hashcat plus google cloud is awesome


Running Hashcat 5.1.0 on Google Cloud with GPUs

I have grown to really like using Google Cloud and its wide variety of GPUs for use.  One of my favorite pentesting uses is an on-demand password cracking using Hashcat.  Don’t get me wrong, a dedicated physical Hashcat GPU rig has advantages not to mention fun to build.  My goal is to have an on-demand Hashcat compute instance ready to go whenever I need it.

There is an update to this guide:   Running Hashcat 6.1.1 on GCP

If you are interested in taking your Hashcat skills to another level I recommend reading “Hash Crack, Password Cracking Manual v3.0 by NETMUX“. This book is amazing and holds most of the answers you need when taking on a password or hash cracking assignment.  As you can probably tell, this is one of my frequent “go to” books when performing hash cracking.

HashCrack 3.0
Google Cloud has a wide variety of GPUs for your use on their platform and I decided do a quick article on how to get Hashcat running. I won’t be going into the use of Hashcat outside of a benchmark test, anything beyond that will be saved for another post.  If you are interested in taking your Hashcat skills to another level I would recommend reading “Hash Crack, Password Cracking Manual v3.0 by NETMUX”. That book is amazing and holds most of the answers you need when taking on a password or hash cracking assignment.

First off, you may need to request a limit increase.

In the Google console, go to “IAM & admin” and select quotas.  Then you need to request a change for “GPU (all regions)” with is in the Global location and “NVIDIA P100 GPUs” in the region you want to deploy the VM instance.  In this case I am doing US-CENTRAL1.  Here is a link to Google GPU availability:  https://cloud.google.com/compute/docs/gpus/#introduction Google Cloud IAM Google was pretty responsive, it took under an hour to get my increase. NOTE:  Google gives you a $300 credit when you start a Google Cloud account, but you need to enter payment info to get these quotas changed.   Just remember when your $300 credit runs out, you will get billed.

Create your new instance with GPUs

Click on the “Compute Engine” area on the navigation menu.  Once there, click “Create Instance”. Google Cloud Create Instance   On your new instance, give it a name (hashcat-1), make sure the Region is the region you got the quota increase in.  In my case it is US-CENTRAL1.  The zone doesn’t really matter in this scenario, but you may have to change it if the GPU resources are not available.  The “Boot disk” I will be using is Deep Learning Image:  Base m27 (with CUDA 10.0) because all the drivers we need will be installed and optimized without any configuration from me.  (If you want to use a different linux flavor, just remember you need to load the NVIDIA drivers.)  Click the “Customize” button to add GPUs. google cloud deep learning You can see I added made my instance have, 2 vCPU, 7.5GB RAM and added 4 NVIDIA Tesla P100s.  I am only doing 4 GPUs in this example due to the limitations of my region/zone at the time I am writing this.  I have had machines with up to 8 GPUs but it took a few tries to allocate the resources. google-cloud-gpu  

Update OS and install Hashcat 5.1.0

Log into your instance by clicking the SSH button.  Notice, by default this instance does not have a external IP. google instance ssh terminal You will be prompted to install the NVIDIA drivers.  Type “y” and then press <ENTER> google cloud nvidia   Update your system: sudo apt update && sudo apt upgrade -y Install Hashcat: Download the latest version of Hashcat: wget https://hashcat.net/files/hashcat- Note:  At the time I am writing this Hashcat is version 5.1.0 Un-archive Hashcat: sudo apt install p7zip-full -y 7z x hashcat-

Benchmark to verify Hashcat is working properly

cd hashcat-5.1.0 sudo ./hashcat64.bin -b google hashcat benchmark Note:  You can safely ignore the fan speed errors.

That is all there is to it!

In a few minutes you have a fully functional Hashcat 5.1.0 cracking machine in Google cloud for ~$4.156 per hour.  In addition to this setup I have my wordlists, scripts and supporting applications stored in storage buckets I attach to these instances for quick easy access. For an amazing book to take you hash cracking to then next level: