Rainbow Tables for Cracking Passwords – Every Cybercriminal’s Go to Choose

Rainbow tables are in the book of every hacker. When you first hear the name, what do you imagine? Something colorful and rainbow, right? But it’s not the same.

I was reading a blog on tips to secure my Spectrum Internet connection where I read about rainbow tables for the first time.

Turns out, hackers use these tables to crack passwords. They are a threat to any business that stores digital passwords. Cybercriminals use them to crack passwords hashes stored in the database or password files.

What are rainbow tables and why do hackers love them? Let’s crack this information together.

Rainbow Tables Explained

Rainbow tables are complex so bear with me as I attempt to simplify the concept. A lot of misconceptions exist regarding what rainbow tables are (and aren’t). They’re essentially powerful resources that enable rainbow table attacks, which is a popular password-breaking attempt.

Criminals use them for cracking hashed or unsalted passwords using a technique called cryptanalysis. Salt is a random yet unique number that you apply to plain text passwords before you hash or store them to make them secure.

The database that stores passwords is typically large. It consists of tables and each table has pre-computed password hash combos.

These combinations uncover text versions for passwords. For creating password hash combos for the rainbow tables, one must calculate the pre-computed password hash chains.

How Do Hackers Use Rainbow Tables to Crack Passwords

To steal passwords, a rainbow table performs cryptanalysis. Unlike a bruteforce attack, which calculates the hash function of every string available, calculates their hash value, and then compares it to the one in the computer at each step, the rainbow table works differently. Instead, it eliminates this need by computing hashes of the strings available.

Password cracking is a 2 step process: 

Step 1: Create a table

This method involves taking a has of string and reducing it to create a new string. The goal is to reduce this new string as well. 

The process keeps on repeating itself until enough hashes are there in the output chain. In the end, one chain is created that starts with plain text and ends with the last hash. Once you have enough chains, you store them in a table.

Step 2: Let the password cracking begin

Now, you must check if the hashed text exists in the database. If it does, you go to the start of the chain and begin hashing until a possible match is created. Once you find a match, the process stops and your password is cracked!

Remember this. If a hacker is able to access your database of passwords, it’s not a problem for them to compare hashed passwords to potential hashes in the rainbow table.

They can even use the rainbow table to generate plain text options for each hash, and use them to access your accounts.

Can Rainbow Table Attacks Be Prevented?

Yes, they can be. For this, salting can help. In this process, random data is to be fed into the hash function with the plain text.

As a result, rainbow table attacks, which work on the idea that more than one text might have the same hash value, are avoided.

Another technique that can prevent the attack is key stretching. The password, salt, and hash values go through several hash functions for increasing the computation time.

One further approach to preventing the attack is key strengthening. Here, you extend the key with a random salt and it securely deletes the salt. As a result, it forces the attacker as well as legitimate user to launch bruteforce search for the salt value. You gain nothing by bypassing the salting.

Other measures you can take to prevent these attacks include:

• Choose strong and long passwords. The longer they are, the harder it will be to crack them
• Never use the same passwords for all accounts
• Enable 2-FA to add another layer of security to your online accounts.

Final Words

Hackers have been using rainbow tables for cracking passwords for a long time.

The best defense is to prevent hackers from accessing your database in the first place before they even launch these rainbow table attacks. Threat actors use malware to obtain access to networks, servers, and devices, then copy data and attempt to crack it.

It’s best to have a mitigation solution in place that can automatically detect and block threats, such as phishing and malware, and prevent hackers from gaining access to your network in the first place.

The same migration must provide your security team with real-time data regarding the threats that could compromise your system, allowing them to detect and respond to threats quickly.