This article is about RainbowCrack & How to use Rainbow Crack with Rainbow Tables, this includes how to generate rainbow tables, where to download them and what tools to use.
RainbowCrack & How To Use Rainbow Crack?
RainbowCrack is a general propose implementation of Philippe Oechslin’s faster time-memory trade-off technique.
In 1980 Martin Hellman described a cryptanalytic time-memory trade-off which reduces the time of cryptanalysis by using precalculated data stored in memory. This technique was improved by Rivest before 1982 with the introduction of distinguished points which drastically reduces the number of memory lookups during cryptanalysis. This improved technique has been studied extensively but no new optimisations have been published ever since.
You can find the official Rainbowcrack project here, where you can download the latest version of Rainbowcrack.
So what is RainbowCrack?
In short, the RainbowCrack tool is a hash cracker. A traditional brute force cracker tries all possible plaintexts one by one in cracking time. It is time-consuming to break complex password in this way. The idea of time-memory trade-off is to do all cracking time computation in advance and store the result in files so called “rainbow table”.
Basically, these types of password crackers are working with pre-calculated hashes of ALL passwords available within a certain character space, be that a-z or a-zA-z or a-zA-Z0-9 etc.
What are Rainbow Tables?
These files are called Rainbow Tables.
You are trading speed for memory and disk space, the Rainbow Tables can be VERY large, although Rainbow Table attacks are very effective.
Be warned though, Rainbow tables can be defeated by salted hashes, if the hashes are not salted however and you have the correct table, a complex password can be cracked in a few minutes rather than a few weeks or months with traditional brute forcing techniques.
So where do I download Rainbow Tables?
There are various locations you can download Rainbow Tablse, for example you can find a fairly comprehensive set of free Rainbow Tables at Project RainbowCrack including paid tables optimized for various things (LM, NTLM, MD5, SHA1 etc).
You can generate them yourself with RainbowCrack, this will take a long time and a lot of disk space.
Project Shmoo is offering downloads of popular Rainbow Tables via BitTorrent.
http://rainbowtables.shmoo.com/
Where can I get a Rainbow Table Generator?
The tool to generate Rainbow Tables actually comes along with the RainbowCrack download, the tool is rtgen (for Windows rtgen.exe) .
What other software can I use for a Rainbow Table attack?
There is, of course, the original RainbowCrack as mentioned above.
Then there is:
Ophcrack Rainbow Table Password Cracker
Ophcrack is a Windows password cracker based on a time-memory trade-off using rainbow tables. This is a new variant of Hellman’s original trade-off, with better performance.
Cain and Abel (newly added support for Rainbow Tables)
Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols.
Cain and Abel is personally my favourite fully featured password whacking tool, it also has a good packet sniffer, which grabs and decodes passwords and many methods for password cracking. The interface is decent too. I’ll write more on how to get the most out of Cain later.
LCP Download – L0phtcrack LC5 Password Cracking Alternative
Main purpose of LCP program is user account passwords auditing and recovery in Windows NT/2000/XP/2003
This is basically a free version of l0phtcrack which ended up turning into commercial software.
Jimmy says
Top quality article!
pegr says
For a good commercial L0phtCrack alternative (good speed, support for Rainbow tables, no copy protection nonsense), find SamInside. It’s about $30 and every bit as good as LC (I’ve used both).
Darknet says
Jimmy: Thanks
pegr: Yeah I remember that when it was in BETA, it was EXTREMELY fast when it first came out, I kind of forgot about it after that. Will check it out soon, I’m pretty sure I’ve still got it around here somewhere.
Jimmy Tong says
I was wondering does this crack e-mail password too o_O, it seems dangerous
Darknet says
Jimmy Tong: It depends how you have the password, this method is used for cracking ‘Hashed’ passwords in a short time, rather than brute forcing them for weeks. You need to use different techniques for e-mail passwords. In the case of e-mail passwords you are brute forcing the actual authentication mechanism, not the hash. You need to look at something like THC-Hydra. I’ll talk about that at another date :D
BrownShoe says
n00bs!
WAlter says
YO THIS SHIT IS REALLY OUTRAGOUS MAN I LIKE THIS STUFF I WANT TO LEARN MORE DO YOU GUYS KNOW HOW TO HACK AND THINGS I WANNA LEARN THIS STUFF.
UndrWing says
are you serious^^
len says
one stupid guy tried to download this stuff at his work
but as the dictionaries are so big he directly skyrocketed into the stratosphere of downloaders and had to explain himself why he needed this stuff at the workplace, which he couldn’t
don’t say I didn’t warn you, at the workplace they can see everything
Bill says
All I want is to access my wife’s email account which she keeps at work. I know the address but not the password. Which program will help me find this.
TRANSEND says
this is the biggest thing since distributed.net!!!!!!!!
how about
“distributed rainbow table” servers
{{{{{support hacktivismo}}}}}
Jaybone says
This shit seems legit-but the question I have for you is can you do a hack for minutes on a cell phone? I haven’t been able to do this-but I have made headlines around the world-lol-hehehe-jot back-Jaybone
Hus says
Good article.
Thanks
help me says
http://rainbowtables.shmoo.com/ dead :(
sam says
saome one is regularly hacking my password so nw this time i want to the same with so plz help mme out as soon as possible?
