Fastest password cracking with 36 cores amazon web services (AWS) Package name on AWS (c4.8xlarge) for some password cracking related activities.

I’m sharing some benchmarks with hashcat and John the Ripper with 36 cores.  In order to using 36 core instance you’ll need to use a HVM (hardware virtual machine) enabled machine image. For that we’re gonna need Ubuntu 14.04 LTS image.

How to setup hashcat?

Usually the GPU version of hashcat is the tool of choice for me when it comes to password cracking. However, on this occasion I was interested in experimenting and benchmarking with CPU only.

The setup for multicore hashcat is pretty straight forward. Installing libgmp3-dev was required in order to run multicore. Multiple core support is provided by default. You’ll need to download p7zip-full to extract the download a bit further on (7z).

After this it was just a case of downloading and installing the latest version of hashcat.

The EULA needed to be accepted proceeding with using hashcat, here’s a quick copy paste way to get the prompt up, I guess:

‘OH NO! I got this!’

No you didn’t, because you did the apt-get install from earlier…


Benchmarking is simple enough with hashcat using the --benchmark or -b option. Here’s the output (it’s a bit long):

John the Ripper

I compiled John from source so there were a few extra steps involved. If I try this again at some point i’ll try and setup the community edition of John for some of the added functionality.


Since there’s some compiling to do I grabbed build-essentail. libssl-dev is required for john.

Next I pulled down the latest release of john the ripper (1.8.0 at the time or writing) and extracted. If you’re using these notes in the future you might have to change the URL below (or at least check to see if there’s a newer version out).

Time to compile. The OMPFLAGS need to be uncommented in the make file.

The following lines needed changing… (lines uncommented):

After changing I saved the file then ran the following to compile.

With any luck the john binary will be in the run folder ready to be played with.


John comes with a --test option for benchmarking.

Thoughts on AWS

Some of the speeds reported aren’t bad, but not great. Most decent GPUs will do much better against some of the easy algorithms such as MD5, NTLM etc.

Looking into spot instances on AWS (instances run at cheaper rates when available) could be an option for those automating a password cracking business in the cloud.

This was really just a close look at using a high core count on AWS. Maybe in the future i’ll get around to delving a bit deeper into this approach to password cracking.