Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.

Alternative to Rainbow tables


stealth-'s Avatar
Ninja Extreme
0 0

I'm wondering if theres a alternative to rainbow tables. Im trying to crack the hash in the "other challenges" section, but I currently don't have access to a system with enough ram or space to download or run a rainbow table.

Also, if there is a alternative, what would be the time difference? I don't mind a couple hours to leave it running, but any more than a day and i'd rather just wait till I get access to a faster computer.


clone4's Avatar
Perl-6 Wisdom Seeker
0 0

use rainbow tables only if other methods fail, or as an alternative to bruteforcing. Get a good dictionary and use JtR for ditionary attack, or use one of the many online databases.

Also there are online crackers (milw0rm) and I think I've seen even online crackers based on rainbow tables., but again for this hash dictionary attack should do in hours if not minutes


stealth-'s Avatar
Ninja Extreme
0 0

Yeah I don't think i'll use an online service to do this, like you said I really wouldn't learn much. I know a bit of python, but i'm not sure it's enough to be able to write a cracker.

Anyways, I'll do some research on those topics and see if I can manage to make a cracker (I've been looking for something to program recently anyways)

Thanks


clone4's Avatar
Perl-6 Wisdom Seeker
0 0

Fritzo wrote: Why only use Rainbow tables in other methods fail?

and he doesn't learn much from using an online cracker now does he? (to OP: I forgot to mention, read up on MD5 too.)

And yes, there is a site cracking hashes using Rainbow tables, I think it's http://www.plain-text.info

It's not very effective unless you have a lot of data stored locally, I think it's preferable to try other methods then downloading loads of rainbow tables…

You are right about the second one though, my bad, for this challenge it's not exactly appropriate.

And I'd advise using perl only if you actually want to learn how to make a simple bruteforcer/cracker, it's fairly quick, but very resource wasteful, and you have much faster alternatives available Also thanks for the link :)

@OP: good luck, everything else necessary has been already said:)


ghost's Avatar
0 0

I usually start making a simple dictionary attack on it, and at the same time check it with some online tools. Simple googling will do the trick. And if that doesn't work, I'll start bruteforcing (for a reasonable amount of time). If that doesn't do, then it's not worth it. :|


ghost's Avatar
0 0

Fritzo wrote: That -really- does depend on what that hash is for Good sir.

  • and if you got a second box running, only made for cracking hashes, then who cares if it takes a month for it to finish?

I would call your statement is invalid.

Well, I didn't say what a reasonable amount of time was, did I? ;)


ghost's Avatar
0 0

Active machines - 1539

Doesnt look dead to me… Used it many times to crack md5 hashes.

edit - just read the news, my apologies, it is down. Looks like im gonna need to find another way to get those damn hashes cracked :p


clone4's Avatar
Perl-6 Wisdom Seeker
0 0

jjbutler88 wrote: [quote]Active machines - 1539

Doesnt look dead to me… Used it many times to crack md5 hashes.

edit - just read the news, my apologies, it is down. Looks like im gonna need to find another way to get those damn hashes cracked :p [/quote]

Fritzo suggested http://www.plain-text.info/, tried it and seems to work quite well…


ghost's Avatar
0 0

Umm… you shouldn't need a rainbow table to crack any hashes in other challenges. I believe i've only had to use gdataonline.com/seekhash or milw0rms cracker. And JTR, didn't even have to load wordlist or anything. just ~$ john pass.txt (<-file with hash in it. :p


fuser's Avatar
Member
0 -1

S1L3NTKn1GhT wrote: And JTR, didn't even have to load wordlist or anything. just ~$ john pass.txt (<-file with hash in it. :p

Yeah, and prepare to wait for a long time for the computer to crack the hash, and provided the computer is powerful enough. Brilliant advice.


ghost's Avatar
0 0

Ummm… dude. It took about 1 minute. :p

Edit: Its not the best choice for cracking hashes, but works just fine for the other challenge.