Rainbow tables for password cracking

Rainbow tables for password cracking

Posted Nov 18, 2006 14:39 UTC (Sat) by jond (subscriber, #37669)
In reply to: Rainbow tables for password cracking by jake
Parent article: Rainbow tables for password cracking

Very interesting. Forgive my ignorance, but how is the hash then stored? I use md5 passwords (at least I told the installer to do so ;).

If I setup a temp user with password Ior3yaeW, I get the following:

temp:$1$.K4dEqjn$pHNfFwq4BAUHf7TcUScuJ1:13470:0:99999:7:::

so if I echo Ior3yaeW.K4dEqjn | md5sum ; what do I do to _that_ to get pHNfFwq4BAUHf7TcUScuJ1 ?

---

to post comments

Rainbow tables for password cracking

Posted Nov 22, 2006 1:33 UTC (Wed) by dmenest (guest, #4017) [Link]

The MD5 password hash is a lot more complicated than a simple MD5 hash. In fact, the code to generate the password hash calls the simple MD5 hash routine more than 1000 times. So you won't be able to do it easily on the command line without a program that calls the crypt() function for you.