Penetration Testing mailing list archives
Re: Rainbow Tables
From: "Tony Stark" <stark192 () hotmail com>
Date: Thu, 09 Feb 2006 13:57:14 -0500
That was the first thing I tried, placed the cracked passwords into a file and added it to the password list in LC5, removed the other lists just to make sure it was working but it didn't make any difference, it was like the dictionary attack didn't see the numbers or characters. I tested it a few different ways and there was not change in the completion time.
Seems totally logical that it would work but each time I tried it I came up with the dictionary attack taking the same amount of time to complete..
Tony
From: jalvare7 () cajastur es To: "Tony Stark" <stark192 () hotmail com> CC: pen-test () securityfocus com Subject: Re: Rainbow Tables Date: Thu, 9 Feb 2006 18:20:24 +0100 I understand that you have an assignment and so you are compelled to do that. But, wouldn't it be easier to create a diccionary with the passwords in clar text?. In fact I believe LC5 can create a diccionary with the result of a session. Regards "Tony Stark" <stark192 () hotmail com> 09/02/2006 14:19 Para: pen-test () securityfocus comcc: (cco: Juan Alvarez Ferrando/Auditoria Informatica/EXTERNOS CAJASTUR)Asunto: Re: Rainbow Tables Thank you all for the great suggestions! I now have some great resourses from where I can pull the info I need. Now, I've got a good one for you which may be a challange to come up with a solution. I have now been tasked to take a list of passwords and try to generate a precomputed hash table out of those passwords...not sure if this can be done but of course I have to find a way..since I am "holding up a project". Reason for this...the idea is that if we take the current list of passwords create a pre-computed hash table the next time we audit we'd run LC5 (till I convense them otehrwise) and all but the passwords that changed and new accounts would get knocked out right away. Does anyone have a hint as to how I should do this? Is there a way to take the hashes and the cracked clear text and merge them into a table? What is the best application foir creating pre-computed hash tables, that will work with LC5? Thanks again for your help and the great suggestions!! Tony _________________________________________________________________ Express yourself instantly with MSN Messenger! Download today - it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/ ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
_________________________________________________________________Express yourself instantly with MSN Messenger! Download today - it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
------------------------------------------------------------------------------Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- RE: Rainbow Tables, (continued)
- RE: Rainbow Tables Craig Wright (Feb 07)
- RE: Rainbow Tables Terry Vernon (Feb 08)
- RE: Rainbow Tables ROB DIXON (Feb 08)
- RE: Rainbow Tables Arley Barros Leal (Feb 08)
- Re: Rainbow Tables ROB DIXON (Feb 08)
- RE: Rainbow Tables Flory Jeffrey D Ctr 59 MDSS/MSISI (Feb 08)
- RE: Rainbow Tables Tony Stark (Feb 09)
- RE: Rainbow Tables Flory Jeffrey D Ctr 59 MDSS/MSISI (Feb 09)
- Re: Rainbow Tables DokFLeed (Feb 09)
- Re: Rainbow Tables jalvare7 (Feb 09)
- Re: Rainbow Tables Tony Stark (Feb 09)
- RE: Rainbow Tables Simpson, Brett (Feb 09)
- RE: Rainbow Tables Tom Brennan (Feb 09)
- RE: Rainbow Tables Simpson, Brett (Feb 10)
- RE: Rainbow Tables Tony Stark (Feb 09)
- RE: Rainbow Tables Stark192 (Feb 12)
- Re: Rainbow Tables Nicolas RUFF (Feb 15)
- Re: Rainbow Tables Tony Stark (Feb 16)
- Re: Rainbow Tables Tony Stark (Feb 17)
- Re: Rainbow Tables Nicolas RUFF (Feb 15)
- RE: Rainbow Tables Craig Wright (Feb 07)