hashcat Forum

hashcat Forum > Misc > General Talk > Identifying 53-char hash type
Full Version: Identifying 53-char hash type
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

jfox

02-21-2018, 09:40 PM
Found inside a black box PHP application.

All 53 chars long, for instance:

cyzWXwHXZBPnxtBalFpQiOsBvZ5kmQpWRmW.qhJt17Mayni4Wg7L*
E/ZxRp0egk16mlvLhU6TEeiBHUy7QlEKoqQOpjNvvqWr45MerYg1*
iXlNxNCHec675fIGhjPFI.POsPAeolTJgk9ghLjwKfv2G9OUc1sg*
jXP1jyPbDrmxR7ZLSaXFKuUO6b.9ES/R/tLX0RuAat7PAM7zPvCk*
M69s5pnKcNqMwlp36sr6Nezpyz7nq6MWFwL.rhO0Q6xuG9bu/DlL*
MDkZlWL7XbN3yrMjQuA3zuyTPM0d33BRzfVOEcDSubp1rUfGYwMD*
nNWHeqpUgdNr8y6ezjSX2eqULpC4lqEpqnagJ1k/LdLLJ3FHSyk.*
wAnIPQvRC7sjcy9E8voeJOMaUM3ugxqz1mWwTL6giK3VAdKhdXr.*
ytBIDIr3Mvwc2iMKToh2uuPMbYQE5tPZzUt4c9ewFHrDARDLEXK0*
zB5z1wpD37B/4RWaUC//SuFAZJhjGU.b75eJyDo6QZ45oUcpepIx*

I realize it's a long shot seeing as how it could be anything at all but maybe someone stumbled across something similiar.

Due to board rules about not posting actual hashes, last characters replaced with an asterisk.

Thanks!

DanielG

02-22-2018, 02:18 PM
Could be itoa64 (kind of base64 encoding), see https://gchq.github.io/CyberChef/#recipe...mk0V2c3TGE

That could mean the resulting data is 40byte (320bits), which could be RIPEMD-320. However without any more context or code it could also be something homemade and you'll probally never crack it.

But if one of those strings is your password, you could try itoa64(RIPEMD-320($yourpassword)) and see if it matches.
hashcat Forum > Misc > General Talk > Identifying 53-char hash type