Skip to content

NXNJZ

Linux and Security

  • BLOG
  • Cowsay Fortune
  • Contact
  • Gitlab

Tag: hashes

UnHashIt : Simple hash lookup tool

Posted on September 12, 2018 - May 16, 2020 by nxnjz

I updated my previous script to include support for the API on hashes.org, thus it is not limited to MD5 anymore. An API key is required if you choose to use hashes.org. You can get a key here.

Usage is very simple: execute without arguments, choose which API you want to use and enter the name of the file containing the hashes. If using the hashes.org API, you have the option of automatically storing you key in a file to avoiding entering it each time you run the script.

Do NOT use this for illegal purposes.


git clone https://github.com/nxnjz/unhashit.git

cd unhashit

./unhashit.py

 

Requirements: Python3 with the sys, os and requests modules.

Output is in the following format:

hash : plain-text-value : algorithm (if found)

hash : “notfound” (if not found)

 

Github Repository

 


The following code is outdated, you should get it from github.

#!/usr/bin/python3

#NXNJZ.NET

import sys
import os
import requests


def key_mng():
    try:
        global apikey
        apikey_file = open("hashes.org-api.key",)
        apikey = apikey_file.read()
    except FileNotFoundError:
        apikey = input("The file 'hashes.org-api.key' containing the api key was not found, enter your api key: ")
        savefile = input("\nWould you like to store this key in a file to avoid entering it every time? (y/n): ")
        if savefile == 'y':
            with open("hashes.org-api.key", "w") as apikey_file :
                apikey_file.write(apikey)
                os.chmod("hashes.org-api.key", 0o600)
                print("\nYour key was written to hashes.org-api.key, permissions set to rw------- (owner read/write, group nothing, others nothing)")

def multi_check(apikey, multi_hash):
    apiurl = "https://hashes.org/api.php?key=" + apikey + "&query=" + multi_hash
    rr = requests.get(apiurl)
    if rr.json()['status'] == 'success':
        try:
            plaintxt = rr.json()['result'][multi_hash]['plain']
            algo = rr.json()['result'][multi_hash]['algorithm']
            result = multi_hash + " : " + plaintxt + " : " + algo
        except TypeError:
            result = multi_hash + " : notfound"
        print(result)
    else:
        print("Error querying the hashes.org API, you may have overused it in a short period of time. ")


def md5_check(md5hash):
   apiurl = "http://www.nitrxgen.net/md5db/" + str(md5hash)
   r = requests.get(apiurl)
   if r.text != "":
       result = md5hash + " : " + r.text + " : MD5"
   else:
       result = md5hash + " : notfound"
   print(result)

print("This script uses APIs on nitrxgden.net and hashes.org. Do NOT use for illegal purposes\n")
print("\n1. Nitrxgen.net (MD5 only, unlimited requests)")
print("\n2. Hashes.org (API key required, 100 requests per 5 minutes allowed)")
api_choice = input("\n\n Choose: ")

if api_choice == '1':
    filename = input("Enter filename (one MD5 hash per line): ")
    with open(filename) as md5_file:
        for line in md5_file:
            md5_check(line.strip())
elif api_choice == '2':
    key_mng()
    filename = input("Enter filename (one hash per line): ")
    with open(filename) as multi_file:
        for line in multi_file:
            multi_check(apikey, line.strip())


else: print("Choice not recognized, exiting.")
Posted in Password CrackingTagged hashes, md5, password, sha1Leave a comment

Recent Posts

  • How to Set Up an Interactive SSH Honeypot on CentOS 8.
  • HackTheBox.eu Jarvis Writeup
  • How to setup a simple proxy server with tinyproxy (Debian 10 Buster)
  • How to Install qdPM 9.1 on Debian 10 LEMP
  • How to Install qdPM 9.1 on CentOS 7.

Tags

802.11 apache asp aspx backdoor capture the flag centos crm ctf debian exploits fingerprinting getcap hashes ifconfig information gathering iw iwconfig linux mariadb md5 nginx nmap password pastebin php practice privatebin privesc project management recon reconnoitre scanning shell sqli ssh txpower ubuntu wallabag web webshells wifi wireless xml xxe

Categories

  • BASH (1)
  • CTF/Labs (2)
  • Information Gathering (1)
  • Linux (25)
  • Password Cracking (1)
  • Privilege Escalation (2)
  • SQL Injection (1)
  • Web-Shells (1)
  • Wifi (2)
  • XXE (1)

Recent Comments

  • Audio streaming ampache ubuntu 18.04 – Education Networking on Installing Ampache on Ubuntu 18.04.
  • Creating your own Postmill installation with Ubuntu 19.10 – Digital 52 on How to Install Postmill on Ubuntu 18.04 LTS with Apache or Nginx
  • Zer00CooL on How to Install PrivateBin on Debian 9.
  • nxnjz on How to Install SuiteCRM on Debian 10 Buster
  • matt ferraro on Installing Ampache on CentOS 7.