Finding out the hashing algorithm and salt if you know the password and the resultant hash

George Cherian

12/1/23, 4:13 AM

If I have the password and hash will I be able to find out the Hashing algorithm and salt used. What tools can I can use? Will hashcat work?

0 + 4

salt

DannyNiu

12/1/23, 4:43 AM

So you're brutal-forcing the salt from a pre-selected hashing algorithms?

samuel-lucas6

12/1/23, 8:25 AM

Hash strings often start with an identifier (e.g. `$argon2id$`).

SAI Peregrinus

12/1/23, 1:40 PM

The hash string usually also includes the salt. It's usually `$<ALGORITHM_ID>$<DIFFICULTY_PARAMETERS>$<BASE64_ENCODED_SALT><BASE64_ENCODED_HASH>$`.

Maarten Bodewes

12/1/23, 3:01 PM

If your hash is just the binary output of a PBKDF and the salt is both secret and large enough (i.e. it's really a "pepper") then finding out the salt and even the algorithm used may be impossible. Generally you can rely on the (meta) information in the hash string as stated above.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Finding out the hashing algorithm and salt if you know the password and the resultant hash

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.