Created
March 17, 2015 04:51
-
-
Save bburky/c7e1f955b10570c38f16 to your computer and use it in GitHub Desktop.
HashID prototypes to JSON
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[ | |
{ | |
"regex": "^[a-f0-9]{4}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "CRC-16" | |
}, | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "CRC-16-CCITT" | |
}, | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "FCS-16" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-f0-9]{8}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "Adler-32" | |
}, | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "CRC-32B" | |
}, | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "FCS-32" | |
}, | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "GHash-32-3" | |
}, | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "GHash-32-5" | |
}, | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "FNV-132" | |
}, | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "Fletcher-32" | |
}, | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "Joaat" | |
}, | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "ELF-32" | |
}, | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "XOR-32" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-f0-9]{6}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "CRC-24" | |
} | |
] | |
}, | |
{ | |
"regex": "^(\\$crc32\\$[a-f0-9]{8}.)?[a-f0-9]{8}$", | |
"modes": [ | |
{ | |
"john": "crc32", | |
"hashcat": null, | |
"extended": false, | |
"name": "CRC-32" | |
} | |
] | |
}, | |
{ | |
"regex": "^\\+[a-z0-9\\/.]{12}$", | |
"modes": [ | |
{ | |
"john": "bfegg", | |
"hashcat": null, | |
"extended": false, | |
"name": "Eggdrop IRC Bot" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-z0-9\\/.]{13}$", | |
"modes": [ | |
{ | |
"john": "descrypt", | |
"hashcat": 1500, | |
"extended": false, | |
"name": "DES(Unix)" | |
}, | |
{ | |
"john": "descrypt", | |
"hashcat": 1500, | |
"extended": false, | |
"name": "Traditional DES" | |
}, | |
{ | |
"john": "descrypt", | |
"hashcat": 1500, | |
"extended": false, | |
"name": "DEScrypt" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-f0-9]{16}$", | |
"modes": [ | |
{ | |
"john": "mysql", | |
"hashcat": 200, | |
"extended": false, | |
"name": "MySQL323" | |
}, | |
{ | |
"john": null, | |
"hashcat": 3100, | |
"extended": false, | |
"name": "DES(Oracle)" | |
}, | |
{ | |
"john": null, | |
"hashcat": 5100, | |
"extended": false, | |
"name": "Half MD5" | |
}, | |
{ | |
"john": null, | |
"hashcat": 3100, | |
"extended": false, | |
"name": "Oracle 7-10g" | |
}, | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "FNV-164" | |
}, | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "CRC-64" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-z0-9\\/.]{16}$", | |
"modes": [ | |
{ | |
"john": "pix-md5", | |
"hashcat": 2400, | |
"extended": false, | |
"name": "Cisco-PIX(MD5)" | |
} | |
] | |
}, | |
{ | |
"regex": "^\\([a-z0-9\\/+]{20}\\)$", | |
"modes": [ | |
{ | |
"john": "dominosec", | |
"hashcat": 8700, | |
"extended": false, | |
"name": "Lotus Notes/Domino 6" | |
} | |
] | |
}, | |
{ | |
"regex": "^_[a-z0-9\\/.]{19}$", | |
"modes": [ | |
{ | |
"john": "bsdicrypt", | |
"hashcat": null, | |
"extended": false, | |
"name": "BSDi Crypt" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-f0-9]{24}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "CRC-96(ZIP)" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-z0-9\\/.]{24}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "Crypt16" | |
} | |
] | |
}, | |
{ | |
"regex": "^(\\$md2\\$)?[a-f0-9]{32}$", | |
"modes": [ | |
{ | |
"john": "md2", | |
"hashcat": null, | |
"extended": false, | |
"name": "MD2" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-f0-9]{32}(:.+)?$", | |
"modes": [ | |
{ | |
"john": "raw-md5", | |
"hashcat": 0, | |
"extended": false, | |
"name": "MD5" | |
}, | |
{ | |
"john": "raw-md4", | |
"hashcat": 900, | |
"extended": false, | |
"name": "MD4" | |
}, | |
{ | |
"john": null, | |
"hashcat": 2600, | |
"extended": false, | |
"name": "Double MD5" | |
}, | |
{ | |
"john": "lm", | |
"hashcat": 3000, | |
"extended": false, | |
"name": "LM" | |
}, | |
{ | |
"john": "ripemd-128", | |
"hashcat": null, | |
"extended": false, | |
"name": "RIPEMD-128" | |
}, | |
{ | |
"john": "haval-128-4", | |
"hashcat": null, | |
"extended": false, | |
"name": "Haval-128" | |
}, | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "Tiger-128" | |
}, | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "Skein-256(128)" | |
}, | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "Skein-512(128)" | |
}, | |
{ | |
"john": "lotus5", | |
"hashcat": 8600, | |
"extended": false, | |
"name": "Lotus Notes/Domino 5" | |
}, | |
{ | |
"john": null, | |
"hashcat": 23, | |
"extended": false, | |
"name": "Skype" | |
}, | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": true, | |
"name": "ZipMonster" | |
}, | |
{ | |
"john": null, | |
"hashcat": 11000, | |
"extended": true, | |
"name": "PrestaShop" | |
}, | |
{ | |
"john": null, | |
"hashcat": 3500, | |
"extended": true, | |
"name": "md5(md5(md5($pass)))" | |
}, | |
{ | |
"john": null, | |
"hashcat": 4300, | |
"extended": true, | |
"name": "md5(strtoupper(md5($pass)))" | |
}, | |
{ | |
"john": null, | |
"hashcat": 4400, | |
"extended": true, | |
"name": "md5(sha1($pass))" | |
}, | |
{ | |
"john": null, | |
"hashcat": 10, | |
"extended": true, | |
"name": "md5($pass.$salt)" | |
}, | |
{ | |
"john": null, | |
"hashcat": 20, | |
"extended": true, | |
"name": "md5($salt.$pass)" | |
}, | |
{ | |
"john": null, | |
"hashcat": 30, | |
"extended": true, | |
"name": "md5(unicode($pass).$salt)" | |
}, | |
{ | |
"john": null, | |
"hashcat": 40, | |
"extended": true, | |
"name": "md5($salt.unicode($pass))" | |
}, | |
{ | |
"john": "hmac-md5", | |
"hashcat": 50, | |
"extended": true, | |
"name": "HMAC-MD5 (key = $pass)" | |
}, | |
{ | |
"john": "hmac-md5", | |
"hashcat": 60, | |
"extended": true, | |
"name": "HMAC-MD5 (key = $salt)" | |
}, | |
{ | |
"john": null, | |
"hashcat": 3610, | |
"extended": true, | |
"name": "md5(md5($salt).$pass)" | |
}, | |
{ | |
"john": null, | |
"hashcat": 3710, | |
"extended": true, | |
"name": "md5($salt.md5($pass))" | |
}, | |
{ | |
"john": null, | |
"hashcat": 3720, | |
"extended": true, | |
"name": "md5($pass.md5($salt))" | |
}, | |
{ | |
"john": null, | |
"hashcat": 3810, | |
"extended": true, | |
"name": "md5($salt.$pass.$salt)" | |
}, | |
{ | |
"john": null, | |
"hashcat": 3910, | |
"extended": true, | |
"name": "md5(md5($pass).md5($salt))" | |
}, | |
{ | |
"john": null, | |
"hashcat": 4010, | |
"extended": true, | |
"name": "md5($salt.md5($salt.$pass))" | |
}, | |
{ | |
"john": null, | |
"hashcat": 4110, | |
"extended": true, | |
"name": "md5($salt.md5($pass.$salt))" | |
}, | |
{ | |
"john": null, | |
"hashcat": 4210, | |
"extended": true, | |
"name": "md5($username.0.$pass)" | |
} | |
] | |
}, | |
{ | |
"regex": "^(\\$snefru\\$)?[a-f0-9]{32}$", | |
"modes": [ | |
{ | |
"john": "snefru-128", | |
"hashcat": null, | |
"extended": false, | |
"name": "Snefru-128" | |
} | |
] | |
}, | |
{ | |
"regex": "^(\\$NT\\$)?[a-f0-9]{32}$", | |
"modes": [ | |
{ | |
"john": "nt", | |
"hashcat": 1000, | |
"extended": false, | |
"name": "NTLM" | |
} | |
] | |
}, | |
{ | |
"regex": "^([^\\\\\\/:*?\"<>|]{1,20}:)?[a-f0-9]{32}(:[^\\\\\\/:*?\"<>|]{1,20})?$", | |
"modes": [ | |
{ | |
"john": "mscach", | |
"hashcat": 1100, | |
"extended": false, | |
"name": "Domain Cached Credentials" | |
} | |
] | |
}, | |
{ | |
"regex": "^([^\\\\\\/:*?\"<>|]{1,20}:)?(\\$DCC2\\$10240#[^\\\\\\/:*?\"<>|]{1,20}#)?[a-f0-9]{32}$", | |
"modes": [ | |
{ | |
"john": "mscach2", | |
"hashcat": 2100, | |
"extended": false, | |
"name": "Domain Cached Credentials 2" | |
} | |
] | |
}, | |
{ | |
"regex": "^{SHA}[a-z0-9\\/+]{27}=$", | |
"modes": [ | |
{ | |
"john": "nsldap", | |
"hashcat": 101, | |
"extended": false, | |
"name": "SHA-1(Base64)" | |
}, | |
{ | |
"john": "nsldap", | |
"hashcat": 101, | |
"extended": false, | |
"name": "Netscape LDAP SHA" | |
} | |
] | |
}, | |
{ | |
"regex": "^\\$1\\$[a-z0-9\\/.]{0,8}\\$[a-z0-9\\/.]{22}(:.*)?$", | |
"modes": [ | |
{ | |
"john": "md5crypt", | |
"hashcat": 500, | |
"extended": false, | |
"name": "MD5 Crypt" | |
}, | |
{ | |
"john": "md5crypt", | |
"hashcat": 500, | |
"extended": false, | |
"name": "Cisco-IOS(MD5)" | |
}, | |
{ | |
"john": "md5crypt", | |
"hashcat": 500, | |
"extended": false, | |
"name": "FreeBSD MD5" | |
} | |
] | |
}, | |
{ | |
"regex": "^0x[a-f0-9]{32}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "Lineage II C4" | |
} | |
] | |
}, | |
{ | |
"regex": "^\\$H\\$[a-z0-9\\/.]{31}$", | |
"modes": [ | |
{ | |
"john": "phpass", | |
"hashcat": 400, | |
"extended": false, | |
"name": "phpBB v3.x" | |
}, | |
{ | |
"john": "phpass", | |
"hashcat": 400, | |
"extended": false, | |
"name": "Wordpress v2.6.0/2.6.1" | |
}, | |
{ | |
"john": "phpass", | |
"hashcat": 400, | |
"extended": false, | |
"name": "PHPass' Portable Hash" | |
} | |
] | |
}, | |
{ | |
"regex": "^\\$P\\$[a-z0-9\\/.]{31}$", | |
"modes": [ | |
{ | |
"john": "phpass", | |
"hashcat": 400, | |
"extended": false, | |
"name": "Wordpress \u2265 v2.6.2" | |
}, | |
{ | |
"john": "phpass", | |
"hashcat": 400, | |
"extended": false, | |
"name": "Joomla \u2265 v2.5.18" | |
}, | |
{ | |
"john": "phpass", | |
"hashcat": 400, | |
"extended": false, | |
"name": "PHPass' Portable Hash" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-f0-9]{32}:[a-z0-9]{2}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": 21, | |
"extended": false, | |
"name": "osCommerce" | |
}, | |
{ | |
"john": null, | |
"hashcat": 21, | |
"extended": false, | |
"name": "xt:Commerce" | |
} | |
] | |
}, | |
{ | |
"regex": "^\\$apr1\\$[a-z0-9\\/.]{0,8}\\$[a-z0-9\\/.]{22}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": 1600, | |
"extended": false, | |
"name": "MD5(APR)" | |
}, | |
{ | |
"john": null, | |
"hashcat": 1600, | |
"extended": false, | |
"name": "Apache MD5" | |
}, | |
{ | |
"john": null, | |
"hashcat": 1600, | |
"extended": true, | |
"name": "md5apr1" | |
} | |
] | |
}, | |
{ | |
"regex": "^{smd5}[a-z0-9$\\/.]{31}$", | |
"modes": [ | |
{ | |
"john": "aix-smd5", | |
"hashcat": 6300, | |
"extended": false, | |
"name": "AIX(smd5)" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-f0-9]{32}:[a-f0-9]{32}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": 3721, | |
"extended": false, | |
"name": "WebEdition CMS" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-f0-9]{32}:.{5}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": 2811, | |
"extended": false, | |
"name": "IP.Board \u2265 v2+" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-f0-9]{32}:.{8}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": 2811, | |
"extended": false, | |
"name": "MyBB \u2265 v1.2+" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-z0-9]{34}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "CryptoCurrency(Adress)" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-f0-9]{40}(:.+)?$", | |
"modes": [ | |
{ | |
"john": "raw-sha1", | |
"hashcat": 100, | |
"extended": false, | |
"name": "SHA-1" | |
}, | |
{ | |
"john": null, | |
"hashcat": 4500, | |
"extended": false, | |
"name": "Double SHA-1" | |
}, | |
{ | |
"john": "ripemd-160", | |
"hashcat": 6000, | |
"extended": false, | |
"name": "RIPEMD-160" | |
}, | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "Haval-160" | |
}, | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "Tiger-160" | |
}, | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "HAS-160" | |
}, | |
{ | |
"john": "raw-sha1-linkedin", | |
"hashcat": 190, | |
"extended": false, | |
"name": "LinkedIn" | |
}, | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "Skein-256(160)" | |
}, | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "Skein-512(160)" | |
}, | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": true, | |
"name": "MangosWeb Enhanced CMS" | |
}, | |
{ | |
"john": null, | |
"hashcat": 4600, | |
"extended": true, | |
"name": "sha1(sha1(sha1($pass)))" | |
}, | |
{ | |
"john": null, | |
"hashcat": 4700, | |
"extended": true, | |
"name": "sha1(md5($pass))" | |
}, | |
{ | |
"john": null, | |
"hashcat": 110, | |
"extended": true, | |
"name": "sha1($pass.$salt)" | |
}, | |
{ | |
"john": null, | |
"hashcat": 120, | |
"extended": true, | |
"name": "sha1($salt.$pass)" | |
}, | |
{ | |
"john": null, | |
"hashcat": 130, | |
"extended": true, | |
"name": "sha1(unicode($pass).$salt)" | |
}, | |
{ | |
"john": null, | |
"hashcat": 140, | |
"extended": true, | |
"name": "sha1($salt.unicode($pass))" | |
}, | |
{ | |
"john": "hmac-sha1", | |
"hashcat": 150, | |
"extended": true, | |
"name": "HMAC-SHA1 (key = $pass)" | |
}, | |
{ | |
"john": "hmac-sha1", | |
"hashcat": 160, | |
"extended": true, | |
"name": "HMAC-SHA1 (key = $salt)" | |
}, | |
{ | |
"john": null, | |
"hashcat": 4710, | |
"extended": true, | |
"name": "sha1($salt.$pass.$salt)" | |
} | |
] | |
}, | |
{ | |
"regex": "^\\*[a-f0-9]{40}$", | |
"modes": [ | |
{ | |
"john": "mysql-sha1", | |
"hashcat": 300, | |
"extended": false, | |
"name": "MySQL5.x" | |
}, | |
{ | |
"john": "mysql-sha1", | |
"hashcat": 300, | |
"extended": false, | |
"name": "MySQL4.1" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-z0-9]{43}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": 5700, | |
"extended": false, | |
"name": "Cisco-IOS(SHA-256)" | |
} | |
] | |
}, | |
{ | |
"regex": "^{SSHA}[a-z0-9\\/+]{38}==$", | |
"modes": [ | |
{ | |
"john": "nsldaps", | |
"hashcat": 111, | |
"extended": false, | |
"name": "SSHA-1(Base64)" | |
}, | |
{ | |
"john": "nsldaps", | |
"hashcat": 111, | |
"extended": false, | |
"name": "Netscape LDAP SSHA" | |
}, | |
{ | |
"john": "nsldaps", | |
"hashcat": 111, | |
"extended": true, | |
"name": "nsldaps" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-z0-9=]{47}$", | |
"modes": [ | |
{ | |
"john": "fortigate", | |
"hashcat": 7000, | |
"extended": false, | |
"name": "Fortigate(FortiOS)" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-f0-9]{48}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "Haval-192" | |
}, | |
{ | |
"john": "tiger", | |
"hashcat": null, | |
"extended": false, | |
"name": "Tiger-192" | |
}, | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "SHA-1(Oracle)" | |
}, | |
{ | |
"john": "xsha", | |
"hashcat": 122, | |
"extended": false, | |
"name": "OSX v10.4" | |
}, | |
{ | |
"john": "xsha", | |
"hashcat": 122, | |
"extended": false, | |
"name": "OSX v10.5" | |
}, | |
{ | |
"john": "xsha", | |
"hashcat": 122, | |
"extended": false, | |
"name": "OSX v10.6" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-f0-9]{51}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "Palshop CMS" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-z0-9]{51}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "CryptoCurrency(PrivateKey)" | |
} | |
] | |
}, | |
{ | |
"regex": "^{ssha1}[0-9]{2}\\$[a-z0-9$\\/.]{44}$", | |
"modes": [ | |
{ | |
"john": "aix-ssha1", | |
"hashcat": 6700, | |
"extended": false, | |
"name": "AIX(ssha1)" | |
} | |
] | |
}, | |
{ | |
"regex": "^0x0100[a-f0-9]{48}$", | |
"modes": [ | |
{ | |
"john": "mssql05", | |
"hashcat": 132, | |
"extended": false, | |
"name": "MSSQL(2005)" | |
}, | |
{ | |
"john": "mssql05", | |
"hashcat": 132, | |
"extended": false, | |
"name": "MSSQL(2008)" | |
} | |
] | |
}, | |
{ | |
"regex": "^(\\$md5,rounds=[0-9]+\\$|\\$md5\\$rounds=[0-9]+\\$|\\$md5\\$)[a-z0-9\\/.]{0,16}(\\$|\\$\\$)[a-z0-9\\/.]{22}$", | |
"modes": [ | |
{ | |
"john": "sunmd5", | |
"hashcat": 3300, | |
"extended": false, | |
"name": "Sun MD5 Crypt" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-f0-9]{56}$", | |
"modes": [ | |
{ | |
"john": "raw-sha224", | |
"hashcat": null, | |
"extended": false, | |
"name": "SHA-224" | |
}, | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "Haval-224" | |
}, | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "SHA3-224" | |
}, | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "Skein-256(224)" | |
}, | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "Skein-512(224)" | |
} | |
] | |
}, | |
{ | |
"regex": "^(\\$2[axy]|\\$2)\\$[0-9]{2}\\$[a-z0-9\\/.]{53}$", | |
"modes": [ | |
{ | |
"john": "bcrypt", | |
"hashcat": 3200, | |
"extended": false, | |
"name": "Blowfish(OpenBSD)" | |
}, | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "Woltlab Burning Board 4.x" | |
}, | |
{ | |
"john": "bcrypt", | |
"hashcat": 3200, | |
"extended": false, | |
"name": "bcrypt" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-f0-9]{40}:[a-f0-9]{16}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": 5800, | |
"extended": false, | |
"name": "Android PIN" | |
} | |
] | |
}, | |
{ | |
"regex": "^(S:)?[a-f0-9]{40}(:)?[a-f0-9]{20}$", | |
"modes": [ | |
{ | |
"john": "oracle11", | |
"hashcat": 112, | |
"extended": false, | |
"name": "Oracle 11g/12c" | |
} | |
] | |
}, | |
{ | |
"regex": "^\\$bcrypt-sha256\\$(2[axy]|2)\\,[0-9]+\\$[a-z0-9\\/.]{22}\\$[a-z0-9\\/.]{31}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "bcrypt(SHA-256)" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-f0-9]{32}:.{3}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": 2611, | |
"extended": false, | |
"name": "vBulletin < v3.8.5" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-f0-9]{32}:.{30}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": 2711, | |
"extended": false, | |
"name": "vBulletin \u2265 v3.8.5" | |
} | |
] | |
}, | |
{ | |
"regex": "^(\\$snefru\\$)?[a-f0-9]{64}$", | |
"modes": [ | |
{ | |
"john": "snefru-256", | |
"hashcat": null, | |
"extended": false, | |
"name": "Snefru-256" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-f0-9]{64}(:.+)?$", | |
"modes": [ | |
{ | |
"john": "raw-sha256", | |
"hashcat": 1400, | |
"extended": false, | |
"name": "SHA-256" | |
}, | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "RIPEMD-256" | |
}, | |
{ | |
"john": "haval-256-3", | |
"hashcat": null, | |
"extended": false, | |
"name": "Haval-256" | |
}, | |
{ | |
"john": "gost", | |
"hashcat": 6900, | |
"extended": false, | |
"name": "GOST R 34.11-94" | |
}, | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "GOST CryptoPro S-Box" | |
}, | |
{ | |
"john": "raw-keccak-256", | |
"hashcat": 5000, | |
"extended": false, | |
"name": "SHA3-256" | |
}, | |
{ | |
"john": "skein-256", | |
"hashcat": null, | |
"extended": false, | |
"name": "Skein-256" | |
}, | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "Skein-512(256)" | |
}, | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": true, | |
"name": "Ventrilo" | |
}, | |
{ | |
"john": null, | |
"hashcat": 1410, | |
"extended": true, | |
"name": "sha256($pass.$salt)" | |
}, | |
{ | |
"john": null, | |
"hashcat": 1420, | |
"extended": true, | |
"name": "sha256($salt.$pass)" | |
}, | |
{ | |
"john": null, | |
"hashcat": 1430, | |
"extended": true, | |
"name": "sha256(unicode($pass).$salt)" | |
}, | |
{ | |
"john": null, | |
"hashcat": 1440, | |
"extended": true, | |
"name": "sha256($salt.unicode($pass))" | |
}, | |
{ | |
"john": "hmac-sha256", | |
"hashcat": 1450, | |
"extended": true, | |
"name": "HMAC-SHA256 (key = $pass)" | |
}, | |
{ | |
"john": "hmac-sha256", | |
"hashcat": 1460, | |
"extended": true, | |
"name": "HMAC-SHA256 (key = $salt)" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-f0-9]{32}:[a-z0-9]{32}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": 11, | |
"extended": false, | |
"name": "Joomla < v2.5.18" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-f-0-9]{32}:[a-f-0-9]{32}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "SAM(LM_Hash:NT_Hash)" | |
} | |
] | |
}, | |
{ | |
"regex": "^(\\$chap\\$0\\*)?[a-f0-9]{32}[\\*:][a-f0-9]{32}(:[0-9]{2})?$", | |
"modes": [ | |
{ | |
"john": "chap", | |
"hashcat": 4800, | |
"extended": false, | |
"name": "MD5(Chap)" | |
}, | |
{ | |
"john": "chap", | |
"hashcat": 4800, | |
"extended": false, | |
"name": "iSCSI CHAP Authentication" | |
} | |
] | |
}, | |
{ | |
"regex": "^\\$episerver\\$\\*0\\*[a-z0-9\\/=+]+\\*[a-z0-9\\/=+]{27,28}$", | |
"modes": [ | |
{ | |
"john": "episerver", | |
"hashcat": 141, | |
"extended": false, | |
"name": "EPiServer 6.x < v4" | |
} | |
] | |
}, | |
{ | |
"regex": "^{ssha256}[0-9]{2}\\$[a-z0-9$\\/.]{60}$", | |
"modes": [ | |
{ | |
"john": "aix-ssha256", | |
"hashcat": 6400, | |
"extended": false, | |
"name": "AIX(ssha256)" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-f0-9]{80}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "RIPEMD-320" | |
} | |
] | |
}, | |
{ | |
"regex": "^\\$episerver\\$\\*1\\*[a-z0-9\\/=+]+\\*[a-z0-9\\/=+]{42,43}$", | |
"modes": [ | |
{ | |
"john": "episerver", | |
"hashcat": 1441, | |
"extended": false, | |
"name": "EPiServer 6.x \u2265 v4" | |
} | |
] | |
}, | |
{ | |
"regex": "^0x0100[a-f0-9]{88}$", | |
"modes": [ | |
{ | |
"john": "mssql", | |
"hashcat": 131, | |
"extended": false, | |
"name": "MSSQL(2000)" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-f0-9]{96}$", | |
"modes": [ | |
{ | |
"john": "raw-sha384", | |
"hashcat": 10800, | |
"extended": false, | |
"name": "SHA-384" | |
}, | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "SHA3-384" | |
}, | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "Skein-512(384)" | |
}, | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "Skein-1024(384)" | |
} | |
] | |
}, | |
{ | |
"regex": "^{SSHA512}[a-z0-9\\/+]{96}$", | |
"modes": [ | |
{ | |
"john": "ssha512", | |
"hashcat": 1711, | |
"extended": false, | |
"name": "SSHA-512(Base64)" | |
}, | |
{ | |
"john": "ssha512", | |
"hashcat": 1711, | |
"extended": false, | |
"name": "LDAP(SSHA-512)" | |
} | |
] | |
}, | |
{ | |
"regex": "^{ssha512}[0-9]{2}\\$[a-z0-9\\/.]{16,48}\\$[a-z0-9\\/.]{86}$", | |
"modes": [ | |
{ | |
"john": "aix-ssha512", | |
"hashcat": 6500, | |
"extended": false, | |
"name": "AIX(ssha512)" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-f0-9]{128}(:.+)?$", | |
"modes": [ | |
{ | |
"john": "raw-sha512", | |
"hashcat": 1700, | |
"extended": false, | |
"name": "SHA-512" | |
}, | |
{ | |
"john": "whirlpool", | |
"hashcat": 6100, | |
"extended": false, | |
"name": "Whirlpool" | |
}, | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "Salsa10" | |
}, | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "Salsa20" | |
}, | |
{ | |
"john": "raw-keccak", | |
"hashcat": null, | |
"extended": false, | |
"name": "SHA3-512" | |
}, | |
{ | |
"john": "skein-512", | |
"hashcat": null, | |
"extended": false, | |
"name": "Skein-512" | |
}, | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "Skein-1024(512)" | |
}, | |
{ | |
"john": null, | |
"hashcat": 1710, | |
"extended": true, | |
"name": "sha512($pass.$salt)" | |
}, | |
{ | |
"john": null, | |
"hashcat": 1720, | |
"extended": true, | |
"name": "sha512($salt.$pass)" | |
}, | |
{ | |
"john": null, | |
"hashcat": 1730, | |
"extended": true, | |
"name": "sha512(unicode($pass).$salt)" | |
}, | |
{ | |
"john": null, | |
"hashcat": 1740, | |
"extended": true, | |
"name": "sha512($salt.unicode($pass))" | |
}, | |
{ | |
"john": "hmac-sha512", | |
"hashcat": 1750, | |
"extended": true, | |
"name": "HMAC-SHA512 (key = $pass)" | |
}, | |
{ | |
"john": "hmac-sha512", | |
"hashcat": 1760, | |
"extended": true, | |
"name": "HMAC-SHA512 (key = $salt)" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-f0-9]{136}$", | |
"modes": [ | |
{ | |
"john": "xsha512", | |
"hashcat": 1722, | |
"extended": false, | |
"name": "OSX v10.7" | |
} | |
] | |
}, | |
{ | |
"regex": "^0x0200[a-f0-9]{136}$", | |
"modes": [ | |
{ | |
"john": "msql12", | |
"hashcat": 1731, | |
"extended": false, | |
"name": "MSSQL(2012)" | |
}, | |
{ | |
"john": "msql12", | |
"hashcat": 1731, | |
"extended": false, | |
"name": "MSSQL(2014)" | |
} | |
] | |
}, | |
{ | |
"regex": "^\\$ml\\$[0-9]+\\$[a-f0-9]{64}\\$[a-f0-9]{128}$", | |
"modes": [ | |
{ | |
"john": "pbkdf2-hmac-sha512", | |
"hashcat": 7100, | |
"extended": false, | |
"name": "OSX v10.8" | |
}, | |
{ | |
"john": "pbkdf2-hmac-sha512", | |
"hashcat": 7100, | |
"extended": false, | |
"name": "OSX v10.9" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-f0-9]{256}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "Skein-1024" | |
} | |
] | |
}, | |
{ | |
"regex": "^grub\\.pbkdf2\\.sha512\\.[0-9]+\\.([a-f0-9]{128,2048}\\.|[0-9]+\\.)?[a-f0-9]{128}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": 7200, | |
"extended": false, | |
"name": "GRUB 2" | |
} | |
] | |
}, | |
{ | |
"regex": "^sha1\\$[a-z0-9]+\\$[a-f0-9]{40}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": 124, | |
"extended": false, | |
"name": "Django(SHA-1)" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-f0-9]{49}$", | |
"modes": [ | |
{ | |
"john": "citrix_ns10", | |
"hashcat": 8100, | |
"extended": false, | |
"name": "Citrix Netscaler" | |
} | |
] | |
}, | |
{ | |
"regex": "^\\$S\\$[a-z0-9\\/.]{52}$", | |
"modes": [ | |
{ | |
"john": "drupal7", | |
"hashcat": 7900, | |
"extended": false, | |
"name": "Drupal > v7.x" | |
} | |
] | |
}, | |
{ | |
"regex": "^\\$5\\$(rounds=[0-9]+\\$)?[a-z0-9\\/.]{0,16}\\$[a-z0-9\\/.]{43}$", | |
"modes": [ | |
{ | |
"john": "sha256crypt", | |
"hashcat": 7400, | |
"extended": false, | |
"name": "SHA-256 Crypt" | |
} | |
] | |
}, | |
{ | |
"regex": "^0x[a-f0-9]{4}[a-f0-9]{16}[a-f0-9]{64}$", | |
"modes": [ | |
{ | |
"john": "sybasease", | |
"hashcat": 8000, | |
"extended": false, | |
"name": "Sybase ASE" | |
} | |
] | |
}, | |
{ | |
"regex": "^\\$6\\$(rounds=[0-9]+\\$)?[a-z0-9\\/.]{0,16}\\$[a-z0-9\\/.]{86}$", | |
"modes": [ | |
{ | |
"john": "sha512crypt", | |
"hashcat": 1800, | |
"extended": false, | |
"name": "SHA-512 Crypt" | |
} | |
] | |
}, | |
{ | |
"regex": "^\\$sha\\$[a-z0-9]{1,16}\\$([a-f0-9]{32}|[a-f0-9]{40}|[a-f0-9]{64}|[a-f0-9]{128}|[a-f0-9]{140})$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "Minecraft(AuthMe Reloaded)" | |
} | |
] | |
}, | |
{ | |
"regex": "^sha256\\$[a-z0-9]+\\$[a-f0-9]{64}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "Django(SHA-256)" | |
} | |
] | |
}, | |
{ | |
"regex": "^sha384\\$[a-z0-9]+\\$[a-f0-9]{96}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "Django(SHA-384)" | |
} | |
] | |
}, | |
{ | |
"regex": "^crypt1:[a-z0-9+=]{12}:[a-z0-9+=]{12}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "Clavister Secure Gateway" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-f0-9]{112}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "Cisco VPN Client(PCF-File)" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-f0-9]{1329}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "Microsoft MSTSC(RDP-File)" | |
} | |
] | |
}, | |
{ | |
"regex": "^[^\\\\\\/:*?\"<>|]{1,20}[:]{2,3}([^\\\\\\/:*?\"<>|]{1,20})?:[a-f0-9]{48}:[a-f0-9]{48}:[a-f0-9]{16}$", | |
"modes": [ | |
{ | |
"john": "netntlm", | |
"hashcat": 5500, | |
"extended": false, | |
"name": "NetNTLMv1-VANILLA / NetNTLMv1+ESS" | |
} | |
] | |
}, | |
{ | |
"regex": "^([^\\\\\\/:*?\"<>|]{1,20}\\\\)?[^\\\\\\/:*?\"<>|]{1,20}[:]{2,3}([^\\\\\\/:*?\"<>|]{1,20}:)?[^\\\\\\/:*?\"<>|]{1,20}:[a-f0-9]{32}:[a-f0-9]+$", | |
"modes": [ | |
{ | |
"john": "netntlmv2", | |
"hashcat": 5600, | |
"extended": false, | |
"name": "NetNTLMv2" | |
} | |
] | |
}, | |
{ | |
"regex": "^\\$(krb5pa|mskrb5)\\$([0-9]{2})?\\$.+\\$[a-f0-9]{1,}$", | |
"modes": [ | |
{ | |
"john": "krb5pa-md5", | |
"hashcat": 7500, | |
"extended": false, | |
"name": "Kerberos 5 AS-REQ Pre-Auth" | |
} | |
] | |
}, | |
{ | |
"regex": "^\\$scram\\$[0-9]+\\$[a-z0-9\\/.]{16}\\$sha-1=[a-z0-9\\/.]{27},sha-256=[a-z0-9\\/.]{43},sha-512=[a-z0-9\\/.]{86}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "SCRAM Hash" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-f0-9]{40}:[a-f0-9]{0,32}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": 7600, | |
"extended": false, | |
"name": "Redmine Project Management Web App" | |
} | |
] | |
}, | |
{ | |
"regex": "^(.+)?\\$[a-f0-9]{16}$", | |
"modes": [ | |
{ | |
"john": "sapb", | |
"hashcat": 7700, | |
"extended": false, | |
"name": "SAP CODVN B (BCODE)" | |
} | |
] | |
}, | |
{ | |
"regex": "^(.+)?\\$[a-f0-9]{40}$", | |
"modes": [ | |
{ | |
"john": "sapg", | |
"hashcat": 7800, | |
"extended": false, | |
"name": "SAP CODVN F/G (PASSCODE)" | |
} | |
] | |
}, | |
{ | |
"regex": "^(.+\\$)?[a-z0-9\\/.+]{30}(:.+)?$", | |
"modes": [ | |
{ | |
"john": "md5ns", | |
"hashcat": 22, | |
"extended": false, | |
"name": "Juniper Netscreen/SSG(ScreenOS)" | |
} | |
] | |
}, | |
{ | |
"regex": "^0x[a-f0-9]{60}\\s0x[a-f0-9]{40}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": 123, | |
"extended": false, | |
"name": "EPi" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-f0-9]{40}:[^*]{1,25}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": 121, | |
"extended": false, | |
"name": "SMF \u2265 v1.1" | |
} | |
] | |
}, | |
{ | |
"regex": "^(\\$wbb3\\$\\*1\\*)?[a-f0-9]{40}[:*][a-f0-9]{40}$", | |
"modes": [ | |
{ | |
"john": "wbb3", | |
"hashcat": 8400, | |
"extended": false, | |
"name": "Woltlab Burning Board 3.x" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-f0-9]{130}(:[a-f0-9]{40})?$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": 7300, | |
"extended": false, | |
"name": "IPMI2 RAKP HMAC-SHA1" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-f0-9]{32}:[0-9]+:[a-z0-9_.+-]+@[a-z0-9-]+\\.[a-z0-9-.]+$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": 6800, | |
"extended": false, | |
"name": "Lastpass" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-z0-9\\/.]{16}([:$].{1,})?$", | |
"modes": [ | |
{ | |
"john": "asa-md5", | |
"hashcat": 2410, | |
"extended": false, | |
"name": "Cisco-ASA(MD5)" | |
} | |
] | |
}, | |
{ | |
"regex": "^\\$vnc\\$\\*[a-f0-9]{32}\\*[a-f0-9]{32}$", | |
"modes": [ | |
{ | |
"john": "vnc", | |
"hashcat": null, | |
"extended": false, | |
"name": "VNC" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-z0-9]{32}(:([a-z0-9-]+\\.)?[a-z0-9-.]+\\.[a-z]{2,7}:.+:[0-9]+)?$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": 8300, | |
"extended": false, | |
"name": "DNSSEC(NSEC3)" | |
} | |
] | |
}, | |
{ | |
"regex": "^(user-.+:)?\\$racf\\$\\*.+\\*[a-f0-9]{16}$", | |
"modes": [ | |
{ | |
"john": "racf", | |
"hashcat": 8500, | |
"extended": false, | |
"name": "RACF" | |
} | |
] | |
}, | |
{ | |
"regex": "^\\$3\\$\\$[a-f0-9]{32}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "NTHash(FreeBSD Variant)" | |
} | |
] | |
}, | |
{ | |
"regex": "^\\$sha1\\$[0-9]+\\$[a-z0-9\\/.]{0,64}\\$[a-z0-9\\/.]{28}$", | |
"modes": [ | |
{ | |
"john": "sha1crypt", | |
"hashcat": null, | |
"extended": false, | |
"name": "SHA-1 Crypt" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-f0-9]{70}$", | |
"modes": [ | |
{ | |
"john": "hmailserver", | |
"hashcat": 1421, | |
"extended": false, | |
"name": "hMailServer" | |
} | |
] | |
}, | |
{ | |
"regex": "^[:\\$][AB][:\\$]([a-f0-9]{1,8}[:\\$])?[a-f0-9]{32}$", | |
"modes": [ | |
{ | |
"john": "mediawiki", | |
"hashcat": 3711, | |
"extended": false, | |
"name": "MediaWiki" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-f0-9]{140}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "Minecraft(xAuth)" | |
} | |
] | |
}, | |
{ | |
"regex": "^\\$pbkdf2(-sha1)?\\$[0-9]+\\$[a-z0-9\\/.]+\\$[a-z0-9\\/.]{27}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "PBKDF2-SHA1(Generic)" | |
} | |
] | |
}, | |
{ | |
"regex": "^\\$pbkdf2-sha256\\$[0-9]+\\$[a-z0-9\\/.]+\\$[a-z0-9\\/.]{43}$", | |
"modes": [ | |
{ | |
"john": "pbkdf2-hmac-sha256", | |
"hashcat": null, | |
"extended": false, | |
"name": "PBKDF2-SHA256(Generic)" | |
} | |
] | |
}, | |
{ | |
"regex": "^\\$pbkdf2-sha512\\$[0-9]+\\$[a-z0-9\\/.]+\\$[a-z0-9\\/.]{86}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "PBKDF2-SHA512(Generic)" | |
} | |
] | |
}, | |
{ | |
"regex": "^\\$p5k2\\$[0-9]+\\$[a-z0-9\\/+=-]+\\$[a-z0-9\\/+-]{27}=$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "PBKDF2(Cryptacular)" | |
} | |
] | |
}, | |
{ | |
"regex": "^\\$p5k2\\$[0-9]+\\$[a-z0-9\\/.]+\\$[a-z0-9\\/.]{32}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "PBKDF2(Dwayne Litzenberger)" | |
} | |
] | |
}, | |
{ | |
"regex": "^{FSHP[0123]\\|[0-9]+\\|[0-9]+}[a-z0-9\\/+=]+$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "Fairly Secure Hashed Password" | |
} | |
] | |
}, | |
{ | |
"regex": "^\\$PHPS\\$.+\\$[a-f0-9]{32}$", | |
"modes": [ | |
{ | |
"john": "phps", | |
"hashcat": 2612, | |
"extended": false, | |
"name": "PHPS" | |
} | |
] | |
}, | |
{ | |
"regex": "^[0-9]{4}:[a-f0-9]{16}:[a-f0-9]{2080}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": 6600, | |
"extended": false, | |
"name": "1Password(Agile Keychain)" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-f0-9]{64}:[a-f0-9]{32}:[0-9]{5}:[a-f0-9]{608}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": 8200, | |
"extended": false, | |
"name": "1Password(Cloud Keychain)" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-f0-9]{256}:[a-f0-9]{256}:[a-f0-9]{16}:[a-f0-9]{16}:[a-f0-9]{320}:[a-f0-9]{16}:[a-f0-9]{40}:[a-f0-9]{40}:[a-f0-9]{32}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": 5300, | |
"extended": false, | |
"name": "IKE-PSK MD5" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-f0-9]{256}:[a-f0-9]{256}:[a-f0-9]{16}:[a-f0-9]{16}:[a-f0-9]{320}:[a-f0-9]{16}:[a-f0-9]{40}:[a-f0-9]{40}:[a-f0-9]{40}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": 5400, | |
"extended": false, | |
"name": "IKE-PSK SHA1" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-z0-9\\/+]{27}=$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": 133, | |
"extended": false, | |
"name": "PeopleSoft" | |
} | |
] | |
}, | |
{ | |
"regex": "^crypt\\$[a-f0-9]{5}\\$[a-z0-9\\/.]{13}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "Django(DES Crypt Wrapper)" | |
} | |
] | |
}, | |
{ | |
"regex": "^(\\$django\\$\\*1\\*)?pbkdf2_sha256\\$[0-9]+\\$[a-z0-9]+\\$[a-z0-9\\/+=]{44}$", | |
"modes": [ | |
{ | |
"john": "django", | |
"hashcat": 10000, | |
"extended": false, | |
"name": "Django(PBKDF2-HMAC-SHA256)" | |
} | |
] | |
}, | |
{ | |
"regex": "^pbkdf2_sha1\\$[0-9]+\\$[a-z0-9]+\\$[a-z0-9\\/+=]{28}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "Django(PBKDF2-HMAC-SHA1)" | |
} | |
] | |
}, | |
{ | |
"regex": "^bcrypt(\\$2[axy]|\\$2)\\$[0-9]{2}\\$[a-z0-9\\/.]{53}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "Django(bcrypt)" | |
} | |
] | |
}, | |
{ | |
"regex": "^md5\\$[a-f0-9]+\\$[a-f0-9]{32}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "Django(MD5)" | |
} | |
] | |
}, | |
{ | |
"regex": "^\\{PKCS5S2\\}[a-z0-9\\/+]{64}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "PBKDF2(Atlassian)" | |
} | |
] | |
}, | |
{ | |
"regex": "^md5[a-f0-9]{32}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "PostgreSQL MD5" | |
} | |
] | |
}, | |
{ | |
"regex": "^\\([a-z0-9\\/+]{49}\\)$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": 9100, | |
"extended": false, | |
"name": "Lotus Notes/Domino 8" | |
} | |
] | |
}, | |
{ | |
"regex": "^SCRYPT:[0-9]{1,}:[0-9]{1}:[0-9]{1}:[a-z0-9:\\/+=]{1,}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": 8900, | |
"extended": false, | |
"name": "scrypt" | |
} | |
] | |
}, | |
{ | |
"regex": "^\\$8\\$[a-z0-9\\/.]{14}\\$[a-z0-9\\/.]{43}$", | |
"modes": [ | |
{ | |
"john": "cisco8", | |
"hashcat": 9200, | |
"extended": false, | |
"name": "Cisco Type 8" | |
} | |
] | |
}, | |
{ | |
"regex": "^\\$9\\$[a-z0-9\\/.]{14}\\$[a-z0-9\\/.]{43}$", | |
"modes": [ | |
{ | |
"john": "cisco9", | |
"hashcat": 9300, | |
"extended": false, | |
"name": "Cisco Type 9" | |
} | |
] | |
}, | |
{ | |
"regex": "^\\$office\\$\\*2007\\*[0-9]{2}\\*[0-9]{3}\\*[0-9]{2}\\*[a-z0-9]{32}\\*[a-z0-9]{32}\\*[a-z0-9]{40}$", | |
"modes": [ | |
{ | |
"john": "office", | |
"hashcat": 9400, | |
"extended": false, | |
"name": "Microsoft Office 2007" | |
} | |
] | |
}, | |
{ | |
"regex": "^\\$office\\$\\*2010\\*[0-9]{6}\\*[0-9]{3}\\*[0-9]{2}\\*[a-z0-9]{32}\\*[a-z0-9]{32}\\*[a-z0-9]{64}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": 9500, | |
"extended": false, | |
"name": "Microsoft Office 2010" | |
} | |
] | |
}, | |
{ | |
"regex": "^\\$office\\$\\*2013\\*[0-9]{6}\\*[0-9]{3}\\*[0-9]{2}\\*[a-z0-9]{32}\\*[a-z0-9]{32}\\*[a-z0-9]{64}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": 9600, | |
"extended": false, | |
"name": "Microsoft Office 2013" | |
} | |
] | |
}, | |
{ | |
"regex": "^\\$fde\\$[0-9]{2}\\$[a-f0-9]{32}\\$[0-9]{2}\\$[a-f0-9]{32}\\$[a-f0-9]{3072}$", | |
"modes": [ | |
{ | |
"john": "fde", | |
"hashcat": 8800, | |
"extended": false, | |
"name": "Android FDE \u2264 4.3" | |
} | |
] | |
}, | |
{ | |
"regex": "^\\$oldoffice\\$[01]\\*[a-f0-9]{32}\\*[a-f0-9]{32}\\*[a-f0-9]{32}$", | |
"modes": [ | |
{ | |
"john": "oldoffice", | |
"hashcat": 9700, | |
"extended": false, | |
"name": "Microsoft Office \u2264 2003 (MD5+RC4)" | |
}, | |
{ | |
"john": "oldoffice", | |
"hashcat": 9710, | |
"extended": false, | |
"name": "Microsoft Office \u2264 2003 (MD5+RC4) collider-mode #1" | |
}, | |
{ | |
"john": "oldoffice", | |
"hashcat": 9720, | |
"extended": false, | |
"name": "Microsoft Office \u2264 2003 (MD5+RC4) collider-mode #2" | |
} | |
] | |
}, | |
{ | |
"regex": "^\\$oldoffice\\$[34]\\*[a-f0-9]{32}\\*[a-f0-9]{32}\\*[a-f0-9]{40}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": 9800, | |
"extended": false, | |
"name": "Microsoft Office \u2264 2003 (SHA1+RC4)" | |
}, | |
{ | |
"john": null, | |
"hashcat": 9810, | |
"extended": false, | |
"name": "Microsoft Office \u2264 2003 (SHA1+RC4) collider-mode #1" | |
}, | |
{ | |
"john": null, | |
"hashcat": 9820, | |
"extended": false, | |
"name": "Microsoft Office \u2264 2003 (SHA1+RC4) collider-mode #2" | |
} | |
] | |
}, | |
{ | |
"regex": "^(\\$radmin2\\$)?[a-f0-9]{32}$", | |
"modes": [ | |
{ | |
"john": "radmin", | |
"hashcat": 9900, | |
"extended": false, | |
"name": "RAdmin v2.x" | |
} | |
] | |
}, | |
{ | |
"regex": "^{x-issha,\\s[0-9]{4}}[a-z0-9\\/+=]+$", | |
"modes": [ | |
{ | |
"john": "saph", | |
"hashcat": 10300, | |
"extended": false, | |
"name": "SAP CODVN H (PWDSALTEDHASH) iSSHA-1" | |
} | |
] | |
}, | |
{ | |
"regex": "^\\$cram_md5\\$[a-z0-9\\/+=-]+\\$[a-z0-9\\/+=-]{52}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": 10200, | |
"extended": false, | |
"name": "CRAM-MD5" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-f0-9]{16}:2:4:[a-f0-9]{32}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": 10100, | |
"extended": false, | |
"name": "SipHash" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-f0-9]{4,}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": true, | |
"name": "Cisco Type 7" | |
} | |
] | |
}, | |
{ | |
"regex": "^[a-z0-9\\/.]{13,}$", | |
"modes": [ | |
{ | |
"john": "bigcrypt", | |
"hashcat": null, | |
"extended": true, | |
"name": "BigCrypt" | |
} | |
] | |
}, | |
{ | |
"regex": "^(\\$cisco4\\$)?[a-z0-9\\/.]{43}$", | |
"modes": [ | |
{ | |
"john": "cisco4", | |
"hashcat": null, | |
"extended": false, | |
"name": "Cisco Type 4" | |
} | |
] | |
}, | |
{ | |
"regex": "^bcrypt_sha256\\$\\$(2[axy]|2)\\$[0-9]+\\$[a-z0-9\\/.]{53}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "Django(bcrypt-SHA256)" | |
} | |
] | |
