Created
December 16, 2014 15:51
-
-
Save ddouhine/8a8cb363c3d6e1abe49b to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| DES(Unix) | |
| Example: IvS7aeT4NzQPM | |
| Used in Linux and other similar OS. | |
| Length: 13 characters. | |
| Description: The first two characters are the salt (random characters; in our example the salt is the string "Iv"), then there follows the actual hash. | |
| Notes: [1] [2] | |
| Domain Cached Credentials | |
| Example: Admin:b474d48cdfc4974d86ef4d24904cdd91 | |
| Used for caching passwords of Windows domain. | |
| Length: 16 bytes. | |
| Algorithm: MD4(MD4(Unicode($pass)).Unicode(strtolower($username))) | |
| Note: [1] | |
| MD5(Unix) | |
| Example: $1$12345678$XM4P3PrKBgKNnTaqG9P0T/ | |
| Used in Linux and other similar OS. | |
| Length: 34 characters. | |
| Description: The hash begins with the $1$ signature, then there goes the salt (up to 8 random characters; in our example the salt is the string "12345678"), then there goes one more $ character, followed by the actual hash. | |
| Algorithm: Actually that is a loop calling the MD5 algorithm 2000 times. | |
| Notes: [1] [2] | |
| MD5(APR) | |
| Example: $apr1$12345678$auQSX8Mvzt.tdBi4y6Xgj. | |
| Used in Linux and other similar OS. | |
| Length: 37 characters. | |
| Description: The hash begins with the $apr1$ signature, then there goes the salt (up to 8 random characters; in our example the salt is the string "12345678"), then there goes one more $ character, followed by the actual hash. | |
| Algorithm: Actually that is a loop calling the MD5 algorithm 2000 times. | |
| Notes: [1] [2] | |
| MD5(phpBB3) | |
| Example: $H$9123456785DAERgALpsri.D9z3ht120 | |
| Used in phpBB 3.x.x. | |
| Length: 34 characters. | |
| Description: The hash begins with the $H$ signature, then there goes one character (most often the number '9'), then there goes the salt (8 random characters; in our example the salt is the string "12345678"), followed by the actual hash. | |
| Algorithm: Actually that is a loop calling the MD5 algorithm 2048 times. | |
| Notes: [1] [2] | |
| MD5(Wordpress) | |
| Example: $P$B123456780BhGFYSlUqGyE6ErKErL01 | |
| Used in Wordpress. | |
| Length: 34 characters. | |
| Description: The hash begins with the $P$ signature, then there goes one character (most often the number 'B'), then there goes the salt (8 random characters; in our example the salt is the string "12345678"), followed by the actual hash. | |
| Algorithm: Actually that is a loop calling the MD5 algorithm 8192 times. | |
| Notes: [1] [2] | |
| MySQL | |
| Example: 606717496665bcba | |
| Used in the old versions of MySQL. | |
| Length: 8 bytes. | |
| Description: The hash consists of two DWORDs, each not exceeding the value of 0x7fffffff. | |
| MySQL5 | |
| Example: *E6CC90B878B948C35E92B003C792C46C58C4AF40 | |
| Used in the new versions of MySQL. | |
| Length: 20 bytes. | |
| Algorithm: SHA-1(SHA-1($pass)) | |
| Note: The hashes are to be loaded to the program without the asterisk that stands in the beginning of each hash. | |
| RAdmin v2.x | |
| Example: 5e32cceaafed5cc80866737dfb212d7f | |
| Used in the application Remote Administrator v2.x. | |
| Length: 16 bytes. | |
| Algorithm: The password is padded with zeros to the length of 100 bytes, then that entire string is hashed with the MD5 algorithm. | |
| MD5 | |
| Example: c4ca4238a0b923820dcc509a6f75849b | |
| Used in phpBB v2.x, Joomla version below 1.0.13 and many other forums and CMS. | |
| Length: 16 bytes. | |
| Algorithm: Same as the md5() function in PHP. | |
| md5($pass.$salt) | |
| Example: 6f04f0d75f6870858bae14ac0b6d9f73:1234 | |
| Used in WB News, Joomla version 1.0.13 and higher. | |
| Length: 16 bytes. | |
| Note: [1] | |
| md5($salt.$pass) | |
| Example: f190ce9ac8445d249747cab7be43f7d5:12 | |
| Used in osCommerce, AEF, Gallery and other CMS. | |
| Length: 16 bytes. | |
| Note: [1] | |
| md5(md5($pass)) | |
| Example: 28c8edde3d61a0411511d3b1866f0636 | |
| Used in e107, DLE, AVE, Diferior, Koobi and other CMS. | |
| Length: 16 bytes. | |
| md5(md5($pass).$salt) | |
| Example: 6011527690eddca23580955c216b1fd2:wQ6 | |
| Used in vBulletin, IceBB. | |
| Length: 16 bytes. | |
| Notes: [1] [3] [4] | |
| md5(md5($salt).md5($pass)) | |
| Example: 81f87275dd805aa018df8befe09fe9f8:wH6_S | |
| Used in IPB. | |
| Length: 16 bytes. | |
| Notes: [1] [3] | |
| md5(md5($salt).$pass) | |
| Example: 816a14db44578f516cbaef25bd8d8296:1234 | |
| Used in MyBB. | |
| Length: 16 bytes. | |
| Note: [1] | |
| md5($salt.$pass.$salt) | |
| Example: a3bc9e11fddf4fef4deea11e33668eab:1234 | |
| Used in TBDev. | |
| Length: 16 bytes. | |
| Note: [1] | |
| md5($salt.md5($salt.$pass)) | |
| Example: 1d715e52285e5a6b546e442792652c8a:1234 | |
| Used in DLP. | |
| Length: 16 bytes. | |
| Note: [1] | |
| SHA-1 | |
| Example: 356a192b7913b04c54574d18c28d46e6395428ab | |
| Used in many forums and CMS. | |
| Length: 20 bytes. | |
| Algorithm: Same as the sha1() function in PHP. | |
| sha1(strtolower($username).$pass) | |
| Example: Admin:6c7ca345f63f835cb353ff15bd6c5e052ec08e7a | |
| Used in SMF. | |
| Length: 20 bytes. | |
| Note: [1] | |
| sha1($salt.sha1($salt.sha1($pass))) | |
| Example: cd37bfbf68d198d11d39a67158c0c9cddf34573b:1234 | |
| Used in Woltlab BB. | |
| Length: 20 bytes. | |
| Note: [1] | |
| SHA-256(Unix) | |
| Example: $5$12345678$jBWLgeYZbSvREnuBr5s3gp13vqi | |
| Used in Linux and other similar OS. | |
| Length: 55 characters. | |
| Description: The hash begins with the $5$ signature, then there goes the salt (up to 8 random characters; in our example the salt is the string "12345678"), then there goes one more $ character, followed by the actual hash. | |
| Algorithm: Actually that is a loop calling the SHA-256 algorithm 5000 times. | |
| Notes: [1] [2] | |
| SHA-512(Unix) | |
| Example: $6$12345678$U6Yv5E1lWn6mEESzKen42o6rbEm | |
| Used in Linux and other similar OS. | |
| Length: 98 characters. | |
| Description: The hash begins with the $6$ signature, then there goes the salt (up to 8 random characters; in our example the salt is the string "12345678"), then there goes one more $ character, followed by the actual hash. | |
| Algorithm: Actually that is a loop calling the SHA-512 algorithm 5000 times. | |
| Notes: [1] [2] | |
| SHA-1(Django) = sha1($salt.$pass) | |
| Example: sha1$12345678$90fbbcf2b72b5973ae42cd3a19ab4ae8a1bd210b | |
| 12345678 is salt (in the hexadecimal format) | |
| 90fbbcf2b72b5973ae42cd3a19ab4ae8a1bd210b is SHA-1 hash. | |
| SHA-256(Django) = SHA-256($salt.$pass) | |
| Example: sha256$12345678$154c4c511cbb166a317c247a839e46cac6d9208af5b015e1867a84cd9a56007b | |
| 12345678 is salt (in the hexadecimal format) | |
| 154c4c511cbb166a317c247a839e46cac6d9208af5b015e1867a84cd9a56007b is SHA-256 hash. | |
| SHA-384(Django) = SHA-384($salt.$pass) | |
| Example: sha384$12345678$c0be393a500c7d42b1bd03a1a0a76302f7f472fc132f11ea6373659d0bd8675d04e12d8016d83001c327f0ab70843dd5 | |
| 12345678 is salt (in the hexadecimal format) | |
| c0be393a500c7d42b1bd03a1a0a76302f7f472fc132f11ea6373659d0bd8675d04e12d8016d83001c327f0ab70843dd5 is SHA-384 hash. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment