New AWS G3 Instance Lineup

Amazon has released their new G3 instances. Utilizing a Tesla M60 GPU platform (http://www.nvidia.com/object/tesla-m60.html) and scaling up to 4 GPU's. Along with this you also get 64 CPU's and almost half a TB of RAM. I figured it was time to crunch some numbers on Hashcat performance of the current AWS cloud options.

For all the new G3 M60 GPU benchmarks, please visit (https://gist.github.com/binary1985/881c2df6310659413102eaf5e349e999)

Current state of GPU Hash Cracking

I have been following GPU performance trends since it first became popular with bitcoin. A recent trend in the cloud has me optimistic that "some" day high intensity GPU work loads will make fiscal sense to run cloud based. The last time I checked the current state of AWS GPU Hashcat performance I was disappointed in the findings however since then 2 new lines of GPU instances have come into play. Lets take a look at the current top tier options, using on demand pricing structures.

G2.x16(4 GPU)
NTLM Performance ~ 16GH
SHA Performance ~ 3GH
Price Per Hour = $2.60

 G3.x16(4 GPU)
NTLM Performance ~ 73 GH
SHA Performance ~ 16 GH
Price Per Hour = $4.56

 P2.x16(16 GPU)
NTLM Performance ~ 136
SHA Performance ~ 32
Price Per Hour = $14.40

 So if we take the Cost / NTLM Performance:
G2.x16 = $0.1625  per GH/hr
G3.x16 = $0.0624 per GH/hr
P2.x16 = $0.1058 per GH/hr

So its nice to see that the new G3.x16 instances are moving in the correct direction, however its not close to matching modern desktop GPU based crackers. Using a Nvidia 1080ti the cost per GH is $13.18, which means you would need to run only 250 hours to balance out the purchase. This excludes costs associated with power, cooling, and other hardware.

$699/53.1 GH ~ $13.18
$13.18/$0.0624 = 211hr

If I had to estimate, I would balance our current cracker at being used 80% of the time by at least one consultant. As such we use our system about 7000 hours a year, using this model we can backwards compute what an acceptable pricing model would be for cloud infrastructure rental to outweigh a purchase.

$13.18/x(unknown cost)=7000hr
x(cost)=$0.00188 per GH/hr

As expected, homegrown cracking solutions are the way to go from a cost analysis point of view. While my formulas left out power and maintence of hardware, we still have a huge rift between the economics of purchasing a GPU rig, versus using cloud options. It might be that you don't perform password cracking often, if you do less than 211 hours of cracking a year it may be cheaper for you to use cloud resources. You should be able to use my formulas to determine what is right for you.

Comments

Post a Comment

Popular posts from this blog

10-10-2019 - Updated Wireless RADIUS MiTM on AWUS036ACH Kali2019.3

Image
Edit: No longer relevant, just apt-get install realtek-rtl88xxau-dkms on an updated kali instance now. Edit2: Just found out this is still required for Debian 8. Edit3: The kali drivers are SHIT, use this method anyways. Edit4: these things are a fickle bitch, updated 10-10-2019 for changes with the AWUS1900. I just recently got back from a large wireless gig and found that it was time to update my wireless arsenal. I had previously been using an AWUS036NH, AWUS051NH and a AWSUS052NH. The 052 must have gotten damaged because its signal strength barely picks up my home wireless, and the other two cards have seen better days. Wireless drivers are super finicky, what works today on a specific kernel release may not work after tomorrows apt update && apt upgrade -y. That's why this post is titled with the specific card, and Linux version used... your experience may vary. So first I had to decide which card I wanted, looking over at Alfa's ( https://www.alfa.c
Read more

Not Your Typical Pentest – IAM Cloud Insecurity

Image
Update: A co-worker brought up this story which shows exactly how bad things can get by abusing IAM roles.  https://threatpost.com/hacker-puts-hosting-service-code-spaces-out-of-business/106761/ As a penetration tester, I often have to adapt and change according to the technologies that I am testing. However, sometimes the technology I am testing may be new to me and I have to perform research to truly understand the technology so that I can do a thorough job. Too often you will find that your penetration testers can get into a mode of scan and report. They will fire up the vulnerability scanner, identify some stuff for the client to fix, and move on. This often happens because testers can get complacent with what they are seeing in the industry. Then when they land a remote shell on a system, they are repeating what they did last time because, “Hey it worked last time”. What really makes a good penetration tester is one who not only looks at the technology being tested throu
Read more