Last ShmooCon something wicked and evil happened. The fine folks on the PDC mailing list decided it would be a great idea to have a place at Shmoo where we could all meet up and share Rainbow Tables. What a grand idea! After all, good Rainbow Tables can easily go well into the hundreds of gigabits so why not have a nice get together and share?
Small problem. Everyone showed up with empty hard drives. No one, not a single person, brought any tables at all.


Almost as crappy

Add to this the fact that my external hard drive with my Rainbow Tables crashed out on me last week. So, we now have two important lessons to take from the Rainbow Tables saga. Lesson one: no one is willing to share. Lesson two: backups are kind of important.
To remedy this situation I went to the fine people at Project Rainbow Crack and ordered a new set of tables for NT and LANMAN hashes. You may say that simply downloading them would be cheaper, and you would be right. However, we were in a bind on a current pen test and needed them immediately. Turns out it would be much faster to order them and have them shipped to us rather than download them.
I went to the section the Project Rainbowtable site to buy the tables and ordered the USD $300 set. What I would get is a new 320 GB hard drive and the 272 GB of tables for LM and NT hashes to go with it. What I was not expecting was that overnight air was included in the cost.
These guys simply rock. The service was excellent, and their packing… well their packing was something to be seen to be belived.
As near as I could tell it was wrapped in bubble wrap, 4 years of newspaper compressed to 1″ around the entire drive and the strongest tape known to man wrapped liberally around the drive.
First, I needed the right tools.

2010-07-27 13.12.06.jpg

Hard Liquor Not Optional

Finally, I was able to squeeze the box out and see what was sent to me. It was an external hard drive. No Liquor to replenish my stock. It would have been better if there was alcohol in the package. For this reason, and this reason only, they get 4 out of 5 stars.
Everything was in its place. The tables, and the software to make them sing. I was a bit disappointed to see that only the programs for Windows were included. A bit of a bummer, but that is ok. There are plenty of places online to find Linux and OSX programs that work with the tables that were sent to me.
Oddly enough, the software was WinRAR protected with a password of “abcde12345″. I am pretty sure this has something to do with crypto export controls. But it still made me chuckle.
How did they work? Beautifully. We were able to crack an Admin LANMAN password hash in under 5 min, and a NT only hash in under 15min.
When you get the tables there will be a couple of things that you will notice. First, the tables are in .rtc format. This is no big deal, except other tools like Cain and Able will need the tables to be in .rt format. The fine folks at Project Rainbow Crack have a few excellent tools to covert the formats here.
I cannot recommend the product from the fine folks at Project Rainbow crack enough. The drive is ok and the service was prompt and the tables worked.
Also, I am currently backing up the tables to two different drives.
Next year I will be bringing some tables to share.
There are currently a number of great sites that offer free tables. Below are just a few:

Before you come to Shmoo get some tables and bring them to share with everyone else.
We will not have a repeat from last year.

