Sometimes you just need the password

Example Password Hashes

Cryptographic Hashes

A cryptographic hash is a one way function that maps a set of data to a fixed length value (known as a hash or message digest). Ideally it should be impossible to reverse the calculation from the hash. The only way to find the data or string that produced a hash is to brute-force possible inputs and see if the result is a match to the hash.

A hash function must always generate the same hash from the same message (data).

Common Hash Types

These examples are computed for the plain text string 'password'

Hash TypeHashLength

Using bash on any Linux command line you can get the MD5 / SHA1 / SHA256 / SHA512 hash of a string simply by echoing the string to the hash sum utility.

    [email protected]:~$ echo -n password | md5sum -
    5f4dcc3b5aa765d61d8327deb882cf99  -

Content Management System Hashes

Examples of hashes from WordPress, Joomla and Drupal. Note that these types of hashes are salted and may use other function within the generation of the hash to make them harder to break. These hashes are using the string 'hashcat'.

Hash TypeHash
WordPress / Joomla$P$984478476IagS59wHZvyQMArzfx58u.

Common Network Service Hashes

Examples of hashes from MySQL, MSSQL, Microsoft Systems and other well known network services. These hashes use a variety of formats and are all using the string 'hashcat'.

Hash TypeHash
MySQL 37196759210defdc0
MySQL 4.1 & 5fcf7c1b8749cf99d88e5f34271d636178fb5d130
MSSQL 20050x010018102152f8f28c8499d8ef263c53f8be369d799f931b2fbe
Citrix Netscaler SHA11765058016a22f1b4e076dccd1c3df4e8e5c0839ccded98ea