Need To Decrypt an md5 Hash? Try Some Free Rainbow Tables

If you’re like me, remembering fifty or more unique passwords is sometimes frustrating. I refuse to use any sort of password management system, and writing them down defeats the purpose of even having a password. Some prefer using the same password for everything, but if one account is compromised, the rest will probably soon follow. The most recent circumstance for me was a forgotten vBulletin admin password. Since reinstalling wasn’t an option, that left me with the option of manually updating the database, which didn’t work. Ok, so now what? Crack the md5 hash with Rainbow Tables.

Why Use Rainbow Tables?

Rainbow Tables, compared to brute forcing, is much faster. The time consuming part is actually generating the tables used to run decrypted hashes against, but once generated, they’re good forever. The Rainbow Tables project page provides a lot of instructions and configuration examples. One of the tables was able to crack the following passwords in only a few minutes.

N73k_a7()TUBoK

PrFa$=ptRcb^__ z

%G)r*EW&2nk#

cjST$=W0U*-5CH

(zw= ijV$i*vEX

How rad is that? Table generation can take days, even weeks, and will consume pretty large quantities of hard drive space depending on the configuration options, but there is an alternative.

Collaborative Rainbow Table Generation

Similar to the SETI project, Free Rainbow Tables is a distributed rainbow table generation project that combines the computing power offered by members. Once registered, the free client will put your CPU to work by generating chains for the project. In return, members are able to use the 100+ gigabytes worth of tables for their own decryption needs. The online system makes submitting your encrypted hashes easy, and the hash management portion of the site lets you know when your hash is being searched for. Surprisingly, the success rate for decryption is pretty low with 11,523 (47%) hashes at the time of writing. But this is definitely something worth having in your arsenal when used with locally generated tables.

As of right now I’m approaching 10 gigabytes worth of locally stored tables. If you’re interested in exchanging tables, just let me know via comment or email.

Additional Posts Worth Reading

 

4 Comments »

collapse Comment by LyleC
2008-02-18 16:32:42

Neato :).

 
collapse Comment by michosn
2008-04-23 21:21:43

i found many sites that give md5 coding and decoding like http://www.joomlaaa.com/md5-coding-decoding i do not know how they can decode md5 anyone know a script to decode md5?

 
collapse Comment by Z@$# Subscribed to comments via email
2008-06-05 13:54:11

plz plz decript this hash for me any one….its really important….

2CAD28C7C619F27DDE7B83C4999795BA

 
collapse Comment by FoNiX Subscribed to comments via email
2008-06-07 16:03:10

“…decode md5″ is not possible, only bruteforce: generate hash and compare with original.

 
Name (required)


E-mail (required - never shown publicly)


URI - Web Site Address






Subscribe

Site of The Day

Sponsors

Categories

Recent Comments

  • Arthur: I can’t even be an Ebay affiliate. Tried various ways but still declined. Any help or suggestions?
  • chicago web design: I can’t imagine that these will last very long before Google banishes them all. But for now...
  • D.Ksyte: Anyone involved with cron job scheduling might find this resource useful. Cron Sandbox at HxPI is an...
  • FoNiX: “…decode md5″ is not possible, only bruteforce: generate hash and compare with original.
  • Z@$#: plz plz decript this hash for me any one….its really important…. 2CAD28C7C619F27DDE7B83C4999795BA
  • Joe: Thanks for writing this up. I tried the second method…however after the debian install the screen looks...
  • Scott: Was this issue ever resolved? I just started having a problem a couple weeks ago. I don’t do any kind of...
  • Prashant Patel: I had integrated Sp3 in Xp But finding one problem. In the Task Manager Process windows many services...
  • Ed: This looks like a real ‘leet’ linux command but it misses the point. Why would a hacker keep the name of...
  • Sudesh: My account was disabled but I followed their guideline and in one sec it was back on :) Here is the...

Top Commentators

Miscellaneous

  • Add to Technorati Favorites