Security professionals, whether offenders or defenders, need to know how to recover passwords (or what's more commonly called cracking passwords). This may include cracking acquired Windows SAM or AD database files, Linux shadow files, performing password auditing of administrator and user accounts, along with other security purposes.
A powerful tool that assists with with these tasks is a password cracking machine, often called a password cracking "rig". These systems often resemble the cryptocurrency mining rigs, but have the hardware and software are tailored around password hash cracking. Both the cryptomining of certain blockchains and password cracking have similarities in the way they are processed, both are optimal for parallel processing. Therefore, these systems contain multiple graphical processing units (GPUs), essentially, PCI-e cards that gamers use to play complex video games. GPUs are the main engine components that will do the needed parallel processing that gets those password hashes cracked.
What is CrackerJack?
\ 'kra-ker-jak \ - a person of thing of marked excellence
CrackerJack is a system that put I together to learn the fine art of password cracking and develop an effective methodology. This rig was built affordably, avoiding the "top of the line" components that security consulting firms use for their rigs to save costs. This recipe is for those who are at an intermediate level in their information security journey.
What hardware is needed?
When I was investigating how to approach this password cracker project, there were many opinions and ideas of the "best" way to build a rig. Some state that only multiple higher-end GPUs will work (with the corresponding costs), but some have the opinion that a simple system with one medium-level GPU is adequate for most needs. I decided to take the middle road by purchasing higher-cost quality parts for some things where it's warranted and saving costs on others.
Keep in mind that the prices below may change depending on when you read this and where you are located. In the last month or so (Dec 2020 - Jan 2021), prices for some computer components on the retail marker have increased more than a third from when I originally purchased them. I'm not sure why this jump occurred (I thought it was because of the holidays but it continues on), but two good places to look are eBay and your local Craigslist. If you are patient and meticulous, you can get good deals. I took advantage of Black Friday and other sales that occur during the holiday season here in the US.
- Motherboard - ~$140 USD
- ASRock H110 Pro BTC+ - This ATX form-factor motherboard is designed for cryptomining but works great for password cracking rigs, accommodating up to 13 GPUs, providing future expansion capacity. It's ideal for using with PCI-e risers (covered below) with twelve 1x and one 16x PCI-e slots.
- Processor (CPU) ~$180 USD
- 1x Intel i5 Gen 7 (4-core) LGA1151 socket - This multi-core CPU is the fastest one that matches this motherboard. With password cracking, some CPU processing is used for hash / wordlist loading and job scheduling, but most of the work is done by the GPUs, so a 6-core or 8-core CPU is a bit overboard and unnecessary. Make sure you look at your specifications for your intended motherboard to verify the CPU type and model before you buy as requirements are usually very specific.
- Memory (RAM) - ~$140 USD
- 2x 16GB HyperX Fury 2400MHz DIMMs - More memory comes in handy when you have very large wordlists that need to be loaded before the GPUs to their work. 16GB is a bit much to password cracking, but I got them on a crazy sale (Black Friday) for just a bit more than two 8GB DIMMs, so I grabbed them.
- GPUs - ~$100 USD (used) - ~$170 USD (new) each
- 7x MSI Nvidia GTX 1050ti - GPUs seem to be the item that fluctuates in price the most. Many opinions say that Nvidia GTX 1070 series cards are the starting point, but right now they run $500-600 USD, so they weren't doable for me. I was able to get two GPU cards new at the the top-end price above during sales and gained the others used for $30 USD to $70 USD less. Today these GPUs are going for ~$250-300 USD each!
- SSD - ~$80 USD
- 1x Seagate Barracuda 960GB 2.5" SSD - I had this SSD lying around on my desk without a purpose, so I put it to good use for this rig. A standard hard drive would have worked, but I preferred the faster speed of loading large wordlists from storage.
- PCI-e Risers - ~$50 USD
- 6x FebSmart PCI-e Risers - These are boards that have a 16x PCI-e slot, 6-pin power connector and a USB 3.0 port. They work as an extension to the 1x PCI-e slots on the motherboard in order to run your GPUs off-board. The PCI-e slots on any ATX form-factor motherboard are too close together to accommodate 6-7 GPU cards, so risers are a necessity. The kit comes with a PCI-e mini-card for the 1x motherboard slots, connecting to the risers by a USB 3.0 cable. Although, it isn't a regular USB port as we know it. The physical cables are used to transport PCI-e lane data. Don't go cheap here since these are the main communication channels from the motherboard to the GPUs (which are the main devices we're building this rig for anyways). I only needed six risers since one GPU can occupy the single 16x PCI-e slot on the motherboard.
- Power Supplies (PSUs) - ~$140 USD each
- 2x Thermaltake Toughpower GF1 850W - All components, especially GPUs (95W each) take power to run. Password cracking rigs may run for very long periods of time with GPUs at 95-100% utilization. To buy a power supply with enough capacity, look at the specifications for each component and add up the total watts each will require as if it was running at 100% capacity and add 15-20%. That will give you an idea of the number of watts you will theoretically be using, then you can search for the appropriate power supplie(s). You may need multiple power supplies to handle the load based on your calculations. I used two power supplies to be on the safe side, but you may not require it. If you do need two, there is a cable (dual 24-pin mining adapter cable) you can purchase that will turn them both on simultaneously on system startup, avoiding hardware errors. It's also a good idea to evenly load the power supplies to avoid single unit burnout.
- Cooling - ~$100 USD
- 8x Thermaltake 120mm 2000 PWM fans - The components of a password cracking rig will be running at a high level for long period making adequate cooling is imperative. Most GPUs used for password cracking rigs will most likely have their own cooling fans, although they push hot air across heat sinks and away from the cards into the case (unless they are blower cooling mechanisms). That hot air needs to be exhausted from the case itself to allow cooler air to enter, so case fans are important to have. Cooling fans are the only mechanical unit in this rig, so buying good ones will prevent devices from being destroyed from excessive heat when the fans stop working. Also quiet fans will maintain your sanity if you have your rig in any living space.
- System case - ~$65 USD
- AAAwave 6 GPU Aluminum Mining Rig case - This case isn't what you traditionally think of when you imagine a computer case. It's an open-air design, which allows for the maximum airflow across all rig components. There are no case walls to block in heat, so components, especially the GPUs, run cooler when under load. Most cryptominers use open-air cases with good results. These cases allow for rig maintenance, since there is direct access the rig innards. The drawbacks for this case include not being safe for some pets, children or others with curious hands, since all components are fully exposed. It's also not as mobile as a traditional cases.
This has been Part 1 of a series relating to building a password cracking rig. See the other parts for additional information.
Part 2 - OS and Software Configuration COMING SOON!
Part 3 - Using Hashcat to smash those password hashes! COMING SOON!