Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Security The Internet

Free Rainbow Tables Looking For New Admin 95

Posted by kdawson
from the all-the-colors dept.
lee writes "After almost three years online, the admin of Free Rainbow Tables has decided to call it a day, citing a lack of time to keep it running. (I'm sure that you all know a rainbow table is essentially a giant list of precomputed hashes.) This is a shame, as the site is a useful resource for those occasions when you really need an existing password exposed, rather than simply changing it. I'm a Windows admin, and this site has come in very handy in the past. The currently computed tables weigh in at well over half a terabyte, are available as torrents from the site, or from a couple of mirrors (and alternatives are available). When the site was active, it featured a downloadable BOINC client to put your idle cycles to work computing ever-greater tables, and a space-saving format for storing the tables. The admin is willing to hand over source code if you wish to take over, though I suspect hosting is not included!"
This discussion has been archived. No new comments can be posted.

Free Rainbow Tables Looking For New Admin

Comments Filter:
  • I am sure that plenty of groups that may "need an existing password exposed" are interested in anonymously donating hosting for this project.

  • by sunking2 (521698) on Friday July 17, 2009 @01:38PM (#28732287)
    If you assume that everyone knows what it means then why are you telling us what it means knowing damned well that probably 99% of the audience doesn't actually know what it means, or cares for that matter. It makes you come across demeaning to the vast majority of people who could give a crap.
  • by nametaken (610866) on Friday July 17, 2009 @01:40PM (#28732307)

    Or pay-for-download and/or pay-for-lookup service, and keep the site online.

  • by Shikaku (1129753) on Friday July 17, 2009 @01:41PM (#28732351)

    News for Nerds.

  • by RiotingPacifist (1228016) on Friday July 17, 2009 @01:47PM (#28732423)

    Because slashdot used to be a site for geeks, however recently anytime somebody uses a simple TLA/ETLA people start bitching that they don't know what it meant and they are too lazy to google and/or wikipeida it, so instead you get a stupid thread full of people who have !RTFA commenting on a subject that is of no interest to them, if it was they would have understood the TLA in TFS, this really annoys the few geeks that actually RTFA as it dilutes the comments. As a TFS contains redundant information to prevent people going "what are rainbow tables?", lets be honest if you're the kind of geek that has ever done any 'cracking' you knew what it mean, if you're not then you don't care.

    p.s irony of this post not lost on me!

  • by Obfuscant (592200) on Friday July 17, 2009 @01:58PM (#28732561)
    lets be honest if you're the kind of geek that has ever done any 'cracking' you knew what it mean, if you're not then you don't care.

    Let's be honest, I'm a kind of geek that has done cracking, but I don't devote my life to it. I've never heard the term "rainbow table" applied to the lists of precomputed hashes, so it was nice to have a simple hint that said "precomputed hashes", and I do care.

  • Re:Salts? (Score:5, Insightful)

    by RiotingPacifist (1228016) on Friday July 17, 2009 @02:09PM (#28732713)

    The site host/cracked NTLM LM MD5

    NTLM is still used in the following situations:
    * The client is authenticating to a server using an IP address.
    * The client is authenticating to a server that belongs to a different Active Directory forest, or doesn't belong to a domain.
    * No Active Directory domain exists (commonly referred to as "workgroup" or "peer-to-peer").
    * Where a firewall would otherwise restrict the ports required by Kerberos (of which there are quite a few)

    So kids getting their teeth wet on home networks, which probably explains why its not being supported. MD5 is still used by applications that arn't quite sure what they are doing/can't do much more e.g grub, im clients, etc.

    Lookup tables are still useful in cracking WPA [renderlab.net]

  • Whoops (Score:5, Insightful)

    by neokushan (932374) on Friday July 17, 2009 @02:11PM (#28732761)

    Slashdotting the site really isn't helping to keep it online.

  • Re:Salts? (Score:5, Insightful)

    by zindorsky (710179) <zindorsky@gmail.com> on Friday July 17, 2009 @02:14PM (#28732795)

    Once you've reverted the hash back to salt+plaintext, it's *much* easier to remove the salt (often some string concatenated with the plaintext).

    Often? That's the definition of salt.

    Also, rainbow tables don't revert the hash back to salt+plaintext. Rainbow Tables don't work if salt was (correctly) used. Well, I guess you could make a set of RTs for every possible salt value ... if you have an ice age or two to wait.

  • by CarpetShark (865376) on Friday July 17, 2009 @03:24PM (#28733665)

    I am sure that plenty of groups...are interested in anonymously donating hosting for this project.

    You think? Personally, I think you'd have to be a glutton for punishment, to want to admin a site for people interested in rainbow tables.

The price one pays for pursuing any profession, or calling, is an intimate knowledge of its ugly side. -- James Baldwin

Working...