Anyone know how to generate Hashes with the command line on Linux?
I have to generate a Hash with SHA1 + salt= Password:Cat Salt:XN10Zj2c
and a Hash with MD4= Password:Cat
Thank you for your help!
For SHA1 + salt I tried= echo -n “$XN10Zj2c$Cat” | openssl dgst -sha1
The problem here is that there is no generic way of hashing a password and a salt. In all likelihood you need to mimic the crypt command line tool, as it doesn’t contain these algorithms (hence I’ve used -1 and -2 as algorithm identifiers instead).
For instance:
#!/bin/bash
# Your password and salt
password="your_password_here"
salt="your_salt_here"
# Specify the algorithm: -1 for MD4, -2 for SHA-1
algorithm_specifier="-2" # Change this to -1 for MD4
# Function to hash with SHA-1
hash_sha1() {
local pass="$1"
local salt="$2"
echo -n "$pass$salt" | openssl dgst -sha1
}
# Function to hash with MD4
hash_md4() {
local pass="$1"
local salt="$2"
echo -n "$pass$salt" | openssl dgst -md4
}
# Check for the specified hashing algorithm
if [ "$algorithm_specifier" == "-2" ]; then
# SHA-1 hashing
sha1_hash=$(hash_sha1 "$password" "$salt")
echo "$algorithm_specifier$$salt$$sha1_hash"
elif [ "$algorithm_specifier" == "-1" ]; then
# MD4 hashing
md4_hash=$(hash_md4 "$password" "$salt")
echo "$algorithm_specifier$$salt$$md4_hash"
else
echo "Invalid algorithm specifier."
fi
Note that the $ signs are used to separate the different parts of the output within the “crypt format”. However, they are not part of what is actually hashed. Also, crypt normally hashes the password followed by the salt, not the other way around.
However, please note that you should use neither of these old, broken hashes nor should you use a newer hash such as SHA-2 or SHA-3. The reason for this is that you should be using a PBKDF such as PBKDF2 or Argon2 with a high iteration count or work factor and preferably a 16 byte random salt. These functions are sometimes also called “password hashes” and with good reason; they provide additional protection against brute force and dictionary attacks.