}, | |
{ | |
"regex": "^\\$postgres\\$.[^\\*]+[*:][a-f0-9]{1,32}[*:][a-f0-9]{32}$", | |
"modes": [ | |
{ | |
"john": "postgres", | |
"hashcat": 11100, | |
"extended": false, | |
"name": "PostgreSQL Challenge-Response Authentication (MD5)" | |
} | |
] | |
}, | |
{ | |
"regex": "^\\$siemens-s7\\$[0-9]{1}\\$[a-f0-9]{40}\\$[a-f0-9]{40}$", | |
"modes": [ | |
{ | |
"john": "siemens-s7", | |
"hashcat": null, | |
"extended": false, | |
"name": "Siemens-S7" | |
} | |
] | |
}, | |
{ | |
"regex": "^(\\$pst\\$)?[a-f0-9]{8}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": null, | |
"extended": false, | |
"name": "Microsoft Outlook PST" | |
} | |
] | |
}, | |
{ | |
"regex": "^sha256[:$][0-9]+[:$][a-z0-9\\/+]+[:$][a-z0-9\\/+]{32,128}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": 10900, | |
"extended": false, | |
"name": "PBKDF2-HMAC-SHA256(PHP)" | |
} | |
] | |
}, | |
{ | |
"regex": "^(\\$dahua\\$)?[a-z0-9]{8}$", | |
"modes": [ | |
{ | |
"john": "dahua", | |
"hashcat": null, | |
"extended": false, | |
"name": "Dahua" | |
} | |
] | |
}, | |
{ | |
"regex": "^\\$mysqlna\\$[a-f0-9]{40}[:*][a-f0-9]{40}$", | |
"modes": [ | |
{ | |
"john": null, | |
"hashcat": 11200, | |
"extended": false, | |
"name": "MySQL Challenge-Response Authentication (SHA1)" | |
} | |
] | |
}, | |
{ | |
"regex": "^\\$pdf\\$[24]\\*[34]\\*128\\*[0-9-]{1,5}\\*1\\*(16|32)\\*[a-f0-9]{32,64}\\*32\\*[a-f0-9]{64}\\*(8|16|32)\\*[a-f0-9]{16,64}$", | |
"modes": [ | |
{ | |
"john": "pdf", | |
"hashcat": 10500, | |
"extended": false, | |
"name": "PDF 1.4 - 1.6 (Acrobat 5 - 8)" | |
} | |
] | |
} | |
] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
# -*- coding: utf-8 -*- | |
import json | |
Prototype = dict | |
HashInfo = dict | |
class re: | |
IGNORECASE = None | |
@classmethod | |
def compile(cls, regex, *args): | |
return regex | |
prototypes = [ | |
Prototype( | |
regex=re.compile(r'^[a-f0-9]{4}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='CRC-16', hashcat=None, john=None, extended=False), | |
HashInfo(name='CRC-16-CCITT', hashcat=None, john=None, extended=False), | |
HashInfo(name='FCS-16', hashcat=None, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-f0-9]{8}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Adler-32', hashcat=None, john=None, extended=False), | |
HashInfo(name='CRC-32B', hashcat=None, john=None, extended=False), | |
HashInfo(name='FCS-32', hashcat=None, john=None, extended=False), | |
HashInfo(name='GHash-32-3', hashcat=None, john=None, extended=False), | |
HashInfo(name='GHash-32-5', hashcat=None, john=None, extended=False), | |
HashInfo(name='FNV-132', hashcat=None, john=None, extended=False), | |
HashInfo(name='Fletcher-32', hashcat=None, john=None, extended=False), | |
HashInfo(name='Joaat', hashcat=None, john=None, extended=False), | |
HashInfo(name='ELF-32', hashcat=None, john=None, extended=False), | |
HashInfo(name='XOR-32', hashcat=None, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-f0-9]{6}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='CRC-24', hashcat=None, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^(\$crc32\$[a-f0-9]{8}.)?[a-f0-9]{8}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='CRC-32', hashcat=None, john='crc32', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^\+[a-z0-9\/.]{12}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Eggdrop IRC Bot', hashcat=None, john='bfegg', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-z0-9\/.]{13}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='DES(Unix)', hashcat=1500, john='descrypt', extended=False), | |
HashInfo(name='Traditional DES', hashcat=1500, john='descrypt', extended=False), | |
HashInfo(name='DEScrypt', hashcat=1500, john='descrypt', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-f0-9]{16}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='MySQL323', hashcat=200, john='mysql', extended=False), | |
HashInfo(name='DES(Oracle)', hashcat=3100, john=None, extended=False), | |
HashInfo(name='Half MD5', hashcat=5100, john=None, extended=False), | |
HashInfo(name='Oracle 7-10g', hashcat=3100, john=None, extended=False), | |
HashInfo(name='FNV-164', hashcat=None, john=None, extended=False), | |
HashInfo(name='CRC-64', hashcat=None, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-z0-9\/.]{16}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Cisco-PIX(MD5)', hashcat=2400, john='pix-md5', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^\([a-z0-9\/+]{20}\)$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Lotus Notes/Domino 6', hashcat=8700, john='dominosec', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^_[a-z0-9\/.]{19}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='BSDi Crypt', hashcat=None, john='bsdicrypt', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-f0-9]{24}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='CRC-96(ZIP)', hashcat=None, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-z0-9\/.]{24}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Crypt16', hashcat=None, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^(\$md2\$)?[a-f0-9]{32}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='MD2', hashcat=None, john='md2', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-f0-9]{32}(:.+)?$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='MD5', hashcat=0, john='raw-md5', extended=False), | |
HashInfo(name='MD4', hashcat=900, john='raw-md4', extended=False), | |
HashInfo(name='Double MD5', hashcat=2600, john=None, extended=False), | |
HashInfo(name='LM', hashcat=3000, john='lm', extended=False), | |
HashInfo(name='RIPEMD-128', hashcat=None, john='ripemd-128', extended=False), | |
HashInfo(name='Haval-128', hashcat=None, john='haval-128-4', extended=False), | |
HashInfo(name='Tiger-128', hashcat=None, john=None, extended=False), | |
HashInfo(name='Skein-256(128)', hashcat=None, john=None, extended=False), | |
HashInfo(name='Skein-512(128)', hashcat=None, john=None, extended=False), | |
HashInfo(name='Lotus Notes/Domino 5', hashcat=8600, john='lotus5', extended=False), | |
HashInfo(name='Skype', hashcat=23, john=None, extended=False), | |
HashInfo(name='ZipMonster', hashcat=None, john=None, extended=True), | |
HashInfo(name='PrestaShop', hashcat=11000, john=None, extended=True), | |
HashInfo(name='md5(md5(md5($pass)))', hashcat=3500, john=None, extended=True), | |
HashInfo(name='md5(strtoupper(md5($pass)))', hashcat=4300, john=None, extended=True), | |
HashInfo(name='md5(sha1($pass))', hashcat=4400, john=None, extended=True), | |
HashInfo(name='md5($pass.$salt)', hashcat=10, john=None, extended=True), | |
HashInfo(name='md5($salt.$pass)', hashcat=20, john=None, extended=True), | |
HashInfo(name='md5(unicode($pass).$salt)', hashcat=30, john=None, extended=True), | |
HashInfo(name='md5($salt.unicode($pass))', hashcat=40, john=None, extended=True), | |
HashInfo(name='HMAC-MD5 (key = $pass)', hashcat=50, john='hmac-md5', extended=True), | |
HashInfo(name='HMAC-MD5 (key = $salt)', hashcat=60, john='hmac-md5', extended=True), | |
HashInfo(name='md5(md5($salt).$pass)', hashcat=3610, john=None, extended=True), | |
HashInfo(name='md5($salt.md5($pass))', hashcat=3710, john=None, extended=True), | |
HashInfo(name='md5($pass.md5($salt))', hashcat=3720, john=None, extended=True), | |
HashInfo(name='md5($salt.$pass.$salt)', hashcat=3810, john=None, extended=True), | |
HashInfo(name='md5(md5($pass).md5($salt))', hashcat=3910, john=None, extended=True), | |
HashInfo(name='md5($salt.md5($salt.$pass))', hashcat=4010, john=None, extended=True), | |
HashInfo(name='md5($salt.md5($pass.$salt))', hashcat=4110, john=None, extended=True), | |
HashInfo(name='md5($username.0.$pass)', hashcat=4210, john=None, extended=True)]), | |
Prototype( | |
regex=re.compile(r'^(\$snefru\$)?[a-f0-9]{32}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Snefru-128', hashcat=None, john='snefru-128', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^(\$NT\$)?[a-f0-9]{32}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='NTLM', hashcat=1000, john='nt', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^([^\\\/:*?"<>|]{1,20}:)?[a-f0-9]{32}(:[^\\\/:*?"<>|]{1,20})?$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Domain Cached Credentials', hashcat=1100, john='mscach', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^([^\\\/:*?"<>|]{1,20}:)?(\$DCC2\$10240#[^\\\/:*?"<>|]{1,20}#)?[a-f0-9]{32}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Domain Cached Credentials 2', hashcat=2100, john='mscach2', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^{SHA}[a-z0-9\/+]{27}=$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='SHA-1(Base64)', hashcat=101, john='nsldap', extended=False), | |
HashInfo(name='Netscape LDAP SHA', hashcat=101, john='nsldap', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^\$1\$[a-z0-9\/.]{0,8}\$[a-z0-9\/.]{22}(:.*)?$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='MD5 Crypt', hashcat=500, john='md5crypt', extended=False), | |
HashInfo(name='Cisco-IOS(MD5)', hashcat=500, john='md5crypt', extended=False), | |
HashInfo(name='FreeBSD MD5', hashcat=500, john='md5crypt', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^0x[a-f0-9]{32}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Lineage II C4', hashcat=None, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^\$H\$[a-z0-9\/.]{31}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='phpBB v3.x', hashcat=400, john='phpass', extended=False), | |
HashInfo(name='Wordpress v2.6.0/2.6.1', hashcat=400, john='phpass', extended=False), | |
HashInfo(name="PHPass' Portable Hash", hashcat=400, john='phpass', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^\$P\$[a-z0-9\/.]{31}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name=u'Wordpress ≥ v2.6.2', hashcat=400, john='phpass', extended=False), | |
