SlideShare a Scribd company logo

Cracking Using Rainbow Tables

Download as PPTX, PDF
Rahul Sharma
Rahul Sharma

This ppt gives you the details how the passwords are stored in windows, how one can crack them and ways to avoid them

Technology
1 of 33
RAINBOW TABLES LM & NTLM HASHES By:- Rahul Sharma TE COMPUTERS T3224245
How Windows Store Passwords?? ,[object Object]
Old technology used on LAN Manager
NT hashes
Unicode password or MD4 hash
Used for authentication on more recent Windows systems,[object Object]
LM “Hash” Generation
how to create the hash
LM hashes
Overview
Proof that case doesn’t matter Password = E52CAC67419A9A22 4A3B108F3FA6CB6D PaSSwORd = E52CAC67419A9A22 4A3B108F3FA6CB6D Password1 = E52CAC67419A9A22 38F10713B629B565
NTLM HASHES Uses MD4 algorithm to create a hash of the mixed-case password Results in a 16 byte hash of the password (stored in the SAM…) Used for any password greater than 14 characters
NTLM HASH
Proof that case DOES matter Password = F15ABD57801840F3 348DDCCAFB677F6A PaSSwORd = 17504CE07C0A0D4A 1BD3A99A0821F957 Password1 = F9A3152D926F9FF8 98D0BAFBA0BFFD30
NTLM Hash Considerations Case preserving Maximum length = 127 characters Better Security than LM Hashes Number of ≤14-character password (full char set) ≈ 2.7*1067 Number of 127-character passwords ≈ 4.9*10611
ATTACKS ON PASSWORDS….
[object Object]
Types of Brute Force attacks: Online B.F. Offline B.F. ,[object Object],limit number of login attempts
Reduce Hash Hash Reduce Reduce
Algorithm followed:-
Hash Reduce Reduce Hash Reduce Hash Reduce Hash
IS THIS EFFECTIVE???
How to prevent rainbow tables from cracking passwords??
What is SALT?? Special text or code. It does password strengthening SOME FACTS:- ,[object Object]
This makes it possible to speed up password cracking with precomputed Rainbow Tables
LINUX uses SALT….,[object Object]
Linux Salts its Hashes

Recommended

دانلود رایگان فایل کد آموزشی داده کاوی خوشه بندی K-means در متلب
دانلود رایگان فایل کد آموزشی داده کاوی خوشه بندی K-means در متلبدانلود رایگان فایل کد آموزشی داده کاوی خوشه بندی K-means در متلب
دانلود رایگان فایل کد آموزشی داده کاوی خوشه بندی K-means در متلب
کتابخانه خانه متلب
 
E forensic series
E forensic seriesE forensic series
E forensic series
Kapp Edge Solutions Pvt Ltd
 
Data Storage and Security Strategies of Network Identity
Data Storage and Security Strategies of Network IdentityData Storage and Security Strategies of Network Identity
Data Storage and Security Strategies of Network Identity
Antiy Labs
 
Password Storage and Attacking in PHP
Password Storage and Attacking in PHPPassword Storage and Attacking in PHP
Password Storage and Attacking in PHP
Anthony Ferrara
 
Cryptography for Absolute Beginners (May 2019)
Cryptography for Absolute Beginners (May 2019)Cryptography for Absolute Beginners (May 2019)
Cryptography for Absolute Beginners (May 2019)
Svetlin Nakov
 
Password Storage And Attacking In PHP - PHP Argentina
Password Storage And Attacking In PHP - PHP ArgentinaPassword Storage And Attacking In PHP - PHP Argentina
Password Storage And Attacking In PHP - PHP Argentina
Anthony Ferrara
 
Iam r31 a (2)
Iam r31 a (2)Iam r31 a (2)
Iam r31 a (2)
SelectedPresentations
 
SAP hands on lab_en
SAP hands on lab_enSAP hands on lab_en
SAP hands on lab_en
Positive Hack Days
 

Recommended

دانلود رایگان فایل کد آموزشی داده کاوی خوشه بندی K-means در متلب
دانلود رایگان فایل کد آموزشی داده کاوی خوشه بندی K-means در متلبدانلود رایگان فایل کد آموزشی داده کاوی خوشه بندی K-means در متلب
دانلود رایگان فایل کد آموزشی داده کاوی خوشه بندی K-means در متلب
کتابخانه خانه متلب
 
