UnHash project is a program that tries to find a collision in a given hash. The hash can be either MD5 or SHA1, and the program will auto-detect which one is given.
To see usage just run it without any arguments.
The idea to write such a program came to me when I was playing the NGSEC (www.ngsec.com) games. Some levels required to find the original username/password string from SHA1 and MD5 hashes of them. There existed an MD5 cracker already, but nothing for SHA1. So, while I was writing one from rfc code it seemed like a good idea to put both crackers into one.
I also noticed that the MD5 cracker used OpenSSL's libs so I also added support for openssl, which is much faster than rfc's. OpenSSL support will compile by default unless you uncomment the define for rfc in config.h.
· GNU make (gmake on solaris)
· GNU compiler (gcc)
It is strongly suggested to have OpenSSL installed. If you're using Red Hat's system then you'll need both of openssl packages (openssl + devel).
However, if you don't have OpenSSL you can uncomment the define in config.h and run 'make rfc'. This will use the code from RFC-1321 and RFC-1810 for MD5, and RFC-3174 for SHA1.
What's New in This Release: [ read full changelog ]
· The bundled MD5 and SHA1 code has been removed.
· This release has complete reliance on OpenSSL.
· A floating point exception bug in print_stats() has been fixed.
· A termio bug where stdout redirection did not work upon SIGINT (Ctl-C) has been fixed.
· Digest comparisons have been moved out of hash functions into the main loop.
· There is a new feature to read hashes from a file.
· Runtime stats are disabled due to various bugs.
· A linked list to hold digests has been added.