HashInfo(name=u'Joomla ≥ v2.5.18', hashcat=400, john='phpass', extended=False), | |
HashInfo(name="PHPass' Portable Hash", hashcat=400, john='phpass', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-f0-9]{32}:[a-z0-9]{2}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='osCommerce', hashcat=21, john=None, extended=False), | |
HashInfo(name='xt:Commerce', hashcat=21, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^\$apr1\$[a-z0-9\/.]{0,8}\$[a-z0-9\/.]{22}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='MD5(APR)', hashcat=1600, john=None, extended=False), | |
HashInfo(name='Apache MD5', hashcat=1600, john=None, extended=False), | |
HashInfo(name='md5apr1', hashcat=1600, john=None, extended=True)]), | |
Prototype( | |
regex=re.compile(r'^{smd5}[a-z0-9$\/.]{31}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='AIX(smd5)', hashcat=6300, john='aix-smd5', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-f0-9]{32}:[a-f0-9]{32}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='WebEdition CMS', hashcat=3721, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-f0-9]{32}:.{5}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name=u'IP.Board ≥ v2+', hashcat=2811, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-f0-9]{32}:.{8}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name=u'MyBB ≥ v1.2+', hashcat=2811, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-z0-9]{34}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='CryptoCurrency(Adress)', hashcat=None, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-f0-9]{40}(:.+)?$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='SHA-1', hashcat=100, john='raw-sha1', extended=False), | |
HashInfo(name='Double SHA-1', hashcat=4500, john=None, extended=False), | |
HashInfo(name='RIPEMD-160', hashcat=6000, john='ripemd-160', extended=False), | |
HashInfo(name='Haval-160', hashcat=None, john=None, extended=False), | |
HashInfo(name='Tiger-160', hashcat=None, john=None, extended=False), | |
HashInfo(name='HAS-160', hashcat=None, john=None, extended=False), | |
HashInfo(name='LinkedIn', hashcat=190, john='raw-sha1-linkedin', extended=False), | |
HashInfo(name='Skein-256(160)', hashcat=None, john=None, extended=False), | |
HashInfo(name='Skein-512(160)', hashcat=None, john=None, extended=False), | |
HashInfo(name='MangosWeb Enhanced CMS', hashcat=None, john=None, extended=True), | |
HashInfo(name='sha1(sha1(sha1($pass)))', hashcat=4600, john=None, extended=True), | |
HashInfo(name='sha1(md5($pass))', hashcat=4700, john=None, extended=True), | |
HashInfo(name='sha1($pass.$salt)', hashcat=110, john=None, extended=True), | |
HashInfo(name='sha1($salt.$pass)', hashcat=120, john=None, extended=True), | |
HashInfo(name='sha1(unicode($pass).$salt)', hashcat=130, john=None, extended=True), | |
HashInfo(name='sha1($salt.unicode($pass))', hashcat=140, john=None, extended=True), | |
HashInfo(name='HMAC-SHA1 (key = $pass)', hashcat=150, john='hmac-sha1', extended=True), | |
HashInfo(name='HMAC-SHA1 (key = $salt)', hashcat=160, john='hmac-sha1', extended=True), | |
HashInfo(name='sha1($salt.$pass.$salt)', hashcat=4710, john=None, extended=True)]), | |
Prototype( | |
regex=re.compile(r'^\*[a-f0-9]{40}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='MySQL5.x', hashcat=300, john='mysql-sha1', extended=False), | |
HashInfo(name='MySQL4.1', hashcat=300, john='mysql-sha1', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-z0-9]{43}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Cisco-IOS(SHA-256)', hashcat=5700, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^{SSHA}[a-z0-9\/+]{38}==$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='SSHA-1(Base64)', hashcat=111, john='nsldaps', extended=False), | |
HashInfo(name='Netscape LDAP SSHA', hashcat=111, john='nsldaps', extended=False), | |
HashInfo(name='nsldaps', hashcat=111, john='nsldaps', extended=True)]), | |
Prototype( | |
regex=re.compile(r'^[a-z0-9=]{47}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Fortigate(FortiOS)', hashcat=7000, john='fortigate', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-f0-9]{48}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Haval-192', hashcat=None, john=None, extended=False), | |
HashInfo(name='Tiger-192', hashcat=None, john='tiger', extended=False), | |
HashInfo(name='SHA-1(Oracle)', hashcat=None, john=None, extended=False), | |
HashInfo(name='OSX v10.4', hashcat=122, john='xsha', extended=False), | |
HashInfo(name='OSX v10.5', hashcat=122, john='xsha', extended=False), | |
HashInfo(name='OSX v10.6', hashcat=122, john='xsha', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-f0-9]{51}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Palshop CMS', hashcat=None, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-z0-9]{51}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='CryptoCurrency(PrivateKey)', hashcat=None, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^{ssha1}[0-9]{2}\$[a-z0-9$\/.]{44}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='AIX(ssha1)', hashcat=6700, john='aix-ssha1', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^0x0100[a-f0-9]{48}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='MSSQL(2005)', hashcat=132, john='mssql05', extended=False), | |
HashInfo(name='MSSQL(2008)', hashcat=132, john='mssql05', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^(\$md5,rounds=[0-9]+\$|\$md5\$rounds=[0-9]+\$|\$md5\$)[a-z0-9\/.]{0,16}(\$|\$\$)[a-z0-9\/.]{22}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Sun MD5 Crypt', hashcat=3300, john='sunmd5', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-f0-9]{56}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='SHA-224', hashcat=None, john='raw-sha224', extended=False), | |
HashInfo(name='Haval-224', hashcat=None, john=None, extended=False), | |
HashInfo(name='SHA3-224', hashcat=None, john=None, extended=False), | |
HashInfo(name='Skein-256(224)', hashcat=None, john=None, extended=False), | |
HashInfo(name='Skein-512(224)', hashcat=None, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^(\$2[axy]|\$2)\$[0-9]{2}\$[a-z0-9\/.]{53}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Blowfish(OpenBSD)', hashcat=3200, john='bcrypt', extended=False), | |
HashInfo(name='Woltlab Burning Board 4.x', hashcat=None, john=None, extended=False), | |
HashInfo(name='bcrypt', hashcat=3200, john='bcrypt', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-f0-9]{40}:[a-f0-9]{16}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Android PIN', hashcat=5800, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^(S:)?[a-f0-9]{40}(:)?[a-f0-9]{20}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Oracle 11g/12c', hashcat=112, john='oracle11', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^\$bcrypt-sha256\$(2[axy]|2)\,[0-9]+\$[a-z0-9\/.]{22}\$[a-z0-9\/.]{31}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='bcrypt(SHA-256)', hashcat=None, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-f0-9]{32}:.{3}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='vBulletin < v3.8.5', hashcat=2611, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-f0-9]{32}:.{30}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name=u'vBulletin ≥ v3.8.5', hashcat=2711, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^(\$snefru\$)?[a-f0-9]{64}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Snefru-256', hashcat=None, john='snefru-256', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-f0-9]{64}(:.+)?$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='SHA-256', hashcat=1400, john='raw-sha256', extended=False), | |
HashInfo(name='RIPEMD-256', hashcat=None, john=None, extended=False), | |
HashInfo(name='Haval-256', hashcat=None, john='haval-256-3', extended=False), | |
HashInfo(name='GOST R 34.11-94', hashcat=6900, john='gost', extended=False), | |
HashInfo(name='GOST CryptoPro S-Box', hashcat=None, john=None, extended=False), | |
HashInfo(name='SHA3-256', hashcat=5000, john='raw-keccak-256', extended=False), | |
HashInfo(name='Skein-256', hashcat=None, john='skein-256', extended=False), | |
HashInfo(name='Skein-512(256)', hashcat=None, john=None, extended=False), | |
HashInfo(name='Ventrilo', hashcat=None, john=None, extended=True), | |
HashInfo(name='sha256($pass.$salt)', hashcat=1410, john=None, extended=True), | |
HashInfo(name='sha256($salt.$pass)', hashcat=1420, john=None, extended=True), | |
HashInfo(name='sha256(unicode($pass).$salt)', hashcat=1430, john=None, extended=True), | |
HashInfo(name='sha256($salt.unicode($pass))', hashcat=1440, john=None, extended=True), | |
HashInfo(name='HMAC-SHA256 (key = $pass)', hashcat=1450, john='hmac-sha256', extended=True), | |
HashInfo(name='HMAC-SHA256 (key = $salt)', hashcat=1460, john='hmac-sha256', extended=True)]), | |
Prototype( | |
regex=re.compile(r'^[a-f0-9]{32}:[a-z0-9]{32}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Joomla < v2.5.18', hashcat=11, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-f-0-9]{32}:[a-f-0-9]{32}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='SAM(LM_Hash:NT_Hash)', hashcat=None, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^(\$chap\$0\*)?[a-f0-9]{32}[\*:][a-f0-9]{32}(:[0-9]{2})?$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='MD5(Chap)', hashcat=4800, john='chap', extended=False), | |
