Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Free Rainbow Tables Looking For New Admin

kdawson posted about 5 years ago | from the all-the-colors dept.

Security 95

lee writes "After almost three years online, the admin of Free Rainbow Tables has decided to call it a day, citing a lack of time to keep it running. (I'm sure that you all know a rainbow table is essentially a giant list of precomputed hashes.) This is a shame, as the site is a useful resource for those occasions when you really need an existing password exposed, rather than simply changing it. I'm a Windows admin, and this site has come in very handy in the past. The currently computed tables weigh in at well over half a terabyte, are available as torrents from the site, or from a couple of mirrors (and alternatives are available). When the site was active, it featured a downloadable BOINC client to put your idle cycles to work computing ever-greater tables, and a space-saving format for storing the tables. The admin is willing to hand over source code if you wish to take over, though I suspect hosting is not included!"

cancel ×

95 comments

FIRST! (-1, Offtopic)

Anonymous Coward | about 5 years ago | (#28732125)

FIRST! (NZ censorship service SUCKS!)

You know you're hungry when (5, Funny)

goobermaster (1263770) | about 5 years ago | (#28732189)

The headline 'Free Rainbow Tables' makes you immediately think of a table covered in Skittles

Re:You know you're hungry when (2, Funny)

mycologistica (1517357) | about 5 years ago | (#28732669)

wish i could mod this 'tasty'

Re:You know you're hungry when (3, Funny)

Em Emalb (452530) | about 5 years ago | (#28732949)

think of a table covered in Skittles

Billy Mays here for Free Rainbow Tables dotcom. Have you ever needed a giant list of pre-computed hashes? Have you ever forgotten the password to that old Linux box sitting in the corner of the accounting department's coat closet? Then have I got just the thing for you! All you need to do is, and this part's amazing, is go to freerainbowtables.com, that's freerainbowtables.com, enter your hash-string, and voila, there's your password. It's so easy, a paraplegic blind deaf-mute could do it. That's Freerainbowtables.com.

I'm Billy Mays, and I say, if you don't use this product, the 5th spawn of the Great Satan himself will come to your house and rape your cat....a lot.

Re:You know you're hungry when (1)

slyn (1111419) | about 5 years ago | (#28733807)

You forgot to yell.

HI, BILLY MAYS HERE WITH A FANTASTIC NEW PRODUCT....

Filter fodder: "Filter error: Don't use so many caps. It's like YELLING."

Re:You know you're hungry when (2, Funny)

Chyeld (713439) | about 5 years ago | (#28733941)

Billy Mayes didn't yell. It seemed like it because, just like Chuck Norris, when he spoke the rest of the world knew the STFU.

Re:You know you're hungry when (1)

bertoelcon (1557907) | about 5 years ago | (#28733041)

It's good to know I wasn't alone.

Re:You know you're hungry when (1)

cstdenis (1118589) | about 5 years ago | (#28736277)

It makes me think of smarties you insensitive clod.

Re:You know you're hungry when (1)

Hurricane78 (562437) | about 5 years ago | (#28737177)

But if you were hungry, wouldn't you think of actual *food* instead? ^^

Support is pending (4, Insightful)

192939495969798999 (58312) | about 5 years ago | (#28732193)

I am sure that plenty of groups that may "need an existing password exposed" are interested in anonymously donating hosting for this project.

Re:Support is pending (2, Insightful)

nametaken (610866) | about 5 years ago | (#28732307)

Or pay-for-download and/or pay-for-lookup service, and keep the site online.

Re:Support is pending (1)

ebuck (585470) | about 5 years ago | (#28733033)

They already accept money to buy more credits for heavier access of their service. For those that are unwilling to pay in cash, they offer credits for populating their system with hashes through the use of their client.

Somehow I think that if money were the issue, they would just say they lack money instead of saying they lack time. Considering that they've had two upsets in the last two months, a lack of time sounds like an honest reason.

Re:Support is pending (1)

jDeepbeep (913892) | about 5 years ago | (#28733359)

Or pay-for-download and/or pay-for-lookup service, and keep the site online.

In such a case, they would clearly need to change their SLD name, to not have the word 'free' in it.

