You know all that talk about
GPUs being the new CPUs? Well it's not just a lot of hot, ventilated air. Thanks in large part to the launch of development kits like nVidia's
CUDA, Russian outfit Elcomsoft has just filed for a US patent which leverages GPUs to crack passwords. Their approach harnesses the massively parallel processing capabilities of modern graphics cards to make minced-meat of corporate-strength password protection. An NTLM-hashed Microsoft Vista password, for example, can now be cracked in 3 to 5 days (instead of two months) using a simple, off-the-shelf, $150 graphics card -- less complicated passwords can take just minutes. Dial the GPU up to an $800
GeForce 8800 Ultra and Elcomsoft's approach will crack passwords at a rate some 25 times faster than existing CPU-only approaches. Yippee?
[Via
NewScientist, thanks Sultan]
Read [warning: PDF]
posted Oct 24th 2007 9:16AM
need to password of my mobile samsung SGH-D508
OK i just need to feed my triple 280GTX's some o dis shit an ill be able to hack the defence network in like a month!
Well ATI/AMD are currently making a really really BIG mistake! I happen to have an HD 4870 and its a great gaming card, but can i find any software that uses its 1.2 TFLOP GPU for cracking, physics, or any other fancy jobs that used to be CPU only? NO, none what so ever, and it's taking off big time now with Nvidia CUDA. What the heck are ATI/AMD playing at.
The 8800 Ultra is an overpriced, outdated card. The GTX 280 is only $450 and twice as fast, and so is the dual-GPU 9800GX2.
GeForce 8800 Ultra 128 shaders 1512mhz
GeForce 9800 GX2 256 shaders 1500mhz
GeForce GTX 280 240 shaders 1296mhz
Holy **** that's fast.
I agree, looks like they will need to rename "brute force"
ya rename it to rape force
Sweeet! Gotta love when MS partners tear it apart and humiliate it publicly! Long live MS talent and security!
You know people hacked the iphones encryption within days of it coming out, so I dont know what you're cheering about.
You know that NTLMv2 hashes use RC5, right?
Err... MD5. What am I saying?
Gonna break into the Pentagon and start the nuclear holocaust, brb.
Could probably get away with an 8400GS for that one... saw one on sale for $30 after rebate last week.
So can I justify that 2nd 8800 now. I still haven't found a excuse my gf would see valid for the first. I don't thinking Hacking some TEA will be too convincing. Opinion withheld to I try it later.
P.s. Folding also need to get the Generic GPU support, ATI only is disturbing.
Here that, ..... Thats the sound of 10,000 System Administrators Cringing.
Oh.crap.
No crap, it's hard enough to keep stuff secure now, and stuff like this will just make it even worse. Plus, I don't really think this software applies to 90% of home computers since if they use a password at all, it's most likely "password".
Alright, where do I get this software???? My 8800GTX is hungry!
Well then prepare to shell out $1,300 for the cheapo version or $13,000 for the "blow your socks off and then decrypt the polyester threads" version...
...or just wait for the open source version.
Or you could acquire the software through other means. Like for free and stuff. What?
Heh, why not use the cheap one to crack the registry on the expensive one?
Hmmm... Quad Sli anyone? haha!
Never realised GPUs were so much more powerful then CPUs!?! Or are they more efficient?
Love to see how OSXs 'top notch security' holds out against this.
As I've heard it, it's not that GPU's are necessarily more powerful than CPU's, it's just that they just process certain types of mathematical functions faster, which makes them ideally suited for number-crunching. A GPU could never replace your CPU, at least not today.
The difference is in the type of processing they do. They're specialized for graphic display, meaning they do a lot of floating point operations. That makes a GPU really well-suited for doing certain types of math, whereas CPUs often came with a co-processor specifically designed to do math for them.
Another difference between CPUs and GPUs is that CPUs are designed to handle many tasks in a serial fashion, whereas GPUs handle many tasks in parallel. This makes GPUs suitable for graphics calculations, Folding@Home work and password cracking
I guess the good ol' Intel integrated GMA950 on my MacBook will still be slow at this... ;-)
It's not the floating point math. The newest version of the GPU's (Direct 10 capable) are capable of high precision, high speed INTEGER math. This is key because cryptology is based on integer math, not floating point and the DX10 cards are the first cards to support integer operations. The 8800 has 128 independent pipes, whereas your CPU has about 8 pipes per core. Not only that but they do that math in a single clock, where your CPU is multistage and might take 3-4 clock cycles to run an operation.
Your GPU can't do anything complex like a general purpose CPU, but for sheer number crunching they are putting CPU's to shame. That's what happens when you need to do vertex calculations on 100 million triangles every second.
