Posts

Showing posts from January, 2009

Too much optimization

I just found a major bug in my dictionary based rainbow table program. The MD4 hashing algorithm I was using for NTLM, (though thank god not MSCACHE), passwords does not work for passwords over 14 characters long. I discovered this when attempting to build a table to crack strong, (16+ character) passwords. I'm kicking myself because this limitation was documented in the actual code. The fix is easy enough, (if > 14 then use old hashing algorithm), but going back it really messed up some of my older ntlm tables, (aka the old tables were generated using incorrect hashes for 15+ characters, so if I start hashing them correctly the old tables break). Normally at this point I would just change the version number of my new tables, (I tried to build some future proofing into my setup), but this also explains why my program was crashing on some other computers I was testing it on. Aka, on my development desktop it would just give garbage for those long passwords, while on my mac it giv

Dictionary Based Rainbow Tables

I'll be officially releasing drcrack at shmoocon  but I'd like to spend a bit of time talking about it first. If you want to obtain the code or some of our pre-generated tables feel free to pick them up here . The short explanation of it is that drcrack is a modified version of the rainbow table generation program rcrack. It allows an attacker to create rainbow tables based on dictionary words and mangling rules. What does this mean? Well against unsalted hashes it will allow an attacker to save their work and reuse it on future cases, reducing the time it takes to audit a password from days/weeks/months down to minutes. This gives the attacker the opportunity to try much more sophisticated mangling rules. I've been working on this project off and on for about a year and a half, and it's been fun watching it evolve. Originally it was very limited in the dictionary/word mangling rule selection as I tried to minimize the time it takes to select the proper rule to use for