Re:Support is pending (2, Insightful)

CarpetShark (865376) | about 5 years ago | (#28733665)

I am sure that plenty of groups...are interested in anonymously donating hosting for this project.

You think? Personally, I think you'd have to be a glutton for punishment, to want to admin a site for people interested in rainbow tables.

Re:Support is pending (1)

jonadab (583620) | about 5 years ago | (#28739023)

> Personally, I think you'd have to be a glutton for punishment,
> to want to admin a site for people interested in rainbow tables.

If it were theoretical information about rainbow tables, how they're used, what implications they have for security, the effects of salt, which common systems use salt and which ones don't, and so on and so forth, the abuse the admin would take might not be so bad. I mean, you'd have some detractors, sure, but it would hopefully be manageable for the most part.

But yeah, a site that's basically just one great big rainbow table database, that's going to probably draw a lot of negative reactions. It's obvious to anyone who knows what a rainbow table is that the overwhelming majority use case is black-hat in nature. Even assuming the intentions of the administrator are pure, it's still undeniable that most of the users will be using the thing for illegitimate purposes. Sure, they could get the information elsewhere if the site didn't exist; the black-hat crowd always finds ways. Nonetheless, you'd clearly have to be the sort of person who doesn't mind getting hate mail.

Personally I have a hard time seeing how it could have enough legitimate uses, and sufficiently valuable ones, to be worth maintaining all those tables and the bandwidth costs, and everything, even setting aside the negative publicity. I don't blame the admin for wanting to throw in the towel.

I mean, really, how often is it that you lose a password, and changing it simply isn't good enough, you've really got to have that original lost password back unchanged? That happens, what, once in every eighty-seven trillion lost password cases? I'm not saying it couldn't ever come in handy, but I question whether such cases would be sufficiently common to justify the effort of maintaining the site. Honestly, I think the resources might be better spent in some other way.

Re:Support is pending (1)

highonv8splash (1054018) | about 5 years ago | (#28734741)

The computer club at Western Michigan University [wmich.edu] is entertaining the idea of hosting these tables, we've been in contact with the admin over there about the data and bandwidth requirements, and it looks like we have the resources needed to host them. Unfortunately we don't have a quorom to vote on the issue until the fall semester begins and the majority of our members are in town.

Reading Rainbow Tables (5, Funny)

MoldySpore (1280634) | about 5 years ago | (#28732249)

Buy the domain, contact LeVar Burton to help promote it, and post video testimonials on how great they work.

LeVar: "Crack passwords now! But you don't have to take my word for it..." *dun dun dunnn!*

Re:Reading Rainbow Tables (1)

Pezistential (1444245) | about 5 years ago | (#28733325)

Insightful Mod... that's funny... heh

OMG is that annoying... (1, Insightful)

sunking2 (521698) | about 5 years ago | (#28732287)

If you assume that everyone knows what it means then why are you telling us what it means knowing damned well that probably 99% of the audience doesn't actually know what it means, or cares for that matter. It makes you come across demeaning to the vast majority of people who could give a crap.

Re:OMG is that annoying... (5, Insightful)

Shikaku (1129753) | about 5 years ago | (#28732351)

News for Nerds.

Re:OMG is that annoying... (2, Funny)

baka_toroi (1194359) | about 5 years ago | (#28732401)

Shikaku wa sora, shikaku wa hiroi

Re:OMG is that annoying... (1)

geekoid (135745) | about 5 years ago | (#28732725)

Ok, there must be another meaning besides the literal translation.

Re:OMG is that annoying... (1)

Chyeld (713439) | about 5 years ago | (#28732799)

3.14 [youtube.com] from Cowboy Beebop, the movie. Ed doing what Ed does best, being odd and cute.

Re:OMG is that annoying... (1, Informative)

Chyeld (713439) | about 5 years ago | (#28732751)

Maruha medama
Maruha kirei
Kuroibudouno
Amaiagi

Sankakuha gikan
Sankakuha hayai
Sakana no shippono
Furuekata

Shikakuha Sora
Shikakuha Hirui
Hanawo kandera
Iinaoi

3.14159 2653589 7932384
626433 8327950 28841197 1693993
751582

.

circle is eyeball
circle is beautiful
blackberry's sweet taste

triangle is time
triangle is fast
the movement of fish's tail

square is sky
square is wide
it smells good when you smell flowers

3.14159 2653589 7932384 626433
8327950 28841197 1693993 751582

gi? kandera? naoi? (1)

Joseph_Daniel_Zukige (807773) | about 5 years ago | (#28736939)

"amai agi" as in soft "g"? Romanized by an Italian, maybe?

