Hi, im wondering does any here have any tips for creating rainbow tables for SHA-1.
I read a good tutorial here

http://www.antsight.com/zsl/rainbowcrack/rcracktutorial.htm


But was looking for some more information, i.e is there any tricks for creating the tables quicker.

Apreciate any help given :)

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=274640#post895672) by FcKgW
i.e is there any tricks for creating the tables quicker.
Yes, use more computers.. Each calculating part of the total table.

cheers for your reply, however i only have 1 crappy dell so i guess it will probaly take a year or so.
I just thought there might have been a way to create them quicker.

Hi

I like those rainbow-table questions...

FcKgW, I guess you want to be able to "crack"
SHA-1 hashes of passwords at 100%. Nowadays,
I would say it is fair to assume that passwords have
a length of 8 with an alphabet of 80 characters
(a-z, A-Z, 0-9,<,>,!,+, ...).

So you have (more than) 80^8 possible passwords.
Say, you are able to calculate 1'000'000 SHA-1 hashes
per second. A year has 3600*24*365= 31'536'000
seconds.

It will still take you 53 years. Follow SirDice's advice...

...and then, you have not taken into account that
often passwords are salted prior to storage.

Cheers.

sec_ware......tooo......many.....numbers.....*faints*....lol
that's a long time for a complete table

Use FPGAs so you can do it all in parralel, although a nice Xilinx Virtex-4 will set you back a couple of grand...

i2c

A good trick with Rainbow tables is to disregard the following chars: , . / ; ' [ ] \ < > ? : " { } |

I did this with my rainbow tables and it only took about 2 months on 3 different computers.
Make sure your charset looks like the following:

alpha-numeric-symbol14-space = [ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()-_+= ]

also you will create 6 tables with 4 rows each. When I did this I get about an 80-95% of cracking 100 complex passwords within an hour.

your table format will look something like this:

lm_alpha-numeric-symbol14-space#1-7_(table#)_5400x67108864_1(row#).rt

Hope this helps!
-wow finally i get to put my 2 cents in!

I have never delt with rainbow tables before, just dictionary and brute forcing. Are rainbow tables better?

They are much better... its the basis of Time-Memory Trade-Off. Personally I like Rainbow, but you have to be able to pull in the pw hash's which require you to be and admin. I use it at work to make sure that our users are following company policy with their passwords. If you are trying to do something illegal then do not use rainbow, it is an admin tool not a hxor tool.

Thanks for your advice C4573R 7R0Y, ill keep at it, its going to take ages but in the long run its much better.

is there any tricks for creating the tables quicker.

Yes, use more computers

however i only have 1 crappy dell

I would say it is fair to assume that passwords have
a length of 8 .................

...............It will still take you 53 years.

Thanks for your advice ................. I'll keep at it, its going to take ages

going to take ages :rofl:
god loves an optimist :D

just in case somone reading wants a tut on this, there is a top notch one here (http://www.antionline.com/showthread.php?s=&threadid=257366) by 3rr0r

Found this cool site site which cracks SHA-1 hashes.
Currently it only cracks dictionary words but they will have the rainbow tables finished soon.
http://passcrack.spb.ru/index.php?name=SHA1Crack

Do you know of any good tutorials on doing this?

If you mean creating the tables then i was using this one

http://www.antsight.com/zsl/rainbowcrack/rcracktutorial.htm