Skip to content

Instantly share code, notes, and snippets.

@wheresalice

wheresalice/Hash Analyzer

Created April 2, 2010 15:47
Show Gist options
  • Save wheresalice/353286 to your computer and use it in GitHub Desktop.
Save wheresalice/353286 to your computer and use it in GitHub Desktop.
Download ZIP
PHP code to analyse password hashes. See it running at hash.kaerast.info
Raw
Hash Analyzer
<html>
<body>
<ul>
<?php
$myhash = $_GET['hash'];
$hash = array();
switch ( strlen($myhash)) {
case(0):
$hash[] = "No hash passed";
break;
case(4):
if (preg_match("/^[a-f0-9]{4}$/", $myhash)) {
$hash[] = "CRC-16";
$hash[] = "CRC-16-CCITT";
$hash[] = "FCS-16";
}
break;
case(8):
if (preg_match("/^[a-f0-9]{8}$/", $myhash)) {
$hash[] = "ADLER32";
$hash[] = "CRC-32";
$hash[] = "CRC-32B";
$hash[] = "GHash-32-3";
$hash[] = "GHash-32-5";
}
break;
case(9):
if (preg_match("/^[0-9]{9}$/", $myhash)) {
$hash[] = "Elf-32";
}
break;
case(13):
if (preg_match("/^[\/\.A-z0-9]{13}$/", $myhash)) {
$hash[] = "DES (Unix)";
}
break;
case(16):
if (preg_match("/^[a-f0-9]{16}$/", $myhash)) {
$hash[] = "MySQL";
}
break;
case(24):
if (preg_match("/^[\+\/\.0-9A-z]{22}[=][=]$/", $myhash)) {
$hash[] = "Haval128 (Base64)";
$hash[] = "MD2 (Base64)";
$hash[] = "MD4 (Base64)";
$hash[] = "MD5 (Base64)";
$hash[] = "RipeMD128 (Base64)";
$hash[] = "SNEFRU128 (Base64)";
$hash[] = "Tiger128 (Base64)";
}
break;
case(28):
if (preg_match("/^[\+\/\.0-9A-z]{27}[=]$/", $myhash)) {
$hash[] = "Haval160 (Base64)";
$hash[] = "RipeMD160 (Base64)";
$hash[] = "SHA-1 (Base64)";
$hash[] = "Tiger160 (Base64)";
}
break;
case(32):
if (preg_match("/^[a-f0-9]{32}$/", $myhash)) {
$hash[] = "DCC";
$hash[] = "Haval128_3";
$hash[] = "Haval128_4";
$hash[] = "Haval128_5";
$hash[] = "Haval128 (HMAC)";
$hash[] = "MD2";
$hash[] = "MD2 (HMAC)";
$hash[] = "MD4";
$hash[] = "MD4 (HMAC)";
$hash[] = "MD5";
$hash[] = "MD5 (HMAC)";
$hash[] = "NTLM";
$hash[] = "RipeMD128";
$hash[] = "RipeMD128 (HMAC)";
$hash[] = "SNEFRU128";
$hash[] = "SNEFRU128 (HMAC)";
$hash[] = "Tiger128";
$hash[] = "Tiger128 (HMAC)";
$hash[] = 'md5(md5($pass))';
$hash[] = 'md5(md5($pass).$salt)';
$hash[] = 'md5(md5($salt).md5($pass))';
}
if (preg_match("/^[\+\.\/0-9A-z]{32}$/", $myhash)) {
$hash[] = "Haval192 (Base64)";
}
if (preg_match("/^[A-z0-9]{32}$/", $myhash)) {
$hash[] = "Tiger192 (Base64)";
}
if (preg_match("/^[A-F0-9]{32}$/", $myhash)) {
$hash[] = "Windows-LM";
$hash[] = "Windows-NTLM";
}
break;
case(34):
if ((substr($myhash, 0, 3) == '$1$') && (substr($myhash,11,1) == '$')) {
$hash[] = 'MD5 (Unix)';
}
break;
case(37):
if ((substr($myhash, 0, 6) == '$apr1$') && (substr($myhash,14,1) == '$')) {
$hash[] = 'MD5 (APR)';
}
break;
case(40):
if (preg_match("/^[a-f0-9]{40}$/", $myhash)) {
$hash[] = "Haval160";
$hash[] = "Haval160_3";
$hash[] = "Haval160_4";
$hash[] = "Haval160_5";
$hash[] = "Haval160 (HMAC)";
$hash[] = "MySQL v5.x";
$hash[] = "RipeMD160";
$hash[] = "RipeMD160 (HMAC)";
$hash[] = "SHA-0";
$hash[] = "SHA-1";
$hash[] = "SHA-1 (HMAC)";
$hash[] = "Tiger160";
$hash[] = "Tiger160 (HMAC)";
}
if (preg_match("/^[\+\/\.A-z0-9]{38}[=][=]$/", $myhash)) {
$hash[] = "Haval224 (Base64)";
$hash[] = "SHA224";
}
break;
case(44):
if (preg_match("/^[\+\/\.A-z0-9]{42}[=][=]$/", $myhash)) {
$hash[] = "Haval256 (Base64)";
}
if (preg_match("/^[\+\/\.A-z0-9}{43}[=]$/", $myhash)) {
$hash[] = "RipeMD256 (Base64)";
$hash[] = "SHA256 (Base64)";
$hash[] = "SNEFRU256 (Base64)";
}
break;
case(48):
if (preg_match("/^[a-f0-9]{48}$/", $myhash)) {
$hash[] = "Haval192";
$hash[] = "Haval192_4";
$hash[] = "Haval192_5";
$hash[] = "Haval192 (HMAC)";
$hash[] = "Tiger2";
$hash[] = "Tiger192";
$hash[] = "Tiger192 (HMAC)";
}
break;
case(56):
if (preg_match("/^[a-z0-9]{56}$/", $myhash)) {
$hash[] = "Haval224";
$hash[] = "Haval244_3";
$hash[] = "Haval244_4";
$hash[] = "Haval224 (HMAC)";
$hash[] = "SHA224";
$hash[] = "SHA224 (HMAC)";
}
if (preg_match("/^[\+\/\/A-z0-9]{54}[=][=]$/", $myhash)) {
$hash[] = "RipeMD320 (Base64)";
}
break;
case(60):
if ((preg_match("/^[\/\.A-z0-9]{60}$/", $myhash)) && (substr($myhash,0,4)=='$2a$') && (substr($myhash,6,1)=='$')) {
$hash[] = "Blowfish";
}
break;
case(64):
if (preg_match("/^[a-f0-9]{64}$/", $myhash)) {
$hash[] = "GOST R34.11-94";
$hash[] = "Haval256_5";
$hash[] = "Haval256";
$hash[] = "Haval256_3";
$hash[] = "Haval256_4";
$hash[] = "Haval256 (HMAC)";
$hash[] = "PANAMA";
$hash[] = "RipeMD256";
$hash[] = "RipeMD256 (HMAC)";
$hash[] = "SHA256";
$hash[] = "SHA256 (HMAC)";
$hash[] = "SNEFRU256";
$hash[] = "SNEFRU256 (HMAC)";
}
if (preg_match("/^[\+\/\.A-z0-9]{64}$/", $myhash)) {
$hash[] = "SHA384 (Base64)";
}
break;
case(80):
if (preg_match("/^[a-f0-9]{80}$/", $myhash)) {
$hash[] = "RipeMD320";
$hash[] = "RipeMD320 (HMAC)";
}
break;
case(88):
if (preg_match("/^[\+\.\/A-z0-9]{86}[=][=]$/")) {
$hash[] = "SHA512 (Base64)";
$hash[] = "WHIRLPOOL (Base64)";
}
break;
case(96):
if (preg_match("/^[a-f0-9]{96}$/", $myhash)) {
$hash[] = "SHA384";
$hash[] = "SHA384 (HMAC)";
}
break;
case(128):
if (preg_match("/^[a-f0-9]{128}$/", $myhash)) {
$hash[] = "SHA512";
$hash[] = "SHA512 (HMAC)";
$hash[] = "WHIRLPOOL";
$hash[] = "WHIRLPOOL (HMAC)";
$hash[] = "Whirlpool-0";
$hash[] = "Whirlpool-1";
$hash[] = "Whirlpool-2";
}
break;
default:
$hash[] = "Invalid length hash";
$hash[] = strlen($myhash);
break;
}
foreach ($hash as $key=>$val){
echo "<li>$val</li>\n";
}
?>
</ul>
</body>
</html>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment