Password CrackingPenetration TestingWireless Pentest

Cracking WiFi Password with Pyrit and NVIDIA GPU on Amazon AWS

WPA algorithm is very secure, and to get the password usually, we have only one way – to brute force it, which could take huge time if the password is strong enough. But what if instead of using regular CPUs we would use a powerful GPU?

Amazon says, that we can use up to 1,536 CUDA cores on a g2.2xlarge instance, which costs $0.65 per Hour. Sounds very promising, so let’s see how it can help us to speed up password brute force.

Below I will give a step-by-step tutorial on how to deploy an Amazon GPU instance and run pyrit (python tool) to crack passwords using GPU.

In this article, I assume that you are already familiar with aircrack-ng wi-fi cracking tools. And you’ve already captured the handshake into a .cap file.

Cracking WiFi Password with Pyrit and NVIDIA GPU on Amazon AWS

  • Go to the Amazon EC2 panel and click Launch new instance.
  • Select Ubuntu Server 14.04 LTS (HVM) 64 bit > GPU instances g2.2xlarge > Review and launch

SSH to your new instance

ssh -i your_aws_key.pem [email protected]
cat /etc/lsb-release 
> DISTRIB_DESCRIPTION="Ubuntu 14.04.3 LTS"

Now, Go to the Nvidia website and download the latest CUDA installer (choose run file for Ubuntu 14.04). At the time of writing, it is cuda_7.5.18.

wget http://developer.download.nvidia.com/compute/cuda/7.5/Prod/local_installers/cuda_7.5.18_linux.run

Install build tools.

sudo aptitude update
sudo aptitude install build-essential

To avoid ERROR: Unable to load the kernel module ‘nvidia.ko’, install also.

sudo aptitude install linux-image-extra-virtual

To avoid ERROR: The Nouveau kernel driver is currently in use by your system.

echo -e 'blacklist nouveau\noptions nouveau modeset=0'| sudo tee /etc/modprobe.d/blacklist-nouveau.conf
sudo update-initramfs -u

To avoid ERROR: Unable to find the kernel source tree for the currently running kernel:

sudo aptitude install linux-source
sudo aptitude install linux-headers-$(uname -r)

Reboot Now!

sudo shutdown -r now

Extract Nvidia installers.

chmod +x cuda_7.5.18_linux.run
mkdir ~/nvidia
./cuda_7.5.18_linux.run --extract=~/nvidia/

Run driver installation.

sudo ./nvidia/NVIDIA-Linux-x86_64-352.39.run

Download and unzip pyrit and cpyrit-cuda:

wget https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/pyrit/pyrit-0.4.0.tar.gz
wget https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/pyrit/cpyrit-cuda-0.4.0.tar.gz
tar -xvzf pyrit-0.4.0.tar.gz
tar -xvzf cpyrit-cuda-0.4.0.tar.gz

Install additional libs.

sudo apt-get install python-dev libssl-dev libpcap-dev scapy

Install pyrit and cpyrit-cuda.

cd ~/pyrit-0.4.0
sudo python setup.py install
cd ~/cpyrit-cuda-0.4.0
sudo python setup.py install

Run pyrit list_cores and make sure CUDA cores are detected.

pyrit list_cores

The following cores seem available...
#1:  'CUDA-Device #1 'GRID K520''
#2:  'CPU-Core (SSE2)'
#3:  'CPU-Core (SSE2)'
#4:  'CPU-Core (SSE2)'
#5:  'CPU-Core (SSE2)'
#6:  'CPU-Core (SSE2)'
#7:  'CPU-Core (SSE2)'
#8:  'CPU-Core (SSE2)'

Create file gen_pw.py, and modify the chars variable which is our characters dictionary. In my case, I’m cracking passwords containing only digits.

import itertools, string, sys

def generator_all(charset, min_len, max_len):
    return (''.join(candidate)
        for candidate in itertools.chain.from_iterable(itertools.product(charset, repeat=i)
        for i in range(min_len, max_len + 1)))

chars = string.digits #string.ascii_lowercase + string.digits

min_chars = int(sys.argv[1])
max_chars = int(sys.argv[2])

gen = generator_all(chars, min_chars, max_chars)

for pw in gen:
        print pw

Run brute force to crack passwords from 8 to 12 characters in length.

python gen_pw.py 8 12| pyrit -r xxx.cap -b XX:XX:XX:XX:XX:XX  -i - attack_passthrough
I tried to brute force passwords with and without CUDA, and the result is 4k pw/sec vs 30k pw/sec. I’m a bit disappointed because I expected much faster results with CUDA. But anyway I got to experience setting up a CUDA driver on Amazon AWS. Hope this can help someone else to crack their wifi password with CUDA. 🙂

Noor Qureshi

Experienced Founder with a demonstrated history of working in the computer software industry. Skilled in Network Security and Information Security.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button