Regenboog is Dutch for rainbow. Modern pentesting involves large databases of passwords and hashes known as rainbow tables. Passwords are often stored in plaintext (e.g., Post-it notes), but even a careful computer user can trip up by using a weak password ("qwerty123").
Passwords are most securely handled in hash form. A cryptographic hash function such as MD5 is designed to shake bits many times over in such a way that it becomes difficult to reverse the function and obtain the original password. When you logon to a computer system, you are likely transmitting a hash, not the original plaintext password, over the network. This is to protect your password, and therefore your identity, from anyone able to snoop plaintext passwords over the network.
Security is an arms race. More intricate hash functions require more computation for reversal to retrieve the original password. In response, researchers have begun trading space for time by maintaining large databases of passwords and their hashes. This website is one of many others that attempt to collect hashes for study.
What can a researcher learn from a collection of passwords? Average password length is around eight characters. Some of the most common passwords are "123456" and "password". As with any technology, rainbow tables can be used for good or bad. For security analysts, they represent a threat, but they also another tool for measuring and improving the security of an enterprise system. Enjoy.
Regenboog needs more passwords. You can upload large collections of passwords with the regupload.sh shell script.
$ curl http://regenboog.yellosoft.us/regupload.sh -o regupload.sh $ chmod a+x regupload.sh $ ./regupload.sh passwords.txt Password: aaa Password: aab Password: aac . . .
The larger the rainbow table, the better chance of password retrieval. Passwords can be submitted collectively using the shell script or individually using the main web page.
Regenboog also needs more resources to host rainbow tables. By donating, you help Regenboog relay those passwords and hashes faster.
Regenboog is powered by two free technologies: the Node.js programming language and the Redis key store. A rainbow table doesn't require much more than a hash table (passwordhash -> password) with GET and SET operators. An asynchronous web server on top is just a bonus.
Regenboog has a simple RESTful API. Play with the alternative formats such as TXT to get a feel for it.
$ curl -s http://regenboog.yellosoft.us/regenboog.txt?password=monkey | grep LM LM: 633C097A37B26C0CAAD3B435B51404EE $ curl -s http://regenboog.yellosoft.us/regenboog.txt?lm=633C097A37B26C0CAAD3B435B51404EE | grep Password Password: monkey
Either of which return any relevant matches in the rainbow table. Regenboog currently supports txt and json formats, and lm, nt, md2, md4, md5, sha1, sha256, and mysql4 algorithms.
Regenboog can decrypt a list of MD5 hashes. Try the regdecrypt-md5.sh shell script.
$ ./regdecrypt-md5.sh hashes.txt Password: qwerty123 Password: banana Password: 007 . . .