What Do I Need?
- Any Dedicated or Virtual Server
- Kali Linux
What are Rainbow Tables?
Rainbow tables sound like a fun children’s game; however, they’re actually super powerful tools for decrypting passwords. A relatively large group of people on both sides of the law pour a lot of energy into cracking passwords, either because they stand to profit from the criminal process or because they’re experts who regularly check security standards for efficacy. Rainbow Tables make it possible under certain circumstances to find out passwords within seconds. Even if you’re not intent on criminal activity, it’s worth understanding how they work so you can better prepare when it comes to protecting yourself and your data assets from bad actor penetration. Try saying that one with a straight face.
- Set Up Rainbow Crack
- Kali Linux comes with RainbowCrack already installed. You can even run it on Windows, command line, or command line with GPU acceleration.
- Use the following commands to get started:
cd ~ mkdir Rainbow_Tables cd Rainbow_Tables
You have to remember that rainbow tables consume an enormous amount of storage space, or hard drive space, especially when you include a wide character set and a long max length. Ensure you have a large capacity hard drive available. If you lack storage space, consider following along using smaller character sets, shorter max lengths, and shorter chain lengths.
- Configure Parameters
- Now that we’ve created an appropriate director, we need to run rtgen to ensure that everything is installed correctly or as expected:
rtgen
rtgen hash_algorithm charset plaintext_len_min plaintext_len_max table_index chain_len chain_num part_index
- It’s very helpful to completely understand the various parameters and flags used:
hash_algorithm: This is the hash algorithm that we want our Rainbow Tables to use. You can see a list of available algorithms under hash algorithms implemented in the return text. For our example, we will use MD5, but RainbowCrack is just as capable of making perfect SHA1 and NTLM tables, and I’ll provide the code for the tables for all three.
charset: The set of characters used to generate the plain-text strings for the Rainbow Tables. Numeric is digits 0–9, loweralpha is alphanumeric (all letters and digits 0–9), but only in lowercase. For a full list of charsets that you can use, see “charset.txt” that comes with RainbowCrack.
plaintext_len_min: The minimum length of plaintext strings. For example, if we choose a numeric charset and a min and max of 1, our table will contain all digits 0–9 and their hashed equivalent.
plaintext_len_max: The maximum length of plaintext strings. For example, if we choose a min of 1 and a max of 2, we get all digits 0–9 and 00–99 and their hashed equivalents in our table.
table_index: This parameter selects the reduction function. A reduction function is a math formula that trims the number of combinations by removing combinations that are incredibly unlikely to be used. By doing so, it lowers computational time drastically. But the flip-side is that there’s a tiny possibility that any given reduction function will skip the combination we’re looking for, so “perfect” tables use multiple runs with different reduction functions to make tables that are “perfect,” containing every possible combination.
chain_len: This controls the length of each table. The larger this number is, the more plaintexts are hashed and stored in the table. This is why the reduction function mentioned above matters — it will reduce possible combinations to the chain length you picked. The flip-side of having a long chain length is generation time. If you want a table that is “perfect” and vast, it can take months.
chain_num: This is the number of chains to generate. Each chain will be 16 bytes.
part_index: This is for situations where your hard disk space or computing power is limited, or when your filesystem is unable to address extraordinarily large files. We can change this from the 0 that it should normally be to segment the table file into smaller parts.
-bench: This is a flag that you can add to do a benchmark on the settings that you have selected. It will not actually create any Rainbow Tables, it will just determine some numbers that you can use to determine how fast you can generate table entries. Based on that, you can determine how long table generation will actually take.
- Now that we’ve created an appropriate director, we need to run rtgen to ensure that everything is installed correctly or as expected:
- Generate Rainbow Tables
- Run each of the following commands however be forewarned that these will take hours to fully generate. You can press ctrl+c on your keyboard to quit at any time.
rtgen md5 loweralpha-numeric 1 7 0 2400 24652134 0 rtgen md5 loweralpha-numeric 1 7 1 2400 24652134 0 rtgen md5 loweralpha-numeric 1 7 2 2400 24652134 0 rtgen md5 loweralpha-numeric 1 7 3 2400 24652134 0 rtgen md5 loweralpha-numeric 1 7 4 2400 24652134 0 rtgen md5 loweralpha-numeric 1 7 5 2400 24652134 0
- The above commands will generate six different Rainbow Tables using the lower alphanumeric charset that contains 36 possible characters. For any plaintext falling into this category, you’ll have a 99% chance of having its hashed equivalency in the created tables.
- Run each of the following commands however be forewarned that these will take hours to fully generate. You can press ctrl+c on your keyboard to quit at any time.
Next Steps
Once Rainbow Table generation is complete, we can’t just go and use them. We need to sort them into a single table so that we can efficiently search. This can be done easily with the following command:
rtsort .
As long as we’re in the directory we created them in, the rtsort . command will turn all the tables generated into easy to search .rt files.
Conclusion
Rainbow Tables are super useful tools for experimentation and research. Like everything else in life, with great knowledge comes great responsibility so be careful how you use these techniques as they can get you into a lot of trouble; and I mean a lot.
- To end your queries about Top web hosting, simply click on this link.