Password Salts Salts make it harder for us to crack passwords. A password salt is simply a random string that
is added to the password before it’s encrypted. The random string could be anything, say, the
“
username
” or the target, “
sessionid
”, or any other random value. Salt values are unique
and constant per user, which means that even if two users have the same password, the hashes
would be unique.
For example, if a user has a password “aedis”, the hash would be generated with the formula of
MD5 (“
random-salt
”+“aedis”). If another user has the same password “aedis”, both salts would
be different and the password hashes would look different, thereby making it harder for us to use
bruteforce and dictionary-based attacks.
Most of the times the salt values are stored in the same database table; a disadvantage of this
approach is that if an attacker gets access to the database, he would easily dump the password salts
and could use them to generate the password because the salt value for every other user is known.
Though this process is more complicated and time consuming, it’s worth the effort.
Rainbow Tables We talked about OPH crack, which relies upon rainbow tables to crack a password. Rainbow
tables in my opinion are the best way to crack a password; they have a precomputed hash list for
every word and compare the given hash with the precomputed hashes in the rainbow tables. This
method is faster and more reliable than bruteforce and dictionary-based attacks.
The only problem we have is with the size of rainbow tables. Depending upon the length and
complexity of passwords, a rainbow table can be very large from a few giga bytes to hundred’s of
giga bytes and even tera bytes in case of huge tables. An example of how large rainbow tables can
be depending upon the complexity is as follows:
So now that you know what methods we can utilize to crack passwords, let me introduce you
to the most famous password cracking tool “John the Ripper.”
