Pyrit CUDA: Release the Kraken!
How To Install Pyrit CUDA on a Mac
We hope that you have not landed here randomly, Pyrit CUDA is not for the faint of heart, But your patience will be rewarded. Highly rewarded.
CUDA stands for Compute Unified Device Architecture. It uses or unleash the power of your GPU(s) to compute a bit faster things like .... WPA key Recovery.
Pyrit CUDA is not a magic bullet, it's just a much, much bigger caliber.
Why Pyrit CUDA?
On my "Old MBP", Pyrit CUDA is 45% faster than Aircrack-ng without a sweat, If you have a "New Mac" with a much faster Graphic Card, you can expect 50-200% faster.
45% means than instead of running for 10hrs, you'll do the job in 5.5hrs, Some monsters claim 89,000 PMKs/S. With a little tweak, you can go 300% faster, see example under "tips"
Pyrit also allows you to create database of pre-computed PMKs, also known
as Rainbow Tables, and here, it starts to go
really really really fast ...
Engage Warp Speed and Release The Kraken...
There you have it!
39,847,344 PMKs per second....
27,481 times faster than Aircrack-ng, or a
2,747,993% increase in speed
Yes, that's almost 2.75 million %
It simply means that, what you do in 18 hours, I'll do in about 10 seconds :)
Pyrit Precomputed Tables are here.
Back to the install ...
I went to Pyrit after finagling wayyyyy to much with Aircrack-CUDA. Using Backtrack5 on VMware, Aircrack-CUDA was the straw that broke the camel back: The time needed for the install and fixing the issues was longer than trying Aircrack the regular way. So, here is Pyrit, native on a Mac.
Pyrit also allows you to create database of pre-computed PMK, also known as Rainbow Tables, and here, it starts to go really fast ...
How To Install Pyrit CUDA on a Mac, OSX 10.6.8
For OSX 10.7 Lion, almost the same,
but read the help first
Prerequisite
Xcode must be installed!
To check, Open Terminal and type "gcc"
If the answer is as described below, you have Xcode installed. If Not, >> App Store >> Xcode (free)
10.8 Mountain Lion
Apple has, by default, removed the CLT, For Mountain Lion you
must install the Command Line Tools
Preferences -> Downloads -> Install command line tools
1) Click > About this Mac > More Info > Graphics/Display to check your Card model #
1a) Verify that you have a
CUDA supported graphic card, if not, you are good for trying Open CL
2) Follow the steps exactly in the order they are mentioned.
3) You need to have Admin Rights or the Admin Password
4) You should be Terminal Savvy. If not read the tips at the end first
5) You need to type the commands
verbatim. A space too much and you're out ....
6) You can click on the pictures to enlarge them. It could help....
7) There is a list of warnings at the end, read them!
8) Verify that you have verified the verifications
The full install takes about 30~45 min.
Ready?
Download, in a easily accessible folder the following ,
do NOT install yet
Nvidia CUDA drivers for Mac:
http://developer.nvidia.com/cuda/cuda-downloads
Download 1 and 2
Select "CUDA Toolkit" under Mac OS
For Older Version (10.6.6 and under)
NOTE:
If you have an "old" Nvidia card, try the "older version" first, you'll save a lot a space.
the "old version" is half the size of the new one, and you can always upgrade later
Libnet
http://libdnet.googlecode.com/files/libdnet-1.12.tgz
pylibpcap
http://dfn.dl.sourceforge.net/sourceforge/pylibpcap/pylibpcap-0.6.2.tar.gz
Scapy
http://www.secdev.org/projects/scapy/files/scapy-latest.tar.gz
You should now, have something looking like that:
Install Nvidia Driver for Mac
Click on the DMG, etc ..
This install is going to take few minutes..
Install Nvidia CUDA TOOLKIT for Mac
Click on the DMG, etc
Install Nvidia CUDA drivers for Mac
Click on the DMG, install, etc
i.e: cudadriver-5.0.17-macos.dmg
Open Terminal and start the installation of libnet
"Path to" refers to the path to the file. i.e
/Users/MyName/Downloads/
Example:
-->
tar -xzf /Users/MyName/Downloads/libdnet-1.12.tgz
|
Instead of typing the full path by hand, drag and drop the file into Terminal, that will save you some typing and errors
Install
-->
tar -xzf “Path to” libdnet-1.12.tgz
cd libdnet-1.12
./configure
make
sudo make install
cd python
sudo python setup.py install
|
Now we install Pylibpcap
-->
tar -xzf “Path to” pylibpcap-0.6.2.tar.gz
cd pylibpcap-0.6.2
sudo python setup.py install
|
Scapy Install
-->
tar -xzf "Path to" scapy-latest.tar.gz
cd scapy-2.1.0
sudo python setup.py install
|
* double check the "scapy latest" and scapy2.1.0 the names may have changed.
