What is a Rainbow Table?

It's a lookup table for well known passwords. For the example below the rainbow table holds the plain-text and MD5 hashed format of many passswords for quick queries.
The rainbow table I am using is Hashkiller.co.uk: which boasts of over 830 BILLION unique decrypted MD5 hashes since 2007.
Here are 3 common passwords and their corresponding hashes.
MD5 Hashes with plain-text passwords
When entering in the hashes it queries then against its rainbow table and shows that all 3 were quickly found.Image NameObviously this isn't secure enough yet, and this leads us into the need for salting.

Comments

Post a Comment

Popular posts from this blog

Cisco ACI - Logging in from Postman Using the API

Image
 Most Network Engineers I know are like me, and are largely stuck in our ways of using the CLI. Cisco ACI is almost entirely GUI-based and really there isn't much you can do via the CLI.  Tasks that used to be so simple are now increasingly time-consuming. For Example; I had to configure an access port last week and it took me 10 minutes to get all the options correctly selected before I was done configuring the port. What used to be an easy procedure, whether manual or not, is now far more complicated, with several steps that can be easily missed.  To that end: I've started using the Postman Collection Runner to ensure I'm not missing any of the steps needed to complete these tasks.  Anyway, the first step to using the API is knowing how to get the API Token, which I'll now go over using Cisco's sandbox APIC found at sandboxapicdc.cisco.com. Open Postman, and click "+New Collection." Name it whatever name you prefer, and click "Create". Under yo...
Read more

Cisco Nexus - vPC Peer-Switch

Image
The vPC Peer-Switch feature allows a pair of vPC peer devices to appear as a single logical Spanning Tree Protocol root. With vPC Peer-Switch enabled downstream devices see both switches as the STP root. Without vPC Peer-Switch enabled downstream devices still have to funnel Layer 2 traffic via the STP root using the traditional STP traffic flow. The main advantage of vPC peer-swtich is the improvement in term of convergence time during vPC primary peer device failure/recovery.    Without vPC peer-switch feature vPC primary peer device failure and recovery can create around 3 seconds of traffic disruption  With vPC peer-switch traffic disruption is lowered to sub-second value  This is since peer device down an up events do not generate any Rapid Spanning Tree Protocol Sync behavior, because, there is no logical change in the L2 topology. Things to keep in mind: It is a Cisco recommended best practice to activate vPC peer-switch within a vPC environment. vPC peer-swit...
Read more

HTB Writeup - Netmon

Image
Netmon is an "Easy" difficulty Machine on hackthebox.eu First Step: Nmap Scan of the Machine nmap -n -v -Pn -p- -A --reason -oN netmon-10.10.10.152.txt 10.10.10.152 Pretty clearly a Windows Machine. Primary areas of opportunity: FTP/21, HTTP/80, SMB/445 21/tcp open ftp syn-ack ttl 127 Microsoft ftpd 80/tcp open http syn-ack ttl 127 Indy httpd 18.1.37.13946 (Paessler PRTG bandwidth monitor) 135/tcp open msrpc syn-ack ttl 127 Microsoft Windows RPC 139/tcp open netbios-ssn syn-ack ttl 127 Microsoft Windows netbios-ssn 445/tcp open microsoft-ds syn-ack ttl 127 Microsoft Windows Server 2008 R2 - 2012 microsoft-ds 5985/tcp open http syn-ack ttl 127 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP) 47001/tcp open http syn-ack ttl 127 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP) 49664/tcp open msrpc syn-ack ttl 127 Microsoft Windows RPC 49665/tcp open msrpc syn-ack ttl 127 Microsoft Windows RPC 4...
Read more