HashInfo(name='iSCSI CHAP Authentication', hashcat=4800, john='chap', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^\$episerver\$\*0\*[a-z0-9\/=+]+\*[a-z0-9\/=+]{27,28}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='EPiServer 6.x < v4', hashcat=141, john='episerver', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^{ssha256}[0-9]{2}\$[a-z0-9$\/.]{60}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='AIX(ssha256)', hashcat=6400, john='aix-ssha256', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-f0-9]{80}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='RIPEMD-320', hashcat=None, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^\$episerver\$\*1\*[a-z0-9\/=+]+\*[a-z0-9\/=+]{42,43}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name=u'EPiServer 6.x ≥ v4', hashcat=1441, john='episerver', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^0x0100[a-f0-9]{88}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='MSSQL(2000)', hashcat=131, john='mssql', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-f0-9]{96}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='SHA-384', hashcat=10800, john='raw-sha384', extended=False), | |
HashInfo(name='SHA3-384', hashcat=None, john=None, extended=False), | |
HashInfo(name='Skein-512(384)', hashcat=None, john=None, extended=False), | |
HashInfo(name='Skein-1024(384)', hashcat=None, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^{SSHA512}[a-z0-9\/+]{96}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='SSHA-512(Base64)', hashcat=1711, john='ssha512', extended=False), | |
HashInfo(name='LDAP(SSHA-512)', hashcat=1711, john='ssha512', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^{ssha512}[0-9]{2}\$[a-z0-9\/.]{16,48}\$[a-z0-9\/.]{86}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='AIX(ssha512)', hashcat=6500, john='aix-ssha512', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-f0-9]{128}(:.+)?$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='SHA-512', hashcat=1700, john='raw-sha512', extended=False), | |
HashInfo(name='Whirlpool', hashcat=6100, john='whirlpool', extended=False), | |
HashInfo(name='Salsa10', hashcat=None, john=None, extended=False), | |
HashInfo(name='Salsa20', hashcat=None, john=None, extended=False), | |
HashInfo(name='SHA3-512', hashcat=None, john='raw-keccak', extended=False), | |
HashInfo(name='Skein-512', hashcat=None, john='skein-512', extended=False), | |
HashInfo(name='Skein-1024(512)', hashcat=None, john=None, extended=False), | |
HashInfo(name='sha512($pass.$salt)', hashcat=1710, john=None, extended=True), | |
HashInfo(name='sha512($salt.$pass)', hashcat=1720, john=None, extended=True), | |
HashInfo(name='sha512(unicode($pass).$salt)', hashcat=1730, john=None, extended=True), | |
HashInfo(name='sha512($salt.unicode($pass))', hashcat=1740, john=None, extended=True), | |
HashInfo(name='HMAC-SHA512 (key = $pass)', hashcat=1750, john='hmac-sha512', extended=True), | |
HashInfo(name='HMAC-SHA512 (key = $salt)', hashcat=1760, john='hmac-sha512', extended=True)]), | |
Prototype( | |
regex=re.compile(r'^[a-f0-9]{136}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='OSX v10.7', hashcat=1722, john='xsha512', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^0x0200[a-f0-9]{136}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='MSSQL(2012)', hashcat=1731, john='msql12', extended=False), | |
HashInfo(name='MSSQL(2014)', hashcat=1731, john='msql12', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^\$ml\$[0-9]+\$[a-f0-9]{64}\$[a-f0-9]{128}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='OSX v10.8', hashcat=7100, john='pbkdf2-hmac-sha512', extended=False), | |
HashInfo(name='OSX v10.9', hashcat=7100, john='pbkdf2-hmac-sha512', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-f0-9]{256}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Skein-1024', hashcat=None, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^grub\.pbkdf2\.sha512\.[0-9]+\.([a-f0-9]{128,2048}\.|[0-9]+\.)?[a-f0-9]{128}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='GRUB 2', hashcat=7200, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^sha1\$[a-z0-9]+\$[a-f0-9]{40}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Django(SHA-1)', hashcat=124, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-f0-9]{49}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Citrix Netscaler', hashcat=8100, john='citrix_ns10', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^\$S\$[a-z0-9\/.]{52}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Drupal > v7.x', hashcat=7900, john='drupal7', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^\$5\$(rounds=[0-9]+\$)?[a-z0-9\/.]{0,16}\$[a-z0-9\/.]{43}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='SHA-256 Crypt', hashcat=7400, john='sha256crypt', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^0x[a-f0-9]{4}[a-f0-9]{16}[a-f0-9]{64}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Sybase ASE', hashcat=8000, john='sybasease', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^\$6\$(rounds=[0-9]+\$)?[a-z0-9\/.]{0,16}\$[a-z0-9\/.]{86}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='SHA-512 Crypt', hashcat=1800, john='sha512crypt', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^\$sha\$[a-z0-9]{1,16}\$([a-f0-9]{32}|[a-f0-9]{40}|[a-f0-9]{64}|[a-f0-9]{128}|[a-f0-9]{140})$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Minecraft(AuthMe Reloaded)', hashcat=None, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^sha256\$[a-z0-9]+\$[a-f0-9]{64}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Django(SHA-256)', hashcat=None, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^sha384\$[a-z0-9]+\$[a-f0-9]{96}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Django(SHA-384)', hashcat=None, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^crypt1:[a-z0-9+=]{12}:[a-z0-9+=]{12}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Clavister Secure Gateway', hashcat=None, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-f0-9]{112}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Cisco VPN Client(PCF-File)', hashcat=None, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-f0-9]{1329}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Microsoft MSTSC(RDP-File)', hashcat=None, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[^\\\/:*?"<>|]{1,20}[:]{2,3}([^\\\/:*?"<>|]{1,20})?:[a-f0-9]{48}:[a-f0-9]{48}:[a-f0-9]{16}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='NetNTLMv1-VANILLA / NetNTLMv1+ESS', hashcat=5500, john='netntlm', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^([^\\\/:*?"<>|]{1,20}\\)?[^\\\/:*?"<>|]{1,20}[:]{2,3}([^\\\/:*?"<>|]{1,20}:)?[^\\\/:*?"<>|]{1,20}:[a-f0-9]{32}:[a-f0-9]+$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='NetNTLMv2', hashcat=5600, john='netntlmv2', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^\$(krb5pa|mskrb5)\$([0-9]{2})?\$.+\$[a-f0-9]{1,}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Kerberos 5 AS-REQ Pre-Auth', hashcat=7500, john='krb5pa-md5', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^\$scram\$[0-9]+\$[a-z0-9\/.]{16}\$sha-1=[a-z0-9\/.]{27},sha-256=[a-z0-9\/.]{43},sha-512=[a-z0-9\/.]{86}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='SCRAM Hash', hashcat=None, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-f0-9]{40}:[a-f0-9]{0,32}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Redmine Project Management Web App', hashcat=7600, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^(.+)?\$[a-f0-9]{16}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='SAP CODVN B (BCODE)', hashcat=7700, john='sapb', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^(.+)?\$[a-f0-9]{40}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='SAP CODVN F/G (PASSCODE)', hashcat=7800, john='sapg', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^(.+\$)?[a-z0-9\/.+]{30}(:.+)?$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Juniper Netscreen/SSG(ScreenOS)', hashcat=22, john='md5ns', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^0x[a-f0-9]{60}\s0x[a-f0-9]{40}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='EPi', hashcat=123, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-f0-9]{40}:[^*]{1,25}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name=u'SMF ≥ v1.1', hashcat=121, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^(\$wbb3\$\*1\*)?[a-f0-9]{40}[:*][a-f0-9]{40}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Woltlab Burning Board 3.x', hashcat=8400, john='wbb3', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-f0-9]{130}(:[a-f0-9]{40})?$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='IPMI2 RAKP HMAC-SHA1', hashcat=7300, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-f0-9]{32}:[0-9]+:[a-z0-9_.+-]+@[a-z0-9-]+\.[a-z0-9-.]+$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Lastpass', hashcat=6800, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-z0-9\/.]{16}([:$].{1,})?$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Cisco-ASA(MD5)', hashcat=2410, john='asa-md5', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^\$vnc\$\*[a-f0-9]{32}\*[a-f0-9]{32}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='VNC', hashcat=None, john='vnc', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-z0-9]{32}(:([a-z0-9-]+\.)?[a-z0-9-.]+\.[a-z]{2,7}:.+:[0-9]+)?$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='DNSSEC(NSEC3)', hashcat=8300, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^(user-.+:)?\$racf\$\*.+\*[a-f0-9]{16}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='RACF', hashcat=8500, john='racf', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^\$3\$\$[a-f0-9]{32}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='NTHash(FreeBSD Variant)', hashcat=None, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^\$sha1\$[0-9]+\$[a-z0-9\/.]{0,64}\$[a-z0-9\/.]{28}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='SHA-1 Crypt', hashcat=None, john='sha1crypt', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-f0-9]{70}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='hMailServer', hashcat=1421, john='hmailserver', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[:\$][AB][:\$]([a-f0-9]{1,8}[:\$])?