I guess it depends on what passwords it can crack besides Vista if I'm interested or not. I can just change the administrator password or users passwords without cracking them - even if I don't know the admin password. What would be helpful to me is end users always password protect documents, zip files, rar files and then forget what the password is. It takes a long time for me to hack those - if this can hack those faster I'm excited.
See I always thought the reason GPUs were considered more powerful was 'cause they were specialized. But if they can do what a CPU can do but faster then the question becomes - why the hell doesn't Intel and AMD take advantage of the technology being used to make GPUs - obviously it's superior, so what's holding them back?
GPUs are optimized for floating point,parallel operations. You have to have an application that CAN take advantage of the GPU, and then you have to have an application WRITTEN to take advantage of the GPU. Not all applications can be written this way, and even fewer are.
AMD did take advantage of this technology... when they bought out ATI. *rimshot*
Why not? Because GPUs don't do everything CPUs do, by a long shot. They don't handle exceptions and interrupts. They don't do "if" statements and code branches very quickly. They don't do most of the memory management that a CPU does. They don't do serial calculations as quickly as CPUs. (They're only faster because they're doing lots of copies of the same calculation with different data. If you don't need that, they're no help.) And so forth and so on.
Have a look at some pictures of the die for a CPU and a GPU. There are lots of things that take up lots of space on the CPU die that aren't on the GPU die. All of those things are important for making a usable computer, and are things the GPU doesn't do.
The technology here is really pretty simple. Choose what you want the chip to do well, and design it to do that. A GPU is made to do lots and lots of nearly identical calculations very quickly, and nothing else. A CPU is not particularly made to do that, because 99 percent of the time, nobody cares. (Except when the calculations are actually for graphics, and the CPU doesn't do those.)
It doesn't specifically say if it's NTLM or NTLMv2. The original NTLM hash has been known to be weak for many years and you shouldn't be using it anyway.
Now, if they are brute forcing an NTLMv2 hash in 5 days we are in big trouble.
20+ character passphrases anyone?
It specifies Vista which uses NTLM 2 by default so it sounds like trouble.
If you're smart enough to memorize a 20-digit passphrase, then why not get the hell out of Windows and migrate to Unix/Linux/Mac/BSD/JavaOS or anything better?
Unix isn't going to save you from this. This is sheer brute force cryptology. It's going to be capable of cracking any cryptology, including military spec crypto.
Not quite true, there are encryption standards that require an estimated thousand years, now you can speed that up but you;d still be looking at years of effort.
And there are encryptions that can NEVER be bruteforced because they are designed to not be mathematical but use a reference table, and if they make the right moves to prevent frequency analysis it's just not possible.
Then we must feed it!!
http://www.elcomsoft.com/edpr.html
I just hope it doesn't brute force guess my Engadget comment password. I can't imagine how incoherent my comments will seem THEN!
BTW I bet this software will never guess my birthday anyway.
This is nothing new, and if the patent investigator does his job, it should get denied. Now I am not saying the program itself is not interesting, I am just saying I have on many occasions during the course of my job over the last 5 years seen agent based encryption breaking applications on a number of 3 digit organizations...
Of course it can, Vista was just an example.
You could do the same, and faster (but with a lot of pre-load) by populating a rainbow table. There are a lot of people selling rainbow tables, too.
Although cracking NTLM hashes is a common first app for parallel computing architectures, this idea is really nothing new. The novelty and beauty of it all is that a single (or dual or whatever) PCIe card that is in a lot of our machines has the computational power to do very math intensive tasks. Put it to work for Folding@Home or something like that.
And what is more scary than a program that uses a GPU to crack? The US Patent office giving a patent to the Russians to do this!
Of course it is impressive but I don't think it should get the patent
reason 1. the patent system is corrupt and geared towards lame American inventions
reason 2. I'm sure it will fall into one of those national security concerns
reason 3. It has already be done with other processors, it stupid to start having patents for software that are separate for each device. {but hey it is a stupid patent system, right?}
reason 4. what happens if AMD survives long enough to make the fusion
This may be a stupid question, but does this render PGP useless to some degree?
PGP uses pretty long keys by default and even longer when you elect to, it's not as weak as all that.
You do know that anyone who knows anything about security hasn't been using MD5 for some time now due to it being trivial to crack with Rainbow Tables right?
Can anyone email me a source link to hacking protected word files. My sister forgot her passwords to a few word and excel files and I have no idea how to reopen the files. What's a rainbow table? I am new to this and thanks!
@ Mike:
http://www.justfuckinggoogleit.com/search.pl?query=rainbow+table
That's why I always have my passwords set to "password". Whenever someone cracks it they get really mad at themselves for putting in all that effort.
An even better one would be "what is a password?"
