diff --git a/.gitignore b/.gitignore index b6e4761..cac9aef 100644 --- a/.gitignore +++ b/.gitignore @@ -127,3 +127,8 @@ dmypy.json # Pyre type checker .pyre/ + +# secrets +hosts +hashcatkeys.pem +*.mine diff --git a/README.md b/README.md index df94fe7..0e03643 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,3 @@ -# hashcat-aws -hashcat on AWS +# hashcat-cloud +hashcat on cloud + diff --git a/aws/README.md b/aws/README.md new file mode 100644 index 0000000..aff1327 --- /dev/null +++ b/aws/README.md @@ -0,0 +1,5 @@ +# hashcat-aws +hashcat on aws + +To deploy, run: +ansible-playbook ec2-creation.yml -i env/hosts -e group_vars/all diff --git a/aws/files/credentials.j2 b/aws/files/credentials.j2 new file mode 100644 index 0000000..2dd2bc4 --- /dev/null +++ b/aws/files/credentials.j2 @@ -0,0 +1,3 @@ +[default] +aws_access_key_id = "{{ ec2.access_key_id }}" +aws_secret_access_key = "{{ ec2.secret_access_key }}" diff --git a/aws/files/hashcat_start.j2 b/aws/files/hashcat_start.j2 new file mode 100644 index 0000000..4d65094 --- /dev/null +++ b/aws/files/hashcat_start.j2 @@ -0,0 +1,25 @@ +#!/bin/bash + +HASHCAT=/usr/local/hashcat/hashcat.bin +WORDLIST=/mnt/wordlists/rockyou.txt +RULES=/usr/local/hashcat/rules/best64.rule +HANDSHAKES=/mnt/hs/ +TMP=/tmp/ +HOST=`/bin/hostname` + +# Download hashcat +cd $TMP +curl -s https://api.github.com/repos/hashcat/hashcat/releases/latest | jq '.assets[] | select(.name|match(".7z$")) | .browser_download_url' | sed 's/"/ /' | sed 's/"/ /' | wget -i - +7zr x hashcat*.7z +rm -f hashcat*.7z +mv -f /tmp/hashcat* /usr/local/hashcat + +$HASHCAT -I >> $HANDSHAKES/hashcat-info-$HOST.log + +for hash in `ls -1 $HANDSHAKES/*.22000` +do + $HASHCAT -o $hash.cracked -a 0 -m 22000 $hash $WORDLIST -r $RULES +done + +# shutdown instance so it can self-terminate +shutdown -h now diff --git a/aws/group_vars/all b/aws/group_vars/all new file mode 100644 index 0000000..3ddab0b --- /dev/null +++ b/aws/group_vars/all @@ -0,0 +1,30 @@ +ec2: + region: us-west-2 + credentials: + image: ami-0d70546e43a941d70 + sg: + shutdownbehavior: terminate + ###instance_type: t2.nano + instance_type: g5.xlarge + ###instance_type: p2.16xlarge + # us-west-2a + subnet: subnet-0e58d276 + public_ip: yes + tags: + Name: hashcat + volumes: + #- device_name: /dev/xvda + #- device_name: /dev/sdf + - device_name: /dev/sda1 + volume_type: standard + volume_size: 25 + delete_on_termination: true + modify_volume: true + nvidia_version: 515 + os: ubuntu2204 + access_key_id: + secret_access_key: +s3: + bucket_name: + mount_point: /mnt/ + end_point: diff --git a/aws/hashcat.yml b/aws/hashcat.yml new file mode 100644 index 0000000..22bdff5 --- /dev/null +++ b/aws/hashcat.yml @@ -0,0 +1,11 @@ +- hosts: localhost + connection: local + roles: + - ec2_create + + +- hosts: hashcat + gather_facts: True + roles: + - ec2_hashcat + diff --git a/aws/hashcat_destroy.yml b/aws/hashcat_destroy.yml new file mode 100644 index 0000000..35dd29b --- /dev/null +++ b/aws/hashcat_destroy.yml @@ -0,0 +1,5 @@ +- hosts: localhost + connection: local + roles: + - ec2_terminate + tags: ec2_terminate diff --git a/aws/roles/ec2_create/tasks/main.yml b/aws/roles/ec2_create/tasks/main.yml new file mode 100644 index 0000000..5c05559 --- /dev/null +++ b/aws/roles/ec2_create/tasks/main.yml @@ -0,0 +1,28 @@ +- name: Create hashcat instance + ec2: + region: "{{ ec2.region }}" + keypair: "{{ ec2.credentials }}" + instance_tags: "{{ ec2.tags }}" + image: "{{ ec2.image }}" + instance_type: "{{ ec2.instance_type }}" + instance_profile_name: "{{ ec2.role | default('') }}" + instance_initiated_shutdown_behavior: "{{ ec2.shutdownbehavior }}" + volumes: "{{ ec2.volumes }}" + group: "{{ ec2.sg }}" + vpc_subnet_id: "{{ ec2.subnet }}" + assign_public_ip: "{{ ec2.public_ip | default('no') }}" + private_ip: "{{ ec2.private_ip | default('') }}" + wait: true + register: myec2 + +- name: Add new instance to host group + add_host: hostname={{ item.public_ip }} groupname=hashcat + with_items: '{{myec2.instances}}' + +- name: Wait for SSH to come up + wait_for: + host: "{{ item.public_ip }}" + port: 22 + state: started + #delay: 500 + with_items: '{{ myec2.instances }}' diff --git a/aws/roles/ec2_hashcat/tasks/main.yml b/aws/roles/ec2_hashcat/tasks/main.yml new file mode 100644 index 0000000..446fdc4 --- /dev/null +++ b/aws/roles/ec2_hashcat/tasks/main.yml @@ -0,0 +1,98 @@ +- name: Update repo list (update) and upgrade instance (upgrade) + become: yes + ansible.builtin.apt: + update_cache: yes + +- name: Upgrade the OS (dist-upgrade) + become: yes + ansible.builtin.apt: + upgrade: dist + +- name: Install p7zip + become: yes + ansible.builtin.apt: + name: p7zip + update_cache: yes + +- name: jq + become: yes + ansible.builtin.apt: + name: jq + update_cache: yes + +#- name: Install build-essential +# become: yes +# ansible.builtin.apt: +# name: build-essential +# update_cache: yes + +- name: Install nVidia CUDA keyring + become: yes + ansible.builtin.apt: + deb: https://developer.download.nvidia.com/compute/cuda/repos/{{ ec2.os }}/x86_64/cuda-keyring_1.0-1_all.deb + +- name: Install nVidia cuda-drivers + become: yes + ansible.builtin.apt: + name: cuda-drivers + update_cache: yes + +- name: Install nVidia cuda + become: yes + ansible.builtin.apt: + name: cuda + update_cache: yes + +- name: Copy hashcat_start script + become: yes + ansible.builtin.copy: + src: hashcat_start.j2 + dest: /usr/local/bin/hashcat_start + owner: root + group: root + mode: '0755' + +- name: Download latest goofys + become: yes + ansible.builtin.get_url: + url: https://github.com/kahing/goofys/releases/latest/download/goofys + dest: /usr/local/bin/goofys + mode: '0755' + +- name: Create aws directory if it does not exist + become: yes + ansible.builtin.file: + path: /root/.aws/ + state: directory + mode: '0755' + +- name: Copy AWS Credentials + become: yes + ansible.builtin.copy: + src: credentials.j2 + dest: /root/.aws/credentials + owner: root + group: root + mode: '0600' + +- name: Set up fstab + become: yes + lineinfile: + dest: /etc/fstab + line: '{{ item }}' + with_items: + - 'goofys#{{ s3.bucket_name }} {{ s3.mount_point }} fuse _netdev,allow_other,--file-mode=0660,--dir-mode=0770,--uid=1000,--gid=1000,--endpoint={{ s3.end_point }},noauto 0 0' + +- name: Mount S3 bucket + become: yes + command: mount /mnt + args: + warn: no + become: true + +- name: Run hashcat + become: yes + shell: "(/usr/local/bin/hashcat_start >/dev/null 2>&1 &)" + ###command: "(/usr/local/bin/hashcat_start &)" + + diff --git a/aws/roles/ec2_terminate/tasks/main.yml b/aws/roles/ec2_terminate/tasks/main.yml new file mode 100644 index 0000000..39e36aa --- /dev/null +++ b/aws/roles/ec2_terminate/tasks/main.yml @@ -0,0 +1,9 @@ +- name: Terminate hashcat instance + ec2: + region: "{{ ec2.region }}" + instance_tags: "{{ ec2.tags }}" + instance_profile_name: "{{ ec2.role | default('') }}" + image: "{{ ec2.image }}" + exact_count: 0 + wait: true +