, 2011 | Author: Deep Flash
We came like a storm and blew away all the hashes leaving behind only the plain text passes.

It was fun, exciting, challenging, eye opening and nerve wracking! :) There was a close competition between us and Hashcat. We emerged as the winners and it was great how we kept up with the challenge till the end.

Check out the stats here:

http://contest.korelogic.com/stats.html

Waiting for the winning goodies to arrive!

Some new projects which I am going to work on going forward:

FPGA based Bruteforcers.
John the Ripper with OpenMPI patch.

Here are some stats specific to our team, InsidePro 2011

Cracked by length



Cracked by charset



Cracked vs Uncracked



The slowest and the most precious hashes on the contest were, MS Domain Cached Credentials and OpenBSD Blowfish.

I'll look for ways to speed up these algorithms for cracking.

It was a great experience and the fact that we won, makes this more memorable.

Regards,
c0d3inj3cT

Listening Now: Groove Cutter - My Shooter