The name Rainbow Tables ίσως παραπέμπει σε κάτι πολύχρωμο και όμορφο αλλά στην πραγματικότητα είναι ένα πολύ ισχυρό εργαλείο hacking.
What are Rainbow Tables? How could such a cute name be so harmful?
The basic idea behind Rainbow Tables:
The scenario is that a malicious user managed to gain access to a server and hijack the database data that uses. The database contains usernames and passwords.
Passwords stored in the database are encrypted, so he cannot read and use them. To be useful to him, he must break it encryption of passwords (or at least the admin password).
What are the options to crack encryption of passwords?
It may try to use a brute-force tool, such as John the Ripper, that repeatedly tries to guess every possible combination of a password. His second option is to upload a password dictionary containing hundreds of thousands of passwords commonly used to find out if the list contains the one he is asking for. These methods can take weeks, months or even years, and several computing resources if the passwords are strong enough.
When one code password tested on a system is "hashed" using encryption, so the actual password is not sent in plain text through the lineof communication. This prevents eavesdroppers on your network from intercepting your password. The password hash usually looks like a bunch of letters and numbers that don't make any sense and is usually a different size than the original password. So the password “password”, but has as MD5 hash “5f4dcc3b5aa765d61d8327deb882cf99”
To verify a user, the system gets the hashed value generated by the password fragmentation function on the client and compares it with the amount of hash value that is stored in a table on the server. If the checksums match, then the user has been authenticated and granted access.
The hashing of a password is a 1-way function, which means that the hash can not be decrypted to see what the clear text of the password is. There is no key to decrypting the hash once it is created. There is no "decoder" if you will.
Password hacking programs work in a similar way to the login process. The program starts by getting passwords in plain text format. Through an hash algorithm, such as MD5, it generates the hash values of the codes. It then compares the hashes that came out with the hashes of a database password. If a match is found then the program has discovered the password. As we said before, this process can take a very long time.
Introduction to Rainbow Tables
Rainbow Tables are huge tables full of hash values that are pre-identified with strong plain text passwords. Rainbow Tables essentially allow the hacker to reverse the hash function to determine what the plain text password might be. It is possible (although very rare) for two different passwords to have the same hash, so it is not important for the hacker to know what the original password was.
Rainbow Tables break passwords in a very short time compared to the methods we described above. However, the process requires a lot of storage space (sometimes Terabytes) for Rainbow Tables. But this is not a problem today.
The hackers they can buy ready-made Rainbow tables to crack passwords of vulnerable operating systems such as Windows XP, Vista, Windows 7, and in general applications that use MD5 and SHA1 algorithms as a hashing mechanism. (many web application developers still use these hashing algorithms).
How can you protect yourself from attacks using Rainbow Tables?
Maybe a stronger password could help. We mention "maybe" because it is not the password weakness that presents the problem, but the vulnerability associated with the hash function used to encrypt the password.
The best advice is to stay away from web applications that limit the length of passwords to a small number of characters. This is a clear sign of vulnerable control routines ID cardς. Οι κωδικοί μεγάλου μήκους και η πολυπλοκότητα μπορεί να βοηθήσει λίγο, αλλά δεν είναι εγγυημένη μορφή προστασίας. Όσο μεγαλύτεροι είναι οι κωδικοί πρόσβασης τόσο μεγαλύτεροι θα πρέπει να είναι οι πίνακες Rainbow για να να τον σπάσουν. Όμως ένας hacker με πολλούς υπολογιστικούς χώρους μπορεί να το κάνει.
If you are a web app developer and you want to protect your audience:
1. Do not use MD5 and SHA1 algorithms for password fragmentation, they are out of date.
2. Use "Salt" encryption in your hash code
Adding "Salt" to the password fragmentation function will greatly help protect your application. To see some coding examples that describe how you can add Salt to your application or site encryption see a great article from WebMasters By Design.
In the coming days we will publish an article on how to break a password using Rainbow Tables.