Number crunching...

General discussion of GPU hardware and software
  • Ads

Number crunching...

Postby deadonironsights » Wed Mar 07, 2012 9:51 pm

Here's a hypothetical for you lurkers out there...

Let's say you had 4x networked boxes, each with 4x 580's. How long would it take to crack a full character set, 14 character length password, NTLM hash using the multiforcer :?:
deadonironsights
 
Posts: 8
Joined: Wed Aug 31, 2011 1:53 pm

Re: Number crunching...

Postby Bitweasil » Wed Mar 07, 2012 11:37 pm

Eons.

Assume 2B NTLM/sec for the 580.

95^14 / (2B * 16) = 4832522544.8 years.

Not doable. :)
Bitweasil
Site Admin
 
Posts: 912
Joined: Tue Jan 20, 2009 4:26 pm

Re: Number crunching...

Postby deadonironsights » Thu Mar 08, 2012 2:48 am

Well that's lame!

Is that formula equivalent to --min=14 --max=14 ?
deadonironsights
 
Posts: 8
Joined: Wed Aug 31, 2011 1:53 pm

Re: Number crunching...

Postby Bitweasil » Thu Mar 08, 2012 5:32 am

Yeah.

95^14
Bitweasil
Site Admin
 
Posts: 912
Joined: Tue Jan 20, 2009 4:26 pm

Re: Number crunching...

Postby deadonironsights » Thu Mar 08, 2012 3:27 pm

Ok.

Thanks for the feedback, for the last couple months I've been mulling over the idea of building a GPU farm for cracking NTLM, using the multiforcer. I could put together a box with 4x 580's for relatively cheap at about $2500. However, using your formula, even if I built a complete farm with 4096 GPU's, I'd still be waiting around for thousands of years lol. Screw it.

Would generating a rainbow table to solve a 14 character NTLM take the same amount of time?
deadonironsights
 
Posts: 8
Joined: Wed Aug 31, 2011 1:53 pm

Re: Number crunching...

Postby Bitweasil » Thu Mar 08, 2012 6:33 pm

Even longer. Rainbow tables take longer to generate than the brute force time of a password space.

On top of totally infeasible storage requirements.

NTLM len14 with no LM around is pretty darn safe.
Bitweasil
Site Admin
 
Posts: 912
Joined: Tue Jan 20, 2009 4:26 pm

Re: Number crunching...

Postby deadonironsights » Thu Mar 08, 2012 7:33 pm

Bitweasil wrote:Even longer. Rainbow tables take longer to generate than the brute force time of a password space.

On top of totally infeasible storage requirements.

NTLM len14 with no LM around is pretty darn safe.


No wonder why Windows doesn't feel compelled to salt their passwords...

I tried using some online calculators to find the size of a len14 NTLM rainbow table, but none of them will calculate it for me. I guess calculating the size of them is even infeasible.

How many of these storage pods would it take?
http://blog.backblaze.com/2011/07/20/pe ... e-secrets/
deadonironsights
 
Posts: 8
Joined: Wed Aug 31, 2011 1:53 pm

Re: Number crunching...

Postby Bitweasil » Thu Mar 08, 2012 7:51 pm

deadonironsights wrote:No wonder why Windows doesn't feel compelled to salt their passwords...


Totally disagree.

Most users won't use a len14 password. Len 7-8-9 are vulnerable. Pretty much anything other than plaintext is secure with len14, unless it's a word, phrase, song lyrics, etc... Users choose shit passwords. :)

I tried using some online calculators to find the size of a len14 NTLM rainbow table, but none of them will calculate it for me. I guess calculating the size of them is even infeasible.


Yep.

Assume 100% ideal table coverage for a baseline (not possible, but a good ballpark).

Assume chain length 2 000 000 - insane, but doable.

92 bits needed for password storage, assume about 100 bits for hash storage. 192 bits per chain, 24 bytes per chain.

95^14 / (2 000 000) = 2438374895577649295044 chains

At 24 bytes per chain, 58520997493863583081056 bytes disk.

~51977087 PB

How many of these storage pods would it take?
http://blog.backblaze.com/2011/07/20/pe ... e-secrets/


You do the math from here. :)
Bitweasil
Site Admin
 
Posts: 912
Joined: Tue Jan 20, 2009 4:26 pm

Re: Number crunching...

Postby deadonironsights » Thu Mar 08, 2012 8:13 pm

You do the math from here. :)


135 TB = 0.1318359375 PB

51 977 087 / 0.1318359375 = 394 255 830

fml
deadonironsights
 
Posts: 8
Joined: Wed Aug 31, 2011 1:53 pm

Re: Number crunching...

Postby Bitweasil » Fri Mar 09, 2012 3:49 pm

Well, buy me a few & I'll at least get len9 working. :)
Bitweasil
Site Admin
 
Posts: 912
Joined: Tue Jan 20, 2009 4:26 pm

Next

Return to GPU Acceleration Discussion

Who is online

Users browsing this forum: No registered users and 1 guest

cron