1

I have a large list of plaintext passwords stored in a file pwds.txt and would like to obtain the hashed version of these passwords under various different hash algorithms. I want one file for each hash algorithm. As a minimum I would like to obtain hashes under MD5, SHA1, SHA256, (with and without salts) and bcrypt.

Is there a simple way of obtaining this, without too much scripting?

I thought about leveraging some of the existing password cracking tools, like hashcat or john, but unfortunately (to the best of my knowledge) they all start with the assumption that you already have a list of hashed passwords and that you now want to crack them. Basically, I want the opposite! I have the plaintext passwords, and want to create the hashed passwords. I have been unable to come up with a clever combination of command line options (for these two programs) that trick them to output a list of hashes from plaintexts.

Note

I have already created a short PHP-script that achieves this for smaller files, but it runs out of memory for the size of password file I need it for.

hakoja
  • 119
  • 4
    Really, this can be achieved with a simple for loop if you have the plain-text passwords in an array. If you don't, awk would likely be a more-than-capable tool for the job. – HalosGhost Nov 07 '14 at 15:05
  • 1
    see This Question for a hint. – Archemar Nov 07 '14 at 15:12
  • Thanks, but as I noted at the end I already know how to do this (algorithmically). However, I need something that is more efficient than php and also contains a large number of hash algorithms. That is why it would have been so nice to use a tool like hashcat or john since they have optimized implementations of almost any hash algorithm there is. – hakoja Nov 07 '14 at 15:16
  • 4
    Please include your PHP script in the question. And also, consider using a proper language. PHP is an abomination. – Faheem Mitha Nov 08 '14 at 01:05
  • Also, you should post the error message you get when it runs out of memory. Not strictly necessary, but would do no harm. Though I don't understand why that would happen. – Faheem Mitha Nov 08 '14 at 01:12
  • Since this question has been closed (I don't understand why), here are some hints. Call your system's crypt function; Python's crypt module is handy for that. For bcrypt, which may not be present on your system, look for a bcrypt implementation in your language's standard library or as a third-party library. Note that in addition to the passwords, you'll need to supply salts and itertion counts. Note also that crypt with MD5, SHA-1, etc. is not the MD5/SHA-1/… algorithm, but an algorithm that uses the hash function in a loop, mixing in the salt. – Gilles 'SO- stop being evil' Nov 09 '14 at 01:26
  • Or more simple than Gilles solution, split the file. – Braiam Nov 10 '14 at 14:11

1 Answers1

1

As a minimum I would like to obtain hashes under MD5, SHA1, SHA256

See:

  • man md5sum
  • man sha1sum
  • man sha256sum

Beware of the presence of newlines when you use these!

goldilocks
  • 87,661
  • 30
  • 204
  • 262