UnHash 1.1

A program that tries to find a collision in a given hash

  Add it to your Download Basket!

 Add it to your Watch List!


Rate it!

What's new in UnHash 1.0:

  • The bundled MD5 and SHA1 code has been removed.
  • This release has complete reliance on OpenSSL.
  • A floating point exception bug in print_stats() has been fixed.
  • A termio bug where stdout redirection did not work upon SIGINT (Ctl-C) has been fixed.
Read full changelog
send us
an update
GPL (GNU General Public License) 
3.1/5 25
Dmitriy Pletnev
ROOT \ Security
1 UnHash Screenshot:
UnHash project is a program that tries to find a collision in a given hash. The hash can be either MD5 or SHA1, and the program will auto-detect which one is given.

To see usage just run it without any arguments.

Developer comments

The idea to write such a program came to me when I was playing the NGSEC (www.ngsec.com) games. Some levels required to find the original username/password string from SHA1 and MD5 hashes of them. There existed an MD5 cracker already, but nothing for SHA1. So, while I was writing one from rfc code it seemed like a good idea to put both crackers into one.

I also noticed that the MD5 cracker used OpenSSL's libs so I also added support for openssl, which is much faster than rfc's. OpenSSL support will compile by default unless you uncomment the define for rfc in config.h.


· GNU make (gmake on solaris)
· GNU compiler (gcc)

It is strongly suggested to have OpenSSL installed. If you're using Red Hat's system then you'll need both of openssl packages (openssl + devel).

However, if you don't have OpenSSL you can uncomment the define in config.h and run 'make rfc'. This will use the code from RFC-1321 and RFC-1810 for MD5, and RFC-3174 for SHA1.

Last updated on February 21st, 2010

#collision finder #MD5 hash collision #SH1 hash collision #UnHash #collision #finder #hash

Add your review!