Spaces:

wuhp
/

dehash

Sleeping

App Files Files Community

wuhp commited on 25 days ago

Commit

fde4d6e

verified ·

1 Parent(s): 4202aa1

Update app.py

Browse files

Files changed (1) hide show

app.py +240 -183

app.py CHANGED Viewed

@@ -1,5 +1,7 @@
 import gradio as gr
 import hashlib
 import re
 import bcrypt
@@ -7,257 +9,312 @@ from passlib.hash import (
     md5_crypt,
     sha256_crypt,
     sha512_crypt,
-    pbkdf2_sha256,
-    pbkdf2_sha512,
     argon2,
-    bcrypt as passlib_bcrypt,
 )
 # -----------------------------------
-# HASH IDENTIFICATION
 # -----------------------------------
-HASH_SIGNATURES = [
-    ("bcrypt", r"^\$2[aby]?\$"),
-    ("argon2", r"^\$argon2"),
-    ("sha512_crypt", r"^\$6\$"),
-    ("sha256_crypt", r"^\$5\$"),
-    ("md5_crypt", r"^\$1\$"),
-]
-HASHCAT_MODES = {
-    "MD5": 0,
-    "SHA1": 100,
-    "SHA256": 1400,
-    "SHA512": 1700,
-    "NTLM": 1000,
-    "bcrypt": 3200,
-    "sha256_crypt": 7400,
-    "sha512_crypt": 1800,
-    "argon2": 22300,
-    "pbkdf2_sha256": 10900,
-    "pbkdf2_sha512": 12100,
-}
-def identify_hash(hash_value):
-    possible = []
-    # Prefix-based detection
-    for name, pattern in HASH_SIGNATURES:
-        if re.match(pattern, hash_value):
-            possible.append(name)
-    # Raw hex hashes
-    if re.fullmatch(r"[a-fA-F0-9]{32}", hash_value):
-        possible.extend(["MD5", "NTLM"])
-    elif re.fullmatch(r"[a-fA-F0-9]{40}", hash_value):
-        possible.append("SHA1")
-    elif re.fullmatch(r"[a-fA-F0-9]{64}", hash_value):
-        possible.append("SHA256")
-    elif re.fullmatch(r"[a-fA-F0-9]{128}", hash_value):
-        possible.append("SHA512")
-    # PBKDF2 patterns
-    if "pbkdf2" in hash_value.lower():
-        if "sha256" in hash_value.lower():
-            possible.append("pbkdf2_sha256")
-        elif "sha512" in hash_value.lower():
-            possible.append("pbkdf2_sha512")
-    if not possible:
-        possible.append("Unknown")
-    return list(dict.fromkeys(possible))
 # -----------------------------------
-# VERIFY HASH
 # -----------------------------------
-def verify_hash(password, hash_value):
-    matches = []
-    possible = identify_hash(hash_value)
-    for alg in possible:
-        try:
-            # -----------------
-            # RAW HASHES
-            # -----------------
-            if alg == "MD5":
-                h = hashlib.md5(password.encode()).hexdigest()
-                if h.lower() == hash_value.lower():
-                    matches.append("✅ MD5")
-            elif alg == "SHA1":
-                h = hashlib.sha1(password.encode()).hexdigest()
-                if h.lower() == hash_value.lower():
-                    matches.append("✅ SHA1")
-            elif alg == "SHA256":
-                h = hashlib.sha256(password.encode()).hexdigest()
-                if h.lower() == hash_value.lower():
-                    matches.append("✅ SHA256")
-            elif alg == "SHA512":
-                h = hashlib.sha512(password.encode()).hexdigest()
-                if h.lower() == hash_value.lower():
-                    matches.append("✅ SHA512")
-            elif alg == "NTLM":
-                h = hashlib.new(
-                    "md4",
-                    password.encode("utf-16le")
-                ).hexdigest()
-                if h.lower() == hash_value.lower():
-                    matches.append("✅ NTLM")
-            # -----------------
-            # BCRYPT
-            # -----------------
-            elif alg == "bcrypt":
-                if bcrypt.checkpw(
-                    password.encode(),
-                    hash_value.encode()
-                ):
-                    matches.append("✅ bcrypt")
-            # -----------------
-            # PASSLIB HASHES
-            # -----------------
-            elif alg == "sha256_crypt":
-                if sha256_crypt.verify(password, hash_value):
-                    matches.append("✅ sha256_crypt")
-            elif alg == "sha512_crypt":
-                if sha512_crypt.verify(password, hash_value):
-                    matches.append("✅ sha512_crypt")
-            elif alg == "md5_crypt":
-                if md5_crypt.verify(password, hash_value):
-                    matches.append("✅ md5_crypt")
-            elif alg == "argon2":
-                if argon2.verify(password, hash_value):
-                    matches.append("✅ argon2")
-            elif alg == "pbkdf2_sha256":
-                if pbkdf2_sha256.verify(password, hash_value):
-                    matches.append("✅ pbkdf2_sha256")
-            elif alg == "pbkdf2_sha512":
-                if pbkdf2_sha512.verify(password, hash_value):
-                    matches.append("✅ pbkdf2_sha512")
-        except Exception:
-            pass
-    return possible, matches
 # -----------------------------------
-# MAIN ANALYSIS
 # -----------------------------------
-def analyze(password, hash_value):
-    possible, matches = verify_hash(password, hash_value)
-    alg_text = "\n".join(possible)
-    if matches:
-        verification = "\n".join(matches)
-    else:
-        verification = "❌ No verified match found."
-    # Hashcat suggestions
-    modes = []
-    for alg in possible:
-        if alg in HASHCAT_MODES:
-            modes.append(
-                f"{alg} → Hashcat mode {HASHCAT_MODES[alg]}"
-            )
-    mode_text = "\n".join(modes) if modes else "No suggestions."
-    return alg_text, verification, mode_text
 # -----------------------------------
 # UI
 # -----------------------------------
-css = """
-footer {
-    visibility: hidden;
-}
-"""
-with gr.Blocks(css=css, theme=gr.themes.Soft()) as demo:
-    gr.Markdown(
-        """
-# Pentest Hash Analyzer
-Educational utility for:
-- Hash identification
-- Password verification
-- Hashcat mode mapping
-- CTF / TryHackMe workflows
-"""
-    )
     with gr.Row():
-        password_input = gr.Textbox(
             label="Known Password",
-            type="password",
-            placeholder="Enter plaintext password"
         )
-        hash_input = gr.Textbox(
-            label="Hash",
-            lines=6,
-            placeholder="Paste hash"
         )
-    analyze_btn = gr.Button("Analyze Hash")
-    with gr.Row():
-        alg_output = gr.Textbox(
-            label="Possible Algorithms",
-            lines=8
-        )
-        verify_output = gr.Textbox(
-            label="Verification Results",
-            lines=8
-        )
-    hashcat_output = gr.Textbox(
-        label="Hashcat Modes",
-        lines=6
     )
-    analyze_btn.click(
-        fn=analyze,
-        inputs=[password_input, hash_input],
-        outputs=[
-            alg_output,
-            verify_output,
-            hashcat_output
-        ]
     )
 demo.launch()

 import gradio as gr
 import hashlib
+import zlib
+import base64
 import re
 import bcrypt
     md5_crypt,
     sha256_crypt,
     sha512_crypt,
     argon2,
 )
 # -----------------------------------
+# JAVA HASHCODE
 # -----------------------------------
+def java_string_hashcode(s):
+    h = 0
+    for ch in s:
+        h = (31 * h + ord(ch)) & 0xFFFFFFFF
+    # convert to signed int32
+    if h >= 0x80000000:
+        h -= 0x100000000
+    return str(h)
+# -----------------------------------
+# DJB2
+# -----------------------------------
+def djb2(s):
+    h = 5381
+    for c in s:
+        h = ((h << 5) + h) + ord(c)
+    return str(h & 0xFFFFFFFF)
 # -----------------------------------
+# FNV1A 32
 # -----------------------------------
+def fnv1a_32(s):
+    h = 0x811c9dc5
+    for c in s:
+        h ^= ord(c)
+        h *= 0x01000193
+        h &= 0xFFFFFFFF
+    return str(h)
+# -----------------------------------
+# BASE64 CHECK
+# -----------------------------------
+def is_base64(value):
+    try:
+        decoded = base64.b64decode(value).decode()
+        return decoded
+    except:
+        return None
+# -----------------------------------
+# IDENTIFY HASH
+# -----------------------------------
+def identify_hash(hash_value):
+    possible = []
+    if hash_value.startswith("$2"):
+        possible.append("bcrypt")
+    if hash_value.startswith("$argon2"):
+        possible.append("argon2")
+    if hash_value.startswith("$6$"):
+        possible.append("sha512_crypt")
+    if hash_value.startswith("$5$"):
+        possible.append("sha256_crypt")
+    if re.fullmatch(r"[a-fA-F0-9]{32}", hash_value):
+        possible.extend(["MD5", "NTLM"])
+    elif re.fullmatch(r"[a-fA-F0-9]{40}", hash_value):
+        possible.append("SHA1")
+    elif re.fullmatch(r"[a-fA-F0-9]{64}", hash_value):
+        possible.append("SHA256")
+    elif re.fullmatch(r"[a-fA-F0-9]{128}", hash_value):
+        possible.append("SHA512")
+    # Integer hashes
+    if re.fullmatch(r"-?\d+", hash_value):
+        possible.extend([
+            "Java String.hashCode()",
+            "CRC32",
+            "Adler32",
+            "DJB2",
+            "FNV1a-32"
+        ])
+    return list(dict.fromkeys(possible))
 # -----------------------------------
+# VERIFY
 # -----------------------------------
+def verify(password, hash_value):
+    results = []
+    # -------------------------
+    # STANDARD HASHES
+    # -------------------------
+    try:
+        if hashlib.md5(password.encode()).hexdigest().lower() == hash_value.lower():
+            results.append("✅ MD5")
+    except:
+        pass
+    try:
+        if hashlib.sha1(password.encode()).hexdigest().lower() == hash_value.lower():
+            results.append("✅ SHA1")
+    except:
+        pass
+    try:
+        if hashlib.sha256(password.encode()).hexdigest().lower() == hash_value.lower():
+            results.append("✅ SHA256")
+    except:
+        pass
+    try:
+        if hashlib.sha512(password.encode()).hexdigest().lower() == hash_value.lower():
+            results.append("✅ SHA512")
+    except:
+        pass
+    # -------------------------
+    # JAVA HASHCODE
+    # -------------------------
+    try:
+        if java_string_hashcode(password) == hash_value:
+            results.append("✅ Java String.hashCode()")
+    except:
+        pass
+    # -------------------------
+    # CRC32
+    # -------------------------
+    try:
+        crc = zlib.crc32(password.encode())
+        signed_crc = crc
+        if crc >= 0x80000000:
+            signed_crc -= 0x100000000
+        if str(crc) == hash_value or str(signed_crc) == hash_value:
+            results.append("✅ CRC32")
+    except:
+        pass
+    # -------------------------
+    # ADLER32
+    # -------------------------
+    try:
+        adler = zlib.adler32(password.encode())
+        signed_adler = adler
+        if adler >= 0x80000000:
+            signed_adler -= 0x100000000
+        if str(adler) == hash_value or str(signed_adler) == hash_value:
+            results.append("✅ Adler32")
+    except:
+        pass
+    # -------------------------
+    # DJB2
+    # -------------------------
+    try:
+        if djb2(password) == hash_value:
+            results.append("✅ DJB2")
+    except:
+        pass
+    # -------------------------
+    # FNV1A
+    # -------------------------
+    try:
+        if fnv1a_32(password) == hash_value:
+            results.append("✅ FNV1a-32")
+    except:
+        pass
+    # -------------------------
+    # BCRYPT
+    # -------------------------
+    try:
+        if hash_value.startswith("$2"):
+            if bcrypt.checkpw(
+                password.encode(),
+                hash_value.encode()
+            ):
+                results.append("✅ bcrypt")
+    except:
+        pass
+    # -------------------------
+    # PASSLIB
+    # -------------------------
+    try:
+        if hash_value.startswith("$6$"):
+            if sha512_crypt.verify(password, hash_value):
+                results.append("✅ sha512_crypt")
+    except:
+        pass
+    try:
+        if hash_value.startswith("$5$"):
+            if sha256_crypt.verify(password, hash_value):
+                results.append("✅ sha256_crypt")
+    except:
+        pass
+    try:
+        if hash_value.startswith("$argon2"):
+            if argon2.verify(password, hash_value):
+                results.append("✅ argon2")
+    except:
+        pass
+    # -------------------------
+    # BASE64
+    # -------------------------
+    decoded = is_base64(hash_value)
+    if decoded is not None:
+        if decoded == password:
+            results.append("✅ Base64 encoded string")
+    return results
+# -----------------------------------
+# MAIN
+# -----------------------------------
+def analyze(password, hash_value):
+    possible = identify_hash(hash_value)
+    results = verify(password, hash_value)
+    return (
+        "\n".join(possible) if possible else "Unknown",
+        "\n".join(results) if results else "No matches found."
+    )
 # -----------------------------------
 # UI
 # -----------------------------------
+with gr.Blocks(theme=gr.themes.Soft()) as demo:
+    gr.Markdown("# Advanced Hash / Encoding Analyzer")
     with gr.Row():
+        password = gr.Textbox(
             label="Known Password",
+            type="password"
         )
+        hash_value = gr.Textbox(
+            label="Hash / Encoded Value",
+            lines=5
         )
+    button = gr.Button("Analyze")
+    alg_output = gr.Textbox(
+        label="Possible Algorithms"
+    )
+    result_output = gr.Textbox(
+        label="Verification Results",
+        lines=10
     )
+    button.click(
+        analyze,
+        inputs=[password, hash_value],
+        outputs=[alg_output, result_output]
     )
 demo.launch()