Cryptographically secure pseudorandom number generator (Photo credit: Wikipedia) |
Hello Everyone,
If you are a hacker or a computer Geek or programmer or a general enthusiast regarding computing then you might have come across the term hash or cryptographic hash functions. Many a times even people call hashes as encryption which is absolutely wrong. This is going to be a short tutorial and we will be dealing with how to identify the various types of hashes that we come across. I hope after reading this tutorial you will have some idea that how to identify hashes.
Reader's Note:-
I assume the following while making this tutorial:-
1. You know basics of cryptography. If you don't then read this.
2. You have some experience with programming (though not required much in this tutorial bit its good to know as they will help you understand better).
3. You know basics of PHP [optional].
Let's Begin
If you are a hacker or a computer Geek or programmer or a general enthusiast regarding computing then you might have come across the term hash or cryptographic hash functions. Many a times even people call hashes as encryption which is absolutely wrong. This is going to be a short tutorial and we will be dealing with how to identify the various types of hashes that we come across. I hope after reading this tutorial you will have some idea that how to identify hashes.
Reader's Note:-
I assume the following while making this tutorial:-
1. You know basics of cryptography. If you don't then read this.
2. You have some experience with programming (though not required much in this tutorial bit its good to know as they will help you understand better).
3. You know basics of PHP [optional].
Let's Begin
Identifying MD5
MD5 hash : It is one of the most common type of hash function and it is used in many sites and is applied in different fields. Used in phpBB v2.x, Joomla version below 1.0.13 and many other forums and CMS.
Reasons for a hash to be MD5
Length: 32 characters.
Description: They are always 32 characters in length (16 Bytes).They are always hexadecimal (Only use characters 0-9 and A-F)
Algorithm: Same as the md5() function in PHP.
Example :- f5d1278e8109edd94e1e4197e04873b9
MD5 (UNIX) : Used in Linux and other similar OS.
Length: 34 characters.
Description: The hash begins with the $1$ signature, then there goes the salt (up to 8 random characters; in our example the salt is the string "12345678"), then there goes one more $ character, followed by the actual hash.
Algorithm: Actually that is a loop calling the MD5 algorithm 2000 times.
Length: 34 characters.
Description: The hash begins with the $1$ signature, then there goes the salt (up to 8 random characters; in our example the salt is the string "12345678"), then there goes one more $ character, followed by the actual hash.
Algorithm: Actually that is a loop calling the MD5 algorithm 2000 times.
Example:- $1$12345678$XM4P3PrKBgKNnTaqG9P0T/
MD5 (APR) : Used in Linux and other similar OS.
Length: 37 characters.
Description: The hash begins with the $apr1$ signature, then there goes the salt (up to 8 random characters; in our example the salt is the string "12345678"), then there goes one more $ character, followed by the actual hash.
Algorithm: Actually that is a loop calling the MD5 algorithm 2000 times.
Length: 37 characters.
Description: The hash begins with the $apr1$ signature, then there goes the salt (up to 8 random characters; in our example the salt is the string "12345678"), then there goes one more $ character, followed by the actual hash.
Algorithm: Actually that is a loop calling the MD5 algorithm 2000 times.
Example:- $apr1$12345678$auQSX8Mvzt.tdBi4y6Xgj.
MD5 (phpBB3) : Used in phpBB 3.x.x.
Length: 34 characters.
Description: The hash begins with the $H$ signature, then there goes one character (most often the number '9'), then there goes the salt (8 random characters; in our example the salt is the string "12345678"), followed by the actual hash.
Algorithm: Actually that is a loop calling the MD5 algorithm 2048 times.
Length: 34 characters.
Description: The hash begins with the $H$ signature, then there goes one character (most often the number '9'), then there goes the salt (8 random characters; in our example the salt is the string "12345678"), followed by the actual hash.
Algorithm: Actually that is a loop calling the MD5 algorithm 2048 times.
Example: $H$9123456785DAERgALpsri.D9z3ht120
MD5(Wordpress) : Used in Wordpress sites.
Length: 34 characters.
Description: The hash begins with the $P$ signature, then there goes one character (most often the number 'B'), then there goes the salt (8 random characters; in our example the salt is the string "12345678"), followed by the actual hash.
Algorithm: Actually that is a loop calling the MD5 algorithm 8192 times.
Length: 34 characters.
Description: The hash begins with the $P$ signature, then there goes one character (most often the number 'B'), then there goes the salt (8 random characters; in our example the salt is the string "12345678"), followed by the actual hash.
Algorithm: Actually that is a loop calling the MD5 algorithm 8192 times.
Example:- $P$B123456780BhGFYSlUqGyE6ErKErL01
Identifying Salted MD5
Salted MD5 - Used in a large amount of applications to increase hash parity and to increase the time it takes to crack.
