Distributed Password Cracking: CrackLord

2015-11-04T21:14:06
ID N0WHERE:35327
Type n0where
Reporter N0where
Modified 2015-11-04T21:14:06

Description

Over the past several years the world of password cracking has exploded with new tools and techniques. These new techniques have made it easier than ever to reverse captured password hashes. With the addition of powerful techniques, from GPGPU cracking to rainbow tables, it is easier than ever to access the plaintext for fun and profit. Furthermore, during our day jobs we have found that many other processes can benefit from distributed access to the resources of high powered systems. With many people requesting access to this, CrackLord was born.

CrackLord provides a scalable, pluggable, and distributed system for both password cracking as well as any other jobs we need. Better said, CrackLord is a way to load balance the resources, such as CPU and GPU, from multiple hardware systems into a single queueing service across two primary services: the Resource and Queue.

System Components

Distributed Password Cracking: CrackLord Distributed Password Cracking: CrackLord Distributed Password Cracking: CrackLord

There are three primary components to CrackLord as shown in the above image:

  • Queue

The Queue is a service that runs on a single system, providing an interface for users to submit, pause, resume, and delete jobs. These jobs are then processed and sent to available Resources to perform the actual work and handle the results.

  • Resource / Resource Managers

Resources are the individual servers that are connected into the queue. They are managed by a resource manager plugins. These are code that allow various types of resources to be connected. Managers can directly connect to physical resources you own, or use cloud services to spawn resources as necessary.

  • Tools

Tools are a set of plugins, configured on resources, that perform the underlying tasks such as running oclHashcat to crack passwords. Tools are written in the Go programming language and have a standard interface to make them easy to write or enhance. They are wrappers of the various tools used that require great deals of resources, such as John, HashCat, etc.

Getting Started

First, you’ll need to determine what your server configuration will look like. There are two different servers that need to be run, the Queueserver and Resourceserver. Both can be run on the same system or they can be run separately, either is fine. You can also have multiple resource servers that all connect to the same Queue server. The Tools on each can be different as well, but because Go is statically compiled, all Tools are built into the resource server at compile time; however, you can turn them off in the configs. There is a lot of flexibility in the configuration, which is both good and bad as it can be hard to get started.

Queue Server

  1. Add package repository to your system using apt:

    • curl -s https://packagecloud.io/install/repositories/emperorcow/cracklord/script.deb.sh | sudo bash
  2. Now you can install the debian package for the Queue Daemon:

    • apt-get install cracklord-queued
  3. This will install the queue, the web GUI, and create a set of self-signed certificates you can use to authenticate resources you may want to connect in the future. If you have a resource on the same system, we’ve also tried to make it easy and have created that cert for you.

  4. You should now look at /etc/cracklord/queued.conf and the config files in /etc/cracklord/resourcemanagers/ . You will have to change any settings that you’d like for your environment.
  5. Now you can start up the queue server by issuing the following command

    • service cracklord-queued start
  6. At this point, you’ll want to get some resource servers configured and connected. If you have your own hardware, you’ll need to connect to it within the GUI. Your other option is to use AWS instances that you can deploy automatically from the GUI. Be careful about watching your charges for EC2 instances in AWS!

Resource Server and Tools

  1. If you haven’t already, you should install apt repository:

    • curl -s https://packagecloud.io/install/repositories/emperorcow/cracklord/script.deb.sh | sudo bash
  2. Now you can install the debian package for the Resource Daemon:

    • apt-get install cracklord-resourced
  3. You will now need to edit the default configuration file at /etc/cracklord/resourced.conf , including enabling any relevant tool plugins. You will also need to configure the tools in /etc/cracklord/plugins/ for their specific settings.

  4. You can now run the resource server. Please note that there may be individual configuration needs for various tools, such as getting X11 running for oclHashcat, or installing nmap, etc. See the Tool list below for links to additional information. To run the server, just:

    • service cracklord-resourced start
  5. Finally, you need to connect the resource to the queue. Resources authenticate to the Queue server using certificates. These are also used to secure communications between the queue and resource, as the transmission may contain highly sensitive information, such as hashes.

  6. If your resource and queue are on the same system, we’ve already created a hash for you. You can go to https://<QUEUESERVER> and, under resources, click connect to add the resource using localhost. If not, please see https://github.com/jmmcatee/cracklord/wiki/Creating-Resource-Certificates for additional information.

Cracklord

If you’d like to get things build from source, it will first require you to have a working Go build environment with the GOPATH setup. Additionally, you’ll probably want Git and Mercurial setup to gather the various libraries and plugins that we’ve used in the code.

  1. First, you’ll need to get cracklord itself.

    go get github.com/jmmcatee/cracklord
    
  2. Next we need to get all of the dependencies downloaded for both the resource daemon and queue daemon.

    go get github.com/jmmcatee/cracklord/cmd/queued
    

    go get github.com/jmmcatee/cracklord/cmd/resourced

  3. Now we can actually build the queue daemon and resource daemon

    go build github.com/jmmcatee/cracklord/cmd/queued
    

    go build github.com/jmmcatee/cracklord/cmd/resourced

  4. Finally, we can run both the resource and queue daemons, which will both be in the cmd/queued and cmd/resourced directories. You will also need to setup the various configuration files, information for those can be found in cracklord wiki.

Distributed Password Cracking: CrackLord Wiki

Distributed Password Cracking: CrackLord download