houndsniff

Hash identification tool
git clone git@git.mcdim.xyz:/var/www/git/houndsniff.git
Log | Files | Refs | README | LICENSE

commit ff1e412916499a7da7e45f748c4cb42337095346
parent bb4e9c980aa43b6e0320abba7797b27c291bafc1
Author: Michael Constantine Dimopoulos <mk@mcdim.xyz>
Date:   Fri,  4 Feb 2022 18:36:45 +0000

Version 2.0

Diffstat:
MREADME.md | 6+++---
Msrc/Makefile | 4++--
Msrc/houndsniff.1 | 8+++-----
Msrc/main.c | 20++++++++------------
Msrc/select.c | 124+++++++++++++++++++++++++++++++++++++++++++++----------------------------------
5 files changed, 86 insertions(+), 76 deletions(-)

diff --git a/README.md b/README.md @@ -1,5 +1,5 @@ # houndsniff -Houndsniff is a minimal hash identification and recognition tool written in C that uses a database to compare a hash's features to characteristics of other common hashing algorithm results. Email hashes that I missed at <mk@mcdim.xyz> +Houndsniff is a minimal hash identification tool written in C that uses a database to compare a hash's features to characteristics of other common hashing algorithm results. It also prints out the percentages of likelihood for each hashing alogirthm to be the one that produced the hash based on their popularity. Email hashes that I missed at <mk@mcdim.xyz> Website: https://mcdim.xyz/projects/hs.html @@ -7,11 +7,11 @@ By Michael Constantine Dimopoulos, et al with significant contributions by [Christopher Wellons](https://github.com/skeeto) and revisions & suggestions by [Martin K.](https://github.com/kurahaupo) as well as tuu and fizzie on ##c on Freenode. -Current version: 1.9 +Current version: 2.0 Also, check out [this](https://github.com/sal55/langs/tree/master/hash)! -![Screenshot](https://1.bp.blogspot.com/-AJHOYoGZtpo/YWbtxCa5mgI/AAAAAAABDqI/2bhmlbBdnpUTj5PkkXAP9vnmUob8sDBMwCLcBGAsYHQ/s16000/houndsniff.png) +![Screenshot](https://blogger.googleusercontent.com/img/a/AVvXsEh7UuJAMRdL4MOA82DH7C2g78X1t_kvsQuKcG-Cww6SqbZ68f_G8TZ3ibOJi7s09bMopa34NkzCbWILgWo0budEUbSlsTtK6GUDogOkZvtZQ0lqhiz2GBBkQkzR7PRDosDHm5RMbcQ6gHOQH3DxL-hJy2ncIlyxIb2gU1fcs5aLaIAM83ezm2NtnrPa=s16000) Clone ---- diff --git a/src/Makefile b/src/Makefile @@ -1,12 +1,12 @@ # Houndsniff https://mcdim.xyz/projects/hs.html -# License: GNU GPL v3.0 +# License: GNU GPL v3.0+ CC=gcc FILES=main.c select.c BIN=houndsniff all: main.c select.c - $(CC) $(FILES) -o $(BIN) + $(CC) $(FILES) -o $(BIN) -lreadline install: main.c select.c $(BIN).1 $(CC) $(FILES) -o $(BIN) -lreadline diff --git a/src/houndsniff.1 b/src/houndsniff.1 @@ -1,14 +1,12 @@ .\" Manpage for Houndsniff -.TH man 8 "10 Mar 2021" "1.9" "Houndsniff manual page" +.TH man 8 "10 Mar 2021" "2.0" "Houndsniff manual page" .SH NAME Houndsniff \- Hash algorithm identification .SH SYNOPSIS houndsniff [HASH] .SH DESCRIPTION -Houndsniff is a hash recognition/identification program. It works by extracting two main characteristics about the the hash and comparing it to characteristics of hashes produced by different hashing algorithms stored in a local database. Then, it prints the matches sorted by popularity. The popularity of each hashing algorithm is determined by web search result numbers in comparison to other hashes with the same characteristcs. These characteristics are length and character set. - -Current version: 1.7 +Houndsniff is a hash identification program. It works by extracting two main characteristics about the the hash and comparing it to characteristics of hashes produced by different hashing algorithms stored in a local database. Then, it prints the matches sorted by popularity. The popularity of each hashing algorithm is determined by web search result numbers in comparison to other hashes with the same characteristcs. .B If your hash includes a dollar sign ($), make sure you place it in between quotes. @@ -38,4 +36,4 @@ Martin K. tuu & fizzie on ##c@freenode .SH LICENSE -GNU Public License 3.0 (GPL-3.0) +GNU Public License 3.0+ (GPL-3.0+) diff --git a/src/main.c b/src/main.c @@ -1,11 +1,8 @@ /* - * Houndsniff - version 1.9 + * Houndsniff - version 2.0 * - * by Michael Constantine - * Dimopoulos et al - * https://mcdim.xyz - * <mk@mcdim.xyz> - * GNU GPLv3 + * by Michael Constantine Dimopoulos et al + * https://mcdim.xyz <mk@mcdim.xyz> GNU GPLv3 * */ @@ -18,8 +15,7 @@ #include <readline/readline.h> #include "select.h" - -#define VERSION "1.9" +#define VERSION "2.0" static int hasUpper(char ch[]) @@ -150,16 +146,16 @@ main(int argc, char* argv[]) { banner(); - if(argc==1) { + if (argc==1) { printf("Usage: %s [HASH] [-h] [-l] [-s]\n", argv[0]); exit(EXIT_FAILURE); } - if(strcmp(argv[1],"-h")==0 || strcmp(argv[1],"--help")==0){ + if (strcmp(argv[1],"-h")==0 || strcmp(argv[1],"--help")==0){ help(argv[0]); - } else if(strcmp(argv[1], "-l")==0) { + } else if (strcmp(argv[1], "-l")==0) { list(); - } else if(strcmp(argv[1], "-s")==0) { + } else if (strcmp(argv[1], "-s")==0) { using_history(); while(1) { char *hash; diff --git a/src/select.c b/src/select.c @@ -38,59 +38,73 @@ static const struct { char *name; short length; char charset; - char popularity; + double likelihood; } hashes[] = { - {"CRC16", 4, 'a', 50}, - {"CRC32b", 8, 'a', 10}, - {"ADLER32", 8, 'a', 8}, - {"CRC32", 8, 'a', 19}, - {"MySQL 3.2.3", 16, 'a', 20}, - {"MD5 (half)", 16, 'a', 10}, - {"MD5", 32, 'a', 100}, - {"MD4", 32, 'a', 40}, - {"MD2", 32, 'a', 35}, - {"LanManager Hash", 32, 'a', 25}, - {"Windows NT-Hash", 32, 'a', 20}, - {"HAVAL128,5", 32, 'a', 28}, - {"HAVAL128,4", 32, 'a', 26}, - {"HAVAL128,3", 32, 'a', 27}, - {"Tiger128,3", 32, 'a', 5}, - {"RIPEMD128", 32, 'a', 9}, - {"DomainCachedCredentials", 32, 'a', 10}, - {"MD4 HMAC", 32, 'a', 7}, - {"MD5 HMAC", 32, 'a', 12}, - {"Tiger128,4", 32, 'a', 7}, - {"SHA1", 40, 'a', 85}, - {"HAVAL160,5", 40, 'a', 22}, - {"RIPEMD160 ", 40, 'a', 38}, - {"HAVAL160,4", 40, 'a', 21}, - {"HAVAL160,3", 40, 'a', 22}, - {"Tiger160,3", 40, 'a', 5}, - {"Tiger160,4", 40, 'a', 