 Okay well first this recitation is more or less a continuation of last week's recitation. I'm going to briefly discover and discuss a number of tips and tricks for assignment 5. I won't be repeating the description of the assignment as I assume that other TAs and Adam have done this in detail and since this assignment is due in only a few days you probably know the description by now. Just one quick bit of statistics. There have been a total of three people as of this morning. We've gotten a full extra credit 110 points including part five. Maybe about half the class has everything up to part four done so maybe 150 students have finished this assignment. Rest you guys I assume have a couple days to cram on it and hopefully this will help you get past any points you're stuck. Quick background for those of you familiar with computer architecture. One piece of advice if possible you really want to use GPU to help solve the first couple stages. Basically of course CPU lets you run complex operations in sequence. It's a couple cores some small level parallelism. GPU through your video card is capable of course running thousands of threads all simultaneously and is wonderful for getting breaking hashes. If you look at the programs we suggested there is John Ripper and of course Hashcat. Hashcat does have support for GPU and I'm showing an example here if you go to the Hashcat website link that we provided get the latest version which is 5.1. If you get this from app get or from a repository you might grab version 4 which doesn't support as many video cards of course and you run Hashcat on preferably a direct machine don't run it in the VM. You should get something similar to this you should see open CL support for the full video card. Difference being you can break step one step two and probably about 35 seconds instead of an hour. If you get open CL support for just a CPU again it'll take roughly an hour to break. If you get some sort of open CL error it could take much longer to do this. Open CL support is built into many video card drivers directly. If you get the latest NVIDIA GPU drivers from NVIDIA or AMD for an AMD card of course you should have open CL directly in the system. This is screenshot here is running hashcat.exe if you get the binaries from the Hashcat website exe is obviously for Windows. The .bin files are the Linux versions for Mac or Ubuntu or whatever else you may be running. If you're running us on let's say a dual boot machine or a Linux machine that has direct access to hardware you might want to google some other help to see if you can get open CL support in Ubuntu which is not added by default. Again it depends on what video card driver but here's a quick example of a website basic instructions how to install open CL support and then in this case their screenshot shows open CL support for i7 core CPU. If you run in a VM you definitely can get open CL support for your CPU this is a virtual machine running hashcat 64 this was tested on gen part one broke part one in roughly an hour. If you have a dual boot machine you can run for example this is hashcat 64 and under dual boot again notice open CL support announcing that you have gforce video or ati video card supported and again you can break things quite a bit faster. Other than that again for those of you who are starting late we strongly recommend experimenting with parts one two and three to use some third-party program. John Ripper is sometimes better breaking some things hashcats better breaking other parts. Part three again keep in mind what Adam mentioned he said looking to dictionaries extremely important if you try to brute force part three you might be waiting for quite a long time. Part four again most people are getting progress with this but the basic idea is still pretty simple you can't reverse a hash so what you're more or less trying to do is build some sort of Python program don't need to be Python can be other programming language as well anything that can actually support creating hash. Python hashing libraries are excellent we recommend Python. Basically try every combination of five lowercase characters that are possible have your program generate a hash for each possible combination and compare the output of that hash with your code and if it gets a match then you have success. Roughly speaking people are saying that part four is taking roughly one or two hours on a modern PC to finish so you can speed this up through parallelism or through other techniques but get started early consider even if your program is working perfectly that you may need two hours or a little bit more to get an answer for your particular hash. Definitely try out the suggested hashes to make sure your code is able to decode or break hashes the same way that the suggested hashes on the assignment page show. Part five let me pull up the description here for a second as a lot of people have asking a lot of questions about we have a couple hints and tricks for part five the main suggestion on part five is take the assignment start with your part four program and simply discard the last statement. You want to solve the same exact problem but instead of knowing in part four as you see here that you know that the password is five characters lowercase letters you don't know that this hash is going to be a little bit more difficult to break it's not going to be impossible to break again since mentioned three of your classmates have already broken it this could be say six characters lowercase letters it could be seven characters lowercase letters it could be five characters with letters numbers uppercase and lowercase it could be symbols as well we're not going to tell you exactly what it is so unfortunately you have to do some experimentation you might want to try a couple theories a couple ideas but simply running your existing code from part four solve part five is pretty much all you need to do to break part five the challenge of course for part five is to speed up your code there's a number of tricks you can use to make your code run in parallel your code of course by default is running only on the cpu if you have any background in any video card development any gpu programming you can obviously offload onto gpu that's not probably the simplest way to do that there are third-party resources google has a cloud computing platform microsoft is your also as a gpu platform you can create software that can break this fairly quickly you can simply use multiple cores or your multiple computers and brute force in a very simple technique just with your code you have here one suggestion that came up on piata which is really nice was simply fix the first letter of your hash run multiple copies of your hashing code if you check your windows task manager look at core usage a typical part four program running will probably use maybe about 25 of a four core cpu if you have a four core four threaded cpu like an i5 simply run four copies of your program simultaneously and split up the key range other words have say a through h being run by one copier program make another copier program that just checks i through m whatever have another copier program m through say s or t another copier program running t through z again these are just numbers of names off the top of my head you can scale these or appropriately if you want you got eight core split them up by that if you've got 16 core or higher or can run this on multiple machines you could run 26 copies of the program for each letter of the alphabet and again do not take lowercase letters or uppercase letters or numbers or any of these is a hints about the program but break up the code so it only attacks a certain range and then uses and analyzes the rest is a key range with all possible variations and you should hopefully have a better chance of breaking part five than otherwise again blindly just trying anything might be slower than taking a theory see exactly how much longer it would take say with a six character lowercase hash see how long it take was maybe five character was all keys valid and again make some serious try to figure out what the key range is try to guess at how long it's going to take to test a range thoroughly and attack some of the smaller ranges first see if you get some success attack larger ranges again the tas are definitely available to help you out with any of this area we can't tell you exactly what the key is and we're not going to but we're more than help let more than willing to help you out with again helping to make your code run in parallel or solving you other type of problems beyond that again submitting the code doesn't no one seems to be having too much trouble with it once you get your output put into a read me file submit it and grade scope should definitely tell you exactly which grade is and if you have any questions please post a piazza or post privately to the tas and adam and we should get back to you with anything you need with that let me just open it up to any questions