The King of password cracking: the principle of the ophcrack rainbow table (rainbow tables)

A rainbow table is a type of hashAlgorithmIs a cross-platform password cracking tool that can crack multiple types of passwords, such as MD5 and hash. The performance of NTLM is astonishing. It is powered by NVIDIA Cuda technology on a common PC. For NTLM algorithms, it can reach up to 103,820,000,000 plaintext attempts per second (more than 100 billion ), for the widely used MD5, it is also close to 100 billion times. What's more amazing is that the rainbow table technology does not attack a hash algorithm vulnerability, but is similar to brute-force cracking, which is effective for any hash algorithm.

I. rainbow table principle

This is almost incredible. Roger can't wait to see it.
The principle. This is actually not a new technology, but unfortunately, the search for "Rainbow Table Principles" comes out.ArticleThe introduction to the principles of the rainbow table is incorrect. Here is a brief introduction of Roger. The main reference is this article on the Wiki.

If you are good at English, you can read this paper.
.

The hash algorithm is a one-way hash algorithm, which maps a large set P to another small set Q, if this algorithm is called H, q = H (p) exists ). For any value of P, P has a unique Q corresponding to it, but one Q can correspond to multiple p. As a useful hash algorithm, H should also meet the following requirements: H (P) is faster; given a Q, it is difficult to calculate a p that satisfies q = h (P ); given a P1, it is difficult to calculate a P2 not equal to P1 so that H (P1) = H (P2 ). Because of this feature, the hash algorithm is often used to save the password-this will not disclose the plaintext of the password, and can verify that the entered password is correct. Common
Hash algorithms include MD5 and sha1.

The task of cracking hash is to calculate a P for the given Q to satisfy q = h (P ). There are two methods we can think of. One is the brute-force cracking method. Calculate every p in P for H (p) until the result is equal to Q; another way is to look up the table, create a large data database, record every p and corresponding Q, and perform an index by Q. Then, you can check it. Both methods are theoretically acceptable, but the former may require a massive amount of time, and the latter may require a massive amount of storage space, which is impossible to achieve with the current human resources.

We can simply calculate the size of the set of passwords consisting of 14 characters in upper and lower case and numbers (not special characters first? Naturally (26*2 + 10) ^ 14 = 62 ^ 14 = 1.24*10 ^ 25, which is about 1.2 billion, even if we can verify one p per second (1 billion times per second, but the PC cannot do it now), it takes about 0.4 billion years for the brute-force cracking method. If we use the lookup method, assuming that the hash result is bits, that is, 16 bytes, the storage space of 10 ^ 26 bytes is required to store the hash (without storing the plaintext P. What? Hard Disks are cheap now? Yes, the current 1 GB hard disk is about five cents, so it takes about 0.5 billion RMB to buy the hard disk for the hash of optical storage. In some articles, rainbow tables rely on a huge table to crack the hash,
It's just an ignorant joke.

Because of this, we always think that hash is safe enough, and that a dozen passwords are strong enough until the appearance of the rainbow table. Now let's see how the rainbow table works.

The fundamental principle of a rainbow table is to combine the brute-force method and the lookup method, and make a compromise between the two, using the time and storage space we can afford to crack. It establishes another algorithm R for a q = H (p) so that p = R (Q), and then calculates a P as follows:

P0-H-> q1-r-> P1-H-> Q2-r-> P2-H-> Q3-r-> P3... -H-> q (n-1)-R-> P (n-1)-H-> Qn-r-> PN

Simply put, Q is iterated using H and R, and finally the Pn and N may be relatively large. Finally, we store both P0 and Pn and discard other results. Then, use different P0 values to calculate multiple p pairs.

During the attack, we provided a Q. Let's look for P. We first perform an r operation on Q to get a value, such as C1, and then compare C1 with the last one of every p pair. If it is equal to a certain Pn, it is possible that the P (n-1) corresponding to this PN is the Q we are pursuing. In order to verify that we perform a chain calculation of P0 corresponding to Pn, we can check whether qN is the Q given, if yes, obviously P (n-1) is the p we are pursuing, because P (n-1)-H-> Qn. If not, continue searching until all q0qn pairs are traversed.

At the beginning, let's calculate Q-r-> C1-H->-r-> C2 and compare whether C2 IS Qn. If so, P (n-2) it may be P. Then calculate C3 and C4 until C (n-1). Do you understand this?

In general, a p0pn pair is used to store chain data. If n is large, the storage space can be greatly reduced. The problem is that we have to perform n comparisons for a longer time, but we do not need to crack the password instantly. It is acceptable to wait for several seconds or even a few days to crack the password.

Of course, this is just a rough description of the principle. There are still many problems, such as R selection, hash conflict processing, and how to choose p0 to achieve sufficient coverage, how to generate a rainbow table with limited resources. If you are interested, go to the source code of rainbowcrack.

2. Obtain the rainbow table

Rainbow table official:

120gbt download:

Iii. Use of rainbow tables

There are many rainbow table tools. Commonly Used rainbow table tools include rcracki_mt and Cain.

Cain:
: // Www. onlinedown/soft/53494.htm

Freerainbowtables:
Http://www.freerainbowtables/

Ophcrack:
Http://ophcrack.sourceforge/.php

Rainbowcrack:
Http://project-rainbowcrack.com/table.htm

Rainbowcrack + lm tables cracking Sam Password

Http://www.t00ls.net/viewthread.php? Tid = 505

Perfect Combination of saminside + lm tables for cracking Sam passwords

Http://www.t00ls.net/viewthread.php? Tid = 503

The minimum rainbow table is the most basic letter number table. In this way, the table size is 388 MB. This is the default table of the ophcrack boot disk. Many people have collected the legendary GB rainbow table. Windows and earlier operating system passwords adopt LM algorithm encryption, While Vista, win7, win2008/R2 adopt NTLM, which is much safer than LM.

Reprinted from: http://hi.baidu.com/ovenwlm123/item/6a13ca8ea495b1d25e0ec106