Recently, I’ve been doing quite a bit of research and usage in the field of Rainbow Tables. “Rainbow Tables” refers to an pre-generated series of hashes arranged in chains, ultimately exploring an entire phase space of hashing algorithms, enabling users to crack a password using the improved time-memory trade-off technique as proposed by Philippe Oechslin.
The practical upshot of which is that with a fully generated set of Rainbow Tables, it’s possible to crack any un-salted one-way hashed password in a reasonable amount of time (we’re talking minutes). Their usage includes, but is not limited to WPA-PSK, Poisoned NTLM/LM Challenge/Response, MD4, MD5, SHA-1, LM, MS-CACHE and NTLM cracking.
Free Rainbow Tables is a newly rejuvenated project which uses distributed computing technology in order to compute diverse Rainbow Tables for all to use on-line, and download for offline usage.
Tags: cracking, distributed, free, Hacking, information, infosec, rainbow, security, table
Feeds
Kudos to
1 comment
Comments feed for this article
Trackback link
http://blog.yibble.org/2007/10/18/free-rainbow-tables/trackback/
December 21, 2007 at 5:12 am
Scott Petinga
Ahhh yes, my old friend the rainbow table. But I think the question should be, how can we use Rainbow Tables for for good, not evil? And really, who “isn’t” salting their passwords these days? Come on ;-) I know we are all on a health kick and all but in moderation, salt is your friend.