Thursday, January 8, 2015

Password Hash Identifier

So I recently saw KoreLogic post a link to a password hash dump on pastebin located here: http://pastebin.com/A3JSbdzm

It was not a typical hash dump as it was not cracked or uncracked hashes, but hash types followed by examples. When faced with a funky password hash, I typically call upon john the ripper to do identification for me, however I have been in multiple scenarios where it is either unclear or john cannot identify the hash(es) I have. This pastebin dump was the kick in the pants I needed to write a tool of my own that attempts to identify the hash type of a given hash.

If an exact match cannot be found, the script will give you "possible" matches. I have incorporated the hash types mentioned above as well as the list from the hashcat site here: http://hashcat.net/wiki/doku.php?id=example_hashes

To use it you will need to download the python script and the associated hash list.

https://github.com/jakxx/Scripts/blob/master/hashes.py
https://github.com/jakxx/Scripts/blob/master/hashes.txt

Once you have them, usage is simple:

python hashes.py '[hash]'

An example can be seen below.


Cheers.

3 comments:

  1. This comment has been removed by the author.

    ReplyDelete
  2. This comment has been removed by the author.

    ReplyDelete
  3. Sorry about the delete-repost, I had some typos.
    ------
    Since I'm kind of bored, I decided to re-write this in C++. (Silly, I know)
    It seems pretty basic since the matching appears to be mostly length based.

    http://i.imgur.com/7c3bo7E.png
    http://i.imgur.com/4kJfCoE.png

    As you can see in the first image, I only added 5 of the hashes so far. (I'm in no rush)
    Thanks for the small project :D

    ReplyDelete