Darknet says
Spudster: Thanks I’ll check that out. Progress is looking good, glad to see them on torrents, do they have many seeds?
Spudster says
Currently there are 7 seeders, 3 of them are very high bandwidth and should be on for a while. Our SHA1 project is about 50% complete.
Thanks – Spudster
Roflcopter says
Say I knew someone’s account name for WoW…but I didn’t know their password..and they had around 5.2k gold that I’d like to get my hands on..theoretically…which program would I go about downloading to get in? :)
prabhu says
These is very wast .
No free download software are here.
ayush says
rainbowtable sucks!
Daniel says
Hi
Do you know if it’s posibel to crack the password of a rar file using a program and a sha-1 rainbowtable. Do you know of any programs that does this.
All I’ve found so far have been std passwordcracking software wich uses std bruteforce and dictionary attacks (they take years to complete).
Sean W. says
i suggest you crack the password with the hint i have for you to crack. email me back for the password hint
Jonh says
I need to find out two passwords for hotmail and gmail acounts of my wife. Can anybody help?
Thanks
Sypherknife says
I’ve been looking for some good sources for rainbow tables for a while now, thanks for the links.
Konpaku says
Didn’t the Schmoo group have a todo with rainbow tables?
Daniel says
@konpaku
yes they tried to generate the tables originally but got beaten to it
skan says
Hello.
Where can I get free RC4 rainbow tables?
I need them to crack a pdf password.
Thanks
Dee says
Hi!
I have the problem that because i had to change my passwords many times recently i forgot the last version of it and now i cannot login…
Stupid me didnt make any reminder question coz the first pass was relatively simple to memorize. Can I use this crack program to get access to my email again? (it is an important email of mine)
The new password was a variation of the old one, so i know some parts of the password, does that make it easier?
Does language matter?
Thanks in advance,
Dee
Cosmin says
Anyone knows how can I crack an winace 2.x archive (160bit Blowfish encryption)? I remember some digits from password so I need an brute-force with template software.
Thanks
skan says
there are some programs such as Advanced archive password recovery and some other
RollinZombie says
Ok, here’s one for ya. My recently deceased father-in-law’s laptop was found after he was buried. My wife and sister-in-law think his will may be on it. It’s a Lenovo 3000 N100 with a biometric fingerprint scanner running Windows Vista Home Premium edition.
Any suggestions??
backbone says
watch myth busters hacking fingerprint scanners… the problem, you have to have your fathers fingerprint
bulk_particle says
take the hdd out of laptop, and plug it in any other PC, (with suitable adapter – e.g. from 2.5″ to 3.5″ hdd). this will you need i guess is in some document format ( .doc or .txt or .rtf ….) you should be able to find it with simple search. if the hdd contents are fingerprint secured, just make image of the hdd with Ghost 10, put it on any other drive and open it with image explorer, or you should be able to access it on other hdd anyway.
running vlans within other vlans, the nested vlan scam says
I have a question: does the official Rainbow Cracker (at the website) also come with the script needed to actually automatically login with the generated words (which presumably isn’t going to be the same for every login screen or prompt), or does it just generate all possible character combos per any given set of characters?
Cause obviously you are not going to sit there typing all of the combos in and then pressing Enter to see they work, one at a time.
About the algorithm versions – in what way are all possible character set combos different, because the encryption system that generated them was different? If you can open something with a keystring / password, and you have the time (and the automated login script) and hw to so do, then it doesn’t matter =how= the password was generated anyway – all you are doing is using multiple instances of logins/passwords, one of which has to work. Of course it’s easier to do that if you know the character set used and the password length..
So, the algorithm versions – they are reversed encryption formulae? ie – if you know the password was generated by whatever system of encryption, then you can apply as best as is possible an inverse of what generated the password. Or are they included because they generate specific-lengths of passwords of particular character sets? It’s just that I’d tend to see breaking encryptions as a whole different area that generating and bruting all possible combos (eg it’s more about reverse-engineering and probability), although yes as long as the encryption generates a password-type of key that’s used to decrypt with, then of course trying all combos will break that.
Also, that really is only useful to decrypt something like a hard file (or data on it) offline – what I mean is, most things you have physical access to anyway would never need to be password cracked; it’s easier just to view the files some other way or change the password or reset it.
Online / remote, it’d be useful but very difficult to get done, there’s a huge amount of ‘syn’ and ‘ack’ type of traffic going on with logins…….considering how many attempts it would take to run through the passwords before arriving at a combo that works, why not just use another method of sending data that will be accepted and that then lets you into the system, and you can make an account or change the existing passwords and so forth.
It’d probably work best online after all, for getting into locked wireless networks.
raxx says
It seems pretty interesting to read all this.I still have nt used any software of these kinds.. Bt i want to know one thing which one is the best to hack or recover my lost mail passwords as i have been forgotten my security questions.
Thanxx
katy says
really nice
thanks***
Husneyyy says
its really easy to find passwords. i forgot my id password. now i find it! thanks
orronno says
I want to agree to learn how to crack.How can i start this.please give me some instructions and help to learn cracking.
12yearoldHACKERBIOTCH says
Damn it all to hell….i needed something to find someone elses password, and none of those are for free. >_< hehe, anyway, thanks for filling me in on how to use this though ^^