TheRaver Posted March 25, 2012 Share Posted March 25, 2012 Hi All, little background. I am running an AMD 1055T Overclocked to 3.6Ghz at highest speed Ive lowered this down as I am running a WPA crack using pyrit & crunch. My pc AMD clockspeed about 3.4GHZ six cores I am also using CUDA on an Nvidia GTX260 (this is quite an old card I had lying around) 8Gig Ram Backtrack 5r1 fully patched working with cuda. I also have a linux server box well webserver as well which just sits there all day not doing much. This is a 3Ghz Dual core AMD 2gig Ram 1TB harddisk no special card or other bits. What I would like to do is run "./crunch 10 10 -f charset.lst lalpha-numeric -i -d 1 -s abababababab -u | pyrit -i - -r mywpa.cap - mywifi attack_passthrough" This command will bruteforce to pyrit starting from abababababab All well and good as its running this now on my BT box I am getting aprox 14000PMKs I would like to shift some of the load onto my other linux box I know it can be done with pyrit but if I want to do this will I have to generate a 32Pbyte wordlist then import that into pyrit then I can attack that using multipule machines or is it possible to do this using the command i have with crunch? Many thanks. To give you an idea of what I have tried ... I ran a vm on my windows machine running Backtrack 5 I then run crunch with the above command but created a 50gig file once this was completed I compressed this file using gzip then tar'd it to make it smaller the resulting zipped size was about 10-11gig It got to the stage where I couldnt zip up my files fast enough.... I had some serious fun in the beginning crunch filled a 3TB eternal harddrive in just over a day it was amazing I came home expecting the drive to have been about half full but it just gobbled up 3TBs way cool... Anyway if anyone has any ideas So you are aware I have the 4 way handshake I captured this using airodump-ng I also verified this using pyrit and checked in wireshark for the EAPOL(i might have that wrong) So again 2 machines I would like to spread the load so to speak :) Thanks all.... The Raver Live long and prosper :) Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted March 25, 2012 Share Posted March 25, 2012 (edited) Found something that might be worth, checking out. http://code.google.com/p/pyrit/issues/detail?id=159 http://www.backtrack-linux.org/forums/showthread.php?t=36368 Edited March 25, 2012 by Infiltrator Quote Link to comment Share on other sites More sharing options...
TheRaver Posted March 26, 2012 Author Share Posted March 26, 2012 Many thanks for your quick reply, I have actually been watching the threads on BT forums... What I am trying to do might not be possible its ive seen clusters sharing cpu work... What I am doing is a bruteforce so I dont have a text file to use so would be unable to spread the load across each of the machines although I may end up doing this. Thanks for your reply. Dave Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted March 27, 2012 Share Posted March 27, 2012 Many thanks for your quick reply, I have actually been watching the threads on BT forums... What I am trying to do might not be possible its ive seen clusters sharing cpu work... What I am doing is a bruteforce so I dont have a text file to use so would be unable to spread the load across each of the machines although I may end up doing this. Thanks for your reply. Dave Correct if I am wrong, but doesn't Pyrit only use dictionary files? Instead of pure brute forcing! Quote Link to comment Share on other sites More sharing options...
01000010 Posted March 28, 2012 Share Posted March 28, 2012 (edited) I would set up Pyrit and the server setup as described in the links. then you can run a command like crunch 10 10 0123456789 | pyrit -i '-' -r keyfile attackpassthru and if the servers are all setup and running it should work as a cluster. But after looking at the systems you are using It might be more effective to buy a 100 dollar video card that will do more pmk that your setup clustered for like half the power cost and the lack of use of whatever machines are doing the cracking. You just have to make sure the servers are running on other machines and you have set the pyrit config file to know about them. Edited March 28, 2012 by leapole Quote Link to comment Share on other sites More sharing options...
intertan Posted April 4, 2012 Share Posted April 4, 2012 have you looked at oclhashcat-plus? Quote Link to comment Share on other sites More sharing options...
