Stage 2: CowPatty
Introduction
Firstly I want to mention you mentioned about hypervisor in class. I want it to be noted that I personally hate hypervisor, I havent really looked into its total purpose however it makes me hate windows 10.
Since I use VMware and Android Studio anytime I was to use one or the other I have to turn hypervisor off, Its simply the worst
Building On Aarchie
Right off the bat, I knew I had to build it differently then I did for on my x86 systems running a different Linux. Once i figured out it was 'yum' as a package manager is was good to go,
I had to install libraries as my make file was crashing, the error was related to libpcap not being installed, Once I ran sudo yum install libpcap-devel . my makefile ran fine and my program was able to build.
Its great that I have CowPatty built however the test data I was supplied is quite small, I need to make the dictionary much larger. To do this Ill use john the ripper with the dictionary I was given and pipe the results to a file.
We now have close to 500 000 keys in our dictionary, quite large, but great for testing.
The result for the 4 way handshake is still near the top of the file, to lengthen the test we can move it to the end.
Before we start testing on this platform we need to check load and the users
Building on x86
Building on x86 was the same but easier as I knew the commands, they are pretty much the same but I use a different package manager. For the x86 test I will be using 2 different systems, my Desktop in a vm plus the x86 server xerxes.
On xerxes I had to install Clang as it threw and error on the make.
Once I did that, It was ready for testing on xerxes!!
Running My Tests
For my Tests, Im going to use 2 different size data sets along with doing test cross platform to see how each perform. Changing the pcap file it accepts would also be another way to test however were looking a specific hash functions in the call graph.
The test will take in the 4 way handshake provided, and my custom dictionary file. The tests will see check the performance of the hashing functions along with how it handles the file with the larger size. With the larger file we can see if it spends more time in specific area, maybe leading to other possible clues as to where we can optimize
First test will be 10201 Keys in length
Seconds test will be much longer at 498579 Keys
Here is the Table Results from the Tests
Build Graphs for Related Tests
Archie Small
Xerxes Small
Ryzen Small
Ryzen Large
Full CALL graphs - here
Results
The Difference between the arm and the x86 is very interesting, unfortunately I couldn't attach call graphs from the large tests as the system would hang, possibly other students working. I saw 1 using the system. Because cowpatty likes to use openssl (libcrypto.so) for its hashing when possible. Im going to try and use the sha that is in the kernel libkcapi, In hopes to optimize it for specific systems. Looking at archie I'm most interested in seeing the impact this could have there. The benchmark times does not have any variations that are unexpected. Scaling the keysize does not effect time on the same scale, as the larger files have more overhead performing file operations.
Goals for Stage 3
- Use libkcapi sha1 replacement for openssh libcryto.so
- Functional on multiple platforms
- Some performance changes!
Alternative measures
- This software has had issue in Kali, so many people have been tinkering with buildflags and other changes to make the software work. I want to try some of the suggest flags to see if they actually change performance,
Comments
Post a Comment