Now the prerequisites are done, we can go in the hearth of the subject.
From the Terminal Window, Download Pyrit
-->
svn checkout http://pyrit.googlecode.com/svn/trunk/ pyrit-read-only
|
Build and install Pyrit
-->
cd pyrit-read-only
cd pyrit
sudo python setup.py install
|
Last step, Pyrit CUDA
-->
cd ..
cd ..
cd pyrit-read-only
cd cpyrit_cuda
sudo LDFLAGS=-L/usr/local/cuda/lib python setup.py install
|
* cpyrit not "pyrit"
cd cpyrit_cuda
Now we need to check if all of that was worth it
Check if Pyrit CUDA is working
-->
You should see a list of your cores and a list of your GPU(s)
Something like
Once done, let's Benchmark it and see if we can Release The Kraken
-->
(Recommended) Kill SUDO by typing sudo -K (yes, uppercase K )
*I have installed Pyrit on an old machine, the "good ones" are "reserved" for work. :-)
Leave a comment either here or on FB with your Config and the Benchmark Results.
Who has a monster?
GTK, FAQ, RFAQ, TIPS, Help
GTK! AKA "Good To Know"
Bruteforcing is time consuming, so you need to go as fast as possible, and also
AS SMART AS POSSIBLE: Bruteforcing in blind mode, aka starting @ "00000000" and going all the way up, trying each alphanumerical combination is just a pure waste of your (limited) time, you silly mortal, and your electricity bill will go up a bit. Go smart, use a
statistically sorted Attack Dictionary: Most used password first: If the password to discover is "password" running an incremental attack will take you few months: The first set of numbers is 100,000,000 long, then for each set of letters, add 110,075,314,176. You have 24 sets, hence 2,641,807,540,224 passwords. Then repeat with upper cap... then mingle all of that ... a0a0a0a0
Your brain has now stopped perceiving the true value of those numbers. Mine too.
But that's not it!
Mr. WPA is a tedious little man: Each password has 4096 round of hash, salted with the BSSID. It means in clear that your CPU/GPU will crunch about 1 Megabytes (byte, not bit) of data for each PMK (Pairwise Master Key) , Each Password is
"about" 4 PMK
2500 PMK/second and you'll have 2.44 Gigabytes of data being pushed trough per second...
The first set of numbers, 8ch long, will boils down to about a billion megabytes of data being crunched.
So, Act like a ninja, and think like Einstein:
Go smart!
Tips
If you are here, you should know it: Don't play too much with the sudo command: it's an unforgiving command. sudo does not give any warning, sudo is
"Das Terminator"
Long paths
Avoid typing long path with spaces or weird names:
1) Download in a easily accessible folder
2) Type your command, i.e "tar -xzf" then drag the file
from Finder
to Terminal; the path will automagically appears correctly.
3) Use the arrow up to call back a previous command
4) copy and paste the command instead of re-typing them:
"cd cpyrit" just looks like "cd pyrit" ( "
C"pyrit )
(The first one that will comment about cd not working will get seriously flamed)
CUDA use
When using Pyrit CUDA, quit
all applications, including Anti-virus, Browser etc, I mean everything: Dropbox, Airport, etc. Anything that use a single %. Kill all processes but the vital ones: The performances will improve significantly.
For the best results, don't even use a screen saver: quit everything and let the screen go black. Remember? CUDA is using your GPUs. Following those tips you'll see the performance increasing significantly:
We are now 279% (Two-hundred-seventy-nine ) faster than Aircrack-ng 1.1 and 600% faster than KisMAC 0.3.3 . Yes, 600%. But, that's not it! Can you go faster than that?
Temperature:
If you crunch for hours, don't forget that Pyrit CUDA will try to use 100% of your CPUs and 100% of your GPUs: The Temperature is going to go up a bit. If you have a laptop, I'll suggest to elevate it on the four corners and leave at least 1/2 inch of free space under.
FAQ, RFAQ, SFQRFA
-
My card is not supported!
Bummer! check OpenCL
-
How do you crack a WEP on Pyrit?
You don't! Pyrit is WPA only.
-
kan't crack the pazwords!
Probable Cause
-
it doz not workz!
Probable Cause
-
It's not working on Windows
Did you pass the test? (successfully?)
-
I want to crack my girlfriend password
Talk to those guys
-
I overclocked my GPU and my computer shut down
Told ya! Try not to go over 200F / 93C. If you insist, you may be able to fry an egg on your Mac, please send us the picture. For a "runny-sunny side up" you can start at 66C.
