Rainbow tables on Linux?

classic Classic list List threaded Threaded
13 messages Options
Reply | Threaded
Open this post in threaded view
|

Rainbow tables on Linux?

Johann Spies
Is it possible to use rainbow tables with a password cracker on Linux
like 'john'?  If so, how?  If not, is it possible with any other
password cracker on Linux?

I know about Ophcrack but it seems to be geared towards the Windows
environment.

I have John now running for 74 hours to try and crack one
password. That is on a 2xquadcore Intel server.  

By the way, I am not trying to break in.  I am testing the
effectiveness of John.

Regards
Johann
--
Johann Spies          Telefoon: 021-808 4036
Informasietegnologie, Universiteit van Stellenbosch

     "I press toward the mark for the prize of the high
      calling of God in Christ Jesus."        
                                   Philippians 3:14


--
To UNSUBSCRIBE, email to [hidden email]
with a subject of "unsubscribe". Trouble? Contact [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Rainbow tables on Linux?

Vincent-27
Hi,

Perhaps with rainbow crack ?

You can seesource code for linux.  here ==> http://www.antsight.com/zsl/rainbowcrack/


Regards
Vincent

Le jeudi 23 octobre 2008 à 12:14 +0200, Johann Spies a écrit :
Is it possible to use rainbow tables with a password cracker on Linux
like 'john'?  If so, how?  If not, is it possible with any other
password cracker on Linux?

I know about Ophcrack but it seems to be geared towards the Windows
environment.

I have John now running for 74 hours to try and crack one
password. That is on a 2xquadcore Intel server.  

By the way, I am not trying to break in.  I am testing the
effectiveness of John.

Regards
Johann
-- 
Johann Spies          Telefoon: 021-808 4036
Informasietegnologie, Universiteit van Stellenbosch

     "I press toward the mark for the prize of the high 
      calling of God in Christ Jesus."         
                                   Philippians 3:14 


Reply | Threaded
Open this post in threaded view
|

Re: Rainbow tables on Linux?

Rida-2
In reply to this post by Johann Spies
Hi,

I think you can't use rainbow tables on linux because it uses a salt http://en.wikipedia.org/wiki/Salt_(cryptography) ; that's why john is using bruteforce

On Thu, Oct 23, 2008 at 12:14 PM, Johann Spies <[hidden email]> wrote:
Is it possible to use rainbow tables with a password cracker on Linux
like 'john'?  If so, how?  If not, is it possible with any other
password cracker on Linux?

I know about Ophcrack but it seems to be geared towards the Windows
environment.

I have John now running for 74 hours to try and crack one
password. That is on a 2xquadcore Intel server.

By the way, I am not trying to break in.  I am testing the
effectiveness of John.

Regards
Johann
--
Johann Spies          Telefoon: 021-808 4036
Informasietegnologie, Universiteit van Stellenbosch

    "I press toward the mark for the prize of the high
     calling of God in Christ Jesus."
                                  Philippians 3:14


--
To UNSUBSCRIBE, email to [hidden email]
with a subject of "unsubscribe". Trouble? Contact [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Rainbow tables on Linux?

Henri Salo-3
In reply to this post by Johann Spies
On Thu, Oct 23, 2008 at 12:14:57PM +0200, Johann Spies wrote:
>
> I have John now running for 74 hours to try and crack one
> password. That is on a 2xquadcore Intel server.  
>
> Regards
> Johann

Regular john doesn't use all of your cores for good reasons. More
information can be found from http://www.openwall.com/john/. You should
also check their wiki.

- Henri Salo


--
To UNSUBSCRIBE, email to [hidden email]
with a subject of "unsubscribe". Trouble? Contact [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Rainbow tables on Linux?

cfchris6
In reply to this post by Johann Spies
On 10/23/2008 12:14 PM, Johann Spies wrote:
> Is it possible to use rainbow tables with a password cracker on Linux
> like 'john'?  If so, how?  If not, is it possible with any other
> password cracker on Linux?

As far as I know, the hashes in /etc/shadow are salted, so a rainbow
table, for all possible salts and the the intended password range, would
be probably very huge.

Regards,
Christian Franke


signature.asc (268 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Rainbow tables on Linux?

ewiget (Bugzilla) (Bugzilla)
On Thursday 23 October 2008 06:53:05 Christian Franke wrote:
> On 10/23/2008 12:14 PM, Johann Spies wrote:
> > Is it possible to use rainbow tables with a password cracker on Linux
> > like 'john'?  If so, how?  If not, is it possible with any other
> > password cracker on Linux?

If you are not trying to break in and just testing windows passwords, then I
assume you also have access to the real passwords and usernames.  Why don't
you just import them into linux and test them from there.  My reasoning is
that if john can determine the passwords relatively quickly, then the
passwords are too weak.    

I did some performance testing on john using a dual core patch vs single core
at http://www.edwiget.name/content/view/195/27/

the open source rainbow tables are about 121GB (if my memory serves me
correctly) and are only available via bittorrent.  I think it took me about 2
months to download them.  http://www.antsight.com/zsl/rainbowcrack/

Also, something to consider, if you (or an attacker) have physical or remote
access, game is over anyways....irregardless of passwords.

--
-----BEGIN GEEK SIGNATURE-----
\| ascii: Ed Wiget
\| hex: 65 64 20 77 69 67 65 74
\| bin: 01100101 01100100 00100000 01110111
\| .....: 01101001 01100111 01100101 01110100
\| m: 6064071838 l: 6067591175 e: [hidden email]
\| Version: 3.12  www.edwiget.name
\| GIT d- s--: a C++++ UL++++ P+ L++++ E--- W+++ N++ o+++ K- w---
\| O- M+ V PS+ PE Y+ PGP+ t 5 X- R- tv- b+ DI-- D
\| G e+ h++ r++ y**
------END GEEK SIGNATURE------
:
The BOFH for today is.....
Melting hard drives
:
BOFH based on http://pages.cs.wisc.edu/~ballard/bofh/

signature.asc (204 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Rainbow tables on Linux?

Johan Marklund
Ed Wiget skrev:

> On Thursday 23 October 2008 06:53:05 Christian Franke wrote:
>  
>> On 10/23/2008 12:14 PM, Johann Spies wrote:
>>    
>>> Is it possible to use rainbow tables with a password cracker on Linux
>>> like 'john'?  If so, how?  If not, is it possible with any other
>>> password cracker on Linux?
>>>      
>
> If you are not trying to break in and just testing windows passwords, then I
> assume you also have access to the real passwords and usernames.  Why don't
> you just import them into linux and test them from there.  My reasoning is
> that if john can determine the passwords relatively quickly, then the
> passwords are too weak.    
>
> I did some performance testing on john using a dual core patch vs single core
> at http://www.edwiget.name/content/view/195/27/
>
> the open source rainbow tables are about 121GB (if my memory serves me
> correctly) and are only available via bittorrent.  I think it took me about 2
> months to download them.  http://www.antsight.com/zsl/rainbowcrack/
>
> Also, something to consider, if you (or an attacker) have physical or remote
> access, game is over anyways....irregardless of passwords.
>
>  
Still, it's sneakier to logon with somebody elses account. And if they
retain their original password, who would suspect anything? :o

/yosh


--
To UNSUBSCRIBE, email to [hidden email]
with a subject of "unsubscribe". Trouble? Contact [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Rainbow tables on Linux?

Johann Spies
In reply to this post by ewiget (Bugzilla) (Bugzilla)
On Thu, Oct 23, 2008 at 09:27:56AM -0400, Ed Wiget wrote:
> If you are not trying to break in and just testing windows passwords, then I
> assume you also have access to the real passwords and usernames.  Why don't
> you just import them into linux and test them from there.  My reasoning is
> that if john can determine the passwords relatively quickly, then the
> passwords are too weak.    

I am doing it on Linux.  It is actually my own password on a server
that I forgot.  I can use other means (like ssh into the machine using
public key authentication and sudo) to change the password, but I am
curious about two things: Why I could not remember it and how to use
Linux tools to crack it.  

> I did some performance testing on john using a dual core patch vs single core
> at http://www.edwiget.name/content/view/195/27/
>
> the open source rainbow tables are about 121GB (if my memory serves me
> correctly) and are only available via bittorrent.  I think it took me about 2
> months to download them.  http://www.antsight.com/zsl/rainbowcrack/

Yes I know they are huge.  But how would you use when targeting Linux
passwords? As some said on this list it does not seem practical to use
rainbow tables on Linux passwords.


> Also, something to consider, if you (or an attacker) have physical or remote
> access, game is over anyways....irregardless of passwords.

Interesting point:  this server is a Xen-domU and although I have
access to the physical server, it is a bit more complicated to do
interrupt the boot process to get root access.

Thanks to all the people contributing to this thread.

Regards.

Johann


--
Johann Spies          Telefoon: 021-808 4036
Informasietegnologie, Universiteit van Stellenbosch

     "Do all things without murmurings and disputings:
      That ye may be blameless and harmless, the sons of
      God, without rebuke, in the midst of a crooked and
      perverse nation, among whom ye shine as lights in the
      world;"              Philippians 2:14,15


--
To UNSUBSCRIBE, email to [hidden email]
with a subject of "unsubscribe". Trouble? Contact [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Rainbow tables on Linux?

Alberto Mancini
>> Also, something to consider, if you (or an attacker) have physical or remote
>> access, game is over anyways....irregardless of passwords.
>
> Interesting point:  this server is a Xen-domU and although I have
> access to the physical server, it is a bit more complicated to do
> interrupt the boot process to get root access.

If the root-filesystem of the domU is not encrypted
you can just halt the server and mount the filesystem
in the dom0.

Ciao,
  Alberto.


--
To UNSUBSCRIBE, email to [hidden email]
with a subject of "unsubscribe". Trouble? Contact [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Rainbow tables on Linux?

Chris Davies-2
In reply to this post by Johann Spies
Johan 'yosh' Marklund <[hidden email]> wrote:
> the open source rainbow tables are about 121GB (if my memory
> serves me correctly) and are only available via bittorrent.
> I think it took me about 2 months to download them.
> http://www.antsight.com/zsl/rainbowcrack/

Out of interest, how long do you estimate it would have taken you to
generate them locally?

Chris


--
To UNSUBSCRIBE, email to [hidden email]
with a subject of "unsubscribe". Trouble? Contact [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Rainbow tables on Linux?

Maciej Korzeń
In reply to this post by ewiget (Bugzilla) (Bugzilla)
Ed Wiget wrote:
> [...]
> the open source rainbow tables are about 121GB (if my memory serves me
> correctly) and are only available via bittorrent.  I think it took me about 2
> months to download them.  http://www.antsight.com/zsl/rainbowcrack/
> [...]

You can crack hashes on-line for free at http://www.freerainbowtables.com/.

--
Maciej Korzeń
[hidden email], [hidden email]
cell phone: +48 506 671 586


--
To UNSUBSCRIBE, email to [hidden email]
with a subject of "unsubscribe". Trouble? Contact [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Rainbow tables on Linux?

Johann Spies
On Fri, Oct 24, 2008 at 12:12:40PM +0200, Maciej Korze?? wrote:

> You can crack hashes on-line for free at http://www.freerainbowtables.com/.

I have tried, but when I paste a hash into the window and click on
submit, I get the message: 'no hash found'.  I could so far not find
out what format the hash must have to be accepted.

Regards
Johann

--
Johann Spies          Telefoon: 021-808 4036
Informasietegnologie, Universiteit van Stellenbosch

     "Do all things without murmurings and disputings:
      That ye may be blameless and harmless, the sons of
      God, without rebuke, in the midst of a crooked and
      perverse nation, among whom ye shine as lights in the
      world;"              Philippians 2:14,15


--
To UNSUBSCRIBE, email to [hidden email]
with a subject of "unsubscribe". Trouble? Contact [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Rainbow tables on Linux?

Bas Steendijk
Johann Spies wrote:

> On Fri, Oct 24, 2008 at 12:12:40PM +0200, Maciej Korze?? wrote:
>
>> You can crack hashes on-line for free at http://www.freerainbowtables.com/.
>
> I have tried, but when I paste a hash into the window and click on
> submit, I get the message: 'no hash found'.  I could so far not find
> out what format the hash must have to be accepted.
>
> Regards
> Johann
>

rainbow tables are useless (or near useless) against salted hashes (as
used in linux) so you can forget about cracking it this way.


--
To UNSUBSCRIBE, email to [hidden email]
with a subject of "unsubscribe". Trouble? Contact [hidden email]