Hashing Algorithms / Hash Types

1. /*
2. Follow me on Twitter: @OxAlien
3. */
4.  
5. Hash Algorthims / Hash types for hash cracking.
6.  
7.  
8. DES(Unix)
9. Example: IvS7aeT4NzQPM
10. Used in Linux and other similar OS.
11. Length: 13 characters.
12. Description: The first two characters are the salt (random characters; in our example the salt is the string "Iv"), then there follows the actual hash.
13. Notes: [1] [2]
14.  
15. Domain Cached Credentials
16. Example: Admin:b474d48cdfc4974d86ef4d24904cdd91
17. Used for caching passwords of Windows domain.
18. Length: 16 bytes.
19. Algorithm: MD4(MD4(Unicode($pass)).Unicode(strtolower($username)))
20. Note: [1]
21.  
22. MD5(Unix)
23. Example: $1$12345678$XM4P3PrKBgKNnTaqG9P0T/
24. Used in Linux and other similar OS.
25. Length: 34 characters.
26. Description: The hash begins with the $1$ signature, then there goes the salt (up to 8 random characters; in our example the salt is the string "12345678"), then there goes one more $ character, followed by the actual hash.
27. Algorithm: Actually that is a loop calling the MD5 algorithm 2000 times.
28. Notes: [1] [2]
29.  
30. MD5(APR)
31. Example: $apr1$12345678$auQSX8Mvzt.tdBi4y6Xgj.
32. Used in Linux and other similar OS.
33. Length: 37 characters.
34. Description: The hash begins with the $apr1$ signature, then there goes the salt (up to 8 random characters; in our example the salt is the string "12345678"), then there goes one more $ character, followed by the actual hash.
35. Algorithm: Actually that is a loop calling the MD5 algorithm 2000 times.
36. Notes: [1] [2]
37.  
38. MD5(phpBB3)
39. Example: $H$9123456785DAERgALpsri.D9z3ht120
40. Used in phpBB 3.x.x.
41. Length: 34 characters.
42. Description: The hash begins with the $H$ signature, then there goes one character (most often the number '9'), then there goes the salt (8 random characters; in our example the salt is the string "12345678"), followed by the actual hash.
43. Algorithm: Actually that is a loop calling the MD5 algorithm 2048 times.
44. Notes: [1] [2]
45.  
46. MD5(Wordpress)
47. Example: $P$B123456780BhGFYSlUqGyE6ErKErL01
48. Used in Wordpress.
49. Length: 34 characters.
50. Description: The hash begins with the $P$ signature, then there goes one character (most often the number 'B'), then there goes the salt (8 random characters; in our example the salt is the string "12345678"), followed by the actual hash.
51. Algorithm: Actually that is a loop calling the MD5 algorithm 8192 times.
52. Notes: [1] [2]
53.  
54. MySQL
55. Example: 606717496665bcba
56. Used in the old versions of MySQL.
57. Length: 8 bytes.
58. Description: The hash consists of two DWORDs, each not exceeding the value of 0x7fffffff.
59.  
60. MySQL5
61. Example: *E6CC90B878B948C35E92B003C792C46C58C4AF40
62. Used in the new versions of MySQL.
63. Length: 20 bytes.
64. Algorithm: SHA-1(SHA-1($pass))
65. Note: The hashes are to be loaded to the program without the asterisk that stands in the beginning of each hash.
66.  
67. RAdmin v2.x
68. Example: 5e32cceaafed5cc80866737dfb212d7f
69. Used in the application Remote Administrator v2.x.
70. Length: 16 bytes.
71. Algorithm: The password is padded with zeros to the length of 100 bytes, then that entire string is hashed with the MD5 algorithm.
72.  
73. MD5
74. Example: c4ca4238a0b923820dcc509a6f75849b
75. Used in phpBB v2.x, Joomla version below 1.0.13 and many other forums and CMS.
76. Length: 16 bytes.
77. Algorithm: Same as the md5() function in PHP.
78.  
79. md5($pass.$salt)
80. Example: 6f04f0d75f6870858bae14ac0b6d9f73:1234
81. Used in WB News, Joomla version 1.0.13 and higher.
82. Length: 16 bytes.
83. Note: [1]
84.  
85. md5($salt.$pass)
86. Example: f190ce9ac8445d249747cab7be43f7d5:12
87. Used in osCommerce, AEF, Gallery and other CMS.
88. Length: 16 bytes.
89. Note: [1]
90.  
91. md5(md5($pass))
92. Example: 28c8edde3d61a0411511d3b1866f0636
93. Used in e107, DLE, AVE, Diferior, Koobi and other CMS.
94. Length: 16 bytes.
95.  
