UnHash iconUnHash 1.1

A program that tries to find a collision in a given hash
UnHash project is a program that tries to find a collision in a given hash. The hash can be either MD5 or SHA1, and the program will auto-detect which one is given.

To see usage just run it without any arguments.

Developer comments

The idea to write such a program came to me when I was playing the NGSEC (www.ngsec.com) games. Some levels required to find the original username/password string from SHA1 and MD5 hashes of them. There existed an MD5 cracker already, but nothing for SHA1. So, while I was writing one from rfc code it seemed like a good idea to put both crackers into one.

I also noticed that the MD5 cracker used OpenSSL's libs so I also added support for openssl, which is much faster than rfc's. OpenSSL support will compile by default unless you uncomment the define for rfc in config.h.


· GNU make (gmake on solaris)
· GNU compiler (gcc)

It is strongly suggested to have OpenSSL installed. If you're using Red Hat's system then you'll need both of openssl packages (openssl + devel).

However, if you don't have OpenSSL you can uncomment the define in config.h and run 'make rfc'. This will use the code from RFC-1321 and RFC-1810 for MD5, and RFC-3174 for SHA1.

last updated on:
February 21st, 2010, 2:59 GMT
developed by:
Dmitriy Pletnev
license type:
GPL (GNU General Public License) 
ROOT \ Security


In a hurry? Add it to your Download Basket!

user rating 25



1 Screenshot
What's New in version 1.0
  • The bundled MD5 and SHA1 code has been removed.
  • This release has complete reliance on OpenSSL.
  • A floating point exception bug in print_stats() has been fixed.
  • A termio bug where stdout redirection did not work upon SIGINT (Ctl-C) has been fixed.
read full changelog

Add your review!