For full text search please use the '?' prefix. e.g. ? Onboarding

Hash

hashid

Hashid is a tool that can identify the type of hash that you have. It can be used to identify the type of hash that you have, and then you can use the appropriate tool to crack it. It can be installed with sudo apt install hashid and then used with hashid <hash>.

Example:

$ hashid 68a96446a5afb4ab69a2d15091771e39
Analyzing '68a96446a5afb4ab69a2d15091771e39'
[+] MD2
[+] MD5
[+] MD4
[+] Double MD5
[+] LM
[+] RIPEMD-128
[+] Haval-128
[+] Tiger-128
[+] Skein-256(128)
[+] Skein-512(128)
[+] Lotus Notes/Domino 5
[+] Skype
[+] Snefru-128
[+] NTLM
[+] Domain Cached Credentials
[+] Domain Cached Credentials 2
[+] DNSSEC(NSEC3)
[+] RAdmin v2.x

john

A list of John formats can be found here. It can be installed with snap: sudo snap install john-the-ripper.

Example usage:

$ john --wordlist=rockyou.txt passwords.txt --format=RAW-MD5
Using default input encoding: UTF-8
Loaded 5 password hashes with no different salts (Raw-MD5 [MD5 256/256 AVX2 8x3])
Warning: no OpenMP support for this hash type, consider --fork=12
Press 'q' or Ctrl-C to abort, 'h' for help, almost any other key for status
joybird1         (?)
ryjd1982         (?)
kirkles          (?)
emilybffl        (?)
ddmack           (?)
5g 0:00:00:00 DONE (2023-01-31 13:25) 7.042g/s 12294Kp/s 12294Kc/s 41359KC/s ddnrcr69su..ddk573
Use the "--show --format=Raw-MD5" options to display all of the cracked passwords reliably
Session completed.

NOTE: The results will NOT be in order, so try doing only one hash at a time. You can update the same file and reuse the same John command with echo "hash" > passwords.txt.

If a hash isn't showing and you think it should, you can purge your cache with the following and try again:

$ sudo apt install mlocate nocache
$ locate john.pot
$ sudo rm your/path/to/john.pot

You can use Rules to generate passwords as well. For example, if I want to generate passwords in the format "SKY-HQNT-" followed by 4 digits, I can do this:

wget https://openwall.info/wiki/_media/john/korelogic-rules-20100801.txt
cat korelogic-rules-20100801.txt | sudo tee /etc/john/john.conf

# List all the rules
for ruleset in `grep KoreLogicRules /etc/john/john.conf | cut -d: -f 2 | cut -d\] -f 1`; do echo ${ruleset}; done

echo "SKY-HQNT-" > custom_wordlist.txt

# Actually generate the passwords
john --wordlist=custom_wordlist.txt --rules=KoreLogicRulesAppend4Num passwords.txt

Search That Hash

Search That Hash

Installation

pip3 install search-that-hash