[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Rainbow tables on Linux?

On Thursday 23 October 2008 06:53:05 Christian Franke wrote:
> On 10/23/2008 12:14 PM, Johann Spies wrote:
> > Is it possible to use rainbow tables with a password cracker on Linux
> > like 'john'?  If so, how?  If not, is it possible with any other
> > password cracker on Linux?

If you are not trying to break in and just testing windows passwords, then I 
assume you also have access to the real passwords and usernames.  Why don't 
you just import them into linux and test them from there.  My reasoning is 
that if john can determine the passwords relatively quickly, then the 
passwords are too weak.    

I did some performance testing on john using a dual core patch vs single core 
at http://www.edwiget.name/content/view/195/27/

the open source rainbow tables are about 121GB (if my memory serves me 
correctly) and are only available via bittorrent.  I think it took me about 2 
months to download them.  http://www.antsight.com/zsl/rainbowcrack/

Also, something to consider, if you (or an attacker) have physical or remote 
access, game is over anyways....irregardless of passwords.

\| ascii: Ed Wiget
\| hex: 65 64 20 77 69 67 65 74 
\| bin: 01100101 01100100 00100000 01110111
\| .....: 01101001 01100111 01100101 01110100
\| m: 6064071838 l: 6067591175 e: ewiget@rhpstudios.com
\| Version: 3.12  www.edwiget.name
\| GIT d- s--: a C++++ UL++++ P+ L++++ E--- W+++ N++ o+++ K- w---
\| O- M+ V PS+ PE Y+ PGP+ t 5 X- R- tv- b+ DI-- D
\| G e+ h++ r++ y**
The BOFH for today is.....
Melting hard drives
BOFH based on http://pages.cs.wisc.edu/~ballard/bofh/

Attachment: signature.asc
Description: This is a digitally signed message part.

Reply to: