The researcher and password cracker @epixoip has demonstrated a password cracking with 25 Radeon GPUs coupled with OpenCL. To control all GPUs, a technology called Virtual OpenCL or VCL has been used. VCL makes remote GPUs in a LAN appear as if they were local and is based on OpenCL 1.1. The password cracking tool is a modified version of oclHashCat.
The cluster that has been use to crack the passwords is made up of four 4U servers:
- one server with 10X Radeon HD 7970 (total: 10 GPUs)
- one server with 4X Radeon HD 5970 (total: 8 GPUs)
- one server with 3X Radeon HD 6990 (total: 6 GPUs)
- one server with 1X Radeon HD 5870 (total: 1 GPUs)
This cluster can process 348 billion NTLM password hashes per seconds and can break any 8 character password (95^8 combinations) in 5.5 hours.
LM Is what is used on Win XP, and LM converts all lowercase chars to uppercase, is at most 14 chars long, and splits the password into two 7 char strings before hashing — so we only have to crack 69^7 combinations at most for LM. At 20 G/s we can get through that in about 6 minutes. With 348 billion NTLM per second, this means we could rip through any 8 character password (95^8 combinations) in 5.5 hours
You can download the complete presentation of Virtual OpenCL + password cracking here: