Algorithms Acceptance

List of algorithms we actually support

Here are the algorithms we currently accept

Operating System

Algorithm Size (chars) Example Attack Method (*)
NTLM 32 71eebf819bfcf3c55c18f47673e25520 All
LM 32 2d0ae01da68d9add11fd4fb99c46e604 All
MSCache / Domain Cached Credentials - 4dd8965d1d476fa0d026722989a6b772:3060147285011 All
MSCache 2 / Domain Cached Credentials 2 (DCC2) - $DCC2$10240#tom#e4e938d12fe5974dc42a90120bd9c90f All
Cisco-ASA - 02dMBMYkTdC5Ziyp:36 All
Cisco-PIX 16 dRRVnUmUHXOTt9nk All
Cisco-IOS type 4 43 2btjjy78REtmYkkW0csHUbJZOstRXoWdX1mGrmmfeHI All
FortiGate (FortiOS) 47 AK1AAECAwQFBgcICRARNGqgeC3is8gv2xWWRony9NJnDgE= All
OSX v10.4
OSX v10.5
OSX v10.6		 48 1430823483d07626ef8be3fda2ff056d0dfd818dbfe47683 All
OSX v10.7 136 648742485c9b0acd786a233b2330197223118111b481a
bfa0ab8b3e8ede5f014fc7c523991c007db6882680b09
962d16fd9c45568260531bdb34804a5e31c22b4cfeb32d		 All
OSX v10.8+ - $ml$35460$93a94bd24b5de64d79a5e49fa372827e739f4d7b
6975c752c9a0ff1e5cf72e05$752351df64dd2ce9dc9c6
4a72ad91de6581a15c19176266b44d98919dfa81f0f96cb
cb20a1ffb400718c20382030f637892f776627d34e021bad4f81b7de8222		 All
Citrix NetScaler 49 1765058016a22f1b4e076dccd1c3df4e8e5c0839ccded98ea All
md5crypt / Unix $1$ / Cisco-IOS $1$ - $1$28772684$iEwNOgGugqO9.bIz5sk8k/ All
bcrypt / Blowfish Unix $2*$ 60 $2a$05$LhayLxezLhK1LhWvKxCyLOj0j1u.Kj0jZ0pEmm134uzrQlFvQJLF6 All
DES Unix / DEScrypt 13 48c/R8JAv757A All
: Attack Method
All : Bruteforce + huge wordlists + rules
Wordlists : huge wordlists + rules

Raw hashes

Algorithm Size (chars) Example Attack Method (*)
MD4 32 e6ebb89f7a3a17edaf3f2a130e11f349 All
MD5 32 62c4fae0c42ee1d0ac99064b197c7872 All
SHA1 40 7e88f38d60a45b304c0e33a2cd9fb10618738326 All
SHA2-224 56 e4fa1555ad877bf0ec455483371867200eee89550a93eff2f95a6198 All
SHA2-256 64 127e6fbfe24a750e72930c220a8e1382
75656b8e5d8f48a98c3c92df2caba935		 All
SHA2-512 128 82a9dda829eb7f8ffe9fbe49e45d47d2dad9664f
bb7adf72492e3c81ebd3e29134d9bc12212bf83c6840
f10e8246b9db54a4859b7ccd0123d86e5872c1e5082f		 All
RIPEMD-160 40 012cb9b334ec1aeb71a9c8ce85586082467f7eb6 All
SipHash 53 ad61d78c06037cd9:2:4:81533218127174468417660201434054 All
Keccak-512 128 - All
: Attack Method
All : Bruteforce + huge wordlists + rules

Forum, CMS, Framework

Algorithm Size (chars) Example Attack Method (*)
Phpass:
"Old" version of Wordpress, Joomla and phpBB
Starting with $P$ or $H$		 34 $P$B7ik95kihiX1sTVtelg.qSOwynfSUy1
or
$H$B7ik95kihiX1sTVtelg.qSOwynfSUy1		 All
bcrypt:
"New" version of Wordpress, Joomla and phpBB
Starting with $2y$		 60 $2y$05$LhayLxezLhK1LhWvKxCyLOj0j1u.Kj0jZ0pEmm134uzrQlFvQJLF6 All
Old Joomla < v2.5.18
Salted MD5		 - 19e0e8d91c722e7091ca7a6a6fb0f4fa:
54718031842521651757785603028777		 All
vBulletin < v3.8.5 - 16780ba78d2d5f02f3202901c1b6d975:568 All
vBulletin >= v3.8.5 - bf366348c53ddcfbd16e63edfdd1eee6:
181264250056774603641874043270		 All
IPB2+, MyBB 1.2+ - 8d2129083ef35f4b365d5d87487e1207:47204 All
PrestaShop - 810e3d12f0f10777a679d9ca1ad7a8d9:
M2uZ122bSHJ4Mi54tXGY0lqcv1r28mUluSkyw37ou5oia4i239ujqw0l		 All
osCommerce, xt:Commerce - 374996a5e8a5e57fd97d893f7df79824:36 All
Simple Machines Forum > v1.1 - ecf076ce9d6ed3624a9332112b1cd67b236fdd11:17782686 All
Django (SHA1) - sha1$fe76b$02d5916550edf7fc8c886f044887f4b1abf9b013 All
MediaWiki $B$ - $B$56668501$0ce106caa70af57fd525aeaf80ef2898 All
PunBB - 4a2b722cc65ecf0f7797cdaea4bce81f66716eef:653074362104 All
OpenCart - 6e36dcfc6151272c797165fce21e68e7c7737e40:472433673 All
: Attack Method
All : Bruteforce + huge wordlists + rules

Databases

Algorithm Size (chars) Example Attack Method (*)
MySQL "323" 16 498eb71836f71f74 All + Collision
Success: 100%
MySQL v4, v5+ 40 3fed14c94c0cbb2843ebdfc4774e3a17c1e0d5ee
With or without the asterisk *		 All
MSSQL 2000 94 0x01002702560500000000000000000000000000000000
000000008db43dd9b1972a636ad0c7d4b8c515cb8ce46578		 All
MSSQL 2005 54 0x010018102152f8f28c8499d8ef263c53f8be369d799f931b2fbe All
MSSQL 2012-2014 142 0x02000102030434ea1b17802fd95ea6316bd61d2c94622
ca3812793e8fb1672487b5c904a45a31b2ab4a78890d563d
2fcf5663e46fe797d71550494be50cf4915d3f4d55ec375		 All
PostgreSQL - a6343a68d964ca596d9752250d54bb8a:postgres All
Oracle 11+ 40 + 20 (salt) 63ec5f6113843f5d229e2d49c068d983a9670d02:
57677783202322766743		 All
: Attack Method
All : Bruteforce + huge wordlists + rules
Collision : info

Network Protocol

Algorithm Attack Method (*)
WPA(2) Wordlists
NetNTLM v1 Wordlists
NetNTLM v2 Wordlists
TACACS+ Wordlists
Skype Wordlists
JWT (JSON Web Token) Wordlists
Kerberos 5, etype 23, TGS-REP, a.k.a kerberoast Wordlists
Kerberos 5, etype 23, AS-REQ Pre-Auth a.k.a Roasting AS-REPs Wordlists
IKE-PSK MD5 (IPSec) Wordlists
: Attack Method
Wordlists : huge wordlists + rules

Password Manager

Algorithm Attack Method (*)
1Password, agilekeychain Wordlists
LastPass / LastPass sniffed Wordlists
: Attack Method
Wordlists : huge wordlists + rules

One-Time Passwords

Algorithm Attack Method (*)
Time-based OTP (HMAC-SHA1)
(e.g. Google Authenticator)		 Wordlists + Collisions

Enterprise Software

Algorithm Size (chars) Example Attack Method (*)
Oracle PeopleSoft 28 uXmFVrdBvv293L9kDR3VnRmx4ZM= Wordlists
Ansible Vault - $ansible$0*0*6b761adc6faeb0cc0bf197d3d4a4a7d3f1682e4b16
9cae8fa6b459b3214ed41e*426d313c5809d4a80a4b9bc7d4823070*d8b
ad190c7fbc7c3cb1c60a27abfb0ff59d6fb73178681c7454d94a0f56a4360		 Wordlists
: Attack Method
Wordlists : huge wordlists + rules