Using Hashcat to Crack Hashes on Azure

More than one friend recently has had their social media account compromised or stolen. Often this is a consequence of a combination of bad password hygiene and a third party data breach. If you use the same password on multiple sites, and one of those sites suffers a breach, you run the risk that your account on every other site where you reused that password is vulnerable to compromise. As an excuse to try out the new Azure N series VMs with their NVidia GPUs, I found an email I recognised in one of the breaches, and followed it from hash through to brute-forced password to prove the point. Continue reading