What Is Hash Cracking?
Unlike encryption, hashing isn’t reversible. The only way to “recover” the password from the hash is to make a guess as to what the password is, run it through the hashing algorithm, and see if the result matches the hash you have. As you’d expect with such a prolific and time-consuming challenge, the tooling available to attackers is very mature; John the Ripper and Hashcat collectively support a huge number of hash types with all sorts of fancy features and exceptional performance optimizations. At the end of the day though, the biggest challenge isn’t the software – it’s the hardware.
Hash Cracking Rigs
If you’ve ever spent more than five minutes researching password cracking, you’ve probably come across forum posts of folks bragging about their “cracking rigs”: several-thousand-dollar custom builds with the singular focus of cranking out hashes as fast as possible. The cool kids all seem to show up with eight GPUs and talk about the killer hash rates they’re capable of. After all, the more quickly you can test your guesses, the faster you’ll land on the right one!
The cost of running these rigs dissuades almost everyone from participating in the practice. We maintain a couple of dedicated cracking rigs here at Coalfire; sure, they were expensive to buy, but running that hardware isn’t cheap on electricity either. All told, the hardware, electricity, and maintenance run in the tens of thousands of dollars per year; definitely not a price within range of even the most passionate enthusiast.
Password recovery is a battle against math,
time, cost, and human behavior; and much like any battle, the tactics are
constantly evolving.
631
37
TAKE THIS COURSE