Disclaimer: This post is for research and educational purposes only. I do not take any responsibility, in regards to the actions taken by readers of this article. Never attempt to hack a device for which you do not have the required permissions to do so.

Hash? Hashing? Hash function? Checksum? Yes I know, there are some really confusing terms out there regarding hashes. But you need not worry, in this post I will cover all basic concepts regarding hashes, and at the end we will try cracking a few of them.

What is a Hash?

A hash is an alphanumeric string that uniquely identifies a piece of data. For example, the MD5 hash for the string “hello” is 5d41402abc4b2a76b9719d911017c592. This hash will remain the same for this string as it is unique. If we try to modify the string, the hash changes. Example, the hash for “hello world” would be 5eb63bbbe01eeed093cb22bb8f5acdc32. As you can see, the above two hashes do not mach.

 Hashes are used mostly for digital signatures, password storage, file verification systems, message authentication codes and other types of authentication.

What is a Hash function?

for explaining

A hash function is a mathematical function, where you input any kind of digital data, such as strings, files, compressed folders and so on. The function then processes that data and outputs a hash value. 

The process of converting data into a hash is known as hashing.

An issue with hashing algorithms is the certainty of collisions. That is because hashes represent a fixed length string, meaning that for every input imaginable, there are other possible inputs that will generate the same hash.

An ideal hash function should contain the following properties:

  • For any form of data it should be able to calculate the hash value quickly.
  • Its hash value should be computed in such a way that, it would prevent reconstruction of a message from it.
  • It should not allow collisions with other hashes, each message must have its own hash.
  • Any change made to a message should change its hash value. Eve-ry kind of alteration should lead to a whole different hash.

A checksum is a sequence of numbers and letters used to check data for errors.

Few commonly used hashing algorithms:

  1. Md4, 
  2. Md5, 
  3. Sha256,
  4. Sha512,
  5. Snefru256
  6. Ripemd256,
  7. Ghost-Crypto

Bitcoin uses SHA-256

Try them here https://www.pelock.com/products/hash-calculator

Advertisements

How to crack hashes using Hashcat?

Hashcat is a password cracker tool. It was created to be able to brute force the most complex of passwords. Additionally, it is regarded as being highly flexible, robust and fast in comparison to other password hacking tools. This tool has lot of options and attack methods, but for this post we are going to keep it basic.

Hashes are never deciphered or decrypted, they are cracked.

Now imagine a scenario where you have discovered a file called user_info.txt which contains passwords of users from a website. Unfortunately for you they are hashed using the MD5 algorithm. It looks something like this:

e4c1fa4925dfe29add4b6f973799bb62
5d2802f530318d2a5fd5503e274350b2
98eae6a3c07423271589375db5a03965
35366f2476b611a387d7b38c8284f2a3
1724d90a320e1d0569a4c54ba27d5db8
2aec4f9d44b474dccc925fa816142ec2
3245056453a6571351b8c0dcb826053e

And you also have a dictionary of passwords which a user might use. It is called dic.txt and looks like this:

hashingisfun123
123hash1234
helloword000
thisisthehash
ilovehashing123
md5sumsha1pass
followmyblog
hashiscracked55
wordpress,5r43
securityisfun123
hashcat90sdfs
didyouseemerobot
pythonisbetterlol455
snowwhiteiswhite
batmanvssuperman
killtheworld43532
cupidstupid

Now its time to fire up Hashcat to try to any retrieve passwords. What Hashcat will do now is, it will covert every password in the dictionary to MD5 and then compare it with the hashes in user_info.txt. As soon as we get a match it will let us know.

hashcat -a 0 -m 0 user_info.txt dic.txt

The -a indicates the attack mode which is set to 0 (dictionary attack) and the -m indicates the type of hash which is also set to 0 (MD5). The next two files are the hashed passwords and the dictionary file respectively.

As you can see we cracked a hash and the password is “hashiscracked55”. In a real life scenario it won’t be that easy. In a later post i will be covering Hashcat in more detail, but i hope that everyone understood the basics for now. Please don’t even try this on live targets, if you want to practice you should try CTFs.

HAPPY HACKING