Hello everyone!!!👋👋👋
Welcome to the second part of our Hashing and Salting Series. Today we are going to learn about Rainbow Attack and Dictionary attacks. We learned about hashing and let’s learn about different attack vectors before we move on to salting.
As we have already learned that passwords are stored in the application database in hashed format rather than in plain text. So whenever the user enters his/her password to authenticate the application hashes the entered password and checks it with the already hashed password stored in the database. If both the hashes match then the user is successfully authenticated.
Using hashes in place of plain text for passwords prevents the attack of password cracking in case of a data breach up to some extent. But it is not safe completely. There are still ways to crack these hashed passwords using Dictionary, Brute Force, and Rainbow Table Attacks. Let us see how they work in real-time.
Dictionary Attack
As the name suggests, it is a kind of password cracking attack that uses all the words available in the dictionary. It uses the words available in the dictionary from A-Z and sees if the words have been used as passwords for authentication. This kind of attack is successful if the application allows users to have a very common password or a single word password.
So to prevent this the applications use a security measure to protect them from a data breach or attack. This is done by simply implementing a strict password policy which is nothing but a policy of how the passwords should be when a user is creating an account/resetting password. It accepts passwords having upper case, lower case, numbers, and alphanumeric values in it and rejects if any of the factors are missing. This measure will prevent to some extent. But even with a strict password policy, passwords can still be cracked using Brute-force attacks.
Brute-Force Attack
By the name itself, we can understand that it is a kind of attack in which every possible combination of characters and spaces is tested up to a certain maximum length, which can sometimes be effective. So, if the password consists of or matches our created password, we can be logged in to the account. This attack is used when passwords are a bit complex than just a normal string or a word.
But this is a time taking process as it has to check for all combinations of a given string. And if the passwords are more complex and non-predictable then it becomes harder to crack them as this attack uses a predictable list of passwords for different combinations. It is impossible to crack non-predictable passwords.
When conducting such attacks, the success rate depends on whether we are performing this on an online/offline machine. If the system is an online application, then after a few unsuccessful attempts the site administrator or the account manager will block your account and have to wait till they unblock your account.
Rainbow Table Attack
A Rainbow Table is a database that is used to crack hashes in order to gain access to the system. It is a precomputed table of plaintext passwords and their corresponding hash values for each character used during the authentication process that can be used to find out what plaintext password produces a particular hash.
A Rainbow table attack works very efficiently than Brute-force Attacks as in brute force attacks we find a combination and hash it and then check it with the database hash. But in the Rainbow table attack, these steps can be discarded as the hashes are already available. In order to do this attack, the attacker needs to get his hands on the leaked hashes. Then they use the rainbow table to translate hashes into plaintext.
But this is only possible as long as the hashes are not salted, in which case this attack is not useful. To prevent the Rainbow Table attack we use salting which we will learn in our next post.
Hope you have learned something. See you guys next time. I would love to hear your feedback and improve myself. Check out my Instagram to get more updates and tricks.
Till then Take Care and Happy Learning 😄
