Intro to hashes

  • Hello, this article will cover the topic of hashing. A hash is the product of a hashing function, and hashing functions are encryption algorithms, specifically one-way encryption. Now this means that one cannot directly decrypt it. In order to find the plain text value of a hash, you must use the same hashing function on various plain text strings, this is known as “cracking a hash”. Hashes can also be called message digests, hence names like MD5(more on that later.) Now there are some issues with hashing, a big one being collisions. Basically this means multiple inputs can have identical output. We'll get into that in a bit.
    
    	So now that you know what a hash is, lets talk about some different algorithms that are in use. First I will talk about MD5, which I mentioned earlier. MD5 outputs a 32 character long encrypted string. MD5 is considered to be insecure, as the algorithm has been found to generate a large amount of collisions. SHA-1 is another algorithm which is commonly used, considered better than MD5 but was discovered to have many collisions as well. This was determined in a cryptanalysis attack in 2008, run by Stephane Manuel. The recommended algorithms are SHA-256 & SHA-512. For more algorithms, check the bottom of this document.
    
    	A good habit to have when hashing is using a salt. A salt is a short string of characters encrypted in addition to the data being hashed. This can be done in many ways, some salted hash functions Ive seen used are:
    	
                                                            Examples
    md5(md5($pass).$salt)
    md5($salt.$pass)
    md5($pass.$salt);
    
    Now we'll talk about identifying and cracking hashes. In order to crack these hashes you will need to code/download a hash cracker. I recommend John the Ripper, found at http://www.openwall.com/john/. John usually is able to detect the type of hash in use. Now, the drawback of pre-made crackers is when you run into custom algorithms, in which case if you know what they used, you can rather easily code a cracker for said algorithms. For John simple put the password in a text file with this syntax: 
    Username:Hash. Then fire up john either with a wordlist or brute force. Since this is not a tutorial for John the Ripper I will not explain in detail. Here is a table with various algorithms and their hash length.
    
    	
    Algorithm     Output length
    MD5                   32
    SHA1                 41
    SHA 256(Unix)    55
    SHA 512(Unix)    98
    DES                   13
    
    	An easy way to identify SHA 256 is to check if the hash begins with $5$, or $6$ for SHA 512.
    DES is used in apache .htpasswd files, which I believe is the most common use of DES. MD5 and SHA-1 are used heavily across the internet, although they are considered less secure than the recommendation.  
    
    	I hope I have helped you understand Hashing, and how to identify them. At this point you should be more aware of how to use hashes that are hard to crack and how to crack them. Before I sign off, I have one more thing to say, and that is to ALWAYS use a salt in your hashes. Hope you found this useful.
    	
    
    	st3alth