E forensic series
E forensic seriesE forensic series
E forensic series
Kapp Edge Solutions Pvt Ltd
 
Data Storage and Security Strategies of Network Identity
Data Storage and Security Strategies of Network IdentityData Storage and Security Strategies of Network Identity
Data Storage and Security Strategies of Network Identity
Antiy Labs
 
Password Storage and Attacking in PHP
Password Storage and Attacking in PHPPassword Storage and Attacking in PHP
Password Storage and Attacking in PHP
Anthony Ferrara
 
Cryptography for Absolute Beginners (May 2019)
Cryptography for Absolute Beginners (May 2019)Cryptography for Absolute Beginners (May 2019)
Cryptography for Absolute Beginners (May 2019)
Svetlin Nakov
 
Password Storage And Attacking In PHP - PHP Argentina
Password Storage And Attacking In PHP - PHP ArgentinaPassword Storage And Attacking In PHP - PHP Argentina
Password Storage And Attacking In PHP - PHP Argentina
Anthony Ferrara
 
Iam r31 a (2)
Iam r31 a (2)Iam r31 a (2)
Iam r31 a (2)
SelectedPresentations
 
SAP hands on lab_en
SAP hands on lab_enSAP hands on lab_en
SAP hands on lab_en
Positive Hack Days
 
Stu r33 b (2)
Stu r33 b (2)Stu r33 b (2)
Stu r33 b (2)
SelectedPresentations
 
Advances in Open Source Password Cracking
Advances in Open Source Password CrackingAdvances in Open Source Password Cracking
Advances in Open Source Password Cracking
n|u - The Open Security Community
 
How-to crack 43kk passwords while drinking your juice/smoozie in the Hood
How-to crack 43kk passwords while drinking your juice/smoozie in the HoodHow-to crack 43kk passwords while drinking your juice/smoozie in the Hood
How-to crack 43kk passwords while drinking your juice/smoozie in the Hood
Yurii Bilyk
 
AUSOUG Oracle Password Security
AUSOUG Oracle Password SecurityAUSOUG Oracle Password Security
AUSOUG Oracle Password Security
Stefan Oehrli
 
Applied cryptanalysis - everything else
Applied cryptanalysis - everything elseApplied cryptanalysis - everything else
Applied cryptanalysis - everything else
Vlad Garbuz
 
扩展世界上最大的图片Blog社区
扩展世界上最大的图片Blog社区扩展世界上最大的图片Blog社区
扩展世界上最大的图片Blog社区
yiditushe
 
Fotolog: Scaling the World's Largest Photo Blogging Community
Fotolog: Scaling the World's Largest Photo Blogging CommunityFotolog: Scaling the World's Largest Photo Blogging Community
Fotolog: Scaling the World's Largest Photo Blogging Community
farhan "Frank"​ mashraqi
 
Kiwipycon command line
Kiwipycon command lineKiwipycon command line
Kiwipycon command line
Michael Hudson-Doyle
 
Ophcrack
OphcrackOphcrack
Ophcrack
Pakistan engineering university
 
Password hacking
Password hackingPassword hacking
Password hacking
Mr. FM
 
Kerberos, NTLM and LM-Hash
Kerberos, NTLM and LM-HashKerberos, NTLM and LM-Hash
Kerberos, NTLM and LM-Hash
Ankit Mehta
 
Modern Application Stacks
Modern Application StacksModern Application Stacks
Modern Application Stacks
chartjes
 
Memory access tracing [poug17]
Memory access tracing [poug17]Memory access tracing [poug17]
Memory access tracing [poug17]
Mahmoud Hatem
 
Module 8 System Hacking
Module 8 System HackingModule 8 System Hacking
Module 8 System Hacking
leminhvuong
 
Password hacking
Password hackingPassword hacking
Password hacking
Abhay pal
 
HackIM 2012 CTF Walkthrough
HackIM 2012 CTF WalkthroughHackIM 2012 CTF Walkthrough
HackIM 2012 CTF Walkthrough
Himanshu Kumar Das
 
