Password Cracking in GCP (FOR FUN)

May 16th, 2020

A few months ago I wanted to test out utilizing GCP resources for cracking passwords. The process was relatively straight forward: provision some GPUs, setup an instance with the correct cracking software, and use a lot of compute resources.

Note: You’ll need a GCP account and the Google Cloud SDK installed.

Repo for all the scripts in this post.

Google Cloud

I really just need a few GPUs with a decent hashrate. Google has a bunch of GPUs to choose from. I went with the NVIDIA Tesla K80 which gets a hashrate of 15Mh/s when mining etherum. At this point its worth noting that Google has policies around mining using their cloud resources - and don’t use stolen credit cards to pay for cloud mining resources.

For setup, I wrote the following bash script that really just does the following create instance command:

gcloud compute instances create <INSTANCE_NAME> \
        --machine-type n1-standard-4 \
        --zone europe-west1-b \
        --accelerator type=nvidia-tesla-k80,count=1 \
        --image-family ubuntu-1604-lts \
        --image-project ubuntu-os-cloud \
        --maintenance-policy TERMINATE \

It will create a standard instance running ubuntu with a configurable number of GPUs. Once the instance exists, SSH in with:

gcloud compute ssh <INSTANCE_NAME>


Before installing switch to root so you have sudo on the new instance:

sudo su - 

I wrote an install script which handles the installation and configuration. It completes the following steps:

Install and Configure CUDA

sudo apt install ocl-icd-libopencl1 nvidia-cuda-toolkit -y
sudo add-apt-repository ppa:graphics-drivers/ppa
sudo apt-get update
sudo apt-get install mesa-common-dev freeglut3-dev -y

CUDA installation

Install Hashcat

p7zip -d hashcat-

ls /usr/bin/ | grep -i hash
sudo cp hashcat-5.1.0/hashcat64.bin /usr/bin/
sudo ln -s /usr/bin/hashcat64.bin /usr/bin/hashcat
sudo cp -Rv hashcat-5.1.0/OpenCL/ /usr/bin/
sudo cp hashcat-5.1.0/hashcat.hcstat2 /usr/bin/
sudo cp hashcat-5.1.0/hashcat.hctune /usr/bin/

You can test that Hashcat is installed properly and is recognizing your GPU by running:

hashcat --benchmark
Hashcat GPU configuration
Hashcat GPU configuration

Potential solutions for OpenCL Runetime Issues

The following has installation instructions for OpenCL runetimes depending on your CPU: OpenCL install

Download Password Lists

git clone


Hashcat is configurable depending on how quick or thorough you are interested in cracking passwords.

You’ll need to know the hash type for all of the cracking bash scripts.

Heres some example MD5 hashes that I put in a file called test_hashes.txt that I generated with the following script:

Hashcat completed job output
Hashcat completed job output


A basic run involves just using the rockyou.txt password list.

Heres the script for the basic run:

sudo hashcat -m 0 -o cracked_basic.txt test_hashes.txt rockyou.txt

This will crack some of the 5/6 hashes and put them in cracked_basic.txt.


The hash that the basic attack missed was 6d3875b42bba48c5f9be3a667ad817a1 which is the MD5 of mYSECRET. This is the same characters as the password it did crack, MYSECRET but the first character is lowercased and the rest are uppercased.

Using a ruleset we can permutate the wordlist in rockyou.txt to contain more variations of the existing wordset. For example, the above rule C is something that Hob0rules will try. More on rule based cracking and the statistics behind it can be found here.

For a step up from just using rockyou.txt, we can additional use Hob0Rules.

Heres the script for the rule based attack which runs the following:

hashcat -m 0 -o cracked_rule.txt -r Hob0Rules/hob064.rule test_hashes.txt rockyou.txt

Now the output should show all 6/6 hashes cracked.


Theres a lot of conversation on making password cracking run faster with hashcat. Enabling more GPUs and other magic will speed up cracking.

Additionally, password cracking is related to an array of other subjects like analyzing writing style, and codex analysis.