Category: Tools


ophcrack Many of you are familiar with L0phtcrack for cracking passwords. LC5 was discontinued by Symantec in 2006, but you can still find the LC5 installer floating around. The free trial only lasts 15 days, and Symantec won’t sell you a key, so you’ll either have to cease using it or find a key generator.

Ophcrack is a Windows password cracker based on rainbow tables. It is a very efficient implementation of rainbow tables done by the inventors of the method. It comes with a GTK+ Graphical User Interface and runs on Windows, Mac OS X (Intel CPU) as well as on Linux.

The ophcrack LiveCD contains a full linux system (SLAX), ophcrack for Linux and rainbow tables for alphanumerical passwords. The LiveCD cracks passwords automatically, no installation necessary, no admin password necessary (as long as you can boot from cd).

More information about this tool can be found here:


Rainbow Table – LM All 1-7 120GB Download

The Hak5 RainbowTables project has finished generating the 120GB LM All tableset, and they are now available for public download via Bittorrent.

Technical Details
Charset: all (ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()-_+=~`[]{}|:;”’,.?/)

Plaintext Length Range: 1-7

Key Space: 68^1 + 68^2 + 68^3 + 68^4 + 68^5 + 68^6 + 68^7 = 6823331935124

Disk Usage: 120GB

Success Rate: 1 – (1 – calc_success_prob(6823331935124, 9000, 8000000000/8)) ^ 8 = 0.9990

Mean/Max cryptanalysis time: 197.0106s/915.2542s*

Max Disk Access Time: 3802.2s*

Typical 666MHz CPU

The Torrent download is available here: hak5_rtables_lm_all_1-7.torrent

What is a Rainbow Table?
A rainbow table is a lookup table offering a time-memory tradeoff used in recovering the plaintext password from a password hash generated by a hash function, often a cryptographic hash function. A common application is to make attacks against hashed passwords feasible. Salt is often employed with hashed passwords to avoid this attack.

A full description can be found here:


Tate Hanson, of ClearNet Security, produced an excellent web application called nmapTweaker that helps perfect nmap syntax.

From the article:

We’re playing w/RoR and building a few web apps. I wrote a quick and easy one that helps you build a command line for nmap, nothing particularly special.

I did add some extra content: tuning tips, examples, and a time estimator. Basically you can use it to build a command line, then copy and paste it to wherever you want to run it.

It does not do syntax checking for nmap options which require input yet (e.g. targets, output file name, etc.), but the app does do some error checking for conflicting options.

It’s a little rough, but hey, it might save you a few minutes of time if you’re not an nmap option sage.

Good work Tate.

Scroll to top