Web Crypto
Web CryptoWeb Crypto
Web Crypto
karlvr
 
Techniques for password hashing and cracking
Techniques for password hashing and crackingTechniques for password hashing and cracking
Techniques for password hashing and cracking
Nipun Joshi
 
Forge blockchain deployment made easy
Forge blockchain deployment made easyForge blockchain deployment made easy
Forge blockchain deployment made easy
ArcBlock
 
Code is art
Code is artCode is art
Code is art
WorthingDigital
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
The Digital Insurer
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
RTylerCroy
 

More Related Content

Similar to Cracking Using Rainbow Tables

扩展世界上最大的图片Blog社区
扩展世界上最大的图片Blog社区扩展世界上最大的图片Blog社区
扩展世界上最大的图片Blog社区
yiditushe
 
Module 8 System Hacking
Module 8 System HackingModule 8 System Hacking
Module 8 System Hacking
leminhvuong
 
Password hacking
Password hackingPassword hacking
Password hacking
Abhay pal
 
Techniques for password hashing and cracking
Techniques for password hashing and crackingTechniques for password hashing and cracking
Techniques for password hashing and cracking
Nipun Joshi
 

Similar to Cracking Using Rainbow Tables (20)

Stu r33 b (2)
Stu r33 b (2)Stu r33 b (2)
Stu r33 b (2)
 
Advances in Open Source Password Cracking
Advances in Open Source Password CrackingAdvances in Open Source Password Cracking
Advances in Open Source Password Cracking
 
How-to crack 43kk passwords while drinking your juice/smoozie in the Hood
How-to crack 43kk passwords while drinking your juice/smoozie in the HoodHow-to crack 43kk passwords while drinking your juice/smoozie in the Hood
How-to crack 43kk passwords while drinking your juice/smoozie in the Hood
 
AUSOUG Oracle Password Security
AUSOUG Oracle Password SecurityAUSOUG Oracle Password Security
AUSOUG Oracle Password Security
 
Applied cryptanalysis - everything else
Applied cryptanalysis - everything elseApplied cryptanalysis - everything else
Applied cryptanalysis - everything else
 
扩展世界上最大的图片Blog社区
扩展世界上最大的图片Blog社区扩展世界上最大的图片Blog社区
扩展世界上最大的图片Blog社区
 
Fotolog: Scaling the World's Largest Photo Blogging Community
Fotolog: Scaling the World's Largest Photo Blogging CommunityFotolog: Scaling the World's Largest Photo Blogging Community
Fotolog: Scaling the World's Largest Photo Blogging Community
 
Kiwipycon command line
Kiwipycon command lineKiwipycon command line
Kiwipycon command line
 
Ophcrack
OphcrackOphcrack
Ophcrack
 
Password hacking
Password hackingPassword hacking
Password hacking
 
Kerberos, NTLM and LM-Hash
Kerberos, NTLM and LM-HashKerberos, NTLM and LM-Hash
Kerberos, NTLM and LM-Hash
 
Modern Application Stacks
Modern Application StacksModern Application Stacks
Modern Application Stacks
 
Memory access tracing [poug17]
Memory access tracing [poug17]Memory access tracing [poug17]
Memory access tracing [poug17]
 
Module 8 System Hacking
Module 8 System HackingModule 8 System Hacking
Module 8 System Hacking
 
Password hacking
Password hackingPassword hacking
Password hacking
 
HackIM 2012 CTF Walkthrough
HackIM 2012 CTF WalkthroughHackIM 2012 CTF Walkthrough
HackIM 2012 CTF Walkthrough
 
Web Crypto
Web CryptoWeb Crypto
Web Crypto
 
Techniques for password hashing and cracking
Techniques for password hashing and crackingTechniques for password hashing and cracking
Techniques for password hashing and cracking
 
Forge blockchain deployment made easy
Forge blockchain deployment made easyForge blockchain deployment made easy
Forge blockchain deployment made easy
 
Code is art
Code is artCode is art
Code is art
 

Recently uploaded

IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 

Recently uploaded (20)

Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 

Cracking Using Rainbow Tables