RAHASH2(1) General Commands Manual RAHASH2(1)

rahash2block-based hashing, encoding and encryption utility

rahash2 [-BbdehjkLqrv] [-a algo] [-b size] [-c hash] [-D deco] [-e] [-E enco] [-f from] [-i num] [-I iv] [-j] [-J] [-L] [-S seed] [-k] [-s string] [-t to] [-x hexstr] [-X] [-v] [[file] ...]

This program is part of the radare project.

It's particularly useful for hashing large files and identifying modifications in forensics filesystem analysis.

This command provides the same features as the 'ph' command of radare.

algo
Comma-separated list of algorithms to use when hashing files or strings. Refer to -L to list supported hashing algorithms. This flag can be passed multiple times instead of separating them by commas.
size
Specify the block size.
hash
Compare the computed hash with the provided one. This is allowed only when a single hash is computed.
deco
Decrypt using the specified algorithm. Use -S to set the key and -I to set the IV.
Swap endianness to show digests or injest keys in big or little endian.
enco
Encrypt using the specified algorithm. Use -S to set the key and -I to set the IV.
from
Start hashing at the given address.
num
Repeat hash `num` iterations.
iv
Use the given initialization vector (IV) (hexadecimal or string).
Display output in JSON format.
New simplified JSON output format (equivalent to -jj).
Display hash using OpenSSH's randomkey algorithm.
List available hash, checksum and crypto plugins. This flag can be combined with -j to read the results in JSON format.
string
Hash the provided string instead of using the 'source' and 'hash-file' arguments.
seed
Use the given seed (hexadecimal or string). Use ^ to prefix (key for -E). '-' will slurp the key from stdin, and '@' prefix points to a file.
to
Stop hashing at the given address.
hexstr
Hash the provided hexadecimal string instead of using 'source' and 'hash-file' arguments.
Output of encryption in hexpairs instead of raw (see -j for json output)
Display version information.

Calculate the MD5 hash of the 'ls' binary:


$ rahash2 -qqa md5 /bin/ls

Calculate the SHA256 hash of string from stdin:


$ echo -n "Hello, World" | rahash2 -a sha256 -
$ rahash2 -a sha256 -s "Hello, World"

Compare CRC32 of the given file didnt changed:


$ rahash2 -qqa crc32 /bin/ls
63212007
$ rahash2 -a crc32 -c 63212007 /bin/ls
INFO: Computed hash matches the expected one
$ echo $?
0

List only the cryptographic plugins loaded:


$ rahash2 -L | grep ^c


$ rahash2 -qqa crc32 /bin/ls

Encode the string "Hello World" with base64:


$ rahash2 -E base64 -s "Hello World"

Calculate SHA256 hash of a specific part of a file:


$ rahash2 -qqa sha256 -f 0x1000 -t 0x2000 file_to_hash

Encrypt and decrypt the "hello" string using the ror and rol plugins:


$ rahash2 -S 12333 -E ror -s hello && echo
Cell{
$ rahash2 -S 12333 -E rol -s Cell{ && echo
hello

Encrypting and decrypting using AES-CBC:


$ export AES_KEY="11111111111111111111111111113211"
$ rahash2 -E aes-ecb -S "$AES_KEY" -s "hello world you bastard" > .file
$ cat .file | rahash2 -D aes-ecb -S "$AES_KEY" -s - && echo

Encrypting a file using Blowfish and encode it into a json:


$ rahash2 -E blowfish -S "11111111111111111111111111113211" -j /bin/ls > ls.json

The rahash2 utility exits 0 on success, and >0 if an error occurs.

When using the -c flag, an exit status of 0 indicates a match between the expected and computed hashes.

radare2(1)

https://www.radare.org/

pancake <pancake@nopcode.org>

March 16, 2024