"hanawo kandara" would be when you bite flowers,
"hanawo kaidara" would be when you smell them.

"iina nioi" would be sloppy grammar, but "ii naoi"?

"ha" and "wo", while not standard, are more literal Romanizations of the two particles.

Some sort of dialect?

Author of a manga deliberately breaking rules?

Re:gi? kandera? naoi? (1)

Chyeld (713439) | about 5 years ago | (#28737033)

Or copied from the only shitty lyrics site I could find that didn't have malware shit going on or a lame javascript protecting the lyrics they ripped off someone else. ^_^

Attribute all errors to the editor, not the author.

Re:gi? kandera? naoi? (1)

Hurricane78 (562437) | about 5 years ago | (#28737207)

Uuum, every tried the option under "settings -> content -> extended..." in Firefox? Disable the right-click menu-hiding functionality, and you're good.

Oh, and Firebug always helps, when nothing else does.

Re:gi? kandera? naoi? (1)

Chyeld (713439) | about 5 years ago | (#28737573)

Was at work, with IE 6. Even without javascript it was a pain.

at work on IE6? (1)

Joseph_Daniel_Zukige (807773) | about 5 years ago | (#28751083)

Man. I hardly dare look at lyrics sites from behind a thick filter when I'm using any browser at all on MSWindows.

Re:gi? kandera? naoi? (1)

Joseph_Daniel_Zukige (807773) | about 5 years ago | (#28751125)

Actually, I was going to rip it apart, but, as I was going through the errors, I realized that the possibilities I suggested were, in fact, possibilities.

You'd be amazed at the deliberately non-standard Romanization I've seen in use by native Japanese who think it's cool to break rules. (And the particles I mentioned are actually fairly good evidence that it might indeed be cool to break the rules.)

And, while I don't know of specific dialects in which the odd pronunciations and grammar I pointed out are common, I have heard dialects that do similar strange things. Strange, until you think about it.

Anyway, that was not intended as a rip. Manga can really be strange, in an interesting sort of way. (Not meaning the soft porn, either.)

Re:OMG is that annoying... (3, Insightful)

RiotingPacifist (1228016) | about 5 years ago | (#28732423)

Because slashdot used to be a site for geeks, however recently anytime somebody uses a simple TLA/ETLA people start bitching that they don't know what it meant and they are too lazy to google and/or wikipeida it, so instead you get a stupid thread full of people who have !RTFA commenting on a subject that is of no interest to them, if it was they would have understood the TLA in TFS, this really annoys the few geeks that actually RTFA as it dilutes the comments. As a TFS contains redundant information to prevent people going "what are rainbow tables?", lets be honest if you're the kind of geek that has ever done any 'cracking' you knew what it mean, if you're not then you don't care.

p.s irony of this post not lost on me!

Re:OMG is that annoying... (4, Insightful)

Obfuscant (592200) | about 5 years ago | (#28732561)

lets be honest if you're the kind of geek that has ever done any 'cracking' you knew what it mean, if you're not then you don't care.

Let's be honest, I'm a kind of geek that has done cracking, but I don't devote my life to it. I've never heard the term "rainbow table" applied to the lists of precomputed hashes, so it was nice to have a simple hint that said "precomputed hashes", and I do care.

Re:OMG is that annoying... (1)

quelrods (521005) | about 5 years ago | (#28763925)

If you just mentally link rainbow table with precomputed hashes then you have missed the point entirely. Rainbow tables are an entirely new approach to the problem. It isn't simply storing every precomputed hash. It has a few advantages such as much less disk space is needed, much faster due to indexes as well as less to load from disk, etc. It's actually probabilistic in nature and does not guarantee 100% that a given hash is found. You may want to spend the time to read through the FAQ [freerainbowtables.com] if you are interested.

One interesting use involves prebuilt cd and dvd isos for windows LM *and* NTLM password recovery.

