let's say i am trying to crack a WPA password and i need to create a virtual machine setup for it. What would the setup be if i limit myself with a specific number of hours ( let's say 24 hours and password is 8 alphanumeric characters).
does any formulas i can use to determine what my set up would be exits? like how to calculatethe number of GPUs, CPUs and RAM i need to finish in the given time limit
Assuming that the passphrase was randomly generated, the two pieces of information needed to perform the calculation for a fully brute force attack are:
Keyspace. This is how many possible combinations there are. In this case, 26 upper-case, 26 lower-case, and 10 digits = 62 characters, in eight positions (so 62^8, 62 to the power of 8, or 62x62x62x62x62x62x62x62).
Real-world GPU cracking speed. This is highly variable depending on the platform. Benchmark numbers for tools like hashcat are generated under ideal conditions which can't usually be achieved in real-world attacks, so running the actual attack is the gold standard for determining real-world throughput, and then doing the math to match your target scale.
Here is an attack under the parameters in your question, running on 6 GTX 1080s:
$ hashcat -a 3 -m 2500 -2 ?l?u?d hashcat-wpa2.hccapx ?2?2?2?2?2?2?2?2
hashcat (v4.1.0) starting...
OpenCL Platform #1: NVIDIA Corporation
======================================
* Device #1: GeForce GTX 1080, 2029/8119 MB allocatable, 20MCU
* Device #2: GeForce GTX 1080, 2029/8119 MB allocatable, 20MCU
* Device #3: GeForce GTX 1080, 2029/8119 MB allocatable, 20MCU
* Device #4: GeForce GTX 1080, 2029/8119 MB allocatable, 20MCU
* Device #5: GeForce GTX 1080, 2029/8119 MB allocatable, 20MCU
* Device #6: GeForce GTX 1080, 2029/8119 MB allocatable, 20MCU
[...]
Hashes: 1 digests; 1 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates
Applicable optimizers:
* Zero-Byte
* Single-Hash
* Single-Salt
* Brute-Force
* Slow-Hash-SIMD-LOOP
Password length minimum: 8
Password length maximum: 63
Watchdog: Temperature abort trigger set to 90c
[...]
Session..........: hashcat
Status...........: Running
Hash.Type........: WPA/WPA2
Hash.Target......: 8381533406003807685881523 (AP:ae:f5:0f:22:80:1c STA:98:7b:dc:f9:f9:50)
Time.Started.....: Wed Apr 25 06:39:06 2018 (4 mins, 40 secs)
Time.Estimated...: Sat Oct 23 07:02:24 2021 (3 years, 181 days)
Guess.Mask.......: ?2?2?2?2?2?2?2?2 [8]
Guess.Charset....: -1 Undefined, -2 ?l?u?d, -3 Undefined, -4 Undefined
Guess.Queue......: 1/1 (100.00%)
Speed.Dev.#1.....: 332.4 kH/s (6.93ms)
Speed.Dev.#2.....: 327.8 kH/s (7.06ms)
Speed.Dev.#3.....: 329.5 kH/s (7.00ms)
Speed.Dev.#4.....: 328.7 kH/s (7.01ms)
Speed.Dev.#5.....: 330.4 kH/s (6.96ms)
Speed.Dev.#6.....: 330.1 kH/s (6.98ms)
Speed.Dev.#*.....: 1979.0 kH/s
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 553451520/218340105584896 (0.00%)
Rejected.........: 0/553451520 (0.00%)
Restore.Point....: 8437760/3521614606208 (0.00%)
Candidates.#1....: etET7778 -> exQC5678
Candidates.#2....: 1BDpERIN -> 1r8tBONA
Candidates.#3....: l5MUQURL -> lEeqNANA
Candidates.#4....: bjHuRANA -> bCLfNANA
Candidates.#5....: 2Rh7MANA -> 2VLbLESS
Candidates.#6....: rFrR7778 -> r0xsANAN
Once you know the performance of your GPU for that hash and that attack, you can multiply that speed (or divide that time estimate) by the number of GPUs you'll have. If you need to scale out across multiple chassis, tools like Hashtopolis or hashview can manage a cluster of systems. If I had ten systems like the above, it would take 1275 days / 10 = ~4 months to fully exhaust the keyspace (and ~2 months to crack the average case). You get the idea.
For your other capacity questions, in practice, you don't need a lot of CPU for the attack itself when using hashcat. I'm told that recent versions of hashcat do work best when the host system has roughly much RAM as the total amount of GPU memory, but this isn't exact. For example, the system above collectively has 48G of GPU memory, but only 32GB of RAM and works fine for WPA2. But this memory rule of thumb is good for general system-build advice.
As should be clear by now, if you only have 24 hours, and your passphrase was randomly generated, you won't get very far. But the above should help you perform the calculations.
TL;DR: Not reasonable for random password.
Assuming you can't use dictionary attacks (the password is truly random), that is 628 = 218 340 105 584 896 ≈ 2 * 1014 possible combinations. According to this, you can optimistically get 108 AES-256 operations per second on a CPU core. You would need 24 cores to crack it in less than a day. You should have more to make sure, especially in a virtual machine, as virtualization may slow things down. While throwing a GPUs at it may be a better idea, GPUs don't allow specific AES instructions, so the performance will be at least 10 times worse, probably more like 20.
Still, that would be all nice and good, if WPA2 did not use PBKDF2 with 4096 iterations. So assuming a CPU core can do that in 1 ms, which is optimistic according to my VeraCrypt benchmark. You would need 1014 / 24 / 3600 / 1000 = 1157408 CPU cores. Over 1 million! Even if GPU core performance was similar, that would still be about 500-1000 modern GPUs to break it in a day and that is being optimistic every step of the way.
