Hey guys traditionally during a pentest when we dump AD hashes and crack them to show the customer how weak some of the passwords are etc or use the passwords to gain access to systems with web interfaces that you can not pass the hash too. Most of the time we build expensive systems using server motherboards that are very pricey has anyone tried using mining rigs with risers etc?
![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
Navigation
Install the app
How to install the app on iOS
Follow along with the video below to see how to install our site as a web app on your home screen.
Note: This feature may not be available in some browsers.
More options
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
cracking passwords with mining rigs?
- Thread starter hakstarr
- Start date
Vengance_01
Supreme [H]ardness
- Joined
- Dec 23, 2001
- Messages
- 7,216
I am sure there are programs out there that are written to take advantage of cuda cores... Where to find them is another question
There are also websites that store cracked hash values. They are constantly ingesting new ones. It's very possible that many of the hashes you run across will match ones that have already been cracked. I'd recommend running the hashes through a site like that first. And, save yourself any time and money vs using a rig or paying someone else to do it.
It's quick and easy enough to check there first. If some aren't a match, then you know if you want to really get those, you can move on to your other resources.
It's quick and easy enough to check there first. If some aren't a match, then you know if you want to really get those, you can move on to your other resources.
There are also websites that store cracked hash values. They are constantly ingesting new ones. It's very possible that many of the hashes you run across will match ones that have already been cracked. I'd recommend running the hashes through a site like that first. And, save yourself any time and money vs using a rig or paying someone else to do it.
It's quick and easy enough to check there first. If some aren't a match, then you know if you want to really get those, you can move on to your other resources.
Running hashes through a site is never recommended and is violets most NDA and agreements that you sign when you do a pentest. You have to have a customers ultimate trust in doing these since you are privy to very sensitive information. I would never use 3rd parties for things like this and in the long run its much cheaper to have my own rig and charge for it then it is relying on some one else. Running hashcat on a 8 video card 1080ti system works like a champ. But most of the time a high end server motherboard with 8 pci-e slots is used. I was wondering if anyone has had good results using a cheaper mining setup.
I'm not speaking about any NDA, etc. I also didn't suggest you provide the 3rd party site with your client's information. I'm simply listing resources. There are legitimate sites out there that you can see hashes that have already been cracked. Without ever uploading or providing a key.Running hashes through a site is never recommended and is violets most NDA and agreements that you sign when you do a pentest. You have to have a customers ultimate trust in doing these since you are privy to very sensitive information. I would never use 3rd parties for things like this and in the long run its much cheaper to have my own rig and charge for it then it is relying on some one else. Running hashcat on a 8 video card 1080ti system works like a champ. But most of the time a high end server motherboard with 8 pci-e slots is used. I was wondering if anyone has had good results using a cheaper mining setup.
I'm not speaking about any NDA, etc. I also didn't suggest you provide the 3rd party site with your client's information. I'm simply listing resources. There are legitimate sites out there that you can see hashes that have already been cracked. Without ever uploading or providing a key.
Ya i appreciate the help I know of most of the sites that provide these services. I was more or less asking if anyone has used mining rig for password cracking.
thebufenator
[H]ard|Gawd
- Joined
- Dec 8, 2004
- Messages
- 1,383
I've run hashes through my mining rigs with hashcat. Worked great.
Only problem is it isn't built for distributed hashing. There was a project for that very purpose but I forget the name. Would allow several mining rigs to work the same hash list.
Only problem is it isn't built for distributed hashing. There was a project for that very purpose but I forget the name. Would allow several mining rigs to work the same hash list.
BrainEater
[H]ard|Gawd
- Joined
- Jul 21, 2004
- Messages
- 1,212
Yes.
and yes.
-----
This thread is very definitely treading on delete.TOS and all that.
That being said , it is possible to use GPU's to get the keys from encryption ransomware.It takes time but can be done.
and yes.
-----
This thread is very definitely treading on delete.TOS and all that.
That being said , it is possible to use GPU's to get the keys from encryption ransomware.It takes time but can be done.
I've run hashes through my mining rigs with hashcat. Worked great.
Only problem is it isn't built for distributed hashing. There was a project for that very purpose but I forget the name. Would allow several mining rigs to work the same hash list.
Thanks for the feed back. I believe hashview is working on supporting the ability to distribute hash list across multiple servers and use a single database.