With a distributed project like Free Rainbow Tables, it gives people less and less chance to avoid learning what a salt is and I hope will lead to more education of programmers, admins, etc.

No matter how expensive the hash is in terms of computation, nothing beats a good hash that uses salts for storing passwords. Though, I'd like to websites stop storing plaintext passwords that they email to you for a password recovery :(

Re:OMG is that annoying... (0)

Anonymous Coward | about 5 years ago | (#28732579)

Because slashdot used to be a site for geeks, however recently anytime somebody uses a simple TLA/ETLA people start bitching that they don't know what it meant and they are too lazy to google and/or wikipeida it, so instead you get a stupid thread full of people who have !RTFA commenting on a subject that is of no interest to them, if it was they would have understood the TLA in TFS, this really annoys the few geeks that actually RTFA as it dilutes the comments. As a TFS contains redundant information to prevent people going "what are rainbow tables?", lets be honest if you're the kind of geek that has ever done any 'cracking' you knew what it mean, if you're not then you don't care.

p.s irony of this post not lost on me!

But what dose the "Theatre of the Living Arts"* have to do with anything?

*it was the first result on google for TLA.

Re:OMG is that annoying... (1)

sunking2 (521698) | about 5 years ago | (#28732607)

What was annoying was not the information, but the presentation. Modify the wording to be along the lines of 'For those unfamiliar, blah blah blah' and the summary changes from demeaning/belittling to those unfamiliar, to informative. This is the sort of thing that keeps the nerd in the corner by himself at a party :)

Re:OMG is that annoying... (1)

b4dc0d3r (1268512) | about 5 years ago | (#28732649)

People start bitching because it's a knee-jerk reaction at this point. We're trying to convince people that it takes less time for them to type 2-3 words explaining it than for thousands of people to Google it and figure out which of the many results are applicable based on context. Would you agree or disagree with this statement?

Also, just because I'm not familiar with it doesn't mean I won't find it interesting. Especially if I'm interested in it, and used them lots before someone invented a new name for it for no reason.

Re:OMG is that annoying... (1)

quelrods (521005) | about 5 years ago | (#28764063)

Please see my comment [slashdot.org] on the matter of "a new name for it for no reason."

If it was nothing but precomputed hashes then indeed it would not be very interesting as it is nothing new. However, it's quite a bit different as the lookups are probabilistic, not 1:1 look ups for is the hash there yes/no.

For that matter educating people to learn how to use salts with their hash for storing passwords is no where near complete even among savy geeks.

Re:OMG is that annoying... (0)

Anonymous Coward | about 5 years ago | (#28734997)

Why would you give a crap about X if you don't know what X is, and don't even care to look it up? There's a difference between not knowing something and being an ignorant, you are clearly the latter. Why did you get a Slashdot ID, do you collect memberships?

Re:OMG is that annoying... (0)

Anonymous Coward | about 5 years ago | (#28735541)

If you don't know what a rainbow table is, you aren't a nerd. That simple. You might be a gaming dork. Or a technology fan, but not a nerd.

Re:OMG is that annoying... (0)

Anonymous Coward | about 5 years ago | (#28735589)

anyone who knows anything about cracking passwords knows what a rainbow table is

Salts? (5, Informative)

Sir_Lewk (967686) | about 5 years ago | (#28732421)

I thought the prevelance of using salts with hashes obsoleted rainbow tables years ago.

Re:Salts? (3, Informative)

six (1673) | about 5 years ago | (#28732479)

Once you've reverted the hash back to salt+plaintext, it's *much* easier to remove the salt (often some string concatenated with the plaintext).

Re:Salts? (1)

Quantumstate (1295210) | about 5 years ago | (#28732563)

That would be true but with something like a 20 character salt the required rainbow tables to cut down the time to a reasonable level would take a ridiculous amount of storage. You could of course compile a set of rainbow tables for that specific salt but then you may as well give up on rainbow tables.

Re:Salts? (0)

Anonymous Coward | about 5 years ago | (#28732801)

the required rainbow tables to cut down the time to a reasonable level would take a ridiculous amount of storage.

.
like maybe "over half a terabyte"?

