RE: Rainbow Tables

["Tony Stark" <stark192 () hotmail com>]

Hello Brett,

Fortunatly for this project we are only doing LM passwords, all on Windows 
machines. Yeah, I'd hate to try this with salt, I could take a long vacation 
while that ran..<g>

Thx for the info, I'll jump on the links and check them out.

Tony


> From: "Simpson, Brett" <Brett.Simpson () hsn net>
> To: "Tony Stark" <stark192 () hotmail com>, <pen-test () securityfocus com>
> Subject: RE: Rainbow Tables
> Date: Thu, 9 Feb 2006 12:59:53 -0500
>
> > -----Original Message-----
> > From: Tony Stark [mailto:stark192 () hotmail com]
> > Subject: Re: Rainbow Tables
> >
>
> Snip...
>
> > Reason for this...the idea is that if we take the current
> > list of passwords
> > create a pre-computed hash table the next time we audit we'd
> > run LC5 (till I
> > convense them otehrwise) and all but the passwords that
> > changed and new
> > accounts would get knocked out right away.
> >
> > Does anyone have a hint as to how I should do this? Is there
> > a way to take
> > the hashes and the cracked clear text and merge them into a table?
>
> http://www.antsight.com/zsl/rainbowcrack/
>
> For non lan manager hashes this would require a tremendouse amount of
> disk space (tera to peta bytes). Every password can have a large number
> of salts (the exact number depends of the type of hash i.e. md5,
> sha-1,etc).
>
> So let's say you have a UNIX system using the older crypt then you would
> have 4096 salts that are possible per password. So for every clear text
> version of a password you would have to store 4096 different salts. I
> have an English dictionary I use with JtR so 411,563 words.. Then I use
> rules mode and that number jumps to 15,773,164 (171MB). Now times that
> by 4096 salts and you get 64,606,879,744 variations (700+ TB).
>
> For Windows if your looking at the lanman hashes (not nt hashes) then
> they only have one salt so it would be possible to generate a table on
> common words and variations for only a couple hundred megabytes.
>
> You should also read the teracrack article.
>
> http://security.sdsc.edu/publications/teracrack.pdf

_________________________________________________________________
Don’t just search. Find. Check out the new MSN Search! 
http://search.msn.click-url.com/go/onm00200636ave/direct/01/


------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------