[a-f0-9]{32}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='MediaWiki', hashcat=3711, john='mediawiki', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-f0-9]{140}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Minecraft(xAuth)', hashcat=None, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^\$pbkdf2(-sha1)?\$[0-9]+\$[a-z0-9\/.]+\$[a-z0-9\/.]{27}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='PBKDF2-SHA1(Generic)', hashcat=None, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^\$pbkdf2-sha256\$[0-9]+\$[a-z0-9\/.]+\$[a-z0-9\/.]{43}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='PBKDF2-SHA256(Generic)', hashcat=None, john='pbkdf2-hmac-sha256', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^\$pbkdf2-sha512\$[0-9]+\$[a-z0-9\/.]+\$[a-z0-9\/.]{86}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='PBKDF2-SHA512(Generic)', hashcat=None, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^\$p5k2\$[0-9]+\$[a-z0-9\/+=-]+\$[a-z0-9\/+-]{27}=$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='PBKDF2(Cryptacular)', hashcat=None, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^\$p5k2\$[0-9]+\$[a-z0-9\/.]+\$[a-z0-9\/.]{32}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='PBKDF2(Dwayne Litzenberger)', hashcat=None, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^{FSHP[0123]\|[0-9]+\|[0-9]+}[a-z0-9\/+=]+$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Fairly Secure Hashed Password', hashcat=None, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^\$PHPS\$.+\$[a-f0-9]{32}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='PHPS', hashcat=2612, john='phps', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[0-9]{4}:[a-f0-9]{16}:[a-f0-9]{2080}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='1Password(Agile Keychain)', hashcat=6600, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-f0-9]{64}:[a-f0-9]{32}:[0-9]{5}:[a-f0-9]{608}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='1Password(Cloud Keychain)', hashcat=8200, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-f0-9]{256}:[a-f0-9]{256}:[a-f0-9]{16}:[a-f0-9]{16}:[a-f0-9]{320}:[a-f0-9]{16}:[a-f0-9]{40}:[a-f0-9]{40}:[a-f0-9]{32}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='IKE-PSK MD5', hashcat=5300, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-f0-9]{256}:[a-f0-9]{256}:[a-f0-9]{16}:[a-f0-9]{16}:[a-f0-9]{320}:[a-f0-9]{16}:[a-f0-9]{40}:[a-f0-9]{40}:[a-f0-9]{40}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='IKE-PSK SHA1', hashcat=5400, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-z0-9\/+]{27}=$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='PeopleSoft', hashcat=133, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^crypt\$[a-f0-9]{5}\$[a-z0-9\/.]{13}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Django(DES Crypt Wrapper)', hashcat=None, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^(\$django\$\*1\*)?pbkdf2_sha256\$[0-9]+\$[a-z0-9]+\$[a-z0-9\/+=]{44}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Django(PBKDF2-HMAC-SHA256)', hashcat=10000, john='django', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^pbkdf2_sha1\$[0-9]+\$[a-z0-9]+\$[a-z0-9\/+=]{28}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Django(PBKDF2-HMAC-SHA1)', hashcat=None, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^bcrypt(\$2[axy]|\$2)\$[0-9]{2}\$[a-z0-9\/.]{53}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Django(bcrypt)', hashcat=None, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^md5\$[a-f0-9]+\$[a-f0-9]{32}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Django(MD5)', hashcat=None, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^\{PKCS5S2\}[a-z0-9\/+]{64}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='PBKDF2(Atlassian)', hashcat=None, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^md5[a-f0-9]{32}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='PostgreSQL MD5', hashcat=None, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^\([a-z0-9\/+]{49}\)$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Lotus Notes/Domino 8', hashcat=9100, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^SCRYPT:[0-9]{1,}:[0-9]{1}:[0-9]{1}:[a-z0-9:\/+=]{1,}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='scrypt', hashcat=8900, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^\$8\$[a-z0-9\/.]{14}\$[a-z0-9\/.]{43}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Cisco Type 8', hashcat=9200, john='cisco8', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^\$9\$[a-z0-9\/.]{14}\$[a-z0-9\/.]{43}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Cisco Type 9', hashcat=9300, john='cisco9', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^\$office\$\*2007\*[0-9]{2}\*[0-9]{3}\*[0-9]{2}\*[a-z0-9]{32}\*[a-z0-9]{32}\*[a-z0-9]{40}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Microsoft Office 2007', hashcat=9400, john='office', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^\$office\$\*2010\*[0-9]{6}\*[0-9]{3}\*[0-9]{2}\*[a-z0-9]{32}\*[a-z0-9]{32}\*[a-z0-9]{64}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Microsoft Office 2010', hashcat=9500, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^\$office\$\*2013\*[0-9]{6}\*[0-9]{3}\*[0-9]{2}\*[a-z0-9]{32}\*[a-z0-9]{32}\*[a-z0-9]{64}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Microsoft Office 2013', hashcat=9600, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^\$fde\$[0-9]{2}\$[a-f0-9]{32}\$[0-9]{2}\$[a-f0-9]{32}\$[a-f0-9]{3072}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name=u'Android FDE ≤ 4.3', hashcat=8800, john='fde', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^\$oldoffice\$[01]\*[a-f0-9]{32}\*[a-f0-9]{32}\*[a-f0-9]{32}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name=u'Microsoft Office ≤ 2003 (MD5+RC4)', hashcat=9700, john='oldoffice', extended=False), | |
HashInfo(name=u'Microsoft Office ≤ 2003 (MD5+RC4) collider-mode #1', hashcat=9710, john='oldoffice', extended=False), | |
HashInfo(name=u'Microsoft Office ≤ 2003 (MD5+RC4) collider-mode #2', hashcat=9720, john='oldoffice', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^\$oldoffice\$[34]\*[a-f0-9]{32}\*[a-f0-9]{32}\*[a-f0-9]{40}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name=u'Microsoft Office ≤ 2003 (SHA1+RC4)', hashcat=9800, john=None, extended=False), | |
HashInfo(name=u'Microsoft Office ≤ 2003 (SHA1+RC4) collider-mode #1', hashcat=9810, john=None, extended=False), | |
HashInfo(name=u'Microsoft Office ≤ 2003 (SHA1+RC4) collider-mode #2', hashcat=9820, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^(\$radmin2\$)?[a-f0-9]{32}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='RAdmin v2.x', hashcat=9900, john='radmin', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^{x-issha,\s[0-9]{4}}[a-z0-9\/+=]+$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='SAP CODVN H (PWDSALTEDHASH) iSSHA-1', hashcat=10300, john='saph', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^\$cram_md5\$[a-z0-9\/+=-]+\$[a-z0-9\/+=-]{52}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='CRAM-MD5', hashcat=10200, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-f0-9]{16}:2:4:[a-f0-9]{32}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='SipHash', hashcat=10100, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^[a-f0-9]{4,}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Cisco Type 7', hashcat=None, john=None, extended=True)]), | |
Prototype( | |
regex=re.compile(r'^[a-z0-9\/.]{13,}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='BigCrypt', hashcat=None, john='bigcrypt', extended=True)]), | |
Prototype( | |
regex=re.compile(r'^(\$cisco4\$)?[a-z0-9\/.]{43}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Cisco Type 4', hashcat=None, john='cisco4', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^bcrypt_sha256\$\$(2[axy]|2)\$[0-9]+\$[a-z0-9\/.]{53}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Django(bcrypt-SHA256)', hashcat=None, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^\$postgres\$.[^\*]+[*:][a-f0-9]{1,32}[*:][a-f0-9]{32}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='PostgreSQL Challenge-Response Authentication (MD5)', hashcat=11100, john='postgres', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^\$siemens-s7\$[0-9]{1}\$[a-f0-9]{40}\$[a-f0-9]{40}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Siemens-S7', hashcat=None, john='siemens-s7', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^(\$pst\$)?[a-f0-9]{8}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Microsoft Outlook PST', hashcat=None, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^sha256[:$][0-9]+[:$][a-z0-9\/+]+[:$][a-z0-9\/+]{32,128}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='PBKDF2-HMAC-SHA256(PHP)', hashcat=10900, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^(\$dahua\$)?[a-z0-9]{8}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='Dahua', hashcat=None, john='dahua', extended=False)]), | |
Prototype( | |
regex=re.compile(r'^\$mysqlna\$[a-f0-9]{40}[:*][a-f0-9]{40}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='MySQL Challenge-Response Authentication (SHA1)', hashcat=11200, john=None, extended=False)]), | |
Prototype( | |
regex=re.compile(r'^\$pdf\$[24]\*[34]\*128\*[0-9-]{1,5}\*1\*(16|32)\*[a-f0-9]{32,64}\*32\*[a-f0-9]{64}\*(8|16|32)\*[a-f0-9]{16,64}$', re.IGNORECASE), | |
modes=[ | |
HashInfo(name='PDF 1.4 - 1.6 (Acrobat 5 - 8)', hashcat=10500, john='pdf', extended=False)]) | |
] | |
print json.dumps(prototypes, indent=4) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment