Publication Details
Distributed password cracking with BOINC and hashcat
Zobal Lukáš, Ing. (DIFS FIT BUT)
Ryšavý Ondřej, doc. Ing., Ph.D. (DIFS FIT BUT)
Kolář Dušan, doc. Dr. Ing. (DIFS FIT BUT)
hashcat, BOINC, cracking, distributed computing, GPGPU
Considering today's challenges in digital forensics, for password cracking, distributed computing is a necessity. If we limit the selection of password-cracking tools strictly to open-source software, hashcat tool unambiguously wins in speed, repertory of supported hash formats, updates, and community support. Though hashcat itself is by design a single-machine solution, its interface makes it possible to use the tool as a base construction block of a larger distributed system. Creating a "distributed hashcat" which supports the maximum of hashcat's original features requires a smart controller that employs different distribution strategies in different cases. In the paper, we show how to use BOINC framework to control a network of hashcat-equipped nodes and provide a working solution for performing different cracking attacks. We also provide experimental results of multiple cracking tasks to demonstrate the applicability of our approach. Last but not least, we compare our solution to an existing hashcat-based distributed tool - Hashtopolis.
@ARTICLE{FITPUB11961,
author = "Radek Hranick\'{y} and Luk\'{a}\v{s} Zobal and Ond\v{r}ej Ry\v{s}av\'{y} and Du\v{s}an Kol\'{a}\v{r}",
title = "Distributed password cracking with BOINC and hashcat",
pages = "161--172",
journal = "Digital Investigation",
volume = 30,
number = 1,
year = 2019,
ISSN = "1742-2876",
doi = "10.1016/j.diin.2019.08.001",
language = "english",
url = "https://www.fit.vut.cz/research/publication/11961"
}