DES-ECB & optimization
#1
I have a 'black box' which seems to do some form of ECB - any string file results in blocks of 8byte and blocks are the same for any same text. I am of course not sure which encryption is used, but DES-ECB seems a good guess.


I am currently using
Code:
./hashcat  -a 3 -m 14000 bla.hash -1 charsets/DES_full.charset --hex-charset ?1?1?1?1?1?1?1?1
but that seems to take 15yrs on AWS GPU server :/

I am pretty sure that the above line should try all 8 byte combinations as the password. Also, my input file is in format "encoded_hex:original_text", that is also correct I hope?

I can generate any number of input/output pairs in order to help in cracking. Is it possible to use this fact to improve/optimize the cracking process?
Reply
#2
Using "-1 charsets/DES_full.charset --hex-charset ?1?1?1?1?1?1?1?1" is correct so far, because DES has only a 56 bit key, not 64 bit.

To crack a DES Key you need to know the CryptText and the PlainText. Both, the CT and the PT, need to be given in hex and need to be exactly of length 8 byte.

Cracking on a $5000 box takes ~ 80 hours. See here: https://twitter.com/hashcat/status/770649376955990016
Reply
#3
huh... I am getting 30 days on a server with 8 K80s, which doesn't seem to correlate with your 80hrs. 

Any ideas?

Code:
Session........: hashcat
Status.........: Running
Hash.Type......: DES (PT = $salt, key = $pass)
Hash.Target....: 24ac458a29cc3241:5337554801018442
Time.Started...: Tue Oct 25 12:09:43 2016 (6 mins, 13 secs)
Time.Estimated.: Tue Oct 25 12:09:43 2016 (29 days, 9 hours)
Input.Mask.....: ?1?1?1?1?1?1?1?1
Input.Charset..: -1 ./charsets/DES_full.charset, -2 Undefined, -3 Undefined, -4 Undefined
Speed.Dev.#1...:  3558.1 MH/s (7.31ms)
Speed.Dev.#2...:  3504.1 MH/s (7.44ms)
Speed.Dev.#3...:  3590.9 MH/s (7.25ms)
Speed.Dev.#4...:  3475.1 MH/s (7.51ms)
Speed.Dev.#5...:  3606.1 MH/s (7.21ms)
Speed.Dev.#6...:  3539.0 MH/s (7.37ms)
Speed.Dev.#7...:  3546.1 MH/s (7.35ms)
Speed.Dev.#8...:  3532.0 MH/s (7.38ms)
Speed.Dev.#*...: 28351.8 MH/s
Recovered......: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Recovered/Time.: CUR:0,N/A,N/A AVG:0.00,0.00,0.00 (Min,Hour,Day)
Progress.......: 10602653155328/72057594037927936 (0.01%)
Rejected.......: 0/10602653155328 (0.00%)
Restore.Point..: 4765696/34359738368 (0.01%)
Candidates.#1..: $HEX[313fe16149b37373] -> $HEX[9b5fd719df393737]
Candidates.#2..: $HEX[31e525619f4b4953] -> $HEX[9b8f79195ff1f1e5]
Candidates.#3..: $HEX[31b3d9611f737373] -> $HEX[9b6f6b193f170501]
Candidates.#4..: $HEX[31b3cf61f1253939] -> $HEX[9b6f5119ff434f4f]
Candidates.#5..: $HEX[31576561737d3139] -> $HEX[9b3f69199f554553]
Candidates.#6..: $HEX[31639d61ed0d0501] -> $HEX[9b1fb3191f676f6f]
Candidates.#7..: $HEX[31a7b561cb3d3939] -> $HEX[9bef95197f5f6d61]
Candidates.#8..: $HEX[31331d61378d6973] -> $HEX[9b0fa319bf4d4f4f]
HWMon.Dev.#1...: Temp: 80c Util: 96% Core: 862Mhz Mem:2505Mhz Lanes:16
HWMon.Dev.#2...: Temp: 62c Util: 96% Core: 849Mhz Mem:2505Mhz Lanes:16
HWMon.Dev.#3...: Temp: 82c Util: 96% Core: 875Mhz Mem:2505Mhz Lanes:16
HWMon.Dev.#4...: Temp: 64c Util: 97% Core: 836Mhz Mem:2505Mhz Lanes:16
HWMon.Dev.#5...: Temp: 79c Util: 96% Core: 875Mhz Mem:2505Mhz Lanes:16
HWMon.Dev.#6...: Temp: 64c Util: 96% Core: 862Mhz Mem:2505Mhz Lanes:16
HWMon.Dev.#7...: Temp: 81c Util: 97% Core: 862Mhz Mem:2505Mhz Lanes:16
HWMon.Dev.#8...: Temp: 68c Util: 96% Core: 849Mhz Mem:2505Mhz Lanes:16