TheRaver Posted April 9, 2012 Author Share Posted April 9, 2012 Hi Infiltrator, no you can pipe data from number crunchers like crunch. which is what i had started to do... But i dont think it was possible to do a cluster without using a dictionary. As a starting point I am creating a 27Pbyte list I am on about 5Tbytes with a week of crunching :) Cheers The Raver Quote Link to comment Share on other sites More sharing options...
TheRaver Posted April 9, 2012 Author Share Posted April 9, 2012 have you looked at oclhashcat-plus? Hi intertan no I havent looked at oclhashcat-plus I've had a read about it but havent had any experience yet. Cheeers The Rave Quote Link to comment Share on other sites More sharing options...
TheRaver Posted April 9, 2012 Author Share Posted April 9, 2012 I would set up Pyrit and the server setup as described in the links. then you can run a command like crunch 10 10 0123456789 | pyrit -i '-' -r keyfile attackpassthru and if the servers are all setup and running it should work as a cluster. But after looking at the systems you are using It might be more effective to buy a 100 dollar video card that will do more pmk that your setup clustered for like half the power cost and the lack of use of whatever machines are doing the cracking. You just have to make sure the servers are running on other machines and you have set the pyrit config file to know about them. Hi leapole, my intention is weavering towards 2-3 AMD 5870s as they seem to get about 32000Psk My ideal setup would be my trusty GTX260 on my server box running 2Gig Ram & a 3Ghz Quad AMD Then my normal BT5 box running AMD 1055 6 cores overclocked 3Ghz per core with 2-3 5870s I can fit upto 4 cards on my board. Thanks again I am constantly reading and learning and am always open to suggestions. If anyone is interested 55 files of 100Gig compressed with bzip2 to 8gig a file. This hasn't really touched much of the create list lalphanumeric. Cheers The Raver Quote Link to comment Share on other sites More sharing options...
01000010 Posted April 10, 2012 Share Posted April 10, 2012 Nice. You should have nps using the pipe for the cluster. You might want to setup the database up so you can save all the crunch that you do. Pyrit is an extensive program and well setup for your plans. Quote Link to comment Share on other sites More sharing options...
thebunnyman Posted October 12, 2013 Share Posted October 12, 2013 you can nix the gpu and lack of understanding and get the basis of this done in a page of bash You need two main scripts. One to iterate permutations a-Z 0-9 or whole words even. The other iterates numerations of your desired line. Third script runs on into the other. for var do done. you can then easily pipe this into mario world. Sed your script while numerating a sequence of 1-however many lines your permutations yield. You also sequence your permutations against your numeric sequencer. This reads 1to1 but you could could omit aircrack here and make a fullblown connect script by sequencing a telnet 1 in every 3 or whatever you desire. This allows you to choose a starting point for your crack as well as distributing that starting point differently to different devices. Looks basically like this ./bin/bash/script1 list=`echo {0..9} {a..z} {A..Z}` for c1 in $list do for c2 in $list do for c3 in $list do echo $c1$c2$c3$ done done done /bin/bash/script2 for i in$(seq 1-100000000) do /bin/bash/script1 sed -n '$line'p done /bin/bash/script3 ti=$(bin/bash/script2) for var in "$ti" do /bin/bash/script2 done /bin/bash/aircrack-ng some code - | /bin/bash/script You would then make a master script presumably with netcat which would launch the same script on multiple devises. The only difference being what line you start on, your char set, or whatever vars you care to define. The output of each of these scripts probably needs a handler but that should be the easy part. That is the part you do know how to articulate... right? so this is a little rough but it should work for whatever you are capable of adapting it to. Not gpu based but simple enough for a noob I hope. plus you can run it on anything that supports a bash terminal. Like a android phone :-) if your not getting it or you want to see my full telnet script drop me a line bunny.test.y@gmail Quote Link to comment Share on other sites More sharing options...
thebunnyman Posted October 12, 2013 Share Posted October 12, 2013 in the case of tables this would leave you with multiple in which case you could script your attack and add one second per table. For a cluster you could output your numeric iteration the (third which iterates the second) to a file and reference it with your handler to know where to start, stop, or where you left off. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.