-
Please help
It's just below. on more line...
Pyrit help
For more help type "pyrit -h [command]" i.e "pyrit -h attack_ passtrough"
Highly recommended reading:
http://pyrit.wordpress.com/
About Pyrit
http://pyrit.wordpress.com/about/
Pyrit on OSX Lion 10.7
"Many people have
problems compiling Pyrit on OSX Lion. The version of GCC distributed with the latest XCode no longer supports creating binary code for the PPC-architecture and Python’s
setup.py does not know about that; you can get an error message like the following:"
assembler (/usr/bin/../libexec/gcc/darwin/ppc/as or /usr/bin/../local/libexec/gcc/darwin/ppc/as) for architecture ppc not installed
You can solve this situation by forcing GCC to only compile code for the i386- and the x86_64-architecture. To do this, put the following into your
.bash_profile:
export ARCHFLAGS=”-arch i386 –arch x86_64”
Source:
http://pyrit.wordpress.com/
Retrieved Aug 2, 2011
Pyrit Mountain Lion 10.8 + MBP Retina
Pyrit CUDA_ERROR_OUT_OF_MEMORY
This Error seems specific to MBP's Retina and is easily solved by a single click.
 |
| Click To Enlarge |
1) Open System Preference
2) Go to Energy Saver
3) box "Automatic Graphics Switching"
4) Uncheck the tick box
Many Thanks to Xander Clark for solving the issue and sharing with us.
Ditto to Christian T. for
"Distant Lending" us his Beloved MBP Retina while vacationing in Greece. ;)
Pyrit 0.4.1-dev (svn r308) (C) 2008-2011 Lukas Lueg http://pyrit.googlecode.com
This code is distributed under the GNU General Public License v3+
Usage: pyrit [options] command
Recognized options:
-b : Filters AccessPoint by BSSID
-e : Filters AccessPoint by ESSID
-h : Print help for a certain command
-i : Filename for input ('-' is stdin)
-o : Filename for output ('-' is stdout)
-r : Packet capture source in
pcap-format
-u : URL of the storage-system to use
--all-handshakes : Use all handshakes instead of the best one
Recognized commands:
analyze : Analyze a packet-capture file
attack_batch : Attack a handshake with PMKs/passwords from the db
attack_cowpatty : Attack a handshake with PMKs from a cowpatty-file
attack_db : Attack a handshake with PMKs from the db
attack_passthrough : Attack a handshake with passwords from a file
batch : Batchprocess the database
benchmark : Determine performance of available cores
benchmark_long : Longer and more accurate version of benchmark (~10 minutes)
check_db : Check the database for errors
create_essid : Create a new ESSID
delete_essid : Delete a ESSID from the database
eval : Count the available passwords and matching results
export_cowpatty : Export results to a new cowpatty file
export_hashdb : Export results to an airolib database
export_passwords : Export passwords to a file
help : Print general help
import_passwords : Import passwords from a file-like source
import_unique_passwords : Import unique passwords from a file-like source
list_cores : List available cores
list_essids : List all ESSIDs but don't count matching results
passthrough : Compute PMKs and write results to a file
relay : Relay a storage-url via RPC
selftest : Test hardware to ensure it computes correct results
serve : Serve local hardware to other Pyrit clients
strip : Strip packet-capture files to the relevant packets
stripLive : Capture relevant packets from a live capture-source
verify : Verify 10% of the results by recomputation
More help
http://code.google.com/p/pyrit/
Basic Command lines
-->
pyrit -h attack_passthrough
|
The -h option gives a more detailed help on an option, here help on "Attack_Passthrough" -h should be used profusely.
-->
Does a Quick Benchmark
-->
Does a long Benchmark
-->
pyrit -r test.pcap -b 00:de:ad:be:ef:00 -i words attack_passthrough
|
Regular attack on a specific ESSID via Dictionary
-->
pyrit -r test.pcap -b 00:de:ad:c0:de:00 -o passwd.txt attack_batch
|
"Pairwise Master Keys that have been computed and stored in the
database previously are taken from there; all other passwords are
translated into their respective Pairwise Master Keys and added to
the database for later re-use. ESSIDs are created automatically in
the database if necessary."
Note: .PCAP, .CAP or Dumplogs are the same
Overclocking
You can overclock, but:
As much as you will be tempted, let me remind you that if you have a laptop, things may get hot. Really hot! Even SMCFan Control may not be enough.
Frying your GPU will not be a good thing. Overclock at your own risk(s) : Pyrit does not have a GPU watchdog
Little hidden gem:
because you've read so far, you deserve a little bonus:
Release the Kraken !
Comments:
Please read this before commenting
.
.
