Crack a Password Using a Rainbow Table: Part 1

Hello, world. I’m Zanidd and welcome to the Hands On Password Cracking and Security course on Code Red. In this section, we will discuss rainbow table attacks. In this lesson, we’re going to generate our first rainbow table and use it to crack passwords. A little disclaimer upfront. Since I don’t want to waste your time with creating a huge rainbow tables or downloading them, we’re going to crack easy passwords. You can then further use the knowledge and tools to create a more sophisticated table and use it for stronger passwords. So what do I mean by simple passwords? We’re going to create a rainbow table for passwords consisting of exactly four numbers.

I have provided you with a couple of passwords to crack with this table. Additionally, each password is present twice. Once to crack it with a brute force attack, and once to crack it with the rainbow table. This way, you can compare the two. Of course, this is not a real scenario, and the results may differ when using strong passwords. Now let’s go on to create a table.

To create a rainbow table, use the tool rtgen. Since the passwords I provided are MD5, choose the MD5 hash functions. Set the charset to numeric, since all passwords are numbers. And for the charmin and charmax amount, select four, since they’re all exactly four characters. The rest you can just copy and use it to your discretion, and tweak a little bit with it if you don’t get the results that you want. But basically, we are creating a tonne of chains with all the hashes in it.

Now I’ve created the rainbow table.