I agree Rainbow Tables can greatly speed up the process.
However, it might take you a long time to generate them. I spend 68 days
generating mine and then I found out about http://www.rainbowtables.net
These guys have the tables for sale, at the price they sell them, it was not
worth spending 68 days processing mine.
Rainbow tables are very fast, really worth a try.
Clement
Clément Dupuis, CD
President/Security Evangelist/Chief Learning Officer (CLO)
CCCure Enterprise Security & Training Inc.
CISSP, GCFW, GCIA, Security+, CEH, CCSA, MBNS, MBIS, MBHS, CCSE, ACE
Maintainer of :
The CISSP and SSCP Open Study Guides Web Site
http://www.cccure.org
The Professional Security Testers Warehouse
http://www.professionalsecuritytesters.org
> -----Original Message-----
> From: Leandro Reox [mailto:lmet5on_at_fibertel.com.ar]
> Sent: Wednesday, July 27, 2005 10:45 PM
> To: 'Sherwyn Williams'; pen-test_at_securityfocus.com
> Subject: RE: Etc/shadow file and john
>
> An effective method to get passwords is to pass them trough specific
> generated rainbow tables with a tool like CAIN.
> Is this hash encrypted with md5 or another known hashing algorithm ?
>
> Cheers
>
> --
> Leandro Reox
> http://www.securearg.net/ Secure from the source
> -----Original Message-----
> From: Sherwyn Williams [mailto:sherwill22_at_tmail.com]
> Sent: Wednesday, July 27, 2005 1:57 PM
> To: pen-test_at_securityfocus.com
> Subject: Etc/shadow file and john
>
> I am doing an assesment for passwords on a network, after getting the
> password file I piped the output to a text file, tried to run that
> against John and can't get any luck with the program. Do anyone here
> uses any other password programs, and is there a better format than a
> text file to store the out of the etc/shadow when trying to get the
> passes.
> Sherwyn Williams
> Technical Consultant
> Sherwill22_at_tmail.com
>
>
Received on Jul 28 2005
Intro
