Jump to content

Rainbow tables question


Spartain X

Recommended Posts

Hi

I am going to soon be generating a set of rainbow table for my own use that I can burn to a DVD where I waste the least amount of space and have a full set of tables. I would download the rainbow tables from the Shmoo Group, but I have bandwidth limitations and I have a two computer doing nothing. I have been using Winrtgen from oxid.it to calculate the best configuration to generate a set of rainbow table which can crack alpha-numeric-space LM hashes with space and have found that the following configuration works best and crack all (100%):

Hash: LM

Character set: alpha-numeric-space

Min Length: 1

Max Length: 7

Chain Length: 5500

Chain Count: 8000000

Table: 36

I was wondering if it's of any use setting a index value, I’m going to be generation these tables over 2 computer (both have 2 cores) I was going to give each core a set of tables to generate say from 00 to 08, the next core from 09 to 17 ... and finally the last core from 26 to 35. I just want to know if this is wise or should set a index for each batch of rainbow table the processor is making e.g. like give one core's rtgen process a index of 0 and generate from 00 to 08 and for the next core give it a index of 1 and generate from 00 to 00 to 08 etc, would this work or is my first configuration better

Thanks Spartain x

:)

Link to comment
Share on other sites

How can you say your tables will crack 100% of the passwords you're going to be getting when you're limiting your tables to 8 characters?

Shouldn't you be generating tables that will crack up to 13 character passwords since that's the limit Microsoft puts on the LM cache?

Link to comment
Share on other sites

How can you say your tables will crack 100% of the passwords you're going to be getting when you're limiting your tables to 8 characters?

Shouldn't you be generating tables that will crack up to 13 character passwords since that's the limit Microsoft puts on the LM cache?

the hashing system work by taking the password if it less or equal to 14 and breaks it into two half and effectively hashes them and joins them together so a 1-7 rainbow table will crack passwords 1-14 character's in length because it is just joined together. so if you read the first 7 characters and crack them and crack the second 7 characters the password in total i crack, also if you look at episode S2-E1 of hak5 you can see Darren crack a mixed character and nubber password of 8 character length with table that only go to 1-7.

Link to comment
Share on other sites

Ok, so I feel retarded.

I knew that LM hashes were split up into two 7 character chunks, but I had no idea that a 7 character rainbow table would be able to crack the chunks independently. I guess I never put that much thought in it.

And just so I have my math right, it's 15 or more character passwords that MS won't create an LM hash for, right? Not 13 like I said previously (what was I thinking?).

Thanks for the clarification!

Link to comment
Share on other sites

the hashing system work by taking the password if it less or equal to 14 and breaks it into two half and effectively hashes them and joins them together so a 1-7 rainbow table will crack passwords 1-14 character's in length because it is just joined together. so if you read the first 7 characters and crack them and crack the second 7 characters the password in total i crack, also if you look at episode S2-E1 of hak5 you can see Darren crack a mixed character and nubber password of 8 character length with table that only go to 1-7.

Interesting. I checked out the wikipedia article on it.

http://en.wikipedia.org/wiki/LAN_Manager_hash

The only flaw I can find in your logic is that the character set is limited, and that the minimum length of 1 means that you require 8-char passwords.

I wonder if this is another thing the Rainbow Table people failed to take into account as it looks like a really nice and significant optimization.

Link to comment
Share on other sites

so back to my original question does is it necessary to place a and index for each core that is running a rtgen thread or is it just sufficient enough to break the range equally and let each core process it's share ?. I have already completed two tables and i want to know if it was a waste of power and processing time or it was the right thing to do

Link to comment
Share on other sites

I don't think I'm interpreting your question correctly, but it does make sense, given the inherent parallellability of the problem, to chop the problem space up into segments and assign each code a distinct part of the problem space to solve, and to combine the results quickly later if that is even necessary.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...