Password Attacksrainbowtableshashcrackerpasswordlmntlmmd5sha1

RainbowCrack

RainbowCrack is a password cracker that uses rainbow tables to crack hashes via time-memory tradeoff. It implements Philippe Oechslin's faster technique, differing from brute force methods.

Description

RainbowCrack is a general purpose implementation of Philippe Oechslin's faster time-memory trade-off technique for cracking password hashes using precomputed rainbow tables. It supports cracking LM, NTLM, MD5, SHA1, and SHA256 hashes with specific plaintext length ranges.

The tool suite includes binaries for cracking hashes with existing tables (rcrack), generating new rainbow tables (rtgen), converting table formats (rt2rtc, rtc2rt), merging (rtmerge), and sorting (rtsort) tables. It is particularly useful for offline password recovery from hash dumps like pwdump files.

RainbowCrack excels in scenarios where brute force is inefficient, leveraging precomputed chains to reduce computation time for common passwords within defined character sets and lengths.

How It Works

RainbowCrack employs a time-memory tradeoff algorithm using rainbow tables, which store chains of hash reductions to cover large password spaces efficiently. Unlike brute force, it generates or uses precomputed tables (*.rt, *.rtc) matching hash algorithm, charset, plaintext lengths, chain length, and chain count. The rcrack tool loads hashes and searches tables for matching plaintext; rtgen creates tables by computing reduction chains.

Installation

bash

sudo apt install rainbowcrack

Flags

-h hashload single hash

-l hash_list_fileload hashes from a file, each hash in a line

-lm pwdump_fileload lm hashes from pwdump file

-ntlm pwdump_fileload ntlm hashes from pwdump file

-benchbenchmark mode for rtgen

Examples

Crack a single MD5 hash using rainbow tables in current directory

rcrack . -h 5d41402abc4b2a76b9719d911017c592

Crack multiple hashes from a file using rainbow tables in current directory

rcrack . -l hash.txt

Generate rainbow table for MD5 hashes, loweralpha charset, lengths 1-7, table index 0, chain len 1000, 1000 chains, part 0

rtgen md5 loweralpha 1 7 0 1000 1000 0

Benchmark rainbow table generation for MD5 loweralpha 1-7

rtgen md5 loweralpha 1 7 0 -bench

Crack LM hashes from pwdump file using tables in specified path

rcrack path/to/tables -lm pwdump_file

Crack NTLM hashes from pwdump file using tables in specified path

rcrack path/to/tables -ntlm pwdump_file

Load and crack hashes from a list file using tables in current directory

rcrack . -l hash_list_file

Updated 2026-04-16kali.org ↗