Presented at THOTCON 0x5 (2014)
April 25, 2014, noon
Password cracking has made major advances in recent years with the introduction of GPU-based cracking. Many organizations are turning to GPU cracking to audit passwords and ensure compliance with password complexity policies. In this talk, we will walk you through how we were able to build our own cracking system with high-end gaming parts, for minimal cost. We'll be honest and let you know how we screwed up and how we succeeded. Additionally, there will be demos of our GPU cracking rig's performance along with tips and tricks for building your own cracking box, both the cheap way and the right way.
Eric has a BS in computer science from the University of Minnesota, focusing on networking, security, and software engineering. He has done work in the education, information technology, and information security industries, designing and developing software, maintaining information systems, and security research. At NetSPI, Eric's primary duties include network, web application, thick application, and mobile penetration testing. He also helps develop applications and scripts for the NetSPI penetration testing team. Eric currently holds the GCIH and GXPN certifications.
Karl specializes in network and web application penetration testing. Karl holds a BS in Computer Science from the University of Minnesota, focusing on Network Security. With over five years of consulting experience in the computer security industry, Karl has worked in a variety of industries; financial services, health care, and hardware manufacturing. In his spare time, Karl likes to volunteer at cons, including THOTCON.