Sunday, 22 August 2010

7-1: Using Rainbow Tables

In this practical, I would be using Ophcrack which is an open-source password cracker program that uses rainbow tables.

What is rainbow tables?

A rainbow table is a lookup table offering a time-memory tradeoff used in recovering the plaintext password from a password hash generated by a hash function, often a cryptographic hash function. (Wikipedia: Rainbow Tables)

Doing this practical, I download ophcrack from here.

During the installation of the program, they will ask you to download and install the "tables".
Download the "table" that correspond to your version of Windows.
The "table" would appear inside the black box of the ophcrack.



Next go to http://www.objectif-securite.ch/en/products.php
Scroll down and under Demo.
At the password text box, type in the password as 12345 and click submit.
This would generate a hash of your password.
A hash would be made up of a string of letters and numbers.


Now, back to the ophcrack, click the Load icon and click the single hash option.
Copy your hash that was generated at the website and paste it into the text box at the Single hash option.
Then click ok and let the program run.



Depending on the complexity of your password would determine the amount of time it would need to crack your password.
If it is as simple as this example "12345", it will take seconds to crack it.


This is useful to test out your password to see how "strong" your password is.

0 Comments:

Post a Comment

Subscribe to Post Comments [Atom]

<< Home