Re:Salts? (1)

ebuck (585470) | about 5 years ago | (#28733129)

Perhaps that's why they are offering to sell the entire set of indexed hashes for just under $600? (shipped on a 1.5 TB usb disk drive). Considering their relative lack of mark-up on the 1.5 TB usb disk drive, I don't get the impression that these guys were in it for the money.

Re:Salts? (1)

Otto (17870) | about 5 years ago | (#28734019)

Lack of markup? Last I checked, a USB 1.5TB drive was around $150, tops. Not $600.

http://www.newegg.com/Product/Product.aspx?Item=N82E16822148406 [newegg.com]

Re:Salts? (0)

Anonymous Coward | about 5 years ago | (#28736325)

You try buying 1.5tb worth of useful data from (a company/companies) who're "in it for the money", see how much it costs. My bet is more than $450.

Re:Salts? (0)

Anonymous Coward | about 5 years ago | (#28736865)

Depends on brand choice and features:

http://www.i-store.com.au/product/?CategoryID=11&productid=7842 [i-store.com.au] (AU$669 ~= US$537.00).

Though he's using a OneTouch 4 apparently.

After including the cost of worldwide free shipping, there's not much margin on top of that that'll be donated to running the site.

Re:Salts? (1)

Quantumstate (1295210) | about 5 years ago | (#28739285)

No the tables they are selling on those disks would not cope with a 10 character password. They have a 12 character table listed but that is for pure numeric, the rest have a maximum of 9 characters. Using the calculator http://www.insidepro.com/rainbow.php [insidepro.com] you can see that to get tables for a 16 character password (which is still a lot less that a password + 20 character salt) you would need more hard disk space than you could expect to be able to buy (several orders of magnitude more). So that leaves the possibility of generating your own tables for that salt and with a proper setup with a unique salt for each password hash then using a rainbow table would not help you since every single password would need a new set of rainbow tables.

Re:Salts? (0)

Anonymous Coward | about 5 years ago | (#28732589)

Can you explain what you are talking about? Trying to give you the benefit of a doubt considering your low UID.

Re:Salts? (4, Insightful)

zindorsky (710179) | about 5 years ago | (#28732795)

Once you've reverted the hash back to salt+plaintext, it's *much* easier to remove the salt (often some string concatenated with the plaintext).

Often? That's the definition of salt.

Also, rainbow tables don't revert the hash back to salt+plaintext. Rainbow Tables don't work if salt was (correctly) used. Well, I guess you could make a set of RTs for every possible salt value ... if you have an ice age or two to wait.

Re:Salts? (2, Informative)

l0b0 (803611) | about 5 years ago | (#28732541)

Using salts with hashes obsoleted rainbow tables years ago (if you know what you're doing).

There, corrected it for you.

Re:Salts? (4, Insightful)

RiotingPacifist (1228016) | about 5 years ago | (#28732713)

The site host/cracked NTLM LM MD5

NTLM is still used in the following situations:
* The client is authenticating to a server using an IP address.
* The client is authenticating to a server that belongs to a different Active Directory forest, or doesn't belong to a domain.
* No Active Directory domain exists (commonly referred to as "workgroup" or "peer-to-peer").
* Where a firewall would otherwise restrict the ports required by Kerberos (of which there are quite a few)

So kids getting their teeth wet on home networks, which probably explains why its not being supported. MD5 is still used by applications that arn't quite sure what they are doing/can't do much more e.g grub, im clients, etc.

Lookup tables are still useful in cracking WPA [renderlab.net]

Re:Salts? (1, Informative)

Anonymous Coward | about 5 years ago | (#28733301)

NTLMv1 maybe, but NTLMv2 closed that hole and doesn't use LM hashes.

It took a few years for the default to be *not* to send the v1 hash, but it has been now since 2003 server (which is why you used to get the problem that early samba implementations don't work with newer windows domains.. the 'workaround' given was to shaft the security of the network, although these days I'd just upgrade samba).

Re:Salts? (1)

quelrods (521005) | about 5 years ago | (#28764197)

AFAIK Vista is the first windows to completely remove LM hashes as the default. Other than that you had to use a password of a certain length to prevent LM hash creation, 16 characters if memory serves me correctly.

Re:Salts? (1)

SPBesui (687868) | about 5 years ago | (#28740161)

"Getting their teeth wet"? I think you mean "getting their feet wet" or "cutting their teeth." Or this is some new expression I'm not familiar with.

Re:Salts? (1)

quelrods (521005) | about 5 years ago | (#28764175)

"im clients, etc."

Ha! Seems IM clients tend to just store the passwords plaintext so even unsalted MD5 would be an improvement over the status quo.

Re:Salts? (1)

Chabo (880571) | about 5 years ago | (#28732735)

Just because better security exists does not mean that people use it.

I use a properly secure passphrase on my credit card's website, but on accounts that aren't as critical (Slashdot), I use a simpler password.

P.S.: It's "hunter2".

Re:Salts? (1)

Em Emalb (452530) | about 5 years ago | (#28733391)

P.S.: It's "*******".

We don't see your actual password. The website obfuscates it. All we see is ********.

Re:Salts? (1)

Dewin (989206) | about 5 years ago | (#28733945)

Really? Let me try it.

My password is gj23os5k.

Re:Salts? (5, Informative)

zindorsky (710179) | about 5 years ago | (#28732737)

I thought the prevelance of using salts with hashes obsoleted rainbow tables years ago.

True. Correctly salting your password hashes will make rainbow tables useless.

But ... Guess which system still doesn't salt passwords? Windows!

Re:Salts? (1)

Auntie Virus (772950) | about 5 years ago | (#28732871)

MMMM Salty Hasssssh

Re:Salts? (1)

petermgreen (876956) | about 5 years ago | (#28739909)

IIRC up to XP (which is still the most common version in buisnesses afaict) windows was still generating relatively weak lm hashes by default.

Re:Salts? (1)

quelrods (521005) | about 5 years ago | (#28764147)

Unfortunately not. Programmers and sysadmins alike only sort of seem to know what a salt is. Look at how often an application stores passwords plaintext or with a simple md5 and you'll be happier not knowing. For that matter I seem to recall that buffer overflows were discovered decades ago and yet plenty of new code continues to suffer from the flaw.

One very interesting place that unsalted hashes seem to stick around are old LDAP directories. I've seen ones with combinations of: MD5, SMD5, SHA, SSHA, and crypt/des. Also, lets say that the LDAP directory only uses SSHA *but* also provides NTLM hashes for windows authentication such as PDC or BDC, well then who cares about the salted sha1 when you can attack the NT hash much faster.

For that matter only starting with Windows Vista are LM hashes *not* enabled by default. So while 2000, XP, 2003, etc. store the NT hash, storing the LM hash too means no one bothers to crack the NT hash.

One very good use for rainbow tables like md5 and sha1 are to at least get LDAP directories migrated to a salted variant. Good luck getting all your users to change their password or even remember it since they probably just have it saved in a browser.

pluS 3, Troll) (-1, Troll)

Anonymous Coward | about 5 years ago | (#28732427)

Only MD5/LM/NTLM? (4, Informative)

AmiMoJo (196126) | about 5 years ago | (#28732435)

I was expecting more tables than just MD5 and two types of Windows passwords. You can already download the Ophcrack DVD to do Windows passwords with rainbow tables.

Renderlab offer wifi WPA rainbow tables: http://www.renderlab.net/projects/WPA-tables/ [renderlab.net] . I hope whoever takes over takes note of projects like that, and tries to expand the range of tables available.

Re:Only MD5/LM/NTLM? (1)

quelrods (521005) | about 5 years ago | (#28764425)

There is some SHA1 as well via the download mirrors in TFA.

Though, I agree and wouldn't mind to see some old style mysql hashes for instance. It's amazing how few databases actually use the new form. The new form is SHA1 twice with no salt. (Hey more unsalted fodder for rainbow tables.) I don't know if anything else uses this method but I know bad things (TM) can happen when people just create new schemes like double hashing or double encryption. (3DES was suppose to be 168 bits (56 * 3) but turns out to be only 112 bits of security.)

why Rainbow Tables when there is KonBoot? (4, Interesting)

sammyF70 (1154563) | about 5 years ago | (#28732477)

If you need a password to access an account in windows (or linux for that matter), just use Kon-boot [piotrbania.com] instead of messing around with rainbow tables.

