How to Create Rainbow Tables in Kali

How to Create Rainbow Tables in Kali

What Do I Need?

  • Any Dedicated or Virtual Server
  • Kali Linux

What are Rainbow Tables?

Rainbow tables sound like a fun children’s game; however, they’re actually super powerful tools for decrypting passwords. A relatively large group of people on both sides of the law pour a lot of energy into cracking passwords, either because they stand to profit from the criminal process or because they’re experts who regularly check security standards for efficacy. Rainbow Tables make it possible under certain circumstances to find out passwords within seconds. Even if you’re not intent on criminal activity, it’s worth understanding how they work so you can better prepare when it comes to protecting yourself and your data assets from bad actor penetration. Try saying that one with a straight face.

  1. Set Up Rainbow Crack
    1. Kali Linux comes with RainbowCrack already installed. You can even run it on Windows, command line, or command line with GPU acceleration.
    2. Use the following commands to get started:
      cd ~
      mkdir Rainbow_Tables
      cd Rainbow_Tables

      How to Create Rainbow Tables in Kali

      You have to remember that rainbow tables consume an enormous amount of storage space, or hard drive space, especially when you include a wide character set and a long max length. Ensure you have a large capacity hard drive available. If you lack storage space, consider following along using smaller character sets, shorter max lengths, and shorter chain lengths.

  1. Configure Parameters
    1. Now that we’ve created an appropriate director, we need to run rtgen to ensure that everything is installed correctly or as expected:

      How to Create Rainbow Tables in Kali

      rtgen hash_algorithm charset plaintext_len_min plaintext_len_max 
      table_index chain_len chain_num 

      How to Create Rainbow Tables in Kali

    1. It’s very helpful to completely understand the various parameters and flags used:
      hash_algorithm: This is the hash algorithm that we want our Rainbow Tables to use. You can see a list of available algorithms under hash algorithms implemented in the return text. For our example, we will use MD5, but RainbowCrack is just as capable of making perfect SHA1 and NTLM tables, and I’ll provide the code for the tables for all three.
      charset: The set of characters used to generate the plain-text strings for the Rainbow Tables. Numeric is digits 0–9, loweralpha is alphanumeric (all letters and digits 0–9), but only in lowercase. For a full list of charsets that you can use, see “charset.txt” that comes with RainbowCrack.
      plaintext_len_min: The minimum length of plaintext strings. For example, if we choose a numeric charset and a min and max of 1, our table will contain all digits 0–9 and their hashed equivalent.
      plaintext_len_max: The maximum length of plaintext strings. For example, if we choose a min of 1 and a max of 2, we get all digits 0–9 and 00–99 and their hashed equivalents in our table.
      table_index: This parameter selects the reduction function. A reduction function is a math formula that trims the number of combinations by removing combinations that are incredibly unlikely to be used. By doing so, it lowers computational time drastically. But the flip-side is that there’s a tiny possibility that any given reduction function will skip the combination we’re looking for, so “perfect” tables use multiple runs with different reduction functions to make tables that are “perfect,” containing every possible combination.
      chain_len: This controls the length of each table. The larger this number is, the more plaintexts are hashed and stored in the table. This is why the reduction function mentioned above matters — it will reduce possible combinations to the chain length you picked. The flip-side of having a long chain length is generation time. If you want a table that is “perfect” and vast, it can take months.
      chain_num: This is the number of chains to generate. Each chain will be 16 bytes.
      part_index: This is for situations where your hard disk space or computing power is limited, or when your filesystem is unable to address extraordinarily large files. We can change this from the 0 that it should normally be to segment the table file into smaller parts.
      -bench: This is a flag that you can add to do a benchmark on the settings that you have selected. It will not actually create any Rainbow Tables, it will just determine some numbers that you can use to determine how fast you can generate table entries. Based on that, you can determine how long table generation will actually take.

  1. Generate Rainbow Tables
    1. Run each of the following commands however be forewarned that these will take hours to fully generate. You can press ctrl+c on your keyboard to quit at any time.
      rtgen md5 loweralpha-numeric 1 7 0 2400 24652134 0
      rtgen md5 loweralpha-numeric 1 7 1 2400 24652134 0
      rtgen md5 loweralpha-numeric 1 7 2 2400 24652134 0
      rtgen md5 loweralpha-numeric 1 7 3 2400 24652134 0
      rtgen md5 loweralpha-numeric 1 7 4 2400 24652134 0
      rtgen md5 loweralpha-numeric 1 7 5 2400 24652134 0

      How to Create Rainbow Tables in Kali

    1. The above commands will generate six different Rainbow Tables using the lower alphanumeric charset that contains 36 possible characters. For any plaintext falling into this category, you’ll have a 99% chance of having its hashed equivalency in the created tables.

Next Steps
Once Rainbow Table generation is complete, we can’t just go and use them. We need to sort them into a single table so that we can efficiently search. This can be done easily with the following command:

rtsort .

As long as we’re in the directory we created them in, the rtsort . command will turn all the tables generated into easy to search .rt files.


Rainbow Tables are super useful tools for experimentation and research. Like everything else in life, with great knowledge comes great responsibility so be careful how you use these techniques as they can get you into a lot of trouble; and I mean a lot.

How To Set up a VSFTPD Server on a CentOS 7 VPS or Dedicated Server

Brief Description FTP is usually insecure exposing clear-text passwords, userna
2 min read
Avi Ilinsky
Avi Ilinsky
Hosting Expert

How To Set up a VSFTPD Server on an Ubuntu 16.04 VPS or Dedicated Server

Brief Description FTP data is usually insecure since information (usernames, pa
2 min read
Eliran Ouzan
Eliran Ouzan
Web Designer & Hosting Expert

How to use phpMyAdmin to develop a website (without MySQL experience)

Brief description A web developer who is not well versed into coding websites f
2 min read
Idan Cohen
Idan Cohen
Marketing Expert

How to Install MySQL on a Windows Web Server Running Apache

This tutorial will show you how to install the MySQL database on a Windows serve
3 min read
Michael Levanduski
Michael Levanduski
Expert Hosting Writer & Tester provides professional web hosting reviews fully independent of any other entity. Our reviews are unbiased, honest, and apply the same evaluation standards to all those reviewed. While monetary compensation is received from a few of the companies listed on this site, compensation of services and products have no influence on the direction or conclusions of our reviews. Nor does the compensation influence our rankings for certain host companies. This compensation covers account purchasing costs, testing costs and royalties paid to reviewers.
Click to go to the top of the page
Go To Top