Skip to content

Hash Types

Jump to bottom Edit New page
Ridgeback666 edited this page Mar 31, 2013 · 1 revision

NTLM Example: mNAXFyx:585C797FED72E2F2AAD3B435B51404EE:0885740613532CD69149754B0572871D::: Used in winblows. Length: 32 chars: 32 chars Description: The first 32 chars are the NT hash. The second set is the NTLM. Attack the second one in Hashcat. See http://www.tobtu.com/lmntml.php

DES(Unix) Example: IvS7aeT4NzQPM Used in Linux and other similar OS. Length: 13 characters. Description: The first two characters are the salt (random characters; in our example the salt is the string "Iv"), then there follows the actual hash. Notes: [1] [2]

Domain Cached Credentials Example: Admin:b474d48cdfc4974d86ef4d24904cdd91 Used for caching passwords of Windows domain. Length: 16 bytes. Algorithm: MD4(MD4(Unicode($pass)).Unicode(strtolower($username))) Note: [1]

MD5(Unix) Example: $1$12345678$XM4P3PrKBgKNnTaqG9P0T/ Used in Linux and other similar OS. Length: 34 characters. Description: The hash begins with the $1$ signature, then there goes the salt (up to 8 random characters; in our example the salt is the string "12345678"), then there goes one more $ character, followed by the actual hash. Algorithm: Actually that is a loop calling the MD5 algorithm 2000 times. Notes: [1] [2]

MD5(APR) Example: $apr1$12345678$auQSX8Mvzt.tdBi4y6Xgj. Used in Linux and other similar OS. Length: 37 characters. Description: The hash begins with the $apr1$ signature, then there goes the salt (up to 8 random characters; in our example the salt is the string "12345678"), then there goes one more $ character, followed by the actual hash. Algorithm: Actually that is a loop calling the MD5 algorithm 2000 times. Notes: [1] [2]

MD5(phpBB3) Example: $H$9123456785DAERgALpsri.D9z3ht120 Used in phpBB 3.x.x. Length: 34 characters. Description: The hash begins with the $H$ signature, then there goes one character (most often the number '9'), then there goes the salt (8 random characters; in our example the salt is the string "12345678"), followed by the actual hash. Algorithm: Actually that is a loop calling the MD5 algorithm 2048 times. Notes: [1] [2]

MD5(Wordpress) Example: $P$B123456780BhGFYSlUqGyE6ErKErL01 Used in Wordpress. Length: 34 characters. Description: The hash begins with the $P$ signature, then there goes one character (most often the number 'B'), then there goes the salt (8 random characters; in our example the salt is the string "12345678"), followed by the actual hash. Algorithm: Actually that is a loop calling the MD5 algorithm 8192 times. Notes: [1] [2]

MySQL Example: 606717496665bcba Used in the old versions of MySQL. Length: 8 bytes. Description: The hash consists of two DWORDs, each not exceeding the value of 0x7fffffff.

MySQL5 Example: *E6CC90B878B948C35E92B003C792C46C58C4AF40 Used in the new versions of MySQL. Length: 20 bytes. Algorithm: SHA-1(SHA-1($pass)) Note: The hashes are to be loaded to the program without the asterisk that stands in the beginning of each hash.

RAdmin v2.x Example: 5e32cceaafed5cc80866737dfb212d7f Used in the application Remote Administrator v2.x. Length: 16 bytes. Algorithm: The password is padded with zeros to the length of 100 bytes, then that entire string is hashed with the MD5 algorithm.

MD5 Example: c4ca4238a0b923820dcc509a6f75849b Used in phpBB v2.x, Joomla version below 1.0.13 and many other forums and CMS. Length: 16 bytes. Algorithm: Same as the md5() function in PHP. md5($pass.$salt) Example: 6f04f0d75f6870858bae14ac0b6d9f73:1234 Used in WB News, Joomla version 1.0.13 and higher. Length: 16 bytes. Note: [1]

md5($salt.$pass) Example: f190ce9ac8445d249747cab7be43f7d5:12 Used in osCommerce, AEF, Gallery and other CMS. Length: 16 bytes. Note: [1]

md5(md5($pass)) Example: 28c8edde3d61a0411511d3b1866f0636 Used in e107, DLE, AVE, Diferior, Koobi and other CMS. Length: 16 bytes.

md5(md5($pass).$salt) Example: 6011527690eddca23580955c216b1fd2:wQ6 Used in vBulletin, IceBB. Length: 16 bytes. Notes: [1] [3] [4]

md5(md5($salt).md5($pass)) Example: 81f87275dd805aa018df8befe09fe9f8:wH6_S Used in IPB. Length: 16 bytes. Notes: [1] [3]

md5(md5($salt).$pass) Example: 816a14db44578f516cbaef25bd8d8296:1234 Used in MyBB. Length: 16 bytes. Note: [1]

md5($salt.$pass.$salt) Example: a3bc9e11fddf4fef4deea11e33668eab:1234 Used in TBDev. Length: 16 bytes. Note: [1]

md5($salt.md5($salt.$pass)) Example: 1d715e52285e5a6b546e442792652c8a:1234 Used in DLP. Length: 16 bytes. Note: [1]

SHA-1 Example: 356a192b7913b04c54574d18c28d46e6395428ab Used in many forums and CMS. Length: 20 bytes. Algorithm: Same as the sha1() function in PHP.

sha1(strtolower($username).$pass) Example: Admin:6c7ca345f63f835cb353ff15bd6c5e052ec08e7a Used in SMF. Length: 20 bytes. Note: [1]

sha1($salt.sha1($salt.sha1($pass))) Example: cd37bfbf68d198d11d39a67158c0c9cddf34573b:1234 Used in Woltlab BB. Length: 20 bytes. Note: [1]

SHA-1(Unix) Example: $sha1$21773$uV7PTeux$I9oHnvwPZHMO0Nq6/WgyGV/tDJIH Used in Linux and other similar OS. Length: 49 characters.

SHA-256(Unix) Example: $5$12345678$5B8vYYiY.CVt1RlTTf8KbXBH3hsxY/GNooZaBBGWEc5 Used in Linux and other similar OS. Length: 55 characters. Description: The hash begins with the $5$ signature, then there goes the salt (up to 8 random characters; in our example the salt is the string "12345678"), then there goes one more $ character, followed by the actual hash. Algorithm: Actually that is a loop calling the SHA-256 algorithm 5000 times. Notes: [1] [2]

SHA-512(Unix) Example: $6$FlVHDqvJ$ThGGrjmLsa102bdM3POs1696Ee3J0chVP57.qNg7ajC5pmknr9WC2ELSVLQiAT3Evyok42jFXLe.H0nuWHX2w1 Used in Linux and other similar OS. Length: 98 characters. Description: The hash begins with the $6$ signature, then there goes the salt (up to 8 random characters; in our example the salt is the string "12345678"), then there goes one more $ character, followed by the actual hash. Algorithm: Actually that is a loop calling the SHA-512 algorithm 5000 times. Notes: [1] [2]

Add a custom footer
Add a custom sidebar
Clone this wiki locally