Hash Funksiyalari

Hash funksiya nima?

Hash funksiya — ixtiyoriy uzunlikdagi ma'lumotni qat'iy uzunlikdagi chiqishga aylantiradi. Bir tomonlama: hash dan asl ma'lumotni olish mumkin emas (nazariy jihatdan).

Mashhur hash algoritmlari

import hashlib

matn = "Salom"
data = matn.encode()

# MD5 (128 bit — hozir xavfli!)
md5 = hashlib.md5(data).hexdigest()
print(f"MD5:    {md5}")

# SHA1 (160 bit — hozir zaif)
sha1 = hashlib.sha1(data).hexdigest()
print(f"SHA1:   {sha1}")

# SHA256 (256 bit — hozir standart)
sha256 = hashlib.sha256(data).hexdigest()
print(f"SHA256: {sha256}")

# SHA512 (512 bit — juda kuchli)
sha512 = hashlib.sha512(data).hexdigest()
print(f"SHA512: {sha512}")

# bcrypt (parol saqlash uchun — tuzli va sekin)
import bcrypt
password = b"mysecretpassword"
hashed = bcrypt.hashpw(password, bcrypt.gensalt())
print(f"bcrypt: {hashed}")
print(bcrypt.checkpw(password, hashed))  # True

Hash cracking usullari

# MD5 cracking (sodda misol)
import hashlib

target_hash = "5f4dcc3b5aa765d61d8327deb882cf99"
wordlist = ["password", "123456", "admin", "letmein", "qwerty"]

for word in wordlist:
    if hashlib.md5(word.encode()).hexdigest() == target_hash:
        print(f"Topildi! Parol: {word}")
        break

# Hash turini aniqlash
def identify_hash(h: str) -> str:
    length = len(h)
    if length == 32:  return "MD5 yoki MD4"
    if length == 40:  return "SHA1"
    if length == 64:  return "SHA256"
    if length == 128: return "SHA512"
    if h.startswith("$2b$"): return "bcrypt"
    return "Noma'lum"

Length Extension hujumi

MD5 va SHA1 uchun Merkle-Damgård konstruktsiyasidan foydalanib, mavjud hash ga qo'shimcha ma'lumot qo'shish mumkin:

# hashpump vositasi:
# hashpump -s "hash" -d "asl_matn" -a ";admin=true" -k 10
# Bu yangi hash va to'ldirilgan ma'lumot qaytaradi