It used to be fun, when network admins were playing around with l0phtcrack, to set your password to "" (That's "<NO PASSWORD>" in case this isn't HTML-Encoded), as that was the default string l0phtcrack presented when there was no password for an account, causing much confusion and chagrin. ;)
Hmm, their website does list PGP. The thing about brute force attacks is that they can very easily be modified to crack any encryption to which you know the algorithm. The speed at which they perform is just a product of the complexity of the encryption, and the computational power of the system doing the cracking. If you want to see an awesome cracking machine check out http://nsa.unaligned.org/
Ridiculous.. Just wait until there is no incentive for software developers to produce new software because there is no money in it. No one benefits in those circumstances; especially ISV's like myself. I "understand" why some people steal software that is highly overpriced. But when the same software app would have taken a person a year or more to develop for themselves to use yet they still can't pay $50 for it...
Sorry, didn't mean to reply to your post Johnny.
I don't pay for any of the FOSS software I use, but the developers are still getting paid. Maybe you should look into the idea of not paying for development but for support.
Greetings, Professor Falken. Shall we play a game?
Let's play Thermonuclear War
I wish I could run Matlab on this thing...
didn't Microsoft BUY Elcomsoft? I swear I read an article saying they did
Sheeet, I don't even have the software yet and I already want to cause some sort of mischief!
That's it... I'm going to the vid store right now to get me a copy of "Live Free or Die Hard" movie and I'm going to watch it 20 times straight through! THEN we will see who is da MAN!
Fragging and Cracking at the same time... DAM! Somebody get me a Bud Light and some Doritos!
:D
oh no, not true,
Under a special agreement with Microsoft, ElcomSoft System Recovery is based upon Microsoft Windows Preinstallation Environment (Windows PE), a hardware-independent minimal Windows system that replaces the antique DOS boot disk that was used to set up new computer systems.
http://www.pr.com/press-release/55098
LOL, figures it's a Russian patenting a password cracking app. Almost all the pirate websites selling software on the web are run by Russians.
IT would take a freaking super computer to crack my... O wait... I don't have a password...
Yes, but can it crack passwords while playing Doom?
Oh my God, since we're dealing with GPUs, that Doom comment was actually relevant this time.
@Trent:
Brute force doesn't do you any good if you cant get to the password (shadow) file.
Either way, no one is truly concerned with this technology, its just another script kiddie tool. That's of course to not say its not dangerous.
Quantum computing is what we're afraid of.
Use this for something more benign please like cracking Winrar passwords :D
You won't find it anywhere for under 200$
(cough)Newsbins(Cough)Giganews(cough)
http://www.binsearch.info/?q=Elcomsoft+Distributed+Password+Recovery&max=100&adv_age=200&server=
So if this is basic Brute Force, would it stand to reason that they will be smart enough to make it multi threaded and able to split the workload into multiple chunks?
Basically, you could take a motherboard supporting Quad PCIE x16 Slots (Mac Pro anyone?) and stuff in 4 x 8800 Ultra Cards into a single machine. Because your not playing games, you dont need SLI to work on all 4.
Would that make the cracking process even faster?
The scary part is you could stuff all that power, along with a QX6850 and several TB of storage into an average looking tower case.
Wow. Wow. WOW. The program could cost $13,000 dollars and it won't matter. That puppy is going to be ripped, cracked, and packed on Bittorent so fucking fast. If it is released commercially, it is going to hit the hands of every network engineer, hacker, and script kiddy out there.
If it supports SLI, holy shit. Somebody that *wants* to really crack passwords will be able to put together one HELL of a cracking system. If it supports DISTRIBUTED brute force attacks with multiple programs over a network...... near instant cracking machine for a group of 10+ hackers with a bunch of hardware. Let's not even think of a somebody with a Storm Worm botnet army that can adapt this program in a distributed manner.
This is going to cause a lot of problems for awhile, but it will really force people to use more complex and longer passwords, which is going to piss off users a lot :) I am sure a lot of network admins out there are quietly laughing themselves to death now that there is an EXTREMELY compelling reason to force all network users to conform to strong password requirements.
I use 24 character passwords with unprintable characters, which means you have to worry about 250+ characters which vastly increases the permutations. That is probably the only way you could be safe.
If this program can crack a 10 character password with a base of 90 characters in a day, then a 20 character password with a base of 200 characters will be many orders stronger and push the bar back up to months and years.
This is not necessarily MS's fault either. Granted they completely suck at security, but they could rely on 2 or 3 months to brute force a password and in that time it could be highly likely to change with appropriate policies. Now they can't.
some one change my administrator password on network workgroup.....can anyone tell me how it can be done using the command promt.....plz reply soon.....