How to use the command hashid (with examples)
Hashid is a command-line program written in Python that is used to identify different types of data and password hashes. It is a useful tool for security professionals and system administrators to determine the type of hash they are dealing with, which is crucial for selecting the appropriate techniques to crack or analyze those hashes.
Use case 1: Identify hashes from stdin
Code:
hashid
Motivation: This use case is useful when you have a hash that you want to identify without the need to pass it as an argument or from a file. You can simply input the hash directly into stdin
either by typing it, copying and pasting it, or piping it from another command.
Explanation: The hashid
command without any arguments will read the input from stdin
and try to identify the hash type.
Example output:
$ hashid
Enter your hash: e10adc3949ba59abbe56e057f20f883e
Analyzing 'e10adc3949ba59abbe56e057f20f883e'
[+] MD5 Crypt [MD5 32/64 ecc/src/ECCCrypt.h] [Hashcat / John]
Use case 2: Identify hashes passed as arguments
Code:
hashid hash
Motivation: This use case is suitable when you have a single hash that you want to identify by passing it as an argument directly to the hashid
command.
Explanation: When you provide a single hash as an argument, hashid
will analyze the hash and try to determine its type.
Example output:
$ hashid e10adc3949ba59abbe56e057f20f883e
Analyzing 'e10adc3949ba59abbe56e057f20f883e'
[+] MD5 Crypt [MD5 32/64 ecc/src/ECCCrypt.h] [Hashcat / John]
Use case 3: Identify hashes on a file
Code:
hashid path/to/hashes.txt
Motivation: This use case is beneficial when you have multiple hashes stored in a file, with each hash on a new line. Providing the file path as an argument allows hashid
to analyze each hash in the file and identify its type.
Explanation: When you pass the path to a file containing hashes as an argument, hashid
will read the contents of the file and analyze each hash individually to determine its type.
Example output:
$ hashid hashes.txt
Analyzing 'e10adc3949ba59abbe56e057f20f883e'
[+] MD5 Crypt [MD5 32/64 ecc/src/ECCCrypt.h] [Hashcat / John]
Analyzing '1d5d5ba74c2d6c464acd03d0c3e44f8debfa3f144582ff1e67c6b64d61c2b97b'
[+] SHA-256 Crypt [SHA 256/384/512 2015.guy/2017.08.04] [Hashcat / John]
Use case 4: Show all possible hash types
Code:
hashid --extended hash
Motivation: This use case is useful when you want to obtain more information about the identified hash types, including salted hashes.
Explanation: By specifying the --extended
flag followed by the hash as an argument, hashid
will not only identify the hash type but also provide additional details such as salted hash variants.
Example output:
$ hashid --extended e10adc3949ba59abbe56e057f20f883e
Analyzing 'e10adc3949ba59abbe56e057f20f883e'
[+] MD5 Crypt [MD5 22/32 ecc/src/ECCCrypt.h] [Hashcat / John]
[+] MD5 Half [MD5 16/32 ecc/src/ECCCrypt.h] [Hashcat / John]
[+] MD5 (w/salt) [MD5 32/64 ecc/src/ECCCrypt.h] [Hashcat / John]
[+] MD5 (w/salt) (HMAC) [MD5 32/64 ecc/src/ECCCrypt.h] [Hashcat / John]
Use case 5: Show hashcat
’s mode number and john
’s format string of the hash types
Code:
hashid --mode --john hash
Motivation: This use case is helpful when you need to know the specific mode number for hashcat
and the format string for john
for the identified hash types.
Explanation: By using the --mode
flag followed by the --john
flag and providing the hash as an argument, hashid
will display the mode number for hashcat
and the format string for john
next to each identified hash type.
Example output:
$ hashid --mode --john e10adc3949ba59abbe56e057f20f883e
Analyzing 'e10adc3949ba59abbe56e057f20f883e'
[+] MD5 Crypt [MD5 22/32 ecc/src/ECCCrypt.h] [10 14] [Hashcat / John]
Use case 6: Save output to a file
Code:
hashid --outfile path/to/output.txt hash
Motivation: This use case is useful when you want to save the output of the hashid
command to a file instead of printing it to the standard output (stdout
).
Explanation: By using the --outfile
flag followed by the path to the output file and providing the hash as an argument, hashid
will write the output to the specified file instead of printing it to the console.
Example output:
$ hashid --outfile output.txt e10adc3949ba59abbe56e057f20f883e
$ cat output.txt
Analyzing 'e10adc3949ba59abbe56e057f20f883e'
[+] MD5 Crypt [MD5 32/64 ecc/src/ECCCrypt.h] [Hashcat / John]
Conclusion:
The hashid
command is a powerful tool for identifying various types of data and password hashes. It allows you to quickly determine the type of hash you are dealing with, which is crucial for selecting the appropriate techniques to crack or analyze those hashes. By using hashid
in different ways, such as identifying hashes from stdin
, passing hashes as arguments, analyzing hashes in a file, displaying all possible hash types, showing hashcat
mode numbers and john
format strings, and saving output to a file, you can effectively work with hashes and enhance your security analysis workflow.