Penetration Testing mailing list archives
RE: Rainbow Tables
From: "Tom Brennan" <tomb () accessitgroup com>
Date: Thu, 9 Feb 2006 17:14:19 -0500
http://rainbowtables.shmoo.com/ Tom Brennan, CISSP Technology Risk Practice Manager AccessIT Group Inc. 115 Route 46 West, Mt. Lakes, NJ 07046 Direct: 973-296-3862 Web: www.accessitgroup.com -----Original Message----- From: Tony Stark [mailto:stark192 () hotmail com] Sent: Thursday, February 09, 2006 1:47 PM To: Brett.Simpson () hsn net; pen-test () securityfocus com Subject: RE: Rainbow Tables Hello Brett, Fortunatly for this project we are only doing LM passwords, all on Windows machines. Yeah, I'd hate to try this with salt, I could take a long vacation while that ran..<g> Thx for the info, I'll jump on the links and check them out. Tony
From: "Simpson, Brett" <Brett.Simpson () hsn net> To: "Tony Stark" <stark192 () hotmail com>, <pen-test () securityfocus com> Subject: RE: Rainbow Tables Date: Thu, 9 Feb 2006 12:59:53 -0500-----Original Message----- From: Tony Stark [mailto:stark192 () hotmail com] Subject: Re: Rainbow TablesSnip...Reason for this...the idea is that if we take the current list of passwords create a pre-computed hash table the next time we audit we'd run LC5 (till I convense them otehrwise) and all but the passwords that changed and new accounts would get knocked out right away. Does anyone have a hint as to how I should do this? Is there a way to take the hashes and the cracked clear text and merge them into a table?http://www.antsight.com/zsl/rainbowcrack/ For non lan manager hashes this would require a tremendouse amount of disk space (tera to peta bytes). Every password can have a large number
of salts (the exact number depends of the type of hash i.e. md5, sha-1,etc). So let's say you have a UNIX system using the older crypt then you would have 4096 salts that are possible per password. So for every clear text version of a password you would have to store 4096 different
salts. I have an English dictionary I use with JtR so 411,563 words.. Then I use rules mode and that number jumps to 15,773,164 (171MB). Now times that by 4096 salts and you get 64,606,879,744 variations (700+
TB).
For Windows if your looking at the lanman hashes (not nt hashes) then they only have one salt so it would be possible to generate a table on common words and variations for only a couple hundred megabytes. You should also read the teracrack article. http://security.sdsc.edu/publications/teracrack.pdf
_________________________________________________________________ Don't just search. Find. Check out the new MSN Search! http://search.msn.click-url.com/go/onm00200636ave/direct/01/ ------------------------------------------------------------------------ ------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 ------------------------------------------------------------------------ ------- This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this e-mail in error please notify the originator of the message. This also confirms that this e-mail message has been scanned for the presence of computer viruses. Any views expressed in this message are those of the individual sender, except where the sender specifies and with authority, states them to be the views of AccessIT Group. ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- RE: Rainbow Tables, (continued)
- RE: Rainbow Tables ROB DIXON (Feb 08)
- RE: Rainbow Tables Arley Barros Leal (Feb 08)
- Re: Rainbow Tables ROB DIXON (Feb 08)
- RE: Rainbow Tables Flory Jeffrey D Ctr 59 MDSS/MSISI (Feb 08)
- RE: Rainbow Tables Tony Stark (Feb 09)
- RE: Rainbow Tables Flory Jeffrey D Ctr 59 MDSS/MSISI (Feb 09)
- Re: Rainbow Tables DokFLeed (Feb 09)
- Re: Rainbow Tables jalvare7 (Feb 09)
- Re: Rainbow Tables Tony Stark (Feb 09)
- RE: Rainbow Tables Simpson, Brett (Feb 09)
- RE: Rainbow Tables Tom Brennan (Feb 09)
- RE: Rainbow Tables Simpson, Brett (Feb 10)
- RE: Rainbow Tables Tony Stark (Feb 09)
- RE: Rainbow Tables Stark192 (Feb 12)
- Re: Rainbow Tables Nicolas RUFF (Feb 15)
- Re: Rainbow Tables Tony Stark (Feb 16)
- Re: Rainbow Tables Tony Stark (Feb 17)
- Re: Rainbow Tables Nicolas RUFF (Feb 15)