Jump to content

Recommended Posts

  • Replies 57
  • Created
  • Last Reply

Top Posters In This Topic

Posted
wow you must really need something cracked if your willing to dedicate 120gb on your box to rainbow tables

120 GB hard drive...$55

FedEX express shipping...$12

Knowing that you can crack just about any LM hash...Priceless

Some things money can't buy. For everything else there's the Microshaft Platinum Hax0r card.

Posted
120 GB hard drive...$55

FedEX express shipping...$12

Knowing that you can crack just about any LM hash...Priceless

Some things money can't buy. For everything else there's the Microshaft Platinum Hax0r card.

LOL!

Posted
wow you must really need something cracked if your willing to dedicate 120gb on your box to rainbow tables

120 GB hard drive...$55

FedEX express shipping...$12

Knowing that you can crack just about any LM hash...Priceless

Some things money can't buy. For everything else there's the Microshaft Platinum Hax0r card.

What's the APR on that one aardwolf

Posted
wow you must really need something cracked if your willing to dedicate 120gb on your box to rainbow tables

120 GB hard drive...$55

FedEX express shipping...$12

Knowing that you can crack just about any LM hash...Priceless

Some things money can't buy. For everything else there's the Microshaft Platinum Hax0r card.

SO, when is that coming out?

Posted

Okay, first of all apologies for a somewhat ignorant question here:

LM hashes can be up to 14 characters (if your password is more than 14 characters, Windows will simply not generate an LM hash)

Now, I also know that LM hashes greater than 7 characters but less than 15 are broken into two 7 character pieces which is one of the reasons that LM is so much easier to crack than NTLM.

So, say I use pwdump to dump the LM hashes some of which are for passwords greater than 7 characters. My question is, if I use these tables with the rainbow crack program, will the rainbow crack program know how to break the hash into two pieces and determine the plaintext or will it fail with passwords greater than 7 characters?

Posted

The password is padded with nul bytes (hex 0x00) until it's 14 characters long. These 14 characters are then split up into 2 7-byte sequences, of which the hash is computed. Those 2 hashes are then concatenated to form the LMHash.

Passwords longer than 14 characters cannot be used to compute an LMHash for.

The LMHash of passwords shorter than 8 bytes will always end with the same 8 characters (the hash of 7 nul bytes).

Posted
The password is padded with nul bytes (hex 0x00) until it's 14 characters long. These 14 characters are then split up into 2 7-byte sequences, of which the hash is computed. Those 2 hashes are then concatenated to form the LMHash.

Passwords longer than 14 characters cannot be used to compute an LMHash for.

The LMHash of passwords shorter than 8 bytes will always end with the same 8 characters (the hash of 7 nul bytes).

How does a Computer respond that only used LMHashes when you use a password of 15+ chars?

Posted

That's correct, windows will default to NTLM if the pass is longer than 14 characters. Personally, my high security passwords are 16 characters or greater, defeating any chance of cracking.

Posted

Okay, so the question remains, does the current incarnation of the rainbow tables automatically handle passwords up to 14 characters or does it require some manual intervention to work?

Posted

LM hashes become two separate 7 char hashes. The tables available crack any LM hash which has 1-7 chars, so it will crack any LM hash there is.

Posted
There's a section of the wiki now devoted to the mail in program. The new program's name is RainbowTables by Mail...

http://hak5.org/w/index.php?title=Communit...wTables_by_mail

I'm sorry if this ends up being a stupid question, but where in the heck is the actual info on how to get a drive with these tables shipped? I have gone to the link you posted, but I don't see anything on that page that actually tells how to start that process :?

Posted

Doesn't it say "contact Silivrenion for details" up there?

Posted

Thanks for the heads up. If you've received anything, please forward it to hak5rainbowtables@gmail.com. That will be the new group email, to avoid having personal mailboxes become filled. I'll also edit the rt by mail page to reflect that new address, and stress its separation from the main hak5 show, with nice bold letters and stuff.

Posted

ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()-_+=~`[]{}|:;"'<>,.?/

The above are all the characters that this table uses, and presumably all the characters a Windows password will allow. So no, no spaces.

The main difference between these rainbow tables and the others is its sheer size due to the completeness of the character set used. Other tables either restrict themselves to ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789 or ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()-_+=

(see charset.txt in the RainbowCrack software package)

Posted
ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()-_+=~`[]{}|:;"'<>,.?/

The above are all the characters that this table uses, and presumably all the characters a Windows password will allow. So no, no spaces.

The main difference between these rainbow tables and the others is its sheer size due to the completeness of the character set used. Other tables either restrict themselves to ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789 or ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()-_+=

(see charset.txt in the RainbowCrack software package)

Unfortunately, the space character is a valid character in windows passwords. Space is included in both the charsets and examples on the rainbowcrack project site (http://www.antsight.com/zsl/rainbowcrack/).

Hopefully this is simply an error in typography when listing the charset for this project, rather than the actual omission of the space character from the set.

Sorry I cannot test this, I havent got the 120GB free on one machine to do so.

Also, I am curious why the rc project page says that the charset above (plus space) should be 64 GB, rather than your as built 120GB.

Thanks!

Posted
Thanks for the heads up. If you've received anything, please forward it to hak5rainbowtables@gmail.com. That will be the new group email, to avoid having personal mailboxes become filled. I'll also edit the rt by mail page to reflect that new address, and stress its separation from the main hak5 show, with nice bold letters and stuff.

Thanks Silivrenion for the follow up :)

  • 1 month later...
Posted

Hy rainbow guys,

Why the torrent upload stay blocked at 89.4% since days now ???

Will it ever restart or is the server yet in FBI or NSA office ???

Any answer will be highly appreciate.

Thanks guys and really nice global (and huge) work !

Posted

Would you quit with the "zomg it wuz a gimmick and i need 2 crak shit"? This was a community project, 120GB is a lot of file, and that needs a lot of bandwidth. No-one was obliged to seed this at all, just be lucky there's people out there that do this. This project has been going a while now and people can't seed a 120GB for insanely long periods of time. You wanna help? Sure, I'm sure that'd be most welcome, but in the meantime, don't complain.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.

×
×
  • Create New...