First working version.

.gitignore

@@ -127,3 +127,8 @@ dmypy.json
 
 # Pyre type checker
 .pyre/
+
+# secrets
+hosts
+hashcatkeys.pem
+*.mine

README.md

@@ -1,2 +1,3 @@
-# hashcat-aws
+# hashcat-cloud
-hashcat on AWS
+hashcat on cloud
+

aws/README.md

@@ -0,0 +1,5 @@
+# hashcat-aws
+hashcat on aws
+
+To deploy, run:
+ansible-playbook ec2-creation.yml -i env/hosts -e group_vars/all 

aws/files/credentials.j2

@@ -0,0 +1,3 @@
+[default]
+aws_access_key_id = "{{ ec2.access_key_id }}"
+aws_secret_access_key = "{{ ec2.secret_access_key }}"

aws/files/hashcat_start.j2

@@ -0,0 +1,25 @@
+#!/bin/bash
+
+HASHCAT=/usr/local/hashcat/hashcat.bin
+WORDLIST=/mnt/wordlists/rockyou.txt
+RULES=/usr/local/hashcat/rules/best64.rule
+HANDSHAKES=/mnt/hs/
+TMP=/tmp/
+HOST=`/bin/hostname`
+
+# Download hashcat
+cd $TMP
+curl -s https://api.github.com/repos/hashcat/hashcat/releases/latest | jq '.assets[] | select(.name|match(".7z$")) | .browser_download_url' | sed 's/"/ /' | sed 's/"/ /' | wget -i -
+7zr x hashcat*.7z
+rm -f hashcat*.7z
+mv -f /tmp/hashcat* /usr/local/hashcat
+
+$HASHCAT -I >> $HANDSHAKES/hashcat-info-$HOST.log
+
+for hash in `ls -1 $HANDSHAKES/*.22000`
+do 
+	$HASHCAT -o $hash.cracked -a 0 -m 22000 $hash $WORDLIST -r $RULES
+done
+
+# shutdown instance so it can self-terminate
+shutdown -h now

aws/group_vars/all

@@ -0,0 +1,30 @@
+ec2:
+  region: us-west-2
+  credentials: <your ssh key name>
+  image: ami-0d70546e43a941d70 
+  sg: <your security group>
+  shutdownbehavior: terminate
+  ###instance_type: t2.nano 
+  instance_type: g5.xlarge
+  ###instance_type: p2.16xlarge 
+  # us-west-2a
+  subnet: subnet-0e58d276 
+  public_ip: yes
+  tags:
+    Name: hashcat
+  volumes:
+    #- device_name: /dev/xvda
+    #- device_name: /dev/sdf
+    - device_name: /dev/sda1
+      volume_type: standard
+      volume_size: 25 
+      delete_on_termination: true
+      modify_volume: true
+  nvidia_version: 515
+  os: ubuntu2204
+  access_key_id: <your key id>
+  secret_access_key: <your secret key> 
+s3:
+  bucket_name: <your bucket>
+  mount_point: /mnt/
+  end_point: <your bucket's endpoint>

aws/hashcat.yml

@@ -0,0 +1,11 @@
+- hosts: localhost
+  connection: local
+  roles:
+          - ec2_create
+
+
+- hosts: hashcat
+  gather_facts: True
+  roles:
+          - ec2_hashcat
+

aws/hashcat_destroy.yml

@@ -0,0 +1,5 @@
+- hosts: localhost
+  connection: local
+  roles:
+          - ec2_terminate
+  tags: ec2_terminate

