What is Password Salting?

Salting generally just appends a string to your password prior to it being ran through the hashing algorithm.Salting makes it so rainbow tables are no longer effective.
Using Salt: %3jU
MD5 Hashes with salted passwords
However, not even 830 Billion is enough for this rainbow table to find any of these common passwords now.
The salt-string should be randomly generated for each entry, and housed in a separate table just to make things more difficult

Reference: The rainbow table I am using above isHashkiller.co.uk: which boasts of over 830 BILLION unique decrypted MD5 hashes since 2007. 

Comments

Post a Comment

Popular posts from this blog

Cisco ACI - Logging in from Postman Using the API

Image
 Most Network Engineers I know are like me, and are largely stuck in our ways of using the CLI. Cisco ACI is almost entirely GUI-based and really there isn't much you can do via the CLI.  Tasks that used to be so simple are now increasingly time-consuming. For Example; I had to configure an access port last week and it took me 10 minutes to get all the options correctly selected before I was done configuring the port. What used to be an easy procedure, whether manual or not, is now far more complicated, with several steps that can be easily missed.  To that end: I've started using the Postman Collection Runner to ensure I'm not missing any of the steps needed to complete these tasks.  Anyway, the first step to using the API is knowing how to get the API Token, which I'll now go over using Cisco's sandbox APIC found at sandboxapicdc.cisco.com. Open Postman, and click "+New Collection." Name it whatever name you prefer, and click "Create". Under yo...
Read more

Cisco Nexus - vPC Peer-Switch

Image
The vPC Peer-Switch feature allows a pair of vPC peer devices to appear as a single logical Spanning Tree Protocol root. With vPC Peer-Switch enabled downstream devices see both switches as the STP root. Without vPC Peer-Switch enabled downstream devices still have to funnel Layer 2 traffic via the STP root using the traditional STP traffic flow. The main advantage of vPC peer-swtich is the improvement in term of convergence time during vPC primary peer device failure/recovery.    Without vPC peer-switch feature vPC primary peer device failure and recovery can create around 3 seconds of traffic disruption  With vPC peer-switch traffic disruption is lowered to sub-second value  This is since peer device down an up events do not generate any Rapid Spanning Tree Protocol Sync behavior, because, there is no logical change in the L2 topology. Things to keep in mind: It is a Cisco recommended best practice to activate vPC peer-switch within a vPC environment. vPC peer-swit...
Read more

HTB Writeup - Netmon

Image
Netmon is an "Easy" difficulty Machine on hackthebox.eu First Step: Nmap Scan of the Machine nmap -n -v -Pn -p- -A --reason -oN netmon-10.10.10.152.txt 10.10.10.152 Pretty clearly a Windows Machine. Primary areas of opportunity: FTP/21, HTTP/80, SMB/445 21/tcp open ftp syn-ack ttl 127 Microsoft ftpd 80/tcp open http syn-ack ttl 127 Indy httpd 18.1.37.13946 (Paessler PRTG bandwidth monitor) 135/tcp open msrpc syn-ack ttl 127 Microsoft Windows RPC 139/tcp open netbios-ssn syn-ack ttl 127 Microsoft Windows netbios-ssn 445/tcp open microsoft-ds syn-ack ttl 127 Microsoft Windows Server 2008 R2 - 2012 microsoft-ds 5985/tcp open http syn-ack ttl 127 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP) 47001/tcp open http syn-ack ttl 127 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP) 49664/tcp open msrpc syn-ack ttl 127 Microsoft Windows RPC 49665/tcp open msrpc syn-ack ttl 127 Microsoft Windows RPC 4...
Read more