Penetration Testing mailing list archives
RE: Rainbow Tables
From: "Tony Stark" <stark192 () hotmail com>
Date: Thu, 09 Feb 2006 08:26:42 -0500
Hello Jeff,Exactly what I am shooting for, that is what I am trying to do but finding the pieces are sometimes difficult, thus my e-mail, since it looks like LC5 wont be around any longer I dont see many (easy to find) pre-computed tables that work with LC5. But it looks like I came to the right place to ask!
Once I get this project completed I am going to lay out a plan, baselines, etc.. using the open source software so management knows how much quicker we can get this work completed.
Thx, Tony
From: Flory Jeffrey D Ctr 59 MDSS/MSISI <Jeffrey.Flory2.ctr () lackland af mil>To: "T.Dudek" <duderik () gmail com>, ROB DIXON <RDIXON () workforcewv org> CC: stark192 () hotmail com, pen-test () securityfocus com Subject: RE: Rainbow Tables Date: Wed, 8 Feb 2006 13:22:21 -0600 I have many tools within my aresenal that I maintain in order for me to do my daily tasks and duties protecting my network. I will test any tool that I think I can benefit from, once tested, I will brief the powers that be, and proceed to utilize my new found toy. I have downloaded and updated my LC5 so many times using various dictionaries, hashes, etc in order to keep the personnel where I work in compliance with all my directive policies. Jeff Gate Keeper -----Original Message----- From: T.Dudek [mailto:duderik () gmail com] Sent: Wednesday, February 08, 2006 8:34 AM To: ROB DIXON Cc: stark192 () hotmail com; pen-test () securityfocus com Subject: Re: Rainbow Tables One word: "pirated software". ok, so it's two words ;-) I've seen enough cases where the evildoers were using lophtcrack or the various commercial software/hardware keystroke loggers that you can buy. Most of the time it's pirated stuff, but why not use the best you canget/steal when you're a criminal? I'd say the "others" should be informed ofboth risks, and need to be reminded that "most likely" does not really mean anything. I wouldn't step on a plane that would "most likely" not crash.. On 2/7/06, ROB DIXON <RDIXON () workforcewv org> wrote: > Hey Tony, > > The "others" should be informed that the malicious attacker is most > likely to NOT use "commercial" products. > > And that for a true benchmark, maybe use the products that a malicious > attacker would use. Most of which will probably be open source or free > at the least. That is assuming that they are not writing their own > software. ;) I guess I'm asking, how do you justify "not" using free > products? > > You can buy pre-computated rainbow tables, but there are different > rainbowtables for different types of hashes. Example: ntlm, ntlmv2, > sha1 , md5, etc. ---------------------------------------------------------------------------- -- Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms,login pages, dynamic content etc. Firewalls, SSL and locked-down servers arefutile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 ---------------------------------------------------------------------------- ---
_________________________________________________________________Dont just search. Find. Check out the new MSN Search! http://search.msn.click-url.com/go/onm00200636ave/direct/01/
------------------------------------------------------------------------------Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Re: Rainbow Tables, (continued)
- Re: Rainbow Tables ROB DIXON (Feb 07)
- Re: Rainbow Tables Max Ashton (Feb 08)
- Re: Rainbow Tables T.Dudek (Feb 08)
- RE: Rainbow Tables Boogiebruva (Feb 08)
- RE: Rainbow Tables Craig Wright (Feb 07)
- RE: Rainbow Tables Terry Vernon (Feb 08)
- RE: Rainbow Tables ROB DIXON (Feb 08)
- RE: Rainbow Tables Arley Barros Leal (Feb 08)
- Re: Rainbow Tables ROB DIXON (Feb 08)
- RE: Rainbow Tables Flory Jeffrey D Ctr 59 MDSS/MSISI (Feb 08)
- RE: Rainbow Tables Tony Stark (Feb 09)
- RE: Rainbow Tables Flory Jeffrey D Ctr 59 MDSS/MSISI (Feb 09)
- Re: Rainbow Tables DokFLeed (Feb 09)
- Re: Rainbow Tables jalvare7 (Feb 09)
- Re: Rainbow Tables Tony Stark (Feb 09)
- RE: Rainbow Tables Simpson, Brett (Feb 09)
- RE: Rainbow Tables Tom Brennan (Feb 09)
- RE: Rainbow Tables Simpson, Brett (Feb 10)
- RE: Rainbow Tables Tony Stark (Feb 09)
- RE: Rainbow Tables Stark192 (Feb 12)
- Re: Rainbow Tables Nicolas RUFF (Feb 15)
(Thread continues...)
- Re: Rainbow Tables ROB DIXON (Feb 07)