Wednesday, 20 July 2011

WPA cracking on Amazons EC2 Instance with Pyrit Tutorial

I have created a video of this tutorial and posted it on Security Tube if you would rather watch it you can by visiting http://www.securitytube.net/video/1984
Ever wanted to crack a WPA-PSK as fast as possible, but didn’t have the hardware for it? For those like me that only own a laptop. Renting a GPU cluster from Amazon will do just the job. You can rent a GPU cluster for 2.10 $ an hour and can use up to 20 clusters (max) to speed up the process.                                                                                                                             
Information on GPU clusters:
Amazon EC2 provides what they call "Cluster GPU instances"" an Amazon cloud that provides you with the power of two NVIDIA Tesla Fermi M2050.                                                                                                                          
The Specifications are:
·         22 GB of memory 
·         33.5 EC2 Compute Units (2x Intel Xeon X5570,quad-core "Nehalem" architecture
·         2 X NVIDIA Tesla "Fermi" M2050 GPUs
·         1690 GB of instance storage
·         64-bit platform
·          I/O Performance: Very High (10 Gigabit Ethernet
·         API name: cg1.4xlarge
Before getting started:
Before we can start, make sure you have created an AWS account (Amazon Web Service) you will need a credit card and phone number for verification. Once you have an AWS account log in. 
Selecting a cluster, configure it, and lunch:
I will be using the "Cluster Instance HVM CentOS 5.5 (AMI ID: ami-aa30c7c3)" machine image as its the only one with CUDA support built in, and use "Cluster GPU (cg1.4xlarge, 22GB)" as the instance type. After selecting the instance you will need to create a key pair and download it. Store the key pair somewhere safe for later use to reconnect back to EC2 when needed. Also you will need to configure the security group. A security group is basically the firewall and you will need to add port 22 in order to SSH (connect) to the instance. You can either configure the default security group and add port 22 to it, or make a new security group. Name it and add port 22. Then launch your instance and connect to it using the Public DNS address. I demonstrated this on my video tutorial you can find it at the following link.


Connecting to an EC2 instance using an SSH client on windows and Linux
Windows:
If you’re using Windows and want to connect to the EC2 instance the best SSH/Telnet client to use is Putty. You will also need Puttygen to convert the key pair file you downloaded into Putty compatible. Download putty and Puttygen from

Linux:
Before you can SSH into the EC2 instance you will need to change the private key file's permissions to make it only readable by the owner. To do this type in the following command
chmod 0600 <and the file path and name.pem>

Next give it a passphrase using ssh-keygen. To do this type the following command
ssh-keygen -p -N "putYourNEWpassword" -f <and the file path and name.pem>

Now connect with the following command:
ssh -v -i /the/path/and/keyname.pem -p <port number 22> root@The-Public-DNS-NAME

Uploading files to EC2 such as the 4 way handshake
Windows:
I will be using WinSCP on windows to upload the 4 way handshake capture file to the EC2 instance.U can download it from http://www.winscp.net  
Linux:
Open terminal and type: 
scp -i privatekey.pem -P 22 <the file on local host> root@AWS-Public-DNS-NAME:the directory on server you want to put it in
Example: scp –i yourpvtKEY.pem –P 22 /root/Desktop/handshake-01.cap root@AWS-DNS-NAME/root/
First thing to do when your connected
I highly recommend to view the README file, Go through it and then continue on with the setup and cracking.
Type the following command:
nano README
Once your done reading hold CTRL and press X to get shell back
Step one: Install Python 2.5
CentOS 5.x comes packaged with Python 2.4, if you’re installing software written with another version of Python (such as Pyrit) you’re going to want to install the same version of Python that the software was written with. In our case we would want to install python 2.5
We will be adding Python2.5 to the server and not overwriting python2.4. You can check on the version of python by inputting the following:
python –V
Before installing Python2.5 we will get the required packages. Input the following command:
yum -y install python-devel zlib-devel openssl-devel libpcap-devel.x86_64 subversion screen glibc-devel
What we just installed
Using yum which is the software management system on CentOS adding the -y switch and install answers yes to all questions during the installation 
We have installed the following:
1.       python-devel zlib-devel openssl-devel which are the development packages for python that will compile the source codes.
2.       libpcap-devel.x86_64 Is needed to develop programs which use libpcap and x86_64 is for the 64 bit OS      
3.       subversion (SVN) is a version control system. It allows users to keep track of changes made to any type of electronic data, typically source code n other stuff
4.       screen helps keep your sessions running safely in case you end up losing connection from the server. For example you started a cracking process and got disconnected or just wanted to close the SSH window. Without screen installed and enabled, you would lose the cracking session would have to start all over again.
5.       glibc-devel develops programs which use the standard C libraries (which nearly all programs do)    

