Spartain X Posted November 17, 2006 Share Posted November 17, 2006 Hi I am going to soon be generating a set of rainbow table for my own use that I can burn to a DVD where I waste the least amount of space and have a full set of tables. I would download the rainbow tables from the Shmoo Group, but I have bandwidth limitations and I have a two computer doing nothing. I have been using Winrtgen from oxid.it to calculate the best configuration to generate a set of rainbow table which can crack alpha-numeric-space LM hashes with space and have found that the following configuration works best and crack all (100%): Hash: LM Character set: alpha-numeric-space Min Length: 1 Max Length: 7 Chain Length: 5500 Chain Count: 8000000 Table: 36 I was wondering if it's of any use setting a index value, I’m going to be generation these tables over 2 computer (both have 2 cores) I was going to give each core a set of tables to generate say from 00 to 08, the next core from 09 to 17 ... and finally the last core from 26 to 35. I just want to know if this is wise or should set a index for each batch of rainbow table the processor is making e.g. like give one core's rtgen process a index of 0 and generate from 00 to 08 and for the next core give it a index of 1 and generate from 00 to 00 to 08 etc, would this work or is my first configuration better Thanks Spartain x :) Quote Link to comment Share on other sites More sharing options...
burn Posted November 17, 2006 Share Posted November 17, 2006 How can you say your tables will crack 100% of the passwords you're going to be getting when you're limiting your tables to 8 characters? Shouldn't you be generating tables that will crack up to 13 character passwords since that's the limit Microsoft puts on the LM cache? Quote Link to comment Share on other sites More sharing options...
Spartain X Posted November 17, 2006 Author Share Posted November 17, 2006 How can you say your tables will crack 100% of the passwords you're going to be getting when you're limiting your tables to 8 characters?Shouldn't you be generating tables that will crack up to 13 character passwords since that's the limit Microsoft puts on the LM cache? the hashing system work by taking the password if it less or equal to 14 and breaks it into two half and effectively hashes them and joins them together so a 1-7 rainbow table will crack passwords 1-14 character's in length because it is just joined together. so if you read the first 7 characters and crack them and crack the second 7 characters the password in total i crack, also if you look at episode S2-E1 of hak5 you can see Darren crack a mixed character and nubber password of 8 character length with table that only go to 1-7. Quote Link to comment Share on other sites More sharing options...
burn Posted November 17, 2006 Share Posted November 17, 2006 Ok, so I feel retarded. I knew that LM hashes were split up into two 7 character chunks, but I had no idea that a 7 character rainbow table would be able to crack the chunks independently. I guess I never put that much thought in it. And just so I have my math right, it's 15 or more character passwords that MS won't create an LM hash for, right? Not 13 like I said previously (what was I thinking?). Thanks for the clarification! Quote Link to comment Share on other sites More sharing options...
cooper Posted November 17, 2006 Share Posted November 17, 2006 the hashing system work by taking the password if it less or equal to 14 and breaks it into two half and effectively hashes them and joins them together so a 1-7 rainbow table will crack passwords 1-14 character's in length because it is just joined together. so if you read the first 7 characters and crack them and crack the second 7 characters the password in total i crack, also if you look at episode S2-E1 of hak5 you can see Darren crack a mixed character and nubber password of 8 character length with table that only go to 1-7. Interesting. I checked out the wikipedia article on it. http://en.wikipedia.org/wiki/LAN_Manager_hash The only flaw I can find in your logic is that the character set is limited, and that the minimum length of 1 means that you require 8-char passwords. I wonder if this is another thing the Rainbow Table people failed to take into account as it looks like a really nice and significant optimization. Quote Link to comment Share on other sites More sharing options...
Spartain X Posted November 17, 2006 Author Share Posted November 17, 2006 so back to my original question does is it necessary to place a and index for each core that is running a rtgen thread or is it just sufficient enough to break the range equally and let each core process it's share ?. I have already completed two tables and i want to know if it was a waste of power and processing time or it was the right thing to do Quote Link to comment Share on other sites More sharing options...
cooper Posted November 18, 2006 Share Posted November 18, 2006 I don't think I'm interpreting your question correctly, but it does make sense, given the inherent parallellability of the problem, to chop the problem space up into segments and assign each code a distinct part of the problem space to solve, and to combine the results quickly later if that is even necessary. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.