Rainbow Tables

A friend asked me about rainbow tables, so I thought I'd document what I remembered from my Offensive Security class two years ago.

Rainbow tables are used for cracking passwords.  They are a collection of precomputed hashes, so the software can look up a password hash in the table rather than try to brute force or dictionary attack it.  The downside is that the tables can get quite large depending on the character set and size of passwords used to generate it.

One tool that can use rainbow tables is ophcrack.  There are some tables available for free, such as xp free and vista free.  These are just based on a dictionary.  So instead of computing the hash for each entry in the dictionary and comparing it to the password hash (dictionary attack), the table allows for near instant lookup of passwords.

There are also online rainbow tables where you can submit a hash.  If the hash is in one of their tables, the password is cracked.  Onlinehashcrack.com is an online tool.  Another is freerainbowtables.com.  The nice thing about freerainbowtables is that they are constantly generating tables, and you can help by downloading the client.  Then the tables are available for download.  They also sell them if you don't want to download 5.7TB (as of 8/10/12).

There are two types of rainbow tables there - the older format and the newer hybrid tables.  The tool on the site (rcracki_mt) works with both types.  Other tools, like Cain, only work with the older format.  There is another tool to convert the hybrid tables back to the older format for use in other crackers.