Hashcat has now gone to the cloud!
Youtube Videos
Hashcat On the Cloud
In this episode, I look at what sort of speeds we can get hashcat running on a cloud instance using CPU only. Starting out, I initially went with an 8 core CPU and then increased this up to a 24 core CPU. These were all using Vultr CPU’s (No sponsorship or affiliation), I will be doing a breakdown at the end for every cloud provider I used. Lets look at the results we got from the cloud machines so far.
Our results so far?
| SHA 512 Shadow Using Rockyou | ||||||
| Method | Hash/S | Hashes/Min | Hash/Hour | Time To Exhaust | Cost Per Hour | Total Cost to Exhaust |
| Laptop – Using Ryzen 7 3700U | 1,440 | 86,400 | 5,184,000 | 02:45 | Electric | Electric |
| Desktop – Using MSI RX580 8GB | 2,174 | 130,440 | 7,826,400 | 01:49 | Electric | Electric |
| Google Colab | 3,359 | 201,540 | 12,092,400 | 01:11 | Free | Free |
| Vultr – 8 Core | 3,000 | 180,000 | 10,800,000 | 01:19 | $0.12 | $0.24* |
| Vultr – 24 Core | 6,111 | 366,660 | 21,999,600 | 00:39 | $0.96 | $0.96* |
| Belkin Wifi Password – Brute Force 1-9 A-F WPA2 | ||||||
| Method | Hash/S | Hashes/Min | Hash/Hour | Time To Exhaust | Cost Per Hour | Total Cost to Exhaust |
| Laptop – Using Ryzen 7 3700U | 4254 | 255,240 | 15,314,400 | 280:00:00 | Electric | Electric |
| Desktop – Using MSI RX580 8GB | 202200 | 12,132,000 | 727,920,000 | 05:53 | Electric | Electric |
| Google Colab | 81489 | 4,889,340 | 293,360,400 | 14:37 | Free | Free |
| Vultr – 8 Core | 38658 | 2,319,480 | 139,168,800 | 30:00:00 | $0.12 | $3.60 |
| Vultr – 24 Core | 79224 | 4,753,440 | 285,206,400 | 15:03 | $0.96 | $15.36 |
In comparison, the SHA512 cracking was quicker on the Vultr 24 core CPU instance. It’s appearing as though that favours CPU rather than GPU. Moving on to the WPA hash, the RX580 GPU is still massively ahead! When we look at our next cloud instances we will be looking at cloud GPU instances and using multiple GPU instances that are used in machine learning.
I can safely say the RX580 will not be the fastest for WPA2 at the end of episode 3!
Introducing Hashcloud….
Hashcloud does have its own page here – Hashacloud
While I was setting up a cloud instance, I realised that this would be a repetitive task as I was planning on testing quite a few. So while on Vultr, I wrote a quick script to set this up, the problem came when I moved on to a different cloud provider. As OS’s changed, my script had to change to adapt to the new OS, so instead of having multiple scripts, I rolled these all into one.
The screenshot shows the current version, but this will be finalised as I’m already using the script that supports GPU’s now! It really did make it much quicker to set up each cloud instance with everything needed so hashcat can take advantage of the hardware within these machines.
What’s Next for Hashcat and Hashcloud?
The next steps for me are clear, finalising the GPU support of hashcloud and then testing out the performance of GPU instances. While these are two real world scenarios, we will also be looking at an application for this that targets a common router in the USA. I cant take credit for this though, the handshake was sent to me by a friend on discord as it is his own router!
If you want to see this being used, check out the Youtube videos, if you want to download Hashcloud check out the Hashcloud page or Github!
Any questions, please feel free to get in touch with me via my contact page.
Thank you for reading!
Marc