7}, - {"HAVAL192,5", 48, 'a', 27}, - {"HAVAL192,4", 48, 'a', 26}, - {"Tiger192,3", 48, 'a', 6}, - {"HAVAL192,3", 48, 'a', 25}, - {"Tiger192,4", 48, 'a', 5}, - {"SHA224", 56, 'a', 79}, - {"HAVAL224,3", 56, 'a', 20}, - {"HAVAL224,5", 56, 'a', 21}, - {"HAVAL224,4", 56, 'a', 25}, - {"GOST Hash", 64, 'a', 10}, - {"Snefru-128", 64, 'a', 5}, - {"RIPEMD256", 64, 'a', 9}, - {"HAVAL256,5", 64, 'a', 20}, - {"HAVAL256,3", 64, 'a', 18}, - {"SHA256", 64, 'a', 87}, - {"RIPEMD320", 80, 'a', 8}, - {"SHA384", 96, 'a', 58}, - {"SHA512", 128, 'a', 70}, - {"Whirpool", 128, 'a', 50}, - {"FreeBSD nthash", 36, 'b', 20}, - {"CRYPT16", 24, 'c', 10}, - {"MSSQL 2000", 94, 'd', 20}, - {"MSSQL 2005", 54, 'd', 20}, - {"DES Crypt", 13, 'e', 20}, + {"CRC16", 4, 'a', 100}, + + {"CRC32b", 8, 'a', 56.84}, + {"CRC32", 8, 'a', 22.96}, + {"ADLER32", 8, 'a', 21.43}, + + {"MD5 (half)", 16, 'a', 79.15}, + {"MySQL 3.2.3", 16, 'a', 20.85}, + + {"MD5", 32, 'a', 44.1}, + {"LanManager Hash", 32, 'a', 25.67}, + {"Windows NT-Hash", 32, 'a', 5.93}, + {"RIPEMD128", 32, 'a', 4.81}, + {"MD4", 32, 'a', 3.16}, + {"MD2", 32, 'a', 2.56}, + {"Tiger128,4", 32, 'a', 2.13}, + {"Tiger128,3", 32, 'a', 2.13}, + {"HAVAL128,3", 32, 'a', 2.12}, + {"MD4 HMAC", 32, 'a', 1.90}, + {"HAVAL128,4", 32, 'a', 1.89}, + {"HAVAL128,5", 32, 'a', 1.88}, + {"DomainCachedCredentials", 32, 'a', 1.34}, + {"MD5 HMAC", 32, 'a', 0.33}, + + {"SHA1", 40, 'a', 45.86}, + {"HAVAL160,4", 40, 'a', 13.83}, + {"Tiger160,3", 40, 'a', 8.99}, + {"Tiger160,4", 40, 'a', 8.81}, + {"RIPEMD160 ", 40, 'a', 8.18}, + {"HAVAL160,3", 40, 'a', 8.08}, + {"HAVAL160,5", 40, 'a', 6.21}, + + {"Tiger192,4", 48, 'a', 31.14}, + {"Tiger192,3", 48, 'a', 19.84}, + {"HAVAL192,5", 48, 'a', 18.29}, + {"HAVAL192,4", 48, 'a', 17.67}, + {"HAVAL192,3", 48, 'a', 13.05}, + + {"SHA224", 56, 'a', 27.79}, + {"HAVAL224,4", 56, 'a', 27.18}, + {"HAVAL224,3", 56, 'a', 22.81}, + {"HAVAL224,5", 56, 'a', 22.20}, + + {"SHA256", 64, 'a', 66.07}, + {"GOST Hash", 64, 'a', 8.32}, + {"Snefru-128", 64, 'a', 7.52}, + {"RIPEMD256", 64, 'a', 6.48}, + {"HAVAL256,5", 64, 'a', 5.81}, + {"HAVAL256,3", 64, 'a', 5.77}, + + {"RIPEMD320", 80, 'a', 100}, + + {"SHA384", 96, 'a', 100}, + + {"Whirpool", 128, 'a', 80.2}, + {"SHA512", 128, 'a', 19.8}, + + {"FreeBSD nthash", 36, 'b', 100}, + + {"CRYPT16", 24, 'c', 100}, + + {"MSSQL 2005", 54, 'd', 70.16}, + {"MSSQL 2000", 94, 'd', 29.84}, + + {"DES Crypt", 13, 'e', 100}, }; void @@ -110,7 +124,9 @@ sel(int length, const char *charset) printf("Possible results:\n\n"); for (i = 0; i < nmatch; i++) { - printf("[" RED "%d" RESET "] %s\n", i + 1, hashes[matches[i]].name); + printf("[" RED "%d" RESET "] %s - " RED "%.2f%" RESET "\n", + i + 1, hashes[matches[i]].name, + hashes[matches[i]].likelihood); } } @@ -120,7 +136,7 @@ matchcmp(const void *p0, const void *p1) { int m0 = *(int *)p0; int m1 = *(int *)p1; - return hashes[m1].popularity - hashes[m0].popularity; + return hashes[m1].likelihood - hashes[m0].likelihood; } void