System Hacking - p.7

Lab 6

Creating the Rainbow Tables  Using Winrtgen

Winrtgen is a graphical ־Rainbow Tables Generator that s/ippo/ts LM, FastLM, NTLM, LMCHALL> HaljLMCHALL, K TIM C H A LL, MSCACHE, MD2, MD4, MD5, SHA1, RIPEMD160, MjSOLJ23, MySQLSHAI, CiscoPIX, ORACLE, SHA-2 (256), SHA-2 (384) and SFL4-2 (512) hashes.

Lab Scenario

in  computer and information security, the use ot password is essential for users to protect their data to ensure a seemed access to dieir system or machine. As users become increasingly aware of the need to adopt strong passwords, it also brings challenges to protection of potential data. in thí is lab, we will discuss creating die rainbow table to crack the system users’ passwords. inorder to be an expert ethical hacker and penetration tester, you must understand how to create rainbow tables to crack the administrator password.

Lab Objectives

The objective of this lab is to help students how to create and use rainbow table to perform system password hacking.

Lab Environment

To earn ׳ out die lab, you need:
■ Winrtgen Tool located at D:\CEH-Tools\CEHv8 Module 05 System Hacking\Rainbow Table Creation Tools\Winrtgen
■ A computer running Window Server 2012
■ You can also download the latest version of Winrtgen from the link http: / /www.ox1d.it/ projects.html
■ If you decide to download the latest version, then screenshots shown in the lab might differ

■ Run this tool 011 Windows Server 2012
■ Administrative pnvileges to run tins program
Lab Duration

Time: 10 Minutes

Overview of Rainbow Table

A rainbow table is a precomputed table for reversing cryptograpliic hash functions, usually for cracking password hashes. Tables are usually used in recovering plaintext passwords, up to a certain length, consisting o f a limited set of characters.

Lab Task

1. Double-click die winrtgen.exe tile. The main window of winrtgen is shown in the  following tigure.

FIGURE 6.1: winrtgen main window

2. Click die Add Table button.

FIGURE 6.2: creating die rainbow table

3. Rainbow Table properties window appears:
i. Select ntlm from the Hash drop-down list
ii. Set die Min Len as 4, die Max Len as 9, and the Chain Count of 4000000
iii. Select loweralpha from die Charset drop-down list (diis depends on the password).
4. Click OK.

FIGURE 6.3: selecting die Rainbow table properties

5. A file will be created; click OK

FIGURE 6.4: Alchemy Remote Executor progress tab window

6. Creating the hash table will take some time, depending on the selected hash and charset.
     Note: To save die time tor die lab demonstration, die generated hash table is kept in die following !older:      D:\CEH-Tools\CEHv8 Module 05 System Hacking\Rainbow Table Creation ToolsYWinrtgen
7. Created a hash table saved automatically 111 die folder containing winrtgen.exe.

FIGURE 6.5: Generated Rainbow table file

Lab Analysis

Analyze and document the results related to the lab exercise.