AWS  p3.16xlarge instance offers decent hardware for cracking hashes. This blog post is a cheat sheet for configuring an instance and start cracking hashes in no time.  The p3.16xlarge instance type isn't available in the instance type list by default, and a support ticket has to be raised to get it enabled for your account ( Probably because it is expensive - 25$/Hour). In my case it only took a few hours to get it enabled.

Turn on the instance and type in the following commands :

sudo apt-get update && sudo apt-get install -y build-essential linux-headers-$(uname -r) p7zip-full linux-image-extra-virtual

This will update everything and install the required packages. Then edit the /etc/modprobe.d/blacklist-nouveau.conf file and add the following:

blacklist nouveau
blacklist lbm-nouveau
options nouveau modeset=0
alias nouveau off
alias lbm-nouveau off

Then run the following commands

echo options nouveau modeset=0 | sudo tee -a /etc/modprobe.d/nouveau-kms.conf
sudo update-initramfs -u
sudo reboot

Now all that's left is to download the NVIDIA Drivers and Hashcat.

To install the drivers download the latest version from the NVIDIA website.

wget http://us.download.nvidia.com/tesla/410.104/NVIDIA-Linux-x86_64-410.104.run
sudo /bin/bash NVIDIA-Linux-x86_64-410.104.run

To Download Hashcat download the latest version of hashcat

wget https://hashcat.net/files/hashcat-5.1.0.7z
7za x hashcat-5.1.0.7z

You can run Hashcat using

sudo ./hashcat64.bin --args --here

Modes of attacks

There are several approaches to cracking hashes. Given a hash we can either check it against a list of passwords ( word list) or try to brute force all the characters ( Doesn't work well with very long and complex passwords) or Have some modifications done on the existing word list, for example append 123 after every entry in out word list.I will write a separate post on the above mentioned attacks.

HashCat CheatSheet

Cracking NTLM Hashes

sudo ./hashcat64.bin -m 5500 hash.lst

Cracking NTLM v2 Hashes

sudo ./hashcat64.bin -m 5600  hash.lst

Cracking Kerberos hashes

sudo ./hashcat64.bin -m 13100 hash.lst


Useful word-lists and Framework: