Basic cryptography - What are Rainbow tables?

Image Courtesy: Wikipedia

What are Rainbow tables?

Hashing and Encryption

When a user enters their username and password into a forum; website; account; etc, their username is checked for existence and if it returns true, then depending on the security system, the password they typed in is either hashed and compared with the password stored on the database, or the password on the database is decrypted and then compared with the password the user entered. These hashes and encryptions are security measures so anyone that has access to the database will not see 'Password123', instead they will see '42f749ade7f9e195bf475f37a44cafcb' which is the MD5 hash value of Password123 (The encryption will not always be MD5 - On another note, if this is your password then I highly suggest changing it because if anyone has an interest in gaining access to your account then you're fucked.

 What are Rainbow tables?
So your friend runs moshi monsters and you've forgotten your password (idiot.), he checks his databases and finds the hashed value of your password: a5140b33be807008712c668cf5f30ce2. How will you find your original password quickly? ==> Rainbow tables.

Rainbow tables are files containing precomputed hash values of plain-text passwords, they have every combination of certain characters up to a certain length. These files can vary in size; you can get Rainbow tables specific to operating systems aswell to crack the passwords of the users stored on the computer. So for hashed passwords, you can use a program that compares every precomputed hash with the hash you're trying to crack and when it finds a match; it finds what plain-text password the hash was created from and displays the plain text on screen - the password. You can obtain the password by brute forcing it without Rainbow tables however it will take a lot longer because the hashes are not precomputed.

How to obtain them?

Rainbow tables are available for free download on the internet - there are many different kinds varying in size from 500MB to 1000GB. As you can guess; the larger the file the more precomputed hash values are stored in the Rainbow table. If you are cracking the SAM file of a Windows computer, I would recommend going to the Ophcrack website and downloading a Windows specific Rainbow table. If you just want a general Rainbow table for cracking other passwords or hashes, you can download them.

How to make them?

 This is a tutorial on how to make Rainbow tables using Rainbow crack - you can download it for Windows and Linux Please note: If you are using Kali Linux or Backtrack then Rainbow crack should already be installed - you can check by typing 'rcrack' into Terminal. \\Please note that even tough rcrack uses multiple cores - the process of generating Rainbow tables can still take several hours// Once you have it installed, follow the steps below for your OS:

Linux

  1. Run terminal and type 'rcrack' to make sure it's installed correctly (you may have to give the full directory)
  2. Decide which hash algorithm you want to make a rainbow table of and decide which character set you want to use
  3. Now type into Terminal (without brackets): rtgen (Hash algorithm) (Character set) 1 7 0 3800 33554432 0 (For example: rtgen md5 loweralpha-numeric 1 7 0 3800 33554432 0)
  4. The '7' is the max plaintext length the table will generate for - this can be lowered or increased however keep note that it will increase the size of your Rainbow table file.
  5. When it has finished generating - a file with the *.rt extension will be saved in your current directory. You can use this rainbow table to crack passwords hashed in the algorithm you chose within the max length and character set. To crack a single hash using your new rainbow table - type in: rcrack/rcrack_cuda/rcrack_cl (location of Rainbow table) -h (hashed value)
For example: rcrack/rcrack_cuda/rcrack_cl /root/md5_loweralpha-numeric#1-7_0_3800x33554432_0.rt -h a5140b33be807008712c668cf5f30ce2
Windows

  1. Open command prompt
  2. Change the directory to the location of all the rcrack.exe files you downloaded (For example: cd "C:\Documents and Settings\------\Desktop\rainbowcrack-1.6-win32")
  3. Decide which hash algorithm you want to make a rainbow table of and decide which character set you want to use
  4. Now type into Cmd (without brackets): rtgen (Hash algorithm) (Character set) 1 7 0 3800 33554432 0 (For example: rtgen md5 loweralpha-numeric 1 7 0 3800 33554432 0)
  5. The '7' is the max plaintext length the table will generate for - this can be lowered or increased however keep note that it will increase the size of your Rainbow table file.
  6. When it has finished generating - a file with the *.rt extension will be saved in your current directory. You can use this rainbow table to crack passwords hashed in the algorithm you chose within the max length and character set. To crack a single hash using your new rainbow table - type in: rcrack/rcrack_cuda/rcrack_cl (location of Rainbow table) -h (hashed value) (For example: rcrack/rcrack_cuda/rcrack_cl /root/md5_loweralpha-numeric#1-7_0_3800x33554432_0.rt -h a5140b33be807008712c668cf5f30ce2)

    Any issues just drop them in the comments below and I'll help you out