try hack me
  • what is this repo?
  • Pre Security
    • Introduction to Cyber Security
    • Linux Fundamentals
  • pre security Tools
    • gobuster
    • ping (ICMP)
    • nslookup
    • basic Linux commands
    • basic Linux operators
    • some Linux web command
    • processes
    • cron tabs (schedule)
    • Important Directories
    • basic CMD command
    • ssh
    • ftp
    • simple digital forensics commands
  • Complete Begginer
    • CVE tracking websites
    • traceroute
    • whois
    • dig
    • nmap
    • smb
    • Telnet
      • tcpdump listener & reverse shell
    • ftp
    • hydra
    • NFS
    • smtp
    • mysql
    • 🅱️Burp Suite
      • Proxy
      • target
      • intruder
      • simple XSS attack
    • OWASP top 10 : 2021
      • 1. Broken Access Control
      • 2. Cryptographic Failures
      • 3. Injection
      • 4. Insecure Design
      • 5. Security Misconfiguration
      • 6. Vulnerable and Outdated Components
      • 7. Identification and Authentication Failures
      • 8. Software and Data Integrity Failures
        • Software Integrity Failures
        • Data Integrity Failures
      • 9. Security Logging and Monitoring Failures
      • 10. Server-Side Request Forgery (SSRF)
    • file type recognition
      • How to change magic numbers
    • upload vulnerability exploiting
    • about hash
    • john the ripper
      • /etc/shadow
      • Single Crack Mode
      • Custom Rules
      • rar and zip
      • SSH Key Passwords
      • GPG/PGP
    • Encryption
      • SSH authentication
      • SSH configuration (sort of)
      • GnuPG (very basic)
    • metasploit
      • mian components
      • Scanner
      • The Metasploit Database
      • Vulnerability Scanning
      • exploiting
      • Msfvenom
      • Meterpreter>
        • Commands
        • Post-Exploitation
    • Shell
      • netcat
      • socat
      • common shell payloads
      • Next steps
    • privilege esclation
      • Exploiting Writeable /etc/passwd
      • Vi, sudo -l, GTFOBin
      • Cron tab exploitation
      • Exploiting PATH Variable
      • some checklists
      • windows
        • miscellaneous
      • Examples
        • mysql running as root
        • Weak File Permissions
        • Sudo
        • Cron Jobs
        • SUID / SGID Executables
        • Passwords & Keys
        • NFS
        • Kernel Exploits
    • file transfer between two machines
  • SQL injection
  • Google Dorking
  • Web hacking intro
    • Walking an application
    • Content Discovery(ffuf, dirb, gobuster)
    • Subdomain Enumeration
    • Authentication bypass
    • IDOR
    • File Inclusion
Powered by GitBook
On this page
  1. Complete Begginer

about hash

Previousupload vulnerability exploitingNextjohn the ripper

Last updated 7 months ago

hash recognition tool

Unix style password hashes are very easy to recognise, as they have a prefix. The prefix tells you the hashing algorithm used to generate the hash. The standard format is$format$rounds$salt$hash.

Windows passwords are hashed using NTLM, which is a variant of md4. They're visually identical to md4 and md5 hashes, so it's very important to use context to work out the hash type.

On Linux, password hashes are stored in /etc/shadow. This file is normally only readable by root. They used to be stored in /etc/passwd, and were readable by everyone.

On Windows, password hashes are stored in the SAM. Windows tries to prevent normal users from dumping them, but tools like mimikatz exist for this. Importantly, the hashes found there are split into NT hashes and LM hashes.

Here's a quick table of the most Unix style password prefixes that you'll see.

Prefix
Algorithm

$1$

md5crypt, used in Cisco stuff and older Linux/Unix systems

$2$, $2a$, $2b$, $2x$, $2y$

Bcrypt (Popular for web applications)

$6$

sha512crypt (Default for most Linux/Unix systems)

A great place to find more hash formats and password prefixes is the hashcat example page, available here: https://hashcat.net/wiki/doku.php?id=example_hashes. For other hash types, you'll normally need to go by length, encoding or some research into the application that generated them. Never underestimate the power of research.

LogohashIDPyPI