Re:why Rainbow Tables when there is KonBoot? (1)

NiteMair (309303) | about 5 years ago | (#28732647)

Thanks for the eyestrain - after staring at that page for a few minutes I have a headache.

Re:why Rainbow Tables when there is KonBoot? (1)

sammyF70 (1154563) | about 5 years ago | (#28732743)

No problem. At least it's not a white font on a black screen :P Not that I have anything to do with Kon-Boot anyway.

KonBoot - NSFW (0)

Anonymous Coward | about 5 years ago | (#28732759)

watch out for that animated gif up top. let it cycle to something less offensive and hit Esc and/or scroll down a few lines.

looks like a great tool.

Re:KonBoot - NSFW (1)

kayditty (641006) | about 5 years ago | (#28746877)

I've got image.animation_mode set to "once" in firefox.

Re:why Rainbow Tables when there is KonBoot? (2, Informative)

Rich0 (548339) | about 5 years ago | (#28732797)

I can't imagine that a tool like this would allow you to authenticate to the domain controller. Cracking the hash cached on the local system would.

Unless windows is so insecure that the domain controller just takes the local workstation's word that you successfully logged in. I can't imagine such a design lasting this long. If it did you could get the machine's key off the local hard drive and then authenticate as anybody over the network.

Re:why Rainbow Tables when there is KonBoot? (2, Informative)

silent_artichoke (973182) | about 5 years ago | (#28733873)

The local machine caches the credentials. We see this with laptop users. They have to be connected to the network here to log on the first time, then they can take it home and log in just fine without a network connection. If they change their password on their work desktop, the laptop still uses the old one until they try to log into the account again while connected to the network. So, the domain controller does not take the local machine's word for it, but the local machine does not necessarily check in with the domain controller.

Re:why Rainbow Tables when there is KonBoot? (1)

sammyF70 (1154563) | about 5 years ago | (#28734155)

Yep. As far as I understand it, Kon-Boot will only allow you to gain root to any computer to which you have *physical* access. So no domain controllers

Re:why Rainbow Tables when there is KonBoot? (1)

Rich0 (548339) | about 5 years ago | (#28735387)

Does the local machine actually cache the network credentials between sessions? I thought that it only kept a hash so that it could verify that a password is valid, but that unless the password itself were supplied it couldn't log into the domain controller.

If it did cache the actual credentials, then why would we need to crack hashes in the first place? Why not just use the stored credential?

Re:why Rainbow Tables when there is KonBoot? (1)

silent_artichoke (973182) | about 5 years ago | (#28755339)

One more time with paragraph breaks...

I think you are correct. The users are able to log into the laptop with the old password as long as they want until they connect to a network. Then the laptop tries to authenticate the password with the domain controller. If it is not the same password as on the domain controller, you get the usual bad username/password error. If you know the old password, you can log in at any time as long as you don't connect to a network. As a bonus, if you connect to a network that is too far removed (expiring TTL, behind a router with strict rules, etc.) you get the wonderful "unable to find the domain controller" error.

As far as I can tell, the full credentials would need to be cached so that once logged in, you can still access your files via permissions. I'm not really sure how it works past that point as I have not done any real testing, just observations based on irate users who are unable to log in to their computer from home because I forgot to have them log in first at work.

Re:why Rainbow Tables when there is KonBoot? (0)

Anonymous Coward | about 5 years ago | (#28735659)

Definitely won't work if you're actively connected to a domain. No EFS access either.

But, it will work if you log-in to a domain profile with cached creds.

Re:why Rainbow Tables when there is KonBoot? (2, Informative)

querist (97166) | about 5 years ago | (#28734571)

Granted, EFS (Encrypted File System - the "encrypt" option on NTFS) isn't the greatest, but it's there, it's included with Windows (and thus, perceived as "free as in beer"), and people use it.

Kon-Boot will grant you access to the account, but not to anything that the user encrypted using EFS. I have just tested this today to be sure before posting.

That is one reason why people would want to know the current password rather than just bypass the password, though Kon-Boot certainly still has its uses.

