Skip to content
This repository was archived by the owner on Jul 1, 2023. It is now read-only.

maluyckx/Rainbow-table

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
code
code
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
rainbow.pdf
rainbow.pdf
 
 

Repository files navigation

Rainbow attack on SHA256

This program in C++ allows you to generate a rainbow table and crack passwords hashed in SHA256.

For academic reasons :

  • passwords are NOT salted;
  • passwords are stored after a single pass through the hash function;
  • passwords are alphanumeric (lowercase, uppercase and number);
  • passwords have at least 6 and at most 10 characters.

Names:matricules (from ULB)

  • Luyckx Marco:496283
  • Vincent Vanmuysewinkel:489399
  • Alexis Picquet:464559
  • Caner Korkut:396772

Fetching from GitLab

To fetch the project from GitLab, run the following command :

$ git clone https://gitlab.com/maluyckx/ssd_ws_rainbow.git

Building the Project

We have provided a makefile that simplifies the build process. Move into the correct directory and use the make command :

$ cd code
$ make rainbow

Usage

You can use the program in three different ways :

  1. Generate a rainbow table depending on parameters (Generate)
  2. Trying to find passwords from their hashes using a rainbow table (Attack)
  3. Both (Both)

1) Generate

To generate a rainbow table, use the following command :

./rainbow G <n> <l> <rt>

where :

  • <n> = the number of passwords that you want to generate
  • <l> = the length of these passwords (we recommend between 6 and 10)
  • <rt> = name of the file where the output rainbow table should be stored (recommend using a .rt)

2) Attack

To perform an attack on hashes using a rainbow table, use the following command :

./rainbow A <rt> <hashes>

where :

  • <rt> = a binary file generated by the command above ("pwds.rt")
  • <hashes> = a plaintext file containing one hash on each line

3) Both

To perform both operations, use the following command :

./rainbow B <n> <l> <hashes>

where :

  • <n> = the number of passwords that you want to generate
  • <l> = the length of these passwords (we recommend between 6 and 10)
  • <hashes> = a plaintext file containing one hash on each line

Useful informations

Specs used for the benchmark during the generation

Marco's config (laptop): AMD Ryzen 5 3550H with Radeon Vega Mobile Gfx Core speeds (MHz): 1: 1305 2: 1266 3: 1228 4: 1243 5: 1223 6: 1226 7: 1223 8: 1221

Generation

The generation times for various password lengths with 50,000 passes are as follows :

Length Time (sec)
10 000 55.704s
100 000 552.988s
500 000 2796.256s
1 000 000 5687.98s

The length of the passwords does not significantly affect the generation time.

Recommended table lengths (using Birthday problem)

Recommendations as to the number of rows to have in the rainbow tables to have optimal chances to crack passwords (can't guarantee it'll be on time with the generation requirements though).

Table length 6 7 8 9 10
Recommended number
of passwords		 300.000 2.100.000 15.500.000 120.000.000 920.000.000
(probably too long for our implementation)
Approximate odds 50% 50% 50% 50% 50%

About

Rainbow attack on SHA256.

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages