These are a rough set of notes I put together when figuring out Amazon’s EC2. I’ve been using the boxes quite extensively to crack passwords. This has turned out to be a godsend for me when i’m on the road, and i need to be able to set up heavy duty machines on the fly.
To get started:
Set up an Amazon account:
Chances are you probably already have one, but if necessary you can sign up here: http://aws.amazon.com/ You can use your regular Amazon.com account to get started with EC2.
- Take note of your key and secret key, you’ll need them in the next steps
Get & Configure ElasticFox Firefox Plugin
Though Amazon.com just released their own browser-based console to control machines, I prefer the ElasticFox plugin.
- download latest version of elasticfox (firefox plugin)
- open elasticfox
- firefox -> tools -> elasticfox
- click credentials
- add your amazon credentials to the list
- click okay
- select the new account from the drop-down
Create a New Instance
- Click the Amazon Machine Instances (AMI) and Instances tab
- Hit the refresh button in the upper left (blue)
- If you’re looking for a specific machine, type that in the search, and hit refresh
- try the alestic ubuntu base (i386) machines – they’re vanilla, and rock-solid
- right-click on the instance, say create
Selecting An Instance Type
- Amazon images come in a few flavors:
- M1 – memory – $0.10 / hour (default)
- M2 – memory2 – $0.40 / hour
- M3 – memory3 – $0.80 / hour
- C1 – cpu1 – $0.20 / hour
- C2 – cpu2 – $0.80 / hour
Generate a Public/Private key pair
Amazon, by default, requires key-based authentication. ElasticFox makes the management of this fairly painless, except when you’re dealing with multiple PCs. The management of these keys is important. If the key is lost, you WILL NOT be able to log into the machine created with the key.
- if you’re on linux, the pem file will work with the default terminal (if you’re on windows, a little extra work with putty / puttygen is needed here)
- tested on ubuntu/gnome-terminal
Configuring an Elastic IP
- Elastic IPs can be used to give a temporarary static IP to a machine
- This can be useful in the case of connect-backs
- Note that the machines a can always be accessed by public DNS name
Setting up the box
Now for the fun part.
- run the following:
#!/bin/bash<br />apt-get update<br />apt-get upgrade<br />apt-get install john<br />
- Copy / Paste the hash file into the terminal
- Run john on the hash file
@cg — thanks man. there’s going to be more of these coming. Amazon’s official policy is that they allow scanning to / from the cloud, as long as it’s authorized (read: as long as they’re not getting complaints).