pl77 · February 4, 2021 18:31
diff --git a/Hashes b/Hashes
 DES(Unix)
 Example: IvS7aeT4NzQPM
 Used in Linux and other similar OS.
 Length: 13 characters.
 Description: The first two characters are the salt (random characters; in our example the salt is the string "Iv"), then there follows the actual hash.
 Notes: [1] [2]

 Domain Cached Credentials
 Example: Admin:b474d48cdfc4974d86ef4d24904cdd91
 Used for caching passwords of Windows domain.
 Length: 16 bytes.
 Algorithm: MD4(MD4(Unicode($pass)).Unicode(strtolower($username)))
 Note: [1]

 MD5(Unix)
 Example: $1$12345678$XM4P3PrKBgKNnTaqG9P0T/
 Used in Linux and other similar OS.
 Length: 34 characters.
 Description: The hash begins with the $1$ signature, then there goes the salt (up to 8 random characters; in our example the salt is the string "12345678"), then there goes one more $ character, followed by the actual hash.
 Algorithm: Actually that is a loop calling the MD5 algorithm 2000 times.
 Notes: [1] [2]

 MD5(APR)
 Example: $apr1$12345678$auQSX8Mvzt.tdBi4y6Xgj.
 Used in Linux and other similar OS.
 Length: 37 characters.
 Description: The hash begins with the $apr1$ signature, then there goes the salt (up to 8 random characters; in our example the salt is the string "12345678"), then there goes one more $ character, followed by the actual hash.
 Algorithm: Actually that is a loop calling the MD5 algorithm 2000 times.
 Notes: [1] [2]


 MD5(phpBB3)
 Example: $H$9123456785DAERgALpsri.D9z3ht120
 Used in phpBB 3.x.x.
 Length: 34 characters.
 Description: The hash begins with the $H$ signature, then there goes one character (most often the number '9'), then there goes the salt (8 random characters; in our example the salt is the string "12345678"), followed by the actual hash.
 Algorithm: Actually that is a loop calling the MD5 algorithm 2048 times.
 Notes: [1] [2]


 MD5(Wordpress)
 Example: $P$B123456780BhGFYSlUqGyE6ErKErL01
 Used in Wordpress.
 Length: 34 characters.
 Description: The hash begins with the $P$ signature, then there goes one character (most often the number 'B'), then there goes the salt (8 random characters; in our example the salt is the string "12345678"), followed by the actual hash.
 Algorithm: Actually that is a loop calling the MD5 algorithm 8192 times.
 Notes: [1] [2]

 MySQL
 Example: 606717496665bcba
 Used in the old versions of MySQL.
 Length: 8 bytes.
 Description: The hash consists of two DWORDs, each not exceeding the value of 0x7fffffff.

 MySQL5
 Example: *E6CC90B878B948C35E92B003C792C46C58C4AF40
 Used in the new versions of MySQL.
 Length: 20 bytes.
 Algorithm: SHA-1(SHA-1($pass))
 Note: The hashes are to be loaded to the program without the asterisk that stands in the beginning of each hash.

 RAdmin v2.x
 Example: 5e32cceaafed5cc80866737dfb212d7f
 Used in the application Remote Administrator v2.x.
 Length: 16 bytes.
 Algorithm: The password is padded with zeros to the length of 100 bytes, then that entire string is hashed with the MD5 algorithm.

 MD5
 Example: c4ca4238a0b923820dcc509a6f75849b
 Used in phpBB v2.x, Joomla version below 1.0.13 and many other forums and CMS.
 Length: 16 bytes.
 Algorithm: Same as the md5() function in PHP.

 md5($pass.$salt)
 Example: 6f04f0d75f6870858bae14ac0b6d9f73:1234
 Used in WB News, Joomla version 1.0.13 and higher.
 Length: 16 bytes.
 Note: [1]

 md5($salt.$pass)
 Example: f190ce9ac8445d249747cab7be43f7d5:12
 Used in osCommerce, AEF, Gallery and other CMS.
 Length: 16 bytes.
 Note: [1]

 md5(md5($pass))
 Example: 28c8edde3d61a0411511d3b1866f0636
 Used in e107, DLE, AVE, Diferior, Koobi and other CMS.
 Length: 16 bytes.

 md5(md5($pass).$salt)
 Example: 6011527690eddca23580955c216b1fd2:wQ6
 Used in vBulletin, IceBB.
 Length: 16 bytes.
 Notes: [1] [3] [4]

 md5(md5($salt).md5($pass))
 Example: 81f87275dd805aa018df8befe09fe9f8:wH6_S
 Used in IPB.
 Length: 16 bytes.
 Notes: [1] [3]

 md5(md5($salt).$pass)
 Example: 816a14db44578f516cbaef25bd8d8296:1234
 Used in MyBB.
 Length: 16 bytes.
 Note: [1]

 md5($salt.$pass.$salt)
 Example: a3bc9e11fddf4fef4deea11e33668eab:1234
 Used in TBDev.
 Length: 16 bytes.
 Note: [1]


 md5($salt.md5($salt.$pass))
 Example: 1d715e52285e5a6b546e442792652c8a:1234
 Used in DLP.
 Length: 16 bytes.
 Note: [1]

 SHA-1
 Example: 356a192b7913b04c54574d18c28d46e6395428ab
 Used in many forums and CMS.
 Length: 20 bytes.
 Algorithm: Same as the sha1() function in PHP.

 sha1(strtolower($username).$pass)
 Example: Admin:6c7ca345f63f835cb353ff15bd6c5e052ec08e7a
 Used in SMF.
 Length: 20 bytes.
 Note: [1]


 sha1($salt.sha1($salt.sha1($pass)))
 Example: cd37bfbf68d198d11d39a67158c0c9cddf34573b:1234
 Used in Woltlab BB.
 Length: 20 bytes.
 Note: [1]

 SHA-256(Unix)
 Example: $5$12345678$jBWLgeYZbSvREnuBr5s3gp13vqi
 Used in Linux and other similar OS.
 Length: 55 characters.
 Description: The hash begins with the $5$ signature, then there goes the salt (up to 8 random characters; in our example the salt is the string "12345678"), then there goes one more $ character, followed by the actual hash.
 Algorithm: Actually that is a loop calling the SHA-256 algorithm 5000 times.
 Notes: [1] [2]

 SHA-512(Unix)
 Example: $6$12345678$U6Yv5E1lWn6mEESzKen42o6rbEm
 Used in Linux and other similar OS.
 Length: 98 characters.
 Description: The hash begins with the $6$ signature, then there goes the salt (up to 8 random characters; in our example the salt is the string "12345678"), then there goes one more $ character, followed by the actual hash.
 Algorithm: Actually that is a loop calling the SHA-512 algorithm 5000 times.
 Notes: [1] [2]


 SHA-1(Django) = sha1($salt.$pass)
 Example: sha1$12345678$90fbbcf2b72b5973ae42cd3a19ab4ae8a1bd210b
 12345678 is salt (in the hexadecimal format)
 90fbbcf2b72b5973ae42cd3a19ab4ae8a1bd210b is SHA-1 hash.

 SHA-256(Django) = SHA-256($salt.$pass)
 Example: sha256$12345678$154c4c511cbb166a317c247a839e46cac6d9208af5b015e1867a84cd9a56007b
 12345678 is salt (in the hexadecimal format)
 154c4c511cbb166a317c247a839e46cac6d9208af5b015e1867a84cd9a56007b is SHA-256 hash.


 SHA-384(Django) = SHA-384($salt.$pass)
 Example: sha384$12345678$c0be393a500c7d42b1bd03a1a0a76302f7f472fc132f11ea6373659d0bd8675d04e12d8016d83001c327f0ab70843dd5
 12345678 is salt (in the hexadecimal format)
 c0be393a500c7d42b1bd03a1a0a76302f7f472fc132f11ea6373659d0bd8675d04e12d8016d83001c327f0ab70843dd5 is SHA-384 hash.
	DES(Unix)
	Example: IvS7aeT4NzQPM
	Used in Linux and other similar OS.
	Length: 13 characters.
	Description: The first two characters are the salt (random characters; in our example the salt is the string "Iv"), then there follows the actual hash.
	Notes: [1] [2]

	Domain Cached Credentials
	Example: Admin:b474d48cdfc4974d86ef4d24904cdd91
	Used for caching passwords of Windows domain.
	Length: 16 bytes.
	Algorithm: MD4(MD4(Unicode($pass)).Unicode(strtolower($username)))
	Note: [1]

	MD5(Unix)
	Example: $1$12345678$XM4P3PrKBgKNnTaqG9P0T/
	Used in Linux and other similar OS.
	Length: 34 characters.
	Description: The hash begins with the $1$ signature, then there goes the salt (up to 8 random characters; in our example the salt is the string "12345678"), then there goes one more $ character, followed by the actual hash.
	Algorithm: Actually that is a loop calling the MD5 algorithm 2000 times.
	Notes: [1] [2]

	MD5(APR)
	Example: $apr1$12345678$auQSX8Mvzt.tdBi4y6Xgj.
	Used in Linux and other similar OS.
	Length: 37 characters.
	Description: The hash begins with the $apr1$ signature, then there goes the salt (up to 8 random characters; in our example the salt is the string "12345678"), then there goes one more $ character, followed by the actual hash.
	Algorithm: Actually that is a loop calling the MD5 algorithm 2000 times.
	Notes: [1] [2]


	MD5(phpBB3)
	Example: $H$9123456785DAERgALpsri.D9z3ht120
	Used in phpBB 3.x.x.
	Length: 34 characters.
	Description: The hash begins with the $H$ signature, then there goes one character (most often the number '9'), then there goes the salt (8 random characters; in our example the salt is the string "12345678"), followed by the actual hash.
	Algorithm: Actually that is a loop calling the MD5 algorithm 2048 times.
	Notes: [1] [2]


	MD5(Wordpress)
	Example: $P$B123456780BhGFYSlUqGyE6ErKErL01
	Used in Wordpress.
	Length: 34 characters.
	Description: The hash begins with the $P$ signature, then there goes one character (most often the number 'B'), then there goes the salt (8 random characters; in our example the salt is the string "12345678"), followed by the actual hash.
	Algorithm: Actually that is a loop calling the MD5 algorithm 8192 times.
	Notes: [1] [2]

	MySQL
	Example: 606717496665bcba
	Used in the old versions of MySQL.
	Length: 8 bytes.
	Description: The hash consists of two DWORDs, each not exceeding the value of 0x7fffffff.

	MySQL5
	Example: *E6CC90B878B948C35E92B003C792C46C58C4AF40
	Used in the new versions of MySQL.
	Length: 20 bytes.
	Algorithm: SHA-1(SHA-1($pass))
	Note: The hashes are to be loaded to the program without the asterisk that stands in the beginning of each hash.

	RAdmin v2.x
	Example: 5e32cceaafed5cc80866737dfb212d7f
	Used in the application Remote Administrator v2.x.
	Length: 16 bytes.
	Algorithm: The password is padded with zeros to the length of 100 bytes, then that entire string is hashed with the MD5 algorithm.

	MD5
	Example: c4ca4238a0b923820dcc509a6f75849b
	Used in phpBB v2.x, Joomla version below 1.0.13 and many other forums and CMS.
	Length: 16 bytes.
	Algorithm: Same as the md5() function in PHP.

	md5($pass.$salt)
	Example: 6f04f0d75f6870858bae14ac0b6d9f73:1234
	Used in WB News, Joomla version 1.0.13 and higher.
	Length: 16 bytes.
	Note: [1]

	md5($salt.$pass)
	Example: f190ce9ac8445d249747cab7be43f7d5:12
	Used in osCommerce, AEF, Gallery and other CMS.
	Length: 16 bytes.
	Note: [1]

	md5(md5($pass))
	Example: 28c8edde3d61a0411511d3b1866f0636
	Used in e107, DLE, AVE, Diferior, Koobi and other CMS.
	Length: 16 bytes.

	md5(md5($pass).$salt)
	Example: 6011527690eddca23580955c216b1fd2:wQ6
	Used in vBulletin, IceBB.
	Length: 16 bytes.
	Notes: [1] [3] [4]

	md5(md5($salt).md5($pass))
	Example: 81f87275dd805aa018df8befe09fe9f8:wH6_S
	Used in IPB.
	Length: 16 bytes.
	Notes: [1] [3]

	md5(md5($salt).$pass)
	Example: 816a14db44578f516cbaef25bd8d8296:1234
	Used in MyBB.
	Length: 16 bytes.
	Note: [1]

	md5($salt.$pass.$salt)
	Example: a3bc9e11fddf4fef4deea11e33668eab:1234
	Used in TBDev.
	Length: 16 bytes.
	Note: [1]


	md5($salt.md5($salt.$pass))
	Example: 1d715e52285e5a6b546e442792652c8a:1234
	Used in DLP.
	Length: 16 bytes.
	Note: [1]

	SHA-1
	Example: 356a192b7913b04c54574d18c28d46e6395428ab
	Used in many forums and CMS.
	Length: 20 bytes.
	Algorithm: Same as the sha1() function in PHP.

	sha1(strtolower($username).$pass)
	Example: Admin:6c7ca345f63f835cb353ff15bd6c5e052ec08e7a
	Used in SMF.
	Length: 20 bytes.
	Note: [1]


	sha1($salt.sha1($salt.sha1($pass)))
	Example: cd37bfbf68d198d11d39a67158c0c9cddf34573b:1234
	Used in Woltlab BB.
	Length: 20 bytes.
	Note: [1]

	SHA-256(Unix)
	Example: $5$12345678$jBWLgeYZbSvREnuBr5s3gp13vqi
	Used in Linux and other similar OS.
	Length: 55 characters.
	Description: The hash begins with the $5$ signature, then there goes the salt (up to 8 random characters; in our example the salt is the string "12345678"), then there goes one more $ character, followed by the actual hash.
	Algorithm: Actually that is a loop calling the SHA-256 algorithm 5000 times.
	Notes: [1] [2]

	SHA-512(Unix)
	Example: $6$12345678$U6Yv5E1lWn6mEESzKen42o6rbEm
	Used in Linux and other similar OS.
	Length: 98 characters.
	Description: The hash begins with the $6$ signature, then there goes the salt (up to 8 random characters; in our example the salt is the string "12345678"), then there goes one more $ character, followed by the actual hash.
	Algorithm: Actually that is a loop calling the SHA-512 algorithm 5000 times.
	Notes: [1] [2]


	SHA-1(Django) = sha1($salt.$pass)
	Example: sha1$12345678$90fbbcf2b72b5973ae42cd3a19ab4ae8a1bd210b
	12345678 is salt (in the hexadecimal format)
	90fbbcf2b72b5973ae42cd3a19ab4ae8a1bd210b is SHA-1 hash.

	SHA-256(Django) = SHA-256($salt.$pass)
	Example: sha256$12345678$154c4c511cbb166a317c247a839e46cac6d9208af5b015e1867a84cd9a56007b
	12345678 is salt (in the hexadecimal format)
	154c4c511cbb166a317c247a839e46cac6d9208af5b015e1867a84cd9a56007b is SHA-256 hash.


	SHA-384(Django) = SHA-384($salt.$pass)
	Example: sha384$12345678$c0be393a500c7d42b1bd03a1a0a76302f7f472fc132f11ea6373659d0bd8675d04e12d8016d83001c327f0ab70843dd5
	12345678 is salt (in the hexadecimal format)
	c0be393a500c7d42b1bd03a1a0a76302f7f472fc132f11ea6373659d0bd8675d04e12d8016d83001c327f0ab70843dd5 is SHA-384 hash.