tinyapps.org / docs / Cracking hashes in the cloud with hashcat


Many guides online explain how to setup AWS, Azure, or Google Cloud instances to crack hashes with hashcat (including my own meager contribution).

There are a couple of obstacles though:

Vast.ai removes all of these obstacles1, offering "one simple interface to find the best cloud GPU rentals" and promising to "reduce cloud compute costs by 3X to 5X."

It only takes a couple of minutes to setup an account, select a suitable instance and docker image, and start cracking:

  1. Create and fund (via Stripe) a Vast.ai account

  2. Generate an SSH key pair on your computer:
    ssh-keygen -t rsa -b 4096 -C "vast.ai"
    Generating public/private rsa key pair.
    Enter file in which to save the key (/Users/user/.ssh/id_rsa):
    /Users/user/.ssh/vast
    Enter passphrase (empty for no passphrase):
    Enter same passphrase again:
    Your identification has been saved in /Users/user/.ssh/vast.
    Your public key has been saved in /Users/user/.ssh/vast.pub.
    ...

  3. Paste the contents of vast.pub into Account > Change SSH key

  4. Client > Create > EDIT IMAGE & CONFIG > scroll down to "Enter the name of a docker image. May be anything supported by docker run." and enter "dizcza/docker-hashcat:latest" (there are many other hashcat docker images to choose from).

  5. Use the TFLOPS/$/Hour slider to quickly find high performance instances then click the blue RENT button on desired instance

  6. Client > Instances > click the blue CONNECT button and copy the ssh command displayed

  7. Paste the ssh command2 into your terminal, e.g.,
    ssh -p 12874 root@ssh5.vast.ai -L 8080:localhost:8080

  8. Paste3 the hash you'd like to crack into a new file, e.g.,

    echo '$ml$28328$7215a1faa91e6196fb53884c4320970d9705ae6f19e5b50e0a24243708629a9b$8e0588decbdb347e0b909a7a1b1bc9470fe7dd37e09a64f9d02b82cfba91116b13d7c172b5a65683ac8d2c873324b8d82255a51ced0792656e766fa1a9c23994' > hash.txt
  9. Download and extract a wordlist4:

    wget https://github.com/danielmiessler/SecLists/raw/601038eb4ea18c97177b43a757286d3c8a815db8/Passwords/merged.txt.tar.gz && tar xf merged.txt.tar.gz
  10. Get cracking:
    hashcat -a 0 -m 7100 --status -o found.txt hash.txt merged.txt

The last time I had this much fun in the cloud was on Slicehost; vast.ai offers the same giddy excitement of a simple, welcoming interface on top of a very powerful, complex service. By contrast, navigating behemoths like AWS, Azure, and GCP is about as much fun as reading a EULA while repeatedly stubbing your toe.

Footnotes

  1. So does a Terahash Brutalis if you have $25,499.99 burning a hole in your pocket.
  2. In macOS testing, I had to add -i /Users/user/.ssh/vast to the command (was not required under Ubuntu Linux)
  3. Use single quotes rather than double quotes
  4. Larger wordlists:

created: 2019.10.29, updated: 2019.10.30