Gathering the Hashes
Hack Responsibly.
Always ensure you have explicit permission to access any computer system before using any of the techniques contained in these documents. You accept full responsibility for your actions by applying any knowledge gained here.
Extracting hashes from text files
Extract md5 hashes
Using egrep:
egrep -oE '(^|[^a-fA-F0-9])[a-fA-F0-9]{32}([^a-fA-F0-9]|$)' $hash_directory/* | egrep -o '[a-fA-F0-9]{32}' > $out_hash_fileAlternatively, with sed:
sed -rn 's/.*[^a-fA-F0-9]([a-fA-F0-9]{32})[^a-fA-F0-9].*/1/p' $hash_directory/* > $out_hash_fileExtract MySQL-Old hashes
grep -e "[0-7][0-9a-f]{7}[0-7][0-9a-f]{7}" $hash_directory/* > $out_hash_fileExtract blowfish hashes
grep -e "$2a\$\08\$(.){75}" $hash_directory/* > $out_hash_fileExtract Joomla hashes
egrep -o "([0-9a-zA-Z]{32}):(w{16,32})" $hash_directory/* > $out_hash_fileExtract Vbulletin hashes
egrep -o "([0-9a-zA-Z]{32}):(S{3,32})" $hash_directory/* > $out_hash_fileExtract phpBB3-MD5
egrep -o '$H$S{31}' $hash_directory/* > $out_hash_fileExtract Wordpress-MD5
egrep -o '$P$S{31}' $hash_directory/* > $out_hash_fileExtract Drupal 7
egrep -o '$S$S{52}' $hash_directory/* > $out_hash_fileExtract 'old' Unix-MD5
egrep -o '$1$w{8}S{22}' $hash_directory/* > $out_hash_fileExtract MD5-APR1
egrep -o '$apr1$w{8}S{22}' $hash_directory/* > $out_hash_fileExtract sha512crypt, SHA512 (Unix)
egrep -o '$6$w{8}S{86}' $hash_directory/* > $out_hash_fileExtracting non-hash strings from text files
Extract e-mails
grep -E -o "\b[a-zA-Z0-9.#?$*_-]+@[a-zA-Z0-9.#?$*_-]+.[a-zA-Z0-9.-]+\b" $text_directory/* > $email_listExtract URLs (HTTP only)
grep http | grep -shoP 'http.*?[" >]' $text_directory/* > $HTTP_URL_listExtract URLs (HTTP, HTTPS, Gopher, FTP, mailto, etc)
grep -E '(((http|https|ftp|gopher)|mailto)[.:][^ >" ]*|www.[-a-z0-9.]+)[^ .,; >">):]' $text_directory/* > $HTTP_URL_listExtract Floating point numbers
# grep -E -o "^[-+]?[0-9]*.?[0-9]+([eE][-+]?[0-9]+)?$" *.txt > floats.txt
Extract credit card data
Visa # grep -E -o "4[0-9]{3}[ -]?[0-9]{4}[ -]?[0-9]{4}[ -]?[0-9]{4}" *.txt > visa.txt
MasterCard # grep -E -o "5[0-9]{3}[ -]?[0-9]{4}[ -]?[0-9]{4}[ -]?[0-9]{4}" *.txt > mastercard.txt
American Express # grep -E -o "\b3[47][0-9]{13}\b" *.txt > american-express.txt
Diners Club # grep -E -o "\b3(?:0[0-5]|[68][0-9])[0-9]{11}\b" *.txt > diners.txt
Discover # grep -E -o "6011[ -]?[0-9]{4}[ -]?[0-9]{4}[ -]?[0-9]{4}" *.txt > discover.txt
JCB # grep -E -o "\b(?:2131|1800|35d{3})d{11}\b" *.txt > jcb.txt
AMEX # grep -E -o "3[47][0-9]{2}[ -]?[0-9]{6}[ -]?[0-9]{5}" *.txt > amex.txt
Extract Social Security Number (SSN)
# grep -E -o "[0-9]{3}[ -]?[0-9]{2}[ -]?[0-9]{4}" *.txt > ssn.txt
Extract Indiana Driver License Number
# grep -E -o "[0-9]{4}[ -]?[0-9]{2}[ -]?[0-9]{4}" *.txt > indiana-dln.txt
Extract US Passport Cards
# grep -E -o "C0[0-9]{7}" *.txt > us-pass-card.txt
Extract US Passport Number
# grep -E -o "[23][0-9]{8}" *.txt > us-pass-num.txt
Extract US Phone Numberss
# grep -Po 'd{3}[s-_]?d{3}[s-_]?d{4}' *.txt > us-phones.txt
Extract ISBN Numbers
# egrep -a -o "\bISBN(?:-1[03])?:? (?=[0-9X]{10}$|(?=(?:[0-9]+[- ]){3})[- 0-9X]{13}$|97[89][0-9]{10}$|(?=(?:[0-9]+[- ]){4})[- 0-9]{17}$)(?:97[89][- ]?)?[0-9]{1,5}[- ]?[0-9]+[- ]?[0-9]+[- ]?[0-9X]\b" *.txt > isbn.txt
If you like this content and would like to see more, please consider buying me a coffee!
Last updated
Was this helpful?