General Description : They consist of two blocks connected by a colon, the first is the hash the second is the salt. The first part of the salted hash is hexadecimal, the second is variable case alphanumeric. They first part will always be 32 characters long. The second part can be any length.
md5($pass.$salt) :Used in WB News, Joomla version 1.0.13 and higher.
Length: 16 bytes.
Example:- 6f04f0d75f6870858bae14ac0b6d9f73:1234
md5($salt.$pass) : Used in osCommerce, AEF, Gallery and other CMS.
Length: 16 bytes.
Length: 16 bytes.
Example:- f190ce9ac8445d249747cab7be43f7d5:12
md5(md5($pass)) : Used in e107, DLE , AVE, Diferior, Koobi and other CMS.
Length: 16 bytes.
Length: 16 bytes.
Example:- 28c8edde3d61a0411511d3b1866f0636
md5(md5($pass).$salt) :Used in vBulletin, IceBB.
Length: 16 bytes.
Length: 16 bytes.
Example:- 6011527690eddca23580955c216b1fd2:wQ6
md5(md5($salt).md5($pass)) : Used in IPB.
Length: 16 bytes.
Length: 16 bytes.
Example:- 81f87275dd805aa018df8befe09fe9f8:wH6_S
md5(md5($salt).$pass) : Used in MyBB.
Length: 16 bytes.
Example:- 816a14db44578f516cbaef25bd8d8296:1234
md5($salt.$pass.$salt) : Used in TBDev.
Length: 16 bytes.
Length: 16 bytes.
Example:- a3bc9e11fddf4fef4deea11e33668eab:1234
Example:- 1d715e52285e5a6b546e442792652c8a:1234Identifying SHA
SHA-1 : Used frequently on the internet and is one of a large family of Secure Hash Algorithms.Used in many forums and CMS.
Length: 20 bytes.
Description :They are always 40 Characters in length (160 bits).They are always hexadecimal (Only use characters 0-9 and A-F).
Algorithm: Same as the sha1() function in PHP.
Example: 356a192b7913b04c54574d18c28d46e6395428ab
sha1(strtolower($username).$pass) : Used in SMF.
Length: 20 bytes.
Example:- Admin:6c7ca345f63f835cb353ff15bd6c5e052ec08e7a
SHA-256(Unix) : Used in Linux and other similar OS.
Length: 55 characters.
Description: The hash begins with the $5$ signature, then there goes the salt (up to 8 random characters; in our example the salt is the string "12345678"), then there goes one more $ character, followed by the actual hash.
Algorithm: Actually that is a loop calling the SHA-256 algorithm 5000 times.
Length: 55 characters.
Description: The hash begins with the $5$ signature, then there goes the salt (up to 8 random characters; in our example the salt is the string "12345678"), then there goes one more $ character, followed by the actual hash.
Algorithm: Actually that is a loop calling the SHA-256 algorithm 5000 times.
Example: $5$12345678$jBWLgeYZbSvREnuBr5s3gp13vqiKSNK1rkTk9zYE1v0
SHA-512(Unix) :Used in Linux and other similar OS.
Length: 98 characters.
Description: The hash begins with the $6$ signature, then there goes the salt (up to 8 random characters; in our example the salt is the string "12345678"), then there goes one more $ character, followed by the actual hash.
Algorithm: Actually that is a loop calling the SHA-512 algorithm 5000 times.
Example:- $6$12345678$U6Yv5E1lWn6mEESzKen42o6rbEmFNLlq6Ik9X3reMXY3doKEuxrcDohKUx0Oxf44aeTIxGEjssvtT1aKyZHjs
Identifying Salted SHA
sha1($salt.sha1($salt.sha1($pass))) : Used in Woltlab BB.
Length: 20 bytes.
Example: cd37bfbf68d198d11d39a67158c0c9cddf34573b:1234Identifying Other hash types
MySQL < 4.1 : These aren't used very often but still come up on very often because people have no idea what to do with them, they are used in older versions of MySQL.
Length : 16 characters(8 bytes)
Description :They are always hexadecimal (Only use characters 0-9 and A-F).
Example:- 606727496645bcbaMYSQL5 : Used in newer versions of MYSQL to store database user passwords.
Length: 41 characters
Description :They are always capitalized. They always begin with an asterisk .
Example:- *C8EB599B8E8EE7BE9F1A5691B7BC9ECCB8DE1C75DES(Unix) : Used in Linux and other similar OS.
Length: 13 characters.
Description: The first two characters are the salt (random characters; in our example the salt is the string "Iv"), then there follows the actual hash.
Example:- IvS7aeT4NzQPM
Domain Cached Credentials :Used for caching passwords of Windows domain.
Length: 16 bytes.
Algorithm: MD4(MD4(Unicode($pass)).Unicode(strtolower($username)))
Example:- Admin:b474d48cdfc4974d86ef4d24904cdd91
I hope this information is useful to you and I belief that this post will help many others.
References : Here
0 comments :
Post a Comment