Skip to content

Latest commit

 

History

History
67 lines (46 loc) · 1.96 KB

README.md

File metadata and controls

67 lines (46 loc) · 1.96 KB

RainbowCrack in Docker

Crack passwords in a container, whee! Say hello to RainbowCrack.

This container installs RainbowCrack from their web download package, which offers the following algorithms:

  • lm (LAN Manager)
  • ntlm
  • md5
  • sha1
  • sha256

Usage

The container uses rcrack as its entrypoint, so arguments are directly associated to its interface. To provide rainbow tables, they must be mounted into the container at /opt/rainbowcrack/tables; by default, it will load all files matching the pattern *.rt*

The appropriate arguments to rcrack are roughly:

  • -h ${password_hash} Crack an individual password hash
  • -l ${hashlist_file} Crack a batch of password hashes (one per line)
  • -f ${pwdump_file} Crack a batch of LANMAN hashes via pwdump
  • -n ${pwdump_file} Crack a batch of NTLM hashes via pwdump

To crack an individual hash:

docker run -v "`pwd`/tables:/opt/rainbowcrack/tables" \
     -it sbriesemeister/rainbowcrack:latest -h PASSWORD_HASH

To crack a batch of hashes, the files must be made available in a docker volume.

# example: populate the file
echo -n "mypassword" | md5sum | cut -c 1-32 > ./hashlist.txt
docker run -v "`pwd`:/tmp/hash"  -v "`pwd`/tables:/opt/rainbowcrack/tables" \
    -it sbriesemeister/rainbowcrack:latest -l /tmp/hash/hashlist.txt

Testing

Please refer to the test.sh script in this repository.

  1. Download the smallest rainbow table I could find,
  2. Extract them (using lzma, in the xz package in Homebrew on OSX)
  3. Execute the test script:
sh test.sh test /path/to/rainbowtables/

Note that the path noted above must contain *.rt files after decompression.

This test script builds the Docker image, and then executes the container as noted above.

Some sensible tables (for testing) can be found at: