[英]How to implement a reduced rainbow table in python
I'm attempting to understand how rainbow tables work and am trying to implement one in python but without much success. 我试图了解Rainbow表是如何工作的,并试图在python中实现彩虹表,但没有成功。
I have some code which essentially creates a dictionary in a text file with plaintext strings mapped to their hashes, but can't figure out how to adapt this to generate a reduced rainbow table. 我有一些代码实际上在文本文件中创建一个字典,该文本文件具有映射到其哈希表的纯文本字符串,但无法弄清楚如何对其进行修改以生成简化的Rainbow表。
temp = itertools.product("abcdefghijklmnopqrstuvwxyz", repeat=5)
f = open("passwords.txt", "w")
for pw in temp:
p = ''.join(pw)
encode = hashlib.md5(p.encode()).hexdigest()
f.write(p + " " + encode + "\n")
f.close()
I've came across reduction functions and kinda understand them and so have defined one as: 我遇到过归约函数并且对它们有所了解,因此将其定义为:
def reduction(hash):
return hash[:5]
But I don't know what to do from here :( 但是我不知道该怎么办:(
How can I adapt this code to generate a reduced rainbow table? 如何修改此代码以生成简化的Rainbow表?
Your reduction function should generate a password made of characters of you character set and of length 5 (in your case). 归约功能应生成一个密码,该密码由您的字符集和长度为5的字符组成(取决于您的情况)。 Here is an example that takes an integer as input.
这是一个使用整数作为输入的示例。
import hashlib
chars="abcdefghijklmnopqrstuvwxyz"
chars_len = len(chars)
def reduce(i):
# reduces int i to a 5 char password
# think of i as a number encoded in base l
pwd=""
while len(pwd)<5:
pwd = pwd + chars[ i%chars_len ]
i = i // chars_len
return pwd
table=[]
# generate 10 chains of 1000 pwd, print start and end
for s in range(0,10):
# we can use reduce to generate the start of a chain
start=reduce(s)
p=start
for i in range(0,1000):
# hash
h=hashlib.md5(p.encode('ascii')).hexdigest()
# reduce
p=reduce(int(h,16))
table.append([start,p])
print (table)
You now have a table that can crack about 10k passwords but uses only the space of 20 passwords! 现在,您有了一个可以破解约1万个密码但仅使用20个密码的空间的表!
Note that for a real rainbow table, you would have to use a different reduction function for each step. 请注意,对于真正的彩虹表,您必须为每个步骤使用不同的归约函数。 eg
rainbow_reduce(i,k) = reduce(i+k)
例如
rainbow_reduce(i,k) = reduce(i+k)
Using the table to find a password from a hash is left as an exercise :-) (or another question) 剩下的练习是使用表从哈希中查找密码:-)(或另一个问题)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.