HashPump – Exploit Hash Length Extension Attack

HashPump is a C++ based command line tool to exploit the Hash Length Extension Attack with various hash types supported, including MD4, MD5, SHA1, SHA256, and SHA512.

There’s a good write-up of how to use this in practical terms here: Plaid CTF 2014: mtpox

Usage

You can download HashPump here:

Or read more here.

Leave a Reply