Poor Man's FPGA
Ok, time to dip from the proverbial knowledge pool. Im trying to focus on learning bluetooth cracking (yeah im a dee-de-dee but i think i want to try to develop something along the lines of kismet for bluetooth sniffers). However, in an effort to be at least semi-cutting edge from 2006, i'm trying to get into FPGAs. I would hop on the whole Pico E12 or E16 bandwagon, but i think i left my $1000 bucks (899 for the e12) in my other pants.
I've been looking at Spartan E3 starter kit (retails at the low low price of $149.99) www .xilinx.com/products/silicon_solutions/fpgas/spartan_series/spartan3e_fpgas/index.htm
But due to lack of true knowledge of the hardware out there i'm left with a few questions:
All the fpga tools on bt3 (winzipcrack, wepcrack, cowpatty,etc) that harness fpgas, do they need just the e12, or e16? OR can a guy get any FPGA and go to work?
If all fpgas are not created equal, is there a term that will help me in my searches for the proper (read CHEAP) fpga? I'm not even 100% sure the E3 is in the same realm as the e12 and e16s from PICO.
If anyone has any experience with the E3 let me know as im frothing at the mouth to order it. If an E12 gets 9,000,000/s key attempts and a p4 gets 150,000 if i could even get 3 or 4,000,000/s from the cheapo E3 i'd be happy.
Thanks in advance. God i love this forum.
Oh and also, good starting point if this is your first run in with FPGAs (i know i learn from other peoples questions too) start with this quick Black Hat presentation slide deck:
In my little knowledge I gained when i was thinking about buying a pico chip I understood a few things.
#1 a kernel patch is needed so the kernel must be rebuilt with the proper patch
#2 the actual software must be patched to provide fpga support
The way I understood it was the open cipher project was doing the support. The guy in charge of it works at pico and did the def con presentation.
BT3 has 6 softwares that I can find with fpga support however I do not know if that means any fpga or only the pico. If I were to guess I would say only the pico. Contrary to popular belief it is not a super easy way to jack up the speed on your processor. I will take a look at the tool you found though and see what its all about.
does anyone own FPGA card or a pico card ?
and if someone does have they tried generating wpa tables ?
h1kari is the only person I know who had done this, but he is not a member here.
I'm not sure how into the FPGA world you want to get, but you might check out a company called Altera. I believe that their VHDL and Verilog tools are free for the taking.
Back when I was in school I used one of their chips and an old monitor to create a game of Video Blackjack for my Senior Project.
Ok, so to turn this thread into an all you can eat FPGA source of information, heres what i've learned since my first post on the subject.
So lets start from the beginning for all the tv viewers at home just tuning in.
First, FPGA what is it?
field-programmable gate array - A field-programmable gate array (FPGA) is an integrated circuit (IC) that can be programmed in the field after manufacture. FPGAs are similar in principle to, but have vastly wider potential application than, programmable read-only memory (PROM) chips. FPGAs are used by engineers in the design of specialized ICs that can later be produced hard-wired in large quantities for distribution to computer manufacturers and end users. Ultimately, FPGAs might allow computer users to tailor microprocessors to meet their own individual needs.
In our needs [ie you and I fellow remote-exploiters] it can be used to quickly generate rainbow tables. This can be used to crack encryption [such as AES in the case of WPA and Winzip encryped zips].
Required FPGA Reading:
Design Recipes for FPGAs [by peter wilson] - and by required reading i mean reading i'm forcing myself through as the subject matter is a little dry. Maybe ill write a easy to read [ill throw a fart joke in from time to time] hacker/cracker fpga book and make my first million.
The best two are the pico e12 and pico e16
Others to look into is:
That being said, my overall understanding of the subject novice at best, but i'm delving into it more and more. Hopefully i'll get some nice test results with one of these devices [or ill win the lottery and just buy a damn pico].
If anyone else is interested in digging into the subject matter any updates to this thread are appreciated.
I would honestly go with the Altera Cyclone, also Altera has a third party company who created a $50 dollar + $30 shipping fpga board, it is USB and about the size of a credit card. Altera's Window's Development tool is free but Linux is $2,000.00. Altera has overall easier to use software and better help files. I've used Altera and Xilinx for many projects.
You are right that fpga's are not created equal. Altera created a few that have larger NAND memory, touch screens and video outputs. I have seen linux run on that design. It's about 500.00 but it is loaded with nice features.
Althought I am new to Backtrack and this forum, I am an Electronics Engineer who Specializing in Computer/Network Architecutre. For example Routers design, switch design and Computer Design.
ok so would you be kind to suggest a product for abouts £100 and would you know if it can be applied in rainbow table generation ?
latest hak5 ep with the guy on gsm cracking - was mindblowing and having a small fpga device that can cut generation time in half if amazing.
i would also like to find out if that would be applicable with brute forcing and worldlist pounding stuff.
Anabolic, it wouldn't really do much for brute forcing and wordlist pounding as FPGAs do hash and encryption generation really fast because it is hardware setup in a way that it mimicks the logic behind the actual encryption/decrytion/hash generation algorithms but in hardware so rather than a processor having to do the multiple instructions to crunch the numbers the logic gates on the fpga are already oriented in teh way you set them up so they can crunch faster [feel free to ignore everything i just said for the quick and summary....no they dont do wordlist and bruteforcing]