Free Rainbow Tables Looking For New Admin

lee writes "After almost three years online, the admin of Free Rainbow Tables has decided to call it a day, citing a lack of time to keep it running. (I'm sure that you all know a rainbow table is essentially a giant list of precomputed hashes.) This is a shame, as the site is a useful resource for those occasions when you really need an existing password exposed, rather than simply changing it. I'm a Windows admin, and this site has come in very handy in the past. The currently computed tables weigh in at well over half a terabyte, are available as torrents from the site, or from a couple of mirrors (and alternatives are available). When the site was active, it featured a downloadable BOINC client to put your idle cycles to work computing ever-greater tables, and a space-saving format for storing the tables. The admin is willing to hand over source code if you wish to take over, though I suspect hosting is not included!"

Salts?

[Sir_Lewk]

I thought the prevelance of using salts with hashes obsoleted rainbow tables years ago.

Only MD5/LM/NTLM?

[AmiMoJo]

I was expecting more tables than just MD5 and two types of Windows passwords. You can already download the Ophcrack DVD to do Windows passwords with rainbow tables.

Renderlab offer wifi WPA rainbow tables: http://www.renderlab.net/projects/WPA-tables/ [renderlab.net] . I hope whoever takes over takes note of projects like that, and tries to expand the range of tables available.

Re:Salts?

[six]

Once you've reverted the hash back to salt+plaintext, it's *much* easier to remove the salt (often some string concatenated with the plaintext).

Re:Salts?

[l0b0]

Using salts with hashes obsoleted rainbow tables years ago (if you know what you're doing).

There, corrected it for you.

Re:Salts?

[zindorsky]

I thought the prevelance of using salts with hashes obsoleted rainbow tables years ago.

True. Correctly salting your password hashes will make rainbow tables useless.

But ... Guess which system still doesn't salt passwords? Windows!

Re:OMG is that annoying...

[Chyeld]

Maruha medama
Maruha kirei
Kuroibudouno
Amaiagi

Sankakuha gikan
Sankakuha hayai
Sakana no shippono
Furuekata

Shikakuha Sora
Shikakuha Hirui
Hanawo kandera
Iinaoi

3.14159 2653589 7932384
626433 8327950 28841197 1693993
751582

.

circle is eyeball
circle is beautiful
blackberry's sweet taste

triangle is time
triangle is fast
the movement of fish's tail

square is sky
square is wide
it smells good when you smell flowers

3.14159 2653589 7932384 626433
8327950 28841197 1693993 751582

Re:why Rainbow Tables when there is KonBoot?

[Rich0]

I can't imagine that a tool like this would allow you to authenticate to the domain controller. Cracking the hash cached on the local system would.

Unless windows is so insecure that the domain controller just takes the local workstation's word that you successfully logged in. I can't imagine such a design lasting this long. If it did you could get the machine's key off the local hard drive and then authenticate as anybody over the network.

rainbow table?

[spottedkangaroo]

I'm sure a huge precomputed hash database is handy and everything, but are we sure that's what a rainbow table is? I tried very hard to make sense of the Oechslin paper on rainbow attacks and it doesn't mention anything about pre-computing individual hashes. It's about reconstructing cipher chains (or something like that). Perhaps the term has just become diluted over the years. Seems wrong to me.

Re:Salts?

[Anonymous Coward]

NTLMv1 maybe, but NTLMv2 closed that hole and doesn't use LM hashes.

It took a few years for the default to be *not* to send the v1 hash, but it has been now since 2003 server (which is why you used to get the problem that early samba implementations don't work with newer windows domains.. the 'workaround' given was to shaft the security of the network, although these days I'd just upgrade samba).

Not exactly

[Anonymous Coward]

(I'm sure that you all know a rainbow table is essentially a giant list of precomputed hashes.)

The whole point of a rainbow table is that it's not a giant list of pre-computed hashes, though those do exist also. It is a large table, but it's not simply a one-to-one dictionary of plaintext and hashes.

Anyhoo, though RTs are still valid, they are becoming much less useful as an attack method.

Re:why Rainbow Tables when there is KonBoot?

[silent_artichoke]

The local machine caches the credentials. We see this with laptop users. They have to be connected to the network here to log on the first time, then they can take it home and log in just fine without a network connection. If they change their password on their work desktop, the laptop still uses the old one until they try to log into the account again while connected to the network. So, the domain controller does not take the local machine's word for it, but the local machine does not necessarily check in with the domain controller.

Re:why Rainbow Tables when there is KonBoot?

[querist]

Granted, EFS (Encrypted File System - the "encrypt" option on NTFS) isn't the greatest, but it's there, it's included with Windows (and thus, perceived as "free as in beer"), and people use it.

Kon-Boot will grant you access to the account, but not to anything that the user encrypted using EFS. I have just tested this today to be sure before posting.

That is one reason why people would want to know the current password rather than just bypass the password, though Kon-Boot certainly still has its uses.