Project Description
This is an offline tool to help you check whether your password has been compromised by hackers. What you do is enter a phrase (e.g. a password), and it will generate a SHA-1 hash for you. Optionally, you may replace the first
few characters with zeros (padding), because publicly published lists of compromised hashes usually have the first few zeroed.
Additionally, you may check the resulting hash against a list to see whether it is there (nothing really complicated - it's just a time-saver). You may supply your own list, or use the default one published after the
LinkedIn hack.
This tool is for offline usage, and as such doesn't compromise the password you are checking. You may disconnect your machine from the internet while using it, or if you wish, and have the know-how, just take the sources and compile
them yourselves, to make sure that this app does nothing malicious.
Usage:
This is a command-line tool.
- To generate a SHA-1 hash for a given text string, type: ShaHashChecker /text:SampleText
- To generate a SHA-1 hash for a password or a multi-word phrase: ShaHashChecker /password, and type the password / phrase
- To replace the first few characters in the generated hash, with zeros (0), add
/pad:n, where n is the number of characters to replace.
- To use the checker with a SHA-1 hash list file add /search:filespec, where
filespec is the full path and file name of the hash list (e.g. /file:d:\temp\sha-list.txt).
A list of the hashes (hashes only; no passwords or user names included) compromised in the June 6th hack on LinkedIn can be found here: http://depositfiles.com/files/8fxr534yx
If this goes offline, leave me a message and I'll add a copy somewhere else.