RE: Rainbow Tables

From: Simpson, Brett (Brett.Simpson@hsn.net)
Date: Thu Feb 09 2006 - 12:59:53 EST

• Next message: FocusHacks: "Re: sql injection: url or form based?"
• Previous message: Levenglick, Jeff: "RE: Penetration test of 1 IP address"
• Maybe in reply to: stark192@hotmail.com: "Rainbow Tables"
• Next in thread: Tony Stark: "RE: Rainbow Tables"
• Reply: Tony Stark: "RE: Rainbow Tables"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

> -----Original Message-----
> From: Tony Stark [mailto:stark192@hotmail.com]
> Subject: Re: Rainbow Tables
>

Snip...

> Reason for this...the idea is that if we take the current
> list of passwords
> create a pre-computed hash table the next time we audit we'd
> run LC5 (till I
> convense them otehrwise) and all but the passwords that
> changed and new
> accounts would get knocked out right away.
>
> Does anyone have a hint as to how I should do this? Is there
> a way to take
> the hashes and the cracked clear text and merge them into a table?

http://www.antsight.com/zsl/rainbowcrack/

For non lan manager hashes this would require a tremendouse amount of
disk space (tera to peta bytes). Every password can have a large number
of salts (the exact number depends of the type of hash i.e. md5,
sha-1,etc).

So let's say you have a UNIX system using the older crypt then you would
have 4096 salts that are possible per password. So for every clear text
version of a password you would have to store 4096 different salts. I
have an English dictionary I use with JtR so 411,563 words.. Then I use
rules mode and that number jumps to 15,773,164 (171MB). Now times that
by 4096 salts and you get 64,606,879,744 variations (700+ TB).

For Windows if your looking at the lanman hashes (not nt hashes) then
they only have one salt so it would be possible to generate a table on
common words and variations for only a couple hundred megabytes.

You should also read the teracrack article.

http://security.sdsc.edu/publications/teracrack.pdf

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

• Next message: FocusHacks: "Re: sql injection: url or form based?"
• Previous message: Levenglick, Jeff: "RE: Penetration test of 1 IP address"
• Maybe in reply to: stark192@hotmail.com: "Rainbow Tables"
• Next in thread: Tony Stark: "RE: Rainbow Tables"
• Reply: Tony Stark: "RE: Rainbow Tables"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:29 EDT