Mr Wolf Posted January 29, 2008 Share Posted January 29, 2008 First of all, thanks to all who make this possible! I'd like to collaborate! So, I downloaded these LM Rainbow tables: hxxp: www. freerainbowtables. com/rainbow_tables/lm. html through Bittorrent (38. 8 GB compressed, it took me about 2 weeks!) and I used them with Cain, successfully finding my password (and no! I'm not gonna tell you what it is!) and other ones (EH!EH!EH!). Not compressed, they are 66 GB. Then, I discovered Hak5 Rainbow tables: hxxp: www. torrentbox. com/torrent_details?id=101385 hxxp: www. torrentbox. com/torrent_details?id=82125 First of all, can anyone tell me what's the difference among the two? Reading the "Technical Details" I couldn't find any difference, in what way ver2 is better? Then, the essential question: why 120 GB, while the ones I downloaded are 66 GB? (Not considering the charsets are a bit different, if I'm not wrong, in the ones I downloaded there's the symbol € more). Ok, I read here: hxxp: wiki. hak5. org/wiki/Community_Rainbow_Tables among the FAQs that larger=faster, but is it that all? I read something about the theory behind Rainbow Tables, and there are some things that are not clear to me. What I can't understand is: smaller Rainbow Tables can crack exactly the same passwords of the larger ones? They are just slower? With the 66 GB Rainbow Tables I downloaded, it takes me about 1 hour to crack passwords (on a Pentium M 2 GHz), can anyone tell me more or less how much this time would be improved with 120 GB Rainbow Tables? Here is an image: http://img153.imageshack.us/img153/464/immaginecu8.jpg[/img] Actually, I read that with some Tables it takes only a few minutes to find password, and for example here: hxxp: ophcrack. sourceforge. net/faq. php the inventor of Rainbow Tables says that Rainbowcrack Rainbow tables "are neither optimized nor fast" And the Rainbow Tables he sells here: http://www.objectif-securite.ch/en/products.php WS-20k, should be about 10 GB. Any explanation will be useful, thanks! Quote Link to comment Share on other sites More sharing options...
Deveant Posted January 30, 2008 Share Posted January 30, 2008 the bigger the tables, the more likely hood of the tables being successful on cracking a harder password, imaging the tables as a list of passwords, the bigger the list, the greater chance of the one ur looking for being in it. Quote Link to comment Share on other sites More sharing options...
felony_destined Posted February 1, 2008 Share Posted February 1, 2008 the bigger the tables, the more likely hood of the tables being successful on cracking a harder password, imaging the tables as a list of passwords, the bigger the list, the greater chance of the one ur looking for being in it. umm duh. so yeah thats pretty much the best explanation that can be given on the different sizes, the larger the char set = the larger the tables = the more GBs it will take = the greater chances of you cracking the password since its not ACTUALLY "cracking" the password pursai, its just looking up the hashs' cooresponding plain-text version and then displaying it to you, so to help you better understand a good synonym for rainbow table would be reference table because thats all it really is, a table to refer what all the hashes equal. I hope this clears up your understanding of the differences and the sizes, just post if you have anymore questions. Quote Link to comment Share on other sites More sharing options...
Mr Wolf Posted February 2, 2008 Author Share Posted February 2, 2008 First of all, thanks for your answers! So you say, the bigger are the tables, the more they contain hashes of the passwords? I don't know, I think the question is more complex. For example, read here: https://www.isc2.org/cgi-bin/content.cgi?page=738 where it talks about chains Then, he says: "if you double the size of the tables, you can crack four times as fast." Quote Link to comment Share on other sites More sharing options...
Sparda Posted February 2, 2008 Share Posted February 2, 2008 "if you double the size of the tables, you can crack four times as fast." That simply is not true. I would say, if you double the size of the table, you double the time it takes to search threw them, but you increase the chance that the hash for the password you want is in the table by a calculable amount. Doubling the size of the table does not necessarily double the chance that the password you are cracking is in the table, though it will always increase. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.