SHA1 Hash Cracking / Pop that Hash

Why not SHA1 Decrypted?

Technically speaking SHA1 password hashes are not cracked or decrypted . They are matched using a list of possible passwords, it is more akin to reversing than breaking. A list of possible passwords (dictionary) is computed to generate a list of SHA1 hashes and the one that matches the target hash corresponds with the now known password.

Passwords stored as an SHA1 Hash are usually represented as a 40 character hexadecimal number. The power of modern computers (particularly GPU based) makes SHA1 a password storage function that is not secure.

An example SHA1 hash of the string password is 5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8.

Try to match the example in our online SHA1 password hash tool below.

SHA1 Password Hash Search

Enter a hash below to have it compared against hashes from the rockyou.txt password list. These hashes are computed so rapidly that we test millions of potential passwords in less than a second.

SHA1 Hash Command Line Examples

SHA1 hash of a string using Bash

Using bash on any Linux command line you can get the SHA1 hash of a string simply by echoing the string to the sha1sum utility. Using echo -n ensures the line break is not included in the hash generation.

        
    user@host:~$ echo -n password | sha1sum -
    5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8  -

SHA1 hash of a file using Bash

In this example we use bash and the SHA1sum utility to generate an SHA1 hash of a file. It is interesting to note that a simple text file with the "password" string matches the hash of the string password. As long as there is no line breaks in the file the hash will match. Of course getting the SHA1 sum of a file is often used to confirm a files integrity - that two files from different locations or that have been downloaded match. The hash function can be performed against any file type not only simple text.


    user@host:~$ echo -n password > test.txt
    user@host:~$ sha1sum test.txt
    5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8  test.txt

SHA1 hash of a string using Python 3.x

Using python from the command line we can generate the SHA1 hash of a string using the hashlib library. Note the use of this library in Python 3.x requires that the string be in byte string format (encoded).


    user@host:~$ python3
    Python 3.8.10 (default, Sep 28 2021, 16:10:42) 
    [GCC 9.3.0] on linux
    Type "help", "copyright", "credits" or "license" for more information.
    >>> import hashlib
    >>> output = hashlib.SHA1(b'password')
    >>> print(output)
    <SHA1 HASH object @ 0x7ff7a3557f10>
    >>> print(output.hexdigest())
    5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8

SHA1 hash of a file using Windows

Since Windows 2003 there is tool that can be used to calculate SHA1 hashes of a file. The CertUtil is able to perform this function as shown below. Note that files generated under Windows will be encoded differently to those generated under Linux or OSX.


    C:\Users\vagrant\> CertUtil -hashfile test.txt SHA1
    SHA1 hash of test.txt
    5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8

If you see a different hash in Windows compared to Linux you may find that the two files are actually different. Even though they both might contain exactly the same text; there can be differences in the encoding or line breaks. To test try running the Linux file command on the Windows generated file. If the result is test.txt: Little-endian UTF-16 Unicode text, with no line terminators then this will account for the difference. You could also run hexdump on the two different files to see the differences in the raw bytes of the files.

SHA1 hash of a file using Powershell

Using Powershell we can also generate an SHA1 using the Get-File-Hash cmdlet. Note that even plain text files generated under Windows may be encoded differently to those generated under Linux or OSX. See note above.


    PS C:\Users\vagrant> Get-FileHash -Algorithm SHA1 linux.txt

    Algorithm       Hash                                                                   Path
    ---------       ----                                                                   ----
    SHA1             5F4DCC3B5AA765D61D8327DEB882CF99                                       C:\Users\vagrant\test.txt

SHA1 hash of a string using PHP

A simple SHA1 function within PHP allows the hash to be generated in this example. The string being hashed could also of course be a variable or a binary blob.


    user@test:~$ echo "<?php print(SHA1('password')) ?>" > test.php
    user@test:~$ php test.php
    5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8

Brief History of SHA1

First developed in 1993 the SHA1 algorithm, as far back as 2005 the it was considered insecure against "well funded attackers". The increase in computing power has allowed brute calculations of SHA1 into the billions per second with common consumer hardware.

The algorithm to generate the hash is based on similar principles to MD5 but generates a larger hash value (160 bits vs. 128 bits).

If you are interested in the background and history of SHA1 there is a comprehensive wikipedia article.

Sometimes you just need the password