A Collection of my Interests & Services

What are Rainbow Tables and why would I need them?

So you may have heard about these things called rainbow tables. Maybe you thought, “What the hell is a rainbow table? Some kind of new Skittles?” and that would be ok. Well, what if I told you they are magic tables to figure out hidden hash passwords? Ok, maybe they aren’t truly magic but they sure will seem that way.

Rainbow tables are a very organized, precision way to crack password hashes. It may take quite awhile, as cracking hashes usually does, but they have an excellent success rate. No more collecting or creating a ton of different wordlists to run against your hashes when you have rainbow tables. Select the right tables for the type of encryption and you’re off and running! Rainbow tables can be sorted using rainbowcrack, the rainbow tables software, which will make your cracking go faster.

In case you missed this post, I did post where to find rainbow tables in a previous post but here is where to get them:

http://rainbow-tables.com/

You can either download them for free, create them for free, or purchase a nice USB external HD full of rainbow tables. The one issue you will run into is the size. Rainbow tables will take up literally terabytes of space so an external HD is a good choice here. That is, unless you have tons of HD space in a nice beefy desktop. For pentestors the external is normally the tool of choice to be mobile.

Now you can create your own wordlists from several programs, like Crunch for example, all open source and ready to go. Now you may be asking why would I use those tools when I could use Rainbow tables? You don’t want to use rainbows all the time, just for the tough ones. For most hacks you will first do sufficient social engineering so you may want to create a special custom wordlist to try first. I use rainbow tables as my final GO TO method of cracking a hash.

If you too choose this method I would recommend a desktop dedicated for this. I have a nice gamers desktop I use in my home office which runs all my listeners and my hash cracking software. This way I set it and forget it until it is done. This leaves m actual pentesting laptop free to do other things.

In future video tutorials I will be showing you rainbow tables, how to create tables with rainbowcrack, how to sort your tables, and then how to start rainbow tables cracking away.

Most used tools in rainbowcrack: rtcrack rtsort

Leave a Reply

Your email address will not be published. Required fields are marked *