Free Rainbow Tables Looking For New Admin

← Back to Stories (view on slashdot.org)

Free Rainbow Tables Looking For New Admin

Posted by kdawson on Friday July 17, 2009 @05:24AM from the all-the-colors dept.

lee writes "After almost three years online, the admin of Free Rainbow Tables has decided to call it a day, citing a lack of time to keep it running. (I'm sure that you all know a rainbow table is essentially a giant list of precomputed hashes.) This is a shame, as the site is a useful resource for those occasions when you really need an existing password exposed, rather than simply changing it. I'm a Windows admin, and this site has come in very handy in the past. The currently computed tables weigh in at well over half a terabyte, are available as torrents from the site, or from a couple of mirrors (and alternatives are available). When the site was active, it featured a downloadable BOINC client to put your idle cycles to work computing ever-greater tables, and a space-saving format for storing the tables. The admin is willing to hand over source code if you wish to take over, though I suspect hosting is not included!"

12 of 95 comments (clear)

Min score:

Reason:

Sort:

You know you're hungry when by goobermaster · 2009-07-17 05:31 · Score: 5, Funny

The headline 'Free Rainbow Tables' makes you immediately think of a table covered in Skittles
Support is pending by 192939495969798999 · 2009-07-17 05:31 · Score: 4, Insightful

I am sure that plenty of groups that may "need an existing password exposed" are interested in anonymously donating hosting for this project.

--
stuff |
Reading Rainbow Tables by MoldySpore · 2009-07-17 05:36 · Score: 5, Funny

Buy the domain, contact LeVar Burton to help promote it, and post video testimonials on how great they work.
LeVar: "Crack passwords now! But you don't have to take my word for it..." *dun dun dunnn!*

--
"I hope you know how very lucky you are to know me, because I am so incredibly incredible."
Re:OMG is that annoying... by Shikaku · 2009-07-17 05:41 · Score: 5, Insightful

News for Nerds.
Salts? by Sir_Lewk · 2009-07-17 05:47 · Score: 5, Informative

I thought the prevelance of using salts with hashes obsoleted rainbow tables years ago.

--
"linux is just DOS with a UNIX like syntax" -- Galactic Dominator (944134)
1. Re:Salts? by RiotingPacifist · 2009-07-17 06:09 · Score: 4, Insightful
  
  The site host/cracked NTLM LM MD5
  
  NTLM is still used in the following situations:
  * The client is authenticating to a server using an IP address.
  * The client is authenticating to a server that belongs to a different Active Directory forest, or doesn't belong to a domain.
  * No Active Directory domain exists (commonly referred to as "workgroup" or "peer-to-peer").
  * Where a firewall would otherwise restrict the ports required by Kerberos (of which there are quite a few)
  So kids getting their teeth wet on home networks, which probably explains why its not being supported. MD5 is still used by applications that arn't quite sure what they are doing/can't do much more e.g grub, im clients, etc.
  Lookup tables are still useful in cracking WPA
  
  --
  IranAir Flight 655 never forget!
2. Re:Salts? by zindorsky · 2009-07-17 06:10 · Score: 5, Informative
  
  I thought the prevelance of using salts with hashes obsoleted rainbow tables years ago.
  True. Correctly salting your password hashes will make rainbow tables useless.
  But ... Guess which system still doesn't salt passwords? Windows!
  
  --
  If the geiger counter does not click, the coffee, she is not thick.
3. Re:Salts? by zindorsky · 2009-07-17 06:14 · Score: 4, Insightful
  
  Once you've reverted the hash back to salt+plaintext, it's *much* easier to remove the salt (often some string concatenated with the plaintext).
  Often? That's the definition of salt.
  Also, rainbow tables don't revert the hash back to salt+plaintext. Rainbow Tables don't work if salt was (correctly) used. Well, I guess you could make a set of RTs for every possible salt value ... if you have an ice age or two to wait.
  
  --
  If the geiger counter does not click, the coffee, she is not thick.
Only MD5/LM/NTLM? by AmiMoJo · 2009-07-17 05:48 · Score: 4, Informative

I was expecting more tables than just MD5 and two types of Windows passwords. You can already download the Ophcrack DVD to do Windows passwords with rainbow tables.
Renderlab offer wifi WPA rainbow tables: http://www.renderlab.net/projects/WPA-tables/ . I hope whoever takes over takes note of projects like that, and tries to expand the range of tables available.

--
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
why Rainbow Tables when there is KonBoot? by sammyF70 · 2009-07-17 05:52 · Score: 4, Interesting

If you need a password to access an account in windows (or linux for that matter), just use Kon-boot instead of messing around with rainbow tables.

--
"DRM is like the Ford Pinto: it's a smooth ride, right up the point at which it explodes and ruins your day."-C.Doctorow
Re:OMG is that annoying... by Obfuscant · 2009-07-17 05:58 · Score: 4, Insightful

lets be honest if you're the kind of geek that has ever done any 'cracking' you knew what it mean, if you're not then you don't care.
Let's be honest, I'm a kind of geek that has done cracking, but I don't devote my life to it. I've never heard the term "rainbow table" applied to the lists of precomputed hashes, so it was nice to have a simple hint that said "precomputed hashes", and I do care.
Whoops by neokushan · 2009-07-17 06:11 · Score: 4, Insightful

Slashdotting the site really isn't helping to keep it online.

--
+1 IDisagreeSoHeMustBeATrollOrAnAstroturferOrAShill