Pre-Brute Forced Password Cracking
November 11, 2005 3:51 AM Subscribe
RainbowCrack Online aims to enable anyone (who'll pay their subscription) to crack a password given the password hash, and get the clear-text password back instantly by looking it up against their 500GB Rainbow Table. Of course, you've been able to use John the Ripper or l0phtcrack to do this using your own computational power (and time) to crack a password before (or do it online) but now it's just Click and Crack... You still not using shadows?
*yawn* doesn't work on salted passwords. Call me when they have hashes for every possible combination of bytes up to 16 chars and maybe i'll care then.
posted by alexst at 4:25 AM on November 11, 2005
posted by alexst at 4:25 AM on November 11, 2005
Works scarily well for NTLM (even with SYSKEY). This is due to an insane cutting-up of passwords into 7-character chunks before encrypting the password. Very odd, very counter-productive.
(I know this because I spent two weeks of CPU time generating some NTLM tables myself! :P)
posted by PuGZ at 4:50 AM on November 11, 2005
(I know this because I spent two weeks of CPU time generating some NTLM tables myself! :P)
posted by PuGZ at 4:50 AM on November 11, 2005
Whereas you can do it for free on rainbowcrack.com in exchange for lending your computing power to the effort.
posted by sohcahtoa at 5:06 AM on November 11, 2005
posted by sohcahtoa at 5:06 AM on November 11, 2005
Also, just yesterday I was trying to get a quote on a copy of l0phtcrack -- symantec bought @Stake months ago and now claim to have no idea about the software. Guess it's off the market.
John works perfectly fine, of course. 2500 out of 5000 NTLM hashes in under an hour.
posted by sohcahtoa at 5:07 AM on November 11, 2005
John works perfectly fine, of course. 2500 out of 5000 NTLM hashes in under an hour.
posted by sohcahtoa at 5:07 AM on November 11, 2005
nola writes "?"
> No password found for that hash...
posted by benzo8 at 5:16 AM on November 11, 2005
> No password found for that hash...
posted by benzo8 at 5:16 AM on November 11, 2005
From the shadow passwords link: "most current Linux distributions do not contain the Shadow Suite installed. This includes Slackware 2.3, Slackware 3.0..." and "Since a 4GB hard drive can be had for under $1000.00..."
Think you could find anything on shadow passwords that's a little less ancient? I'm running Slack 10.2 and just picked up a 4 gig microdrive for about $100. This article is close to 10 years old now.
posted by caution live frogs at 5:55 AM on November 11, 2005
Think you could find anything on shadow passwords that's a little less ancient? I'm running Slack 10.2 and just picked up a 4 gig microdrive for about $100. This article is close to 10 years old now.
posted by caution live frogs at 5:55 AM on November 11, 2005
Subscriptions? I'm not sure this is the kind of people I want to give my credit card details to...
posted by clevershark at 6:15 AM on November 11, 2005
posted by clevershark at 6:15 AM on November 11, 2005
So... This is handy for cracking encrypted emails, but not hotmail accounts or porn, right? Or am I reading this wrong?
posted by klangklangston at 6:28 AM on November 11, 2005
posted by klangklangston at 6:28 AM on November 11, 2005
caution live frogs writes "Think you could find anything on shadow passwords that's a little less ancient?"
Well, The Linux Documentation Project has never been reknowned for its timeliness. There's plenty of other information on the 'Net, and within your individual distro I guess which is much more up-to-date. Maybe you should write an up-to-the-minute HOWTO and submit it?
klangklangston writes "This is handy for cracking encrypted emails, but not hotmail accounts or porn, right? Or am I reading this wrong?"
Password hashes are used (in this guise) for obscuring login passwords for linux and WindowsNT-based systems. Rather than storing the users' passwords in a recognisable form, the sytem hashes then with an algorithm that only works one way - you can go password->hash but not (easily) hash->password. When a user enters their password, the system hashes their entry and compares it against the stored hash - if it's the same, the password is right and they're granted entry. This way, even if someone gains access to the passwords list on a compromised system, they don't have the passwords.
Of course, if someone takes the time to make a table of every possible password and its associated hash value, it's a much more simple job if you have the hash of finding the right password. That's what this site is offering - a backwards look up of passwords form hashes.
posted by benzo8 at 6:43 AM on November 11, 2005
Well, The Linux Documentation Project has never been reknowned for its timeliness. There's plenty of other information on the 'Net, and within your individual distro I guess which is much more up-to-date. Maybe you should write an up-to-the-minute HOWTO and submit it?
klangklangston writes "This is handy for cracking encrypted emails, but not hotmail accounts or porn, right? Or am I reading this wrong?"
Password hashes are used (in this guise) for obscuring login passwords for linux and WindowsNT-based systems. Rather than storing the users' passwords in a recognisable form, the sytem hashes then with an algorithm that only works one way - you can go password->hash but not (easily) hash->password. When a user enters their password, the system hashes their entry and compares it against the stored hash - if it's the same, the password is right and they're granted entry. This way, even if someone gains access to the passwords list on a compromised system, they don't have the passwords.
Of course, if someone takes the time to make a table of every possible password and its associated hash value, it's a much more simple job if you have the hash of finding the right password. That's what this site is offering - a backwards look up of passwords form hashes.
posted by benzo8 at 6:43 AM on November 11, 2005
What do these rainbow tables store? They don't store every possible hashed value. There are too many possible words, even in only 8 letter passwords, only assuming upper and lowercase roman letters (each entry would have to be less than a byte if it fit in 500 gb of data).
So I am assuming this is some kind of dictionary attack. But 500GB seems really big for that. So what is it that their table is?
(528=53459728531456.
500 GB = 536870912000, thus 0.01 bytes for each word. No dice).
Or am I confused?
posted by teece at 10:12 AM on November 11, 2005
So I am assuming this is some kind of dictionary attack. But 500GB seems really big for that. So what is it that their table is?
(528=53459728531456.
500 GB = 536870912000, thus 0.01 bytes for each word. No dice).
Or am I confused?
posted by teece at 10:12 AM on November 11, 2005
just yesterday I was trying to get a quote on a copy of l0phtcrack
That can be found here.
posted by o0o0o at 11:24 AM on November 11, 2005
That can be found here.
posted by o0o0o at 11:24 AM on November 11, 2005
o0o0o: Thanks. I know I can get a copy, just not how to buy a copy. Goofy, I know.
posted by sohcahtoa at 11:57 AM on November 11, 2005
posted by sohcahtoa at 11:57 AM on November 11, 2005
« Older The Story of Suicides at the Golden Gate Bridge | Blue ball machine (no, not that kind) Newer »
This thread has been archived and is closed to new comments
posted by ph00dz at 4:21 AM on November 11, 2005