Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Rainbow Tables

From: "ROB DIXON" <RDIXON () workforcewv org>
Date: Tue, 07 Feb 2006 13:03:35 -0500
Hey Tony,

   The "others" should be informed that the malicious attacker is most likely to NOT use "commercial" products.

And that for a true benchmark, maybe use the products that a malicious attacker would use. Most of which will probably 
be open source or free at the least. That is assuming that they are not writing their own software. ;)
I guess I'm asking, how do you justify "not" using free products?

You can buy pre-computated rainbow tables, but there are different rainbowtables for different types of hashes. 
Example: ntlm, ntlmv2, sha1 , md5, etc.


cheers,

New Guy

Robert L. Dixon,  CSO
CHFI A+
State of West Virginia's 
West VIriginia Office of Techonology
Infrastructure Applications
Netware/GroupWise Administrator
Telephone: (304)-558-5472 ex.4225 
Email:rdixon () workforcewv org

<stark192 () hotmail com>  >>>


Hello,

Trying to crack our password list at work, it's a long story, but it has been put on a higher priority. I've been 
looking for some good pre-computed hash tables, like Rainbow tables, that will work with LC5. Does anyone have a source?

I'd like to use RainbowCrack but others want to stick to commercial products.

Thanks,

Tony

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------



------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: