Cracking Hashes with OpenSSL

If you’re into offensive security, you’re probably familiar with password cracking tools such as john the ripper and hashcat. Did you know that you can openssl to your cracking toolset as well?

Recently I was working on solving a machine on, when obtained a salted password hash that I needed to crack. Some googling led me to this post:

The author recommends using openssl to decrypt the password. I thought this was a pretty interesting method rather than just popping the hash into john. Let’s break down what’s going on here.

OpenSSL passwd

Openssl features the passwd command, which is used to compute the hash of a password. By default, it uses the standard unix crypt algorithm to generate a hash. It also gives you the option to use the MD5, apr1 (Apache variant), AIX MD5, SHA256, and SHA512 algorithms.

# crypt
openssl passwd [email protected]

# MD5
openssl passwd -1 [email protected]

# SHA256
openssl passwd -5 [email protected]

# SHA512
openssl passwd -6 [email protected]

Another thing to keep in mind is that if you don’t specify a salt, passwd will use a unique salt each time you call the command (in case you were wondering why running the command on the same password produces different hashes:

openssl passwd [email protected]
openssl passwd [email protected]
openssl passwd [email protected]

Cracking Hashes

So now that we know the primary utility of the passwd command, let’s use it to crack some hashes! The general idea here is that we use openssl to generate hashes from a wordlist, and compare the hash we want to crack to this newly generated list.

For this example, we will be cracking an MD5 hash $1$xx$BJua.upYUAEs5nrUyayjx.. The first thing we want to do is identify the salt, which can be found between the second pair of $ symbols: $1$xx$BJua.upYUAEs5nrUyayjx.

Now that we know the salt, all we need to do now is to feed a wordlist of our choosing into openssl, and use a small portion of the hash with grep to find a matching hash:

openssl passwd -1 -salt xx -table -in passwords | grep YUAEs5nrUyay

Let’s breakdown the flags above:

  • -1: this tells passwd to use the MD5 algorithm
  • -salt: we specify the salt (‘xx’) here
  • -table: this prints the output in a nice format, our password in one column and our hash in the other
  • -in: use this to specify out wordlist

After a few seconds:

openssl passwd -1 -salt xx -table -in passwords | grep YUAEs5nrUyay
[email protected]    $1$xx$BJua.upYUAEs5nrUyayjx.

Nice! We have our password.


How does using openssl to crack a hash compare to a purpose-built tool like john the ripper? Let’s do a quick comparison of a standard dictionary attack. To test this, I’ll use a password [email protected], with a salt of xx. The MD5 hash of this combination results in: $1$xx$BJua.upYUAEs5nrUyayjx.. I’ll be using the linux time utility to time the run of each command.

I created a password file containing 10000 random passwords, including the password that matches our hash. I ran the following command 5 times:

time openssl passwd -1 -salt xx -table -in passwords | grep UAEs5nrUyayjx

The results are as follows:

Run Run Time (s)
1 5.584
2 5.690
3 5.529
4 5.738
5 6.045
AVG 5.717s

In comparison, here are the results from john the ripper:

time john --wordlist=./passwords ./hash
Run Run Time (s)
1 0.356
2 0.352
3 0.349
4 0.371
5 0.359
AVG 0.357s

It’s pretty clear who the winner is here!


While not the fastest option for cracking a password hash, openssl is another option that can be added to your toolbelt. This is also useful considering its prevalence on Linux hosts, where you may not have access to dedicated tools like john the ripper.