aws/roles/ec2_create/tasks/main.yml

@@ -0,0 +1,28 @@
+- name: Create hashcat instance
+  ec2:
+    region: "{{ ec2.region }}"
+    keypair: "{{ ec2.credentials }}"
+    instance_tags: "{{ ec2.tags }}"
+    image: "{{ ec2.image }}"
+    instance_type: "{{ ec2.instance_type }}"
+    instance_profile_name: "{{ ec2.role | default('') }}"
+    instance_initiated_shutdown_behavior: "{{ ec2.shutdownbehavior }}"
+    volumes: "{{ ec2.volumes }}"
+    group: "{{ ec2.sg }}"
+    vpc_subnet_id: "{{ ec2.subnet }}"
+    assign_public_ip: "{{ ec2.public_ip | default('no') }}"
+    private_ip: "{{ ec2.private_ip | default('') }}"
+    wait: true
+  register: myec2
+
+- name: Add new instance to host group
+  add_host: hostname={{ item.public_ip }} groupname=hashcat
+  with_items: '{{myec2.instances}}'
+
+- name: Wait for SSH to come up
+  wait_for:
+    host: "{{ item.public_ip }}"
+    port: 22
+    state: started
+    #delay: 500
+  with_items: '{{ myec2.instances }}'

aws/roles/ec2_hashcat/tasks/main.yml

@@ -0,0 +1,98 @@
+- name: Update repo list (update) and upgrade instance (upgrade)
+  become: yes
+  ansible.builtin.apt:
+    update_cache: yes
+
+- name: Upgrade the OS (dist-upgrade)
+  become: yes
+  ansible.builtin.apt:
+    upgrade: dist
+
+- name: Install p7zip
+  become: yes
+  ansible.builtin.apt:
+    name: p7zip
+    update_cache: yes
+
+- name: jq
+  become: yes
+  ansible.builtin.apt:
+    name: jq 
+    update_cache: yes
+
+#- name: Install build-essential
+#  become: yes
+#  ansible.builtin.apt:
+#    name: build-essential
+#    update_cache: yes
+
+- name: Install nVidia CUDA keyring 
+  become: yes
+  ansible.builtin.apt:
+    deb: https://developer.download.nvidia.com/compute/cuda/repos/{{ ec2.os }}/x86_64/cuda-keyring_1.0-1_all.deb
+
+- name: Install nVidia cuda-drivers
+  become: yes
+  ansible.builtin.apt:
+    name: cuda-drivers
+    update_cache: yes
+
+- name: Install nVidia cuda
+  become: yes
+  ansible.builtin.apt:
+    name: cuda
+    update_cache: yes
+
+- name: Copy hashcat_start script
+  become: yes
+  ansible.builtin.copy:
+    src: hashcat_start.j2
+    dest: /usr/local/bin/hashcat_start
+    owner: root
+    group: root
+    mode: '0755'
+
+- name: Download latest goofys
+  become: yes
+  ansible.builtin.get_url:
+    url: https://github.com/kahing/goofys/releases/latest/download/goofys
+    dest: /usr/local/bin/goofys
+    mode: '0755'
+
+- name: Create aws directory if it does not exist
+  become: yes
+  ansible.builtin.file:
+    path: /root/.aws/
+    state: directory
+    mode: '0755'
+
+- name: Copy AWS Credentials
+  become: yes
+  ansible.builtin.copy:
+    src: credentials.j2
+    dest: /root/.aws/credentials
+    owner: root
+    group: root
+    mode: '0600'
+
+- name: Set up fstab
+  become: yes
+  lineinfile:
+    dest: /etc/fstab
+    line: '{{ item }}'
+  with_items:
+    - 'goofys#{{ s3.bucket_name }}   {{ s3.mount_point }}        fuse     _netdev,allow_other,--file-mode=0660,--dir-mode=0770,--uid=1000,--gid=1000,--endpoint={{ s3.end_point }},noauto    0       0'
+
+- name: Mount S3 bucket
+  become: yes
+  command: mount /mnt
+  args:
+    warn: no
+  become: true
+
+- name: Run hashcat
+  become: yes
+  shell: "(/usr/local/bin/hashcat_start >/dev/null 2>&1 &)"
+  ###command: "(/usr/local/bin/hashcat_start &)"
+
+

aws/roles/ec2_terminate/tasks/main.yml

@@ -0,0 +1,9 @@
+- name: Terminate hashcat instance
+  ec2:
+          region: "{{ ec2.region }}"
+          instance_tags: "{{ ec2.tags }}"
+          instance_profile_name: "{{ ec2.role | default('') }}"
+          image: "{{ ec2.image }}"
+          exact_count: 0
+          wait: true
+