Posted by: Dan O'Connor
hash, John The Ripper, md5
Rainbow tables are a very very quick and effective way to figure out a password, but they have a big problem, and I mean big. They are incredibly large, the more you pre-hash the bigger they get, they can be in the terabytes depending how many characters you are doing.
The other method is effective but trades the size of the pre-hashes to time. You can do an incremental brute force of the hashes.
Typically I would use some dictionaries, and a list of known passwords. You can get these from a variety of sources and I would recommend running more then one, they don’t take very long at all to run. Once I have run through the lists I will start up the brute force and let it run.