Code:
ubuntu@ip-10-0-0-205:~$ nvidia-smi
Tue Oct 25 12:13:51 2016
+-----------------------------------------------------------------------------+
| NVIDIA-SMI 367.48                 Driver Version: 367.48                    |
|-------------------------------+----------------------+----------------------+
| GPU  Name        Persistence-M| Bus-Id        Disp.A | Volatile Uncorr. ECC |
| Fan  Temp  Perf  Pwr:Usage/Cap|         Memory-Usage | GPU-Util  Compute M. |
|===============================+======================+======================|
|   0  Tesla K80           On   | 0000:00:17.0     Off |                    0 |
| N/A   80C    P0   140W / 149W |    220MiB / 11439MiB |     96%      Default |
+-------------------------------+----------------------+----------------------+
|   1  Tesla K80           On   | 0000:00:18.0     Off |                    0 |
| N/A   62C    P0   147W / 149W |    220MiB / 11439MiB |     96%      Default |
+-------------------------------+----------------------+----------------------+
|   2  Tesla K80           On   | 0000:00:19.0     Off |                    0 |
| N/A   82C    P0   142W / 149W |    220MiB / 11439MiB |     96%      Default |
+-------------------------------+----------------------+----------------------+
|   3  Tesla K80           On   | 0000:00:1A.0     Off |                    0 |
| N/A   64C    P0   147W / 149W |    220MiB / 11439MiB |     97%      Default |
+-------------------------------+----------------------+----------------------+
|   4  Tesla K80           On   | 0000:00:1B.0     Off |                    0 |
| N/A   79C    P0   145W / 149W |    220MiB / 11439MiB |     97%      Default |
+-------------------------------+----------------------+----------------------+
|   5  Tesla K80           On   | 0000:00:1C.0     Off |                    0 |
| N/A   64C    P0   146W / 149W |    220MiB / 11439MiB |     97%      Default |
+-------------------------------+----------------------+----------------------+
|   6  Tesla K80           On   | 0000:00:1D.0     Off |                    0 |
| N/A   81C    P0   144W / 149W |    220MiB / 11439MiB |     97%      Default |
+-------------------------------+----------------------+----------------------+
|   7  Tesla K80           On   | 0000:00:1E.0     Off |                    0 |
| N/A   68C    P0   148W / 149W |    220MiB / 11439MiB |     97%      Default |
+-------------------------------+----------------------+----------------------+

+-----------------------------------------------------------------------------+
| Processes:                                                       GPU Memory |
|  GPU       PID  Type  Process name                               Usage      |
|=============================================================================|
|    0     36206    C   ./hashcat                                      220MiB |
|    1     36206    C   ./hashcat                                      220MiB |
|    2     36206    C   ./hashcat                                      220MiB |
|    3     36206    C   ./hashcat                                      220MiB |
|    4     36206    C   ./hashcat                                      220MiB |
|    5     36206    C   ./hashcat                                      220MiB |
|    6     36206    C   ./hashcat                                      220MiB |
|    7     36206    C   ./hashcat                                      220MiB |
+-----------------------------------------------------------------------------+
ubuntu@ip-10-0-0-205:~$
Reply
#4
Because the K80 is crap
Reply
#5
That's what I suspected... You wouldn't happen to know someone offering machines with 1080 for rent?
Reply