A rainbow table is a lookup table offering a time-memory tradeoff used in recovering the plaintext password from a password hash generated by a hash function, often a cryptographic hash function. A common application is to make attacks against hashed passwords feasible.
In more detail, a rainbow table is a compact representation of related plaintext password sequences (or chains). Each chain starts with an initial password, which is passed through a hash function. The resulting hash is then fed into a reduction function, which produces a different plaintext password. The process is then repeated for a fixed number of iterations. The initial and final passwords of the chain comprise a rainbow table entry.
Recovering a password using a rainbow table is mainly a two step process. Leaving out a few details, the process is as follows:
First, the password hash is run through the above reduce-hash sequence. The structure of the table and its reduction function guarantee that the running password will match a final password of one of the chains. This yields the initial password of the chain. Second, the iteration is repeated starting with this initial password until the original hash is found. The password used at the last iteration is the password being recovered.
Increasing the length of the chain decreases the size of the table. It also increases the time required to iterate over each chain, and this is the time-memory trade-off of the rainbow table. In a simple case of one-item chains, the lookup is very fast, but the table is very big. Once chains get longer, the lookup slows down, but the table size goes down.
A rainbow table is ineffective against one-way hashes that include salts.
A salt effectively extends the length and potentially the complexity of the password. If the rainbow tables do not have passwords matching the length (e.g. 8 bytes in the password, and 2 bytes of salt, is now effectively a 10 byte password) and complexity (non-alphanumeric salt increases the complexity of strictly alphanumeric passwords) of the salted password, then the password will not be found. If found, one would have to remove the salt from the password before it could be used. To prevent against a site specific rainbow table it is important that salts are stored per user, otherwise an attacker can just create a rainbow table including that site's salt + possible passwords, which for a large site will produce a number of hits.
Rainbow tables tend to have little or no success when extrapolating outside the range of symbols or password length computed into the table. So, choosing a password that is longer or contains symbols not accounted for inside a Rainbow table can be very effective. Because of the sizable investment in computing processing, Rainbow tables beyond 9 places in length and a character set containing symbols are not yet common. However, certain intensive efforts focused on LM hash, an older hash algorithm used by Microsoft, exist in the public domain. As development around Rainbow tables is continuing, the length of passwords that are endangered is growing.
Rainbow tables offer a new way of recovering passwords, both for good and bad purposes. Rainbow tables are currently mainly used for recovering LM, NTLM and MD5 hashes. LM hashes of passwords containing letters, numbers or regular symbols can most certainly be recovered within a short period of time. As for NTLM and MD5, currently there are Rainbow tables to recover regular passwords of about 9 characters, depending on the complexity of the password.
Download the new tables for free from here
Most of the above explanation was taken from Wikipedia. This site is offering Rainbow tables to assist in recovering passwords and for the use of legal penetration testing. This site takes no responsibility for the acts of those who use these Rainbow tables for illegal purposes.