Re:why Rainbow Tables when there is KonBoot? (1)

kayditty (641006) | about 5 years ago | (#28746903)

it's very trivial to crack windows hashes or change the password on any operating system if you have physical access, but the first contingent case I thought of was an encrypted filesystem. I initially assumed that any encryption would be separate from login credentials, and most users would probably remember their passphrase or have a USB key for decryption or whatever, but I wasn't aware of the NTFS offering which, according to you, ties login credentials to the encryption key. that sounds like a really inteesting system.

Re:why Rainbow Tables when there is KonBoot? (1)

querist (97166) | more than 4 years ago | (#28896625)

It works quite well against the casual attacker, and even a bit against a more skilled attacker.

I would try to summarize, but instead here is what i think is the best brief summary

http://www.petri.co.il/how_does_efs_work.htm

The super-short summary is as follows:

It uses your certificate (automatically generated if not available) and the recovery agent (if it exists) certificate to generate a File Encryption Key, which is then used to encrypt the data. Then a special header is added to the file which contains the File Encryption Key encrypted with your certificate and with the Recovery Agent's certificate (if it exists).

It is similar, in that way, to how PGP works.

The encryption algorithm itself for the file is DESX.

The "cool" thing about it is that it is completely transparent to the end user other than checking a little box one on the Properties dialog that says "encrypt". From then on, you have little to no idea that it's happening.

However, when it fails, it's a major pain.

Re:why Rainbow Tables when there is KonBoot? (0)

Anonymous Coward | about 5 years ago | (#28736183)

Hey it works on Ubuntu. I forgot my root password for that the moment I installed it.

rainbows@home (0)

Anonymous Coward | about 5 years ago | (#28732523)

Talk about a distributed computing idea.

Re:rainbows@home (1, Funny)

Anonymous Coward | about 5 years ago | (#28732567)

Well, duh... that's what the site was doing.

Tiny tables? (1)

x78 (1099371) | about 5 years ago | (#28732543)

The currently computed tables weigh in at well over half a terabyte

Is that actually a lot? I mean that's half of one cheap hard drive, unless it's purely the computational time to generate 500GiB of Rainbow Tables that's impressive here, and if that's the case would it not be better advertising it as such?

Re:Tiny tables? (0)

Anonymous Coward | about 5 years ago | (#28733025)

The problem is compute time, and the bandwidth to host them once computed.

Whoops (4, Insightful)

neokushan (932374) | about 5 years ago | (#28732761)

Slashdotting the site really isn't helping to keep it online.

rainbow table? (2, Informative)

spottedkangaroo (451692) | about 5 years ago | (#28732837)

I'm sure a huge precomputed hash database is handy and everything, but are we sure that's what a rainbow table is? I tried very hard to make sense of the Oechslin paper on rainbow attacks and it doesn't mention anything about pre-computing individual hashes. It's about reconstructing cipher chains (or something like that). Perhaps the term has just become diluted over the years. Seems wrong to me.

Re:rainbow table? (1)

caramelcarrot (778148) | about 5 years ago | (#28733485)

You have to pre-generate and store the chains.

Re:rainbow table? (1)

quelrods (521005) | about 5 years ago | (#28764219)

Yes, the paper is not very clear. The FAQ on freerainbowtables.com comes complete with some diagrams. You are certainly correct that rainbow tables are not just huge precomputed hash databases. Unfortunately, it seems most slashdotters cannot be bothered to actually educate themselves and just like to state that its a term to describe something very basic and old.

Not exactly (1, Informative)

Anonymous Coward | about 5 years ago | (#28733319)

(I'm sure that you all know a rainbow table is essentially a giant list of precomputed hashes.)

The whole point of a rainbow table is that it's not a giant list of pre-computed hashes, though those do exist also. It is a large table, but it's not simply a one-to-one dictionary of plaintext and hashes.

Anyhoo, though RTs are still valid, they are becoming much less useful as an attack method.

ho8o (-1, Redundant)

Anonymous Coward | about 5 years ago | (#28734743)

Lov3 o7 two is

Donate Hosting.. (1)

resorb (952476) | about 5 years ago | (#28734755)

Resorb Networks, Inc ( www.resorb.net [resorb.net] ) would donate hosting...

Re:Donate Hosting.. (1)

resorb (952476) | about 5 years ago | (#28734827)

nvm, I doubt we would have the computing power to accomplish this enormous task.
Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...