Jump to content

Pyrit Using A Cluster Of Pcs


TheRaver

Recommended Posts

Hi All,

little background.

I am running an AMD 1055T Overclocked to 3.6Ghz at highest speed Ive lowered this down as I am running a WPA crack using pyrit & crunch.

My pc

AMD clockspeed about 3.4GHZ six cores

I am also using CUDA on an Nvidia GTX260 (this is quite an old card I had lying around)

8Gig Ram

Backtrack 5r1 fully patched working with cuda.

I also have a linux server box well webserver as well which just sits there all day not doing much.

This is a 3Ghz Dual core AMD

2gig Ram

1TB harddisk

no special card or other bits.

What I would like to do is run "./crunch 10 10 -f charset.lst lalpha-numeric -i -d 1 -s abababababab -u | pyrit -i - -r mywpa.cap - mywifi attack_passthrough"

This command will bruteforce to pyrit starting from abababababab

All well and good as its running this now on my BT box I am getting aprox 14000PMKs

I would like to shift some of the load onto my other linux box I know it can be done with pyrit but if I want to do this will I have to generate a 32Pbyte wordlist then import that into pyrit then I can attack that using multipule machines or is it possible to do this using the command i have with crunch?

Many thanks.

To give you an idea of what I have tried ...

I ran a vm on my windows machine running Backtrack 5

I then run crunch with the above command but created a 50gig file once this was completed I compressed this file using gzip then tar'd it to make it smaller the resulting zipped size was about 10-11gig

It got to the stage where I couldnt zip up my files fast enough.... I had some serious fun in the beginning crunch filled a 3TB eternal harddrive in just over a day it was amazing I came home expecting the drive to have been about half full but it just gobbled up 3TBs way cool...

Anyway if anyone has any ideas

So you are aware I have the 4 way handshake I captured this using airodump-ng I also verified this using pyrit and checked in wireshark for the EAPOL(i might have that wrong)

So again 2 machines I would like to spread the load so to speak :)

Thanks all....

The Raver

Live long and prosper :)

Link to comment
Share on other sites

Found something that might be worth, checking out.

http://code.google.com/p/pyrit/issues/detail?id=159

http://www.backtrack-linux.org/forums/showthread.php?t=36368

Edited by Infiltrator
Link to comment
Share on other sites

Many thanks for your quick reply,

I have actually been watching the threads on BT forums...

What I am trying to do might not be possible its ive seen clusters sharing cpu work...

What I am doing is a bruteforce so I dont have a text file to use so would be unable to spread the load across each of the machines although I may end up doing this.

Thanks for your reply.

Dave

Link to comment
Share on other sites

Many thanks for your quick reply,

I have actually been watching the threads on BT forums...

What I am trying to do might not be possible its ive seen clusters sharing cpu work...

What I am doing is a bruteforce so I dont have a text file to use so would be unable to spread the load across each of the machines although I may end up doing this.

Thanks for your reply.

Dave

Correct if I am wrong, but doesn't Pyrit only use dictionary files? Instead of pure brute forcing!

Link to comment
Share on other sites

I would set up Pyrit and the server setup as described in the links.

then you can run a command like

crunch 10 10 0123456789 | pyrit -i '-' -r keyfile attackpassthru

and if the servers are all setup and running it should work as a cluster.

But after looking at the systems you are using It might be more effective to buy a 100 dollar video card that will do more pmk that your setup clustered for like half the power cost and the lack of use of whatever machines are doing the cracking.

You just have to make sure the servers are running on other machines and you have set the pyrit config file to know about them.

Edited by leapole
Link to comment
Share on other sites

Hi Infiltrator,

no you can pipe data from number crunchers like crunch. which is what i had started to do...

But i dont think it was possible to do a cluster without using a dictionary.

As a starting point I am creating a 27Pbyte list I am on about 5Tbytes with a week of crunching :)

Cheers

The Raver

Link to comment
Share on other sites

I would set up Pyrit and the server setup as described in the links.

then you can run a command like

crunch 10 10 0123456789 | pyrit -i '-' -r keyfile attackpassthru

and if the servers are all setup and running it should work as a cluster.

But after looking at the systems you are using It might be more effective to buy a 100 dollar video card that will do more pmk that your setup clustered for like half the power cost and the lack of use of whatever machines are doing the cracking.

You just have to make sure the servers are running on other machines and you have set the pyrit config file to know about them.

Hi leapole,

my intention is weavering towards 2-3 AMD 5870s as they seem to get about 32000Psk

My ideal setup would be my trusty GTX260 on my server box running 2Gig Ram & a 3Ghz Quad AMD

Then my normal BT5 box running AMD 1055 6 cores overclocked 3Ghz per core with 2-3 5870s I can fit upto 4 cards on my board.

Thanks again I am constantly reading and learning and am always open to suggestions.

If anyone is interested

55 files of 100Gig compressed with bzip2 to 8gig a file.

This hasn't really touched much of the create list lalphanumeric.

Cheers

The Raver

Link to comment
Share on other sites

  • 1 year later...

you can nix the gpu and lack of understanding and get the basis of this done in a page of bash

You need two main scripts. One to iterate permutations a-Z 0-9 or whole words even.

The other iterates numerations of your desired line.

Third script runs on into the other. for var do done. you can then easily pipe this into mario world.

Sed your script while numerating a sequence of 1-however many lines your permutations yield. You also sequence your permutations against your numeric sequencer. This reads 1to1 but you could could omit aircrack here and make a fullblown connect script by sequencing a telnet 1 in every 3 or whatever you desire. This allows you to choose a starting point for your crack as well as distributing that starting point differently to different devices. Looks basically like this

./bin/bash/script1

list=`echo {0..9} {a..z} {A..Z}`
for c1 in $list
do
for c2 in $list
do
for c3 in $list
do
echo $c1$c2$c3$
done
done
done

/bin/bash/script2

for i in$(seq 1-100000000)

do

/bin/bash/script1 sed -n '$line'p

done

/bin/bash/script3

ti=$(bin/bash/script2)

for var in "$ti"
do
/bin/bash/script2
done
/bin/bash/aircrack-ng some code - | /bin/bash/script
You would then make a master script presumably with netcat which would launch the same script on multiple devises. The only difference being what line you start on, your char set, or whatever vars you care to define.
The output of each of these scripts probably needs a handler but that should be the easy part. That is the part you do know how to articulate... right?
so this is a little rough but it should work for whatever you are capable of adapting it to. Not gpu based but simple enough for a noob I hope. plus you can run it on anything that supports a bash terminal. Like a android phone :-) if your not getting it or you want to see my full telnet script drop me a line bunny.test.y@gmail
Link to comment
Share on other sites

in the case of tables this would leave you with multiple in which case you could script your attack and add one second per table. For a cluster you could output your numeric iteration the (third which iterates the second) to a file and reference it with your handler to know where to start, stop, or where you left off.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...