Hacking Tutorials

How To Identify Hashes?

Hello guys! Today we are going to learn how to identify a hashes. So lets start!

Identifying Hash Algorithm

Before we start discussing about hash identification I want to tell you something real quick,

Hexadecimal Numbers: 0,1,2,3,4,5,6,7,8,9, a,b,c,d,e,f are called hexadecimal characters. To know more about hexadecimal numbers,read this WikiPedia entry.
Each hexadecimal number represent 4 bits. Now for example, the string “a26fe” contains 5 Hexadecimal characters so I can say its a 4 x 5 = 20 bit string. Easy? Great.

Now take a look at this hash, 5187942d399d4ed244068db70a11319e
It contains only hexadecimal numbers right? The number of characters in this hash is 32.
Hence the length of the hash in bits can be calculated as, 32 x 4 = 128 bits

Now here is a nice and short table of bit-lengths of different hash types:

Name Length
MD2 128 bits
MD4 128 bits
MD5 128 bits
MD6 Up to 512 bits
RIPEMD-128 128 bits
RIPEMD-160 160 bits
RIPEMD-320 320 bits
SHA-1 160 bits
SHA-224 224 bits
SHA-256 256 bits
SHA-384 384 bits
SHA-512 512 bits
SHA-3 (originally known as Keccak) arbitrary
Tiger 192 bits
Whirlpool 512 bits

Source: List of hash functions

Hmmm so the bit-length of our target hash is 128 bits and according the table above, it can be any of these four hashes:
MD2 (Designed in 1989)
MD4 (Designed in 1990)
MD5 (Designed in 1991)
RIPEMD-128 (Designed in 2004)
As you can see, MD5 is the newest 128 bit-length hash in MD Category so no one uses MD2 and MD4 now-a-days. So we can guess that its an MD5 or a RIPEMD-128.
Now ask yourself, which program generated this hash? Well in my case, I got this hash from an MySQL database while performing SQL Injection.

Now your experience and knowledge comes into play, I know that MySQL database management system usually store passwords as MD5 hashes so I know its an MD5 and not a RIPEMD-128. Windows use NTLM hashing algorithm, Linux use MD5, SHA-256 or SHA-512, Blowfish etc., Maria DBMS uses MD5 or SHA-1.

So here’s the conclusion:

  1.  Find the bit-length of the hash and write down possible hash types
  2. Use your common sense to make an educated guess

But if you are lazy then you can just use this website to make guesses for you. Or if you want something better then you can use a program named “Hash-identifier”.

Linux users can install it via the following command in the terminal

apt-get install hash-identifier

Using hash-identifier is a piece of cake. Run it and enter your hash and it makes really good guesses for you.

hash-identifier kali

If you are a windows user (unfortunately), then you can download it from its github mirror.

Thanks for reading! I hope you learned something new today.

Also Read: TCP/IP Model Explained

Browse Categories:

Subscribe Now

Get the latest post directly into your inbox.

Thank you for subscribing.

Something went wrong.