Cracking WiFi Password with Pyrit and NVIDIA GPU on Amazon AWS
WPA algorithm is very secure, and to get the password usually we have only one way – to brute force it, which could take huge time if password is strong enough. But what if instead of using regular CPUs we would use a power of GPU? Amazon says, that we can use up to 1,536 CUDA cores on g2.2xlarge instance, which costs $0.65 per Hour. Sounds very promising, so let’s see how it can help us to speed up password brute force.
Below I will give step-by-step tutorial on how to deploy Amazon GPU instance and run pyrit (python tool) to crack password using GPU. In this article I assume that you are already familiar with aircrack-ng wi-fi cracking tools. And you’ve already captured handshake into .cap file.
Cracking WiFi Password with Pyrit and NVIDIA GPU on Amazon AWS
Go to Amazon EC2 panel and click Launch new instance
Select Ubuntu Server 14.04 LTS (HVM) 64 bit > GPU instances g2.2xlarge > Review and launch
SSH to your new instance
ssh -i your_aws_key.pem [email protected] cat /etc/lsb-release > DISTRIB_DESCRIPTION="Ubuntu 14.04.3 LTS"
Now, Go to Nvidia website and download latest CUDA installer (choose runfile for Ubuntu 14.04). At the time of writing it is cuda_7.5.18
wget http://developer.download.nvidia.com/compute/cuda/7.5/Prod/local_installers/cuda_7.5.18_linux.run
Install build tools
sudo aptitude update sudo aptitude install build-essential
To avoid ERROR: Unable to load the kernel module ‘nvidia.ko’, install also
sudo aptitude install linux-image-extra-virtual
To avoid ERROR: The Nouveau kernel driver is currently in use by your system.
echo -e 'blacklist nouveau\noptions nouveau modeset=0'| sudo tee /etc/modprobe.d/blacklist-nouveau.conf sudo update-initramfs -u
To avoid ERROR: Unable to find the kernel source tree for the currently running kernel:
sudo aptitude install linux-source sudo aptitude install linux-headers-$(uname -r)
Reboot Now!
sudo shutdown -r now
Extract Nvidia installers
chmod +x cuda_7.5.18_linux.run mkdir ~/nvidia ./cuda_7.5.18_linux.run --extract=~/nvidia/
Run driver installation
sudo ./nvidia/NVIDIA-Linux-x86_64-352.39.run
Download and unzip pyrit and cpyrit-cuda:
wget https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/pyrit/pyrit-0.4.0.tar.gz wget https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/pyrit/cpyrit-cuda-0.4.0.tar.gz tar -xvzf pyrit-0.4.0.tar.gz tar -xvzf cpyrit-cuda-0.4.0.tar.gz
Install additional libs
sudo apt-get install python-dev libssl-dev libpcap-dev scapy
Install pyrit and cpyrit-cuda
cd ~/pyrit-0.4.0 sudo python setup.py install cd ~/cpyrit-cuda-0.4.0 sudo python setup.py install
Run pyrit list_cores and make sure CUDA cores are detected
pyrit list_cores The following cores seem available... #1: 'CUDA-Device #1 'GRID K520'' #2: 'CPU-Core (SSE2)' #3: 'CPU-Core (SSE2)' #4: 'CPU-Core (SSE2)' #5: 'CPU-Core (SSE2)' #6: 'CPU-Core (SSE2)' #7: 'CPU-Core (SSE2)' #8: 'CPU-Core (SSE2)'
Create file gen_pw.py, modify chars variable which is our characters dictionary. In my case I’m cracking password containing only digits.
import itertools, string, sys
def generator_all(charset, min_len, max_len):
return (''.join(candidate)
for candidate in itertools.chain.from_iterable(itertools.product(charset, repeat=i)
for i in range(min_len, max_len + 1)))
chars = string.digits #string.ascii_lowercase + string.digits
min_chars = int(sys.argv[1])
max_chars = int(sys.argv[2])
gen = generator_all(chars, min_chars, max_chars)
for pw in gen:
print pw
Run brute force to crack password from 8 to 12 characters length
python gen_pw.py 8 12| pyrit -r xxx.cap -b XX:XX:XX:XX:XX:XX -i - attack_passthrough
