-4

I have one hash, I know its value, but not its type. Here is it:

6dfb036bf703d75f9bc8219ba1224d876783fa61

I tried something like php -r "echo sha1('abc');", but it gave me another value, so this hash is not SHA1.

How to identify this type of hash?

peterh
  • 2,958
  • 6
  • 26
  • 32
Sylveste3
  • 1
  • 1
  • possible [duplicate](http://security.stackexchange.com/questions/11717/why-are-hash-functions-one-way-if-i-know-the-algorithm-why-cant-i-calculate-t/11723#11723) –  Aug 02 '15 at 06:42
  • 3
    a) There are many hash functions (if "homebrew" is included, infinite many). b) Who said that the raw hash function was applied? Combinations, repetitions of the same function, adding random values to the data before hashing... for all we know, it could be 10000000 times SHA1 repeated or something like that. – deviantfan Aug 02 '15 at 09:29
  • What do you mean by "I know its value"? Do you mean that you know what the input of the hash function was? If so, you can use that knowledge to find the hash type through brute force (by trying them all). Similarly, you could try to use a password cracker like john: http://www.openwall.com/john/ But of course, this will only identify the types that john knows about. – Rens van der Heijden Aug 02 '15 at 14:46
  • This is exactly what I was trying to say, I signed up into the targeted website with the following password: "abc". I then signed up with another username and the same password 'abc' and it gave me a differnet value when I dumped my usernames hashed password from the database. Of course i could brute force the algorythm, but without php -r "echo sha1(sha1('pass'.'thingtotest'));" I have no ideas how, if they are softwares that can do it for me (sorry for the context) then you will help me a lot, thank you... – Sylveste3 Aug 02 '15 at 15:29
  • @Sylveste3 You got a DB dump, but not the code which does the hashing part? Usually, you should have either both or nothing... something is fishy here. – deviantfan Aug 03 '15 at 22:49

2 Answers2

1

It is probably still a SHA-1 hash (judging on the length), but maybe 'abc' was hashed with some salt.
Salt is random data which is hashed along with the password. The salt is then stored in the database along with the hased password (+salt). This is done to prevent someone looking up the hash of a common string or password in a 'dictionary' which links it to the input (example).

SWdV
  • 189
  • 11
-1

Hashes are one-way functions, which essentially means, they were constructed to make practically impossible to reconstruct their input from their output.

However, there are some narrow possibilities to reconstruct the original value:

  • If you can somehow narrow the possible values, you can hash them one by one and compare to your desired output. For example, if you need to crack a weak password, you can use all words of a dictionary.
  • Maybe there are known attacks to a hash function (in case of sha1, you seem to have luck), which also enables you to significantly lower their computing time.

Simply decipher your sha1 result probably can't be done on a feasible way.

peterh
  • 2,958
  • 6
  • 26
  • 32