What hash types are supported in Passware Kit?

Passware Kit Business and Forensic support password recovery for multiple different hashing algorithms:

* Rainbow Tables attack is applicable to non-salted hashes only

Check out the full list of supported hash types and GPU options at:
https://www.passware.com/kit-forensic/filetypes/

NOTE: Hardware acceleration for hash files is available starting from Passware Kit 2020.x.

Passware Tip: Use the Rainbow Tables attack to recover passwords almost instantly for Raw unsalted MD5, SHA1, and Windows NT/LanMan.

Sample Hash Files: structure and format

Passware Kit recovers passwords for hashes from hash list (TXT) files. To attack a hash file, click "Browse for file" in "Recover File Password" section and locate the .TXT file with hash.

Single or multiple hashes of the same type can be added in one text document, each on a separate line with the [account:hash] structure as follows (bcrypt example):

NOTE: If the hashes are encrypted with salt, all hashes in one text file should have the same salt. Otherwise, they will not be supported by Passware Kit. "Account:" is a required part of the structure, although, any word can be used if original account name is unknown.

___________________________

Below are the examples of some hash structures with multiple hashes of the same type.

Passware Tip: In the downloadable sample files, the passwords are listed in the description after the ‘#’ symbol, i.e. [username: password].

# Raw MD5, no salt, ASCII password

user:5f4dcc3b5aa765d61d8327deb882cf99
Alex:5a105e8b9d40e1329780d62ea2265d8a
Sandra:ad0234829205b9033196ba818f7a872b
kate:8ad8757baa8564dc136c1e07507f4a98
mike:86985e105f79b95d6bc918fb45ec7727
Passware:378e2c4a07968da2eca692320136433d

Download sample MD5-nosalt.txt

# with salt: 

user-password:$MD5$salt$67a1e09bb1f83f5007dc119c14d663aa

Download sample Raw-MD5-salt.txt

# NTLM hash

Admin:500:AEBD4DE384C7EC43AAD3B435B51407EE:7A21990FCD3D759941E45C490F173D5F:::
Login-1:501:NO PASSWORD*********************:NO PASSWORD*********************:::
Login-2:1000:15E05A3C6D967536C8C9B0C7468727C6:8E90874E5F0C1CA822487EEA0983CBDC:::
Login-3:1002:NO PASSWORD*********************:A5865B74725716CB71131C351FEEDA45:::
Login-5:1004:598DDCE2660D3193A7D3B435B51404EE:2D20D252A479F4857F5E171D93985BF:::
Login-6:1006:23CE5FB4C15F9103AAD77635B51404EE:12C7A1918EBCDA1356818A4FB803C792:::

Download sample NTLM.txt

Download sample NTLMv2.txt

Passware Tip: :500: (:501:, :502:, etc.) is User RID or Runtime Identifier
For the built-in Administrator, the value is always ‘500’ (0x1f4), whereas other users start at ‘1001’ (0x3e9) and increment from there.

# Raw SHA512, no salt

Passware:5b722b307fce6c944905d132691d5e4a2214b7fe92b738920eb3fce3a90420a19511c3010a0e7712b054daef5b57bad59ecbd93b3280f210578f547f4aed4d25

Download sample Raw-SHA512-nosalt.txt

# with salt: 

Username:$SHA512$virus$279a392edac6d241f437d19d2c00cebc1cf67c05408ee523e072707366903693ad0b65e595f5a2e7c0783f99251364d069dfc210f5ef1552c3ec43c5f55d7724

Download sample Raw-SHA512-salt.txt

# Raw SHA1, no salt

Username:5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8

Download sample Raw-SHA1-nosalt.txt

# with salt: 

Username:01295B67659E95F32931CEDB3BA50289E2826AF3D5A1422F

Download sample SHA1-salt.txt

# Unix SHA-256 (CRYPT)

classic:$5$MnfsQ4iN$ZMTppKN16y/tIsUYs/obHlhdP.Os80yXhTurpBMUbA5
user-:$5$jmDV2B9yon94T9La$FRNcNfqSk.Wu4yQD3rx619/Hi7dAK1vW7CAnCoob4y4

Download sample Unix-SHA256.txt

# Blowfish-based Unix crypt ("bcrypt")

classic: $2a$05$bvIG6Nmid91Mu9RcmmWZfO5HJIMCT8riNW0hEp8f6/FuA2/mHZFpe
Passware: $2a$10$udNiQiN9SMssaS8kxJ520.vGLq02V3Fe1luTuBif.Xjhq4bud/Ccq

Download sample Bcrypt.txt