Step two: Install G++ compiler
 Now we need to install the g++ compiler type the following
yum install automake autoconf gcc-c++ 

Step three: Adding Python 2.5 to Centos
Python 2.4 is an essential package for any CentOS 5.x deployment. In fact if you uninstall Python 2.4 yum will cease to work properly. So instead of replacing the default CentOS package let’s install Python 2.5 into the /opt directory, which historically has been used for installing optional software. 
Input the following commands:

mkdir /opt/src  
cd /opt/src
wget http://python.org/ftp/python/2.5.4/Python-2.5.4.tgz 
tar xzvf Python-2.5.4.tgz
Next we’ll be compiling Python with - -prefix which tells the make file which directory to install Python2.5 in. Input the following commands:

cd Python-2.5.4
sudo ./configure --prefix=/opt/python2.5
make && make install 
Step four: Creating a symbolic link for Python2.5 and add a simple config file
Creating a symbolic link from /opt/python2.5/bin/ to /usr/bin will allow us to call python2.5 from anywhere in our system without typing in the full path every time. Give the following command:

ln -s /opt/python2.5/bin/python2.5 /usr/bin/python2.5

Before we can build any software against Python2.5 shared libraries we’ll have to tell ld where to look for them. To do this we’ll add a simple configuration file in /etc/ld.so.conf.d 
Give the following command :
su 
cat >> /etc/ld.so.conf.d/opt-python2.5.conf 
/opt/python2.5/lib (hit enter and then hold ctrl and press d to return to shell)
/sbin/ldconfig 
exit
ln -s /opt/python2.5/lib/libpython2.5.so /opt/python2.5/lib/python2.5/config
Step five: Download and install scapy.
Type the following command:

cd
wget http://www.secdev.org/projects/scapy/files/scapy-latest.tar.gz 
tar -xzf scapy-latest.tar.gz
cd scapy-2.1.0  
python2.5 setup.py build 
python2.5 setup.py install 

make sure you type python2.5 and then setup.py build remember you have 2 versions of python now installed. Python2.5 applies to the rest of the tools you will installing on the EC2 instance

Step six: Download and install Pyrit4.0
Type the following command:
cd
wget http://pyrit.googlecode.com/files/pyrit-0.4.0.tar.gz
tar xvzf pyrit-0.4.0.tar.gz
svn checkout http://pyrit.googlecode.com/svn/trunk/ pyrit_svn  
cd pyrit-0.4.0 
python2.5 setup.py build 
python2.5 setup.py install
ln -s /opt/python2.5/bin/pyrit /usr/bin/pyrit

Step seven:  Install CPyrit-Cuda
Type the following command:
cd
wget http://pyrit.googlecode.com/files/cpyrit-cuda-0.4.0.tar.gz 
tar xvzf cpyrit-cuda-0.4.0.tar.gz
cd cpyrit-cuda-0.4.0
python2.5 setup.py build
python2.5 setup.py install 
pyrit benchmark

Step eight: Download and install Crunch-3.0.1
Type the following command:
cd
wget http://sourceforge.net/projects/crunch-wordlist/files/crunch-wordlist/crunch-3.0.1.tgz
tar -xvf crunch-3.0.1.tgz
cd crunch3.0/
make && make install
ln –s /root/crunch3.0/./crunch  /usr/bin/crunch

Step nine: Download and install Cowpatty (optional)
Type the following command:
cd
mkdir -p /tools/wifi
cd /tools/wifi
wget http://wirelessdefence.org/Contents/Files/cowpatty-4.6.tgz 
tar zxvf cowpatty-4.6.tgz  
cd cowpatty-4.6
make 
ln -s /tools/wifi/cowpatty-4.6/cowpatty /usr/bin/cowpatty

Before starting your cracking process!!!
Before you start running your attack start the Screen GUI tool just type in shell screen and then go ahead and use the cracking tools. If you get disconnected or end up closing the SSH terminal and want to go back to the cracking session. Just log back into the EC2 instance and input the following:
screen -D -RR  
Make Your OWN INSTALLATION SCRIPT FOR EVERYTIME USE
Now every time you lunch a new instance you would need to install everything and would take a lot of your time. I have made my own EC2SETUP script & I upload it every time I create a new instance just run that script it would install everything for me in minutes. 
You can download my script if you like but I highly suggest you learn to write your own script. Download my script from the following link
to use it all you need to do is upload it to the instance and type the following command:
./EC2SETUP
You can view and modify it if needed using nano

Tutorials on how to use Crunch & pyrit:
Crunch tutorial:

Pyrit tutorial:

Thanks for reading. Good luck and happy cracking.
This tutorial was created by:  J0k3r
Let’s put a smile on that face