Windows password security and crack--opcrack hang Rainbow table hack local SAM Hash

Source: Internet
Author: User

"Experimental Purpose"

1) Understand the principle of opcrack hanging Rainbow table cracked local SAM Hash

2) Learn the process of opcrack hanging rainbow table to hack local SAM Hash


"Experimental principle"

A rainbow table is a pre-computed table used to encrypt the inverse of a hash function, often used to crack encrypted cryptographic hashes. The general mainstream of the rainbow table is above 100G. A lookup table is often used for encryption that contains a fixed-length, plain-text password with limited characters. This is a typical practice of space-for-time, with less computing power and more storage space for every brute-force hack attempted, but less storage space and more computational performance than a single hash table for each input. Using the salt-added KDF function makes this attack difficult to implement.

In order to ensure the security of the background data, the current practice is to use a hashing algorithm to encrypt the plaintext password storage. Since the hashing algorithm is not reversible, it is impossible for the plaintext operation to be reversed by the password.

At first hackers were broken down by a dictionary-exhaustive approach, which was feasible for simple passwords and simple cryptographic systems, but for complex passwords and cryptographic systems, an infinite number of dictionaries were generated. In order to solve the problem of reverse cracking, hackers have produced rainbow watch technology.

In order to solve the required dictionary size, reduce the time to generate and look up the dictionary, the hacker selectively stores a small reversible long-chain password hash value. While cracking a single ciphertext, using the Hashiki method requires more computational time for reverse lookups, but the dictionary is much smaller, so you can store a longer password hash. Rainbow Table is an improvement of this link technology and provides a solution called a collision chain. Based on the Martin Hellman theory (based on memory and time weighting theory)

The Rainbow table hits the size according to the need, has the rainbow table of the T data, also has hundreds of m of data, different case chooses the different rainbow table, can obtain the result quickly.


"Experimental Environment"

This environment is simulated hacker in the case of the target machine has been obtained hash, by adding a rainbow table to the target hash to crack.


"Experimental Steps"

First, get the system Sam value

asPwdump exporting a local SAM hashhttp://klmyoil.blog.51cto.com/10978910/1721965


Two use Opcrack to hang Rainbow table cracked local SAM

2.1 Opening Ophcrack.exe

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M00/77/A3/wKiom1ZqcHTwR6hqAAE-y_0YHA0922.png "style=" float: none; "title=" 1111.png "alt=" Wkiom1zqchtwr6hqaae-y_0yha0922.png "/>


2.2 Underneath the green is the Rainbow table we put on.


650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M00/77/A2/wKioL1ZqcHiTXOOPAAENR2FN0Gc588.png "style=" float: none; "title=" 2222.png "alt=" Wkiol1zqchitxoopaaenr2fn0gc588.png "/>


2.3 We click "Load" button, select single Hash


2.4 Copy the hash that we saved in the document separately.



650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M01/77/A2/wKioL1ZqcH_zAtRsAAFi78ad94A423.png "style=" float: none; "title=" 3333.png "alt=" Wkiol1zqch_zatrsaafi78ad94a423.png "/>


2.5 After confirming, we click on the software crack


650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/77/A3/wKiom1ZqcISC1fMEAADDoWNba1o655.png "style=" float: none; "title=" 5555.png "alt=" Wkiom1zqcisc1fmeaaddownba1o655.png "/>


2.6 Waiting to be cracked, after success will be displayed in the software


650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/77/A2/wKioL1ZqcR7zWiV_AADxjVjyRQs027.png "title=" 6666. PNG "alt=" Wkiol1zqcr7zwiv_aadxjvjyrqs027.png "/>



650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M00/77/A3/wKiom1ZqcUOwzR6VAADxjVjyRQs782.png "title=" 6666. PNG "alt=" Wkiom1zqcuowzr6vaadxjvjyrqs782.png "/>


2.7 The password was cracked, and the experiment ended.


Windows password security and crack--opcrack hang Rainbow table hack local SAM Hash

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.