06-30-2020, 02:42 AM
Evening Everyone,
I've got a small list of hashes to crack (NTLM from a Domain Controller). Back when I first picked up the GPU I was curious to see what it could do. Just for reference my spec list (workstation, not a dedicated crack machine or anything).
Ryzen 9 3900X
Dual 1TB Intel 660p
ASUS Prime X570-P
Gigabyte Windforce RTX 2070S
(4x16GB) 64GB DDR4 3600MHz CL15
I went for my dictionaries and rules first. I knew these passwords would be very weak and therefore easily guessed by simple means. The wordlist in question is about half a GB (not very large), and the rule file was just over a single MB. Just for reference, I have 6 of 19 cracked. (I took a small subset of accounts, basically DA/EA, some service accounts)
hashcat.exe -m 1000 -a 0 hashes/<Company>Hashes.txt -w wordlists/GRC.txt -r rules/custom.rule -w 3 -O
That yielded about 12,000 MH/s on NTLM, which I can kind of understand. Storing all that in memory can be intensive, therefore it isn't all stored in memory... However, I started bruteforcing which is where I expected much closer to 67000-68000 MH/s on NTLM. I'm currently getting ~30,000 MH/s on a brute force, which while far better then wordlists is still not nearly the performance I expected.
hashcat.exe -m 1000 -a 3 hashes/<Company>Hashes.txt -w 3 -O
Notes: I'm using the pre-built binary available on the website - 6.0.0 for hashcat. I've updated my GPU drivers to the latest WHQL (which if memory serves me correctly is 451.48). I got that update maybe 2 or 3 days ago. I double checked that I wasn't thermal throttling, power throttling or anything. I'm sitting comfortably at ~65C +/- 3C, boosting to 1900-1930MHz. 100% GPU Util.
Am I missing something?
TLDR: Performance not what I expected on NTLM.
Image: [attachment=744]
Bruteforce: 30,000 MH/s
Wordlists + Rules: 12,000 MH/s
Benchmark: 67000-68000 MH/s
Cheers,
Mike
I've got a small list of hashes to crack (NTLM from a Domain Controller). Back when I first picked up the GPU I was curious to see what it could do. Just for reference my spec list (workstation, not a dedicated crack machine or anything).
Ryzen 9 3900X
Dual 1TB Intel 660p
ASUS Prime X570-P
Gigabyte Windforce RTX 2070S
(4x16GB) 64GB DDR4 3600MHz CL15
I went for my dictionaries and rules first. I knew these passwords would be very weak and therefore easily guessed by simple means. The wordlist in question is about half a GB (not very large), and the rule file was just over a single MB. Just for reference, I have 6 of 19 cracked. (I took a small subset of accounts, basically DA/EA, some service accounts)
hashcat.exe -m 1000 -a 0 hashes/<Company>Hashes.txt -w wordlists/GRC.txt -r rules/custom.rule -w 3 -O
That yielded about 12,000 MH/s on NTLM, which I can kind of understand. Storing all that in memory can be intensive, therefore it isn't all stored in memory... However, I started bruteforcing which is where I expected much closer to 67000-68000 MH/s on NTLM. I'm currently getting ~30,000 MH/s on a brute force, which while far better then wordlists is still not nearly the performance I expected.
hashcat.exe -m 1000 -a 3 hashes/<Company>Hashes.txt -w 3 -O
Notes: I'm using the pre-built binary available on the website - 6.0.0 for hashcat. I've updated my GPU drivers to the latest WHQL (which if memory serves me correctly is 451.48). I got that update maybe 2 or 3 days ago. I double checked that I wasn't thermal throttling, power throttling or anything. I'm sitting comfortably at ~65C +/- 3C, boosting to 1900-1930MHz. 100% GPU Util.
Am I missing something?
TLDR: Performance not what I expected on NTLM.
Image: [attachment=744]
Bruteforce: 30,000 MH/s
Wordlists + Rules: 12,000 MH/s
Benchmark: 67000-68000 MH/s
Cheers,
Mike