160 Chapter 7 ■ Gaining Access to a System
With all the hashes generated ahead of time, it becomes a simple matter to compare the
captured hash to the ones generated, typically revealing the password in a few moments.
Of course, there’s no getting something for nothing, and rainbow tables are no excep-
tion. The downside of rainbow tables is that they take time. It takes a substantial period of
time, sometimes days, to compute all the hash combinations ahead of time. Another down-
side is that you can’t crack passwords of unlimited length, because generating passwords of
increasing length takes more time.Generating Rainbow Tables
You can generate rainbow tables many ways. One of the utilities you can use to perform
this task is winrtgen, a GUI-based generator. Supported hashing formats in this utility
include all of the following:
■ Cisco PIX
■ FastLM
■ HalfLMChall
■ LM
■ LMCHALL
■ MD2
■ MD4
■ MD5
■ MSCACHE
■ MySQL323
■ MySQLSHAl
■ NTLM
■ NTLMCHALL
■ OR ACLE
■ RIPEMD-160
■ SHA1
■ SHA-2 (256), SHA-2 (384), SHA-2 (512)EXERCISE 7.2Creating Rainbow TablesLet’s create a rainbow table to see what the process entails. Keep in mind that this process
can take a while once started.