No announcement yet.

System Hacking - Precomputed Hashes or Rainbow Tables

  • Time
  • Show
Clear All
new posts

  • System Hacking - Precomputed Hashes or Rainbow Tables

    The use of Precomputed Hashes or Rainbow Tables is one form of offline attack.
    Precomputed hashes are also known as rainbow tables and is some form of sorted and sometimes indexed database with a great number of cleartext passwords and their corresponding hashed value or digest. Rainbow tables compute almost every possible combination of characters prior to capturing any passwords. Once all the passwords have been generated into a rainbow table, the attacker can capture the password hashes from the target network and compare it with the hashes that have already been generated and placed in the rainbow tables. The hashes are only generated once and because this is a time consuming process this is the advantage of rainbow tables. In other form of password attacks, hashes or password digests are recalculated every time a password recovery is attempted so CPU is being used for the exact same task over and over. Rainbow tables saves you from recalculating the same hashes repeatedly. Rainbow tables are huge. Sometimes several terabytes depending on the maximum number of characters a password in the rainbow table can contain, so using this technique requires a lot of hard drive space but saves time. One thing to note is the time it takes to generate and sort useful rainbow tables. It is not uncommon for it to take days or even weeks. This is a space/time trade-off. With all the hashes generated ahead of time, it becomes a simple matter of compare the captured hash to the ones generated, typically revealing the password in a few moments.

    Common rainbow tables can be generated or they can be downloaded from websites that have done the precomputation for you. The catch of this is again the size of rainbow tables. It takes a decent Internet connection to download large rainbow tables if the download should complete within acceptable time. Some websites offer to ship rainbow tables on hard drives so to save the download time.
    Rainbow tables can be generated for the most common hashing algorithms and will work on most hashed passwords as long as they are not salted or being used with a nonce.

    Some common hashing formats include
    • Cisco PIX
    • FastLM
    • HalfLMChall
    • LM
    • MD2
    • MD4
    • MD5
    • MySQL323
    • MySQLSHA1
    • NTML
    • ORACLE
    • RIPEMD-160
    • SHA1
    • SHA2 (256/384/512 bits)

    Rainbow tables are an effective method of revealing passwords, but the effectiveness of the method can be diminished through salting. Salting is used in Linux, Unix and BSD, but it is not used in some of the older Windows authentication mechanisms such as LM and NTLM. Salting a hash is a means of adding entropy or randomness in order to make sequences of patterns more difficult to detect. Rainbow tables perform a form of cryptoanalysis. Salting tries to thwart this analysis by adding randomness or inducing entropy.
    Certified Security Geek