Rainbow Tables
A Rainbow table is a huge pre-computed list of hash values for every possible combination of characters. A passwordhash is a password that has gone through a mathematical algorithm that transformed it into something absolutely foreign. A hash is a one way encryption so once a password is hashed there is no way to get theoriginal string from the hashed string. A very common hashing algorithm used as security to store passwords inwebsite databases is MD5 encryption.
Let’s say you are registering for a website. You put in a username and password. Now when you submit, your password goes through the MD5 algorithm and the outcome hash is stored in a database. Now since you can’t get the password from the hash, you may be wondering how they know if your password is right when you login. Well when you login and submit your username and password, a script takes your password and runs it through the md5 algorithm. The outcome hash is compared to the hash stored in the database. If they are the same, you are admitted.
If I were to run the word “cheese” through the md5 algorithm, the outcome would befea0f1f6fede90bd0a925b4194deac11. Having huge tables of every possible character combination hashed is a much better alternative to brute-force cracking. Once the rainbow tables are created, cracking the password is a hundred times faster than brute-forcing it. I will show an example of rainbow table cracking when we get intoWindows password cracking.
I am sure it might have helped. To get the complete info do read my post on md5 encryption, Have given a hyperlink for it in the text.
0 comments:
Post a Comment