During CTFs, it's common to encounter some hashes that you may want to crack. You can do it offline by cracking them, you can google them or use a web service that stores massive data about cracked or generated hashes. The best way (if you can't afford cracking them on your own) is to relay on those web sites. But you can't check them one by one until you find a match. So why don't use a tool that does this on its own?
Jack Hash Finder
I made this tool to make it easier to me (and to others) finding the passwords that has been hashed. It basically queries some web sites and gets the result.
Step 1: Download the Tool
You can find the code here (github.com/jackrendor/jhf) and follow the tutorial.
Download the tools using git
> git clone git@github.com:jackrendor/jhf.git
Step 2: Configure and Install Dependencies
Install the dependencies
> sudo apt install python3 python3-virtualenv
After downloading it, navigate to it's folder and execute the configure.sh file
> bash configure.sh
Step 3: Execute the Tool
Now you're ready to execute the tool.
Try to run the following command:
> ./jhf a4fd8e6fa9fbf9a6f2c99e7b70aa9ef2
That's It!
You're done! If the hash is inside of some of those databases, you will see the output of it.
Also, you can concatenate multiple hashes, so you don't have to run the command for every hash. Just separate by using spaces.
> ./jhf a4fd8e6fa9fbf9a6f2c99e7b70aa9ef2 d033e22ae348aeb5660fc2140aec35850c4da997
Be the First to Respond
Share Your Thoughts