On 2017-03-27 20:25, Greg Freemyer wrote:
On Mon, Mar 27, 2017 at 2:06 PM, Carlos E. R. <>
You know about rainbow tables, right?
Yes. Not something in my realm, but I did read about them.
If so, in the pre-2005 or so era the universe of
typically small enough that a full set of rainbow tables fit on a DVD.
And MS hadn't started routinely using SALT yet.
Last I knew there were various websites that allowed you to send in
the first part of an encrypted file. It would pull the encrypted
password out of that fragment, then do a reverse password look-up with
a rainbow table.
What you got back may not have been your actual password, but it was a
password that would hash down to the same thing as your real password,
and thus could be used to decrypt the file (PST).
== after a quick google
RE: Outlook 2003
An experiment has shown that on average it takes about a minute to
recover an Outlook hash password using the brute force attack.
However, the crypto analysis of CRC32 has revealed that the algorithm
is completely reversible for short passwords (up to 4 characters) and
partially reversible for all others. That means, one can recover the
original password or its CRC32 equivalent password, that will be
indistinguishable for Outlook, almost instantly. It has been proven
that it requires not more than 7 characters to pick a collision
(password with the same checksum as the original password).
So at that time, it seems the entire universe of PST passwords could
be mapped down to a 7 character password. So to have near instant
cracking speed, all you need is a rainbow table with every possible
7-char password in it.
Modern rainbow tables often have every possible 10 or 12 char password.
If you feel like experimenting, you could also try to attack the PST
with "John". John the ripper is in the distro (zypper in john; sudo
fyi: The purpose for John being in the distro is so you can find
unacceptably weak passwords. Basically if john can crack the
password, it is too weak.
Interesting. Yes, I have used john sometime.
I remembered something else. There was no password for email, there was
a password to the entire computer (or rather, the network profile), via
AD of the time. But setup in a paranoid mode. I had to enter a password
composed from a remembered password plus a code that was read from a
little clock style device that would churn one code per minute.
Something like 6 or 8 letters, perhaps numbers. Too long ago to remember.
What interests me are some personal emails that can be there. I
routinely moved email to local archives (there was a 2 GiB limit to the
size of any mail folder), and I have full access to those. But not to
the last week, I think. Nothing important after all this time. In case
of doubts, per the local legislation I do have rights to that email store.
Cheers / Saludos,
Carlos E. R.
(from 42.2 x86_64 "Malachite" (Minas Tirith))