Skip to content

NXNJZ

Linux and Security

  • BLOG
  • Cowsay Fortune
  • Contact
  • Gitlab
  • Company Homepage

Tag: sha1

UnHashIt : Simple hash lookup tool

Posted on September 12, 2018 - May 16, 2020 by nxnjz

I updated my previous script to include support for the API on hashes.org, thus it is not limited to MD5 anymore. An API key is required if you choose to use hashes.org. You can get a key here.

Usage is very simple: execute without arguments, choose which API you want to use and enter the name of the file containing the hashes. If using the hashes.org API, you have the option of automatically storing you key in a file to avoiding entering it each time you run the script.

Do NOT use this for illegal purposes.


git clone https://github.com/nxnjz/unhashit.git

cd unhashit

./unhashit.py

 

Requirements: Python3 with the sys, os and requests modules.

Output is in the following format:

hash : plain-text-value : algorithm (if found)

hash : “notfound” (if not found)

 

Github Repository

 


The following code is outdated, you should get it from github.

#!/usr/bin/python3

#NXNJZ.NET

import sys
import os
import requests


def key_mng():
    try:
        global apikey
        apikey_file = open("hashes.org-api.key",)
        apikey = apikey_file.read()
    except FileNotFoundError:
        apikey = input("The file 'hashes.org-api.key' containing the api key was not found, enter your api key: ")
        savefile = input("\nWould you like to store this key in a file to avoid entering it every time? (y/n): ")
        if savefile == 'y':
            with open("hashes.org-api.key", "w") as apikey_file :
                apikey_file.write(apikey)
                os.chmod("hashes.org-api.key", 0o600)
                print("\nYour key was written to hashes.org-api.key, permissions set to rw------- (owner read/write, group nothing, others nothing)")

def multi_check(apikey, multi_hash):
    apiurl = "https://hashes.org/api.php?key=" + apikey + "&query=" + multi_hash
    rr = requests.get(apiurl)
    if rr.json()['status'] == 'success':
        try:
            plaintxt = rr.json()['result'][multi_hash]['plain']
            algo = rr.json()['result'][multi_hash]['algorithm']
            result = multi_hash + " : " + plaintxt + " : " + algo
        except TypeError:
            result = multi_hash + " : notfound"
        print(result)
    else:
        print("Error querying the hashes.org API, you may have overused it in a short period of time. ")


def md5_check(md5hash):
   apiurl = "http://www.nitrxgen.net/md5db/" + str(md5hash)
   r = requests.get(apiurl)
   if r.text != "":
       result = md5hash + " : " + r.text + " : MD5"
   else:
       result = md5hash + " : notfound"
   print(result)

print("This script uses APIs on nitrxgden.net and hashes.org. Do NOT use for illegal purposes\n")
print("\n1. Nitrxgen.net (MD5 only, unlimited requests)")
print("\n2. Hashes.org (API key required, 100 requests per 5 minutes allowed)")
api_choice = input("\n\n Choose: ")

if api_choice == '1':
    filename = input("Enter filename (one MD5 hash per line): ")
    with open(filename) as md5_file:
        for line in md5_file:
            md5_check(line.strip())
elif api_choice == '2':
    key_mng()
    filename = input("Enter filename (one hash per line): ")
    with open(filename) as multi_file:
        for line in multi_file:
            multi_check(apikey, line.strip())


else: print("Choice not recognized, exiting.")
Posted in Password CrackingTagged hashes, md5, password, sha1Leave a comment

Recent Posts

  • CVE-2021-42052 full disclosure
  • How to Set Up an Interactive SSH Honeypot on CentOS 8.
  • HackTheBox.eu Jarvis Writeup
  • How to setup a simple proxy server with tinyproxy (Debian 10 Buster)
  • How to Install qdPM 9.1 on Debian 10 LEMP

Tags

802.11 ampache apache aspx bash cd centos cms crm cve debian exploits fedora fulldisclosure hackthebox honeypot http httpd ifconfig iw iwconfig labs lfi linux mariadb memory monit music nginx pastebin php privatebin privesc project management proxy reconnoitre selinux shopt ssh systemd txpower ubuntu wallabag wireless xxe

Categories

  • BASH (1)
  • CTF/Labs (2)
  • CVE / full disclosure (1)
  • Information Gathering (1)
  • Linux (25)
  • Password Cracking (1)
  • Privilege Escalation (2)
  • SQL Injection (1)
  • Web-Shells (1)
  • Wifi (2)
  • XXE (1)

Recent Comments

  • Bernard Martiny on How to Install PrivateBin on Ubuntu 18.04 LTS
  • VuCSA on List of security labs/challenges/CTFs
  • Brian on How to Install PrivateBin on Fedora 29.
  • Tyreeb on Installing Ampache on CentOS 7.
  • Christian Mora on Installing Ampache on CentOS 7.