96. md5(md5($pass).$salt)
97. Example: 6011527690eddca23580955c216b1fd2:wQ6
98. Used in vBulletin, IceBB.
99. Length: 16 bytes.
100. Notes: [1] [3] [4]
101.  
102. md5(md5($salt).md5($pass))
103. Example: 81f87275dd805aa018df8befe09fe9f8:wH6_S
104. Used in IPB.
105. Length: 16 bytes.
106. Notes: [1] [3]
107.  
108. md5(md5($salt).$pass)
109. Example: 816a14db44578f516cbaef25bd8d8296:1234
110. Used in MyBB.
111. Length: 16 bytes.
112. Note: [1]
113.  
114. md5($salt.$pass.$salt)
115. Example: a3bc9e11fddf4fef4deea11e33668eab:1234
116. Used in TBDev.
117. Length: 16 bytes.
118. Note: [1]
119.  
120. md5($salt.md5($salt.$pass))
121. Example: 1d715e52285e5a6b546e442792652c8a:1234
122. Used in DLP.
123. Length: 16 bytes.
124. Note: [1]
125.  
126. SHA-1
127. Example: 356a192b7913b04c54574d18c28d46e6395428ab
128. Used in many forums and CMS.
129. Length: 20 bytes.
130. Algorithm: Same as the sha1() function in PHP.
131.  
132. sha1(strtolower($username).$pass)
133. Example: Admin:6c7ca345f63f835cb353ff15bd6c5e052ec08e7a
134. Used in SMF.
135. Length: 20 bytes.
136. Note: [1]
137.  
138. sha1($salt.sha1($salt.sha1($pass)))
139. Example: cd37bfbf68d198d11d39a67158c0c9cddf34573b:1234
140. Used in Woltlab BB.
141. Length: 20 bytes.
142. Note: [1]
143.  
144. SHA-256(Unix)
145. Example: $5$12345678$jBWLgeYZbSvREnuBr5s3gp13vqiKSNK1rkTk9zYE1v0
146. Used in Linux and other similar OS.
147. Length: 55 characters.
148. Description: The hash begins with the $5$ signature, then there goes the salt (up to 8 random characters; in our example the salt is the string "12345678"), then there goes one more $ character, followed by the actual hash.
149. Algorithm: Actually that is a loop calling the SHA-256 algorithm 5000 times.
150. Notes: [1] [2]
151.  
152. SHA-512(Unix)
153. Example: $6$12345678$U6Yv5E1lWn6mEESzKen42o6rbEmFNLlq6Ik9X3reMXY3doKEuxrcDohKUx0Oxf44aeTIxGEjssvtT1aKyZHjs
154. Used in Linux and other similar OS.
155. Length: 98 characters.
156. Description: The hash begins with the $6$ signature, then there goes the salt (up to 8 random characters; in our example the salt is the string "12345678"), then there goes one more $ character, followed by the actual hash.
157. Algorithm: Actually that is a loop calling the SHA-512 algorithm 5000 times.
158. Notes: [1] [2]
159.  
160. SHA-1(Django) = sha1($salt.$pass)
161. Example: sha1$12345678$90fbbcf2b72b5973ae42cd3a19ab4ae8a1bd210b
162. 12345678 is salt (in the hexadecimal format)
163. 90fbbcf2b72b5973ae42cd3a19ab4ae8a1bd210b is SHA-1 hash.
164.  
165. SHA-256(Django) = SHA-256($salt.$pass)
166. Example: sha256$12345678$154c4c511cbb166a317c247a839e46cac6d9208af5b015e1867a84cd9a56007b
167. 12345678 is salt (in the hexadecimal format)
168. 154c4c511cbb166a317c247a839e46cac6d9208af5b015e1867a84cd9a56007b is SHA-256 hash.
169.  
170. SHA-384(Django) = SHA-384($salt.$pass)
171. Example: sha384$12345678$c0be393a500c7d42b1bd03a1a0a76302f7f472fc132f11ea6373659d0bd8675d04e12d8016d83001c327f0ab70843dd5
172. 12345678 is salt (in the hexadecimal format)
173. c0be393a500c7d42b1bd03a1a0a76302f7f472fc132f11ea6373659d0bd8675d04e12d8016d83001c327f0ab70843dd5 is SHA-384 hash.
174.  
175. SHA-1(ManGOS) = sha1(strtoupper($username).':'.$pass)
176.  
177. SHA-1(ManGOS2) = sha1($username.':'.$pass)
178.  
179. MD5(Custom) = '=='.md5(md5(md5($pass).md5($pass).md5($pass).md5($pass)))
180.  
181. md5(3 x strtoupper(md5($pass))) = md5(strtoupper(md5(strtoupper(md5(strtoupper(md5($pass)))))))
182.  
183. MD5(ZipMonster) = 50000 x strtoupper(md5(strtoupper($pass)))