Difference between revisions of "Hashdb api"
imported>Wikiadmin |
(→How do I use it?) |
||
(6 intermediate revisions by one other user not shown) | |||
Line 7: | Line 7: | ||
==How do I use it?== | ==How do I use it?== | ||
− | You send an HTTP request to https://hashdb.insomnia247.nl/v1/ | + | === Looking up hashes === |
+ | You send an HTTP request to https://hashdb.insomnia247.nl/v1/hashfunction/passwordhash. | ||
− | + | Example: | |
+ | https://hashdb.insomnia247.nl/v1/md5/de038c8d3a8e15b0c8578280ac12cffd | ||
+ | |||
+ | will return: | ||
+ | |||
+ | {"hash":"de038c8d3a8e15b0c8578280ac12cffd","found":true,"result":"ex499er4+!on$"} | ||
+ | |||
+ | Currently the '''md5''', '''sha1''', and '''sha256''' hashing algorithms are supported. | ||
The results are always JSON encoded. You will always receive the ''hash'', ''found'', and ''result'' parameters in your response. The ''hash'' parameter is the hash you submitted, the ''found'' parameter will be ''true'' if the hash was found in the database or ''false'' if it was not. The final ''result'' parameter will contain the password if one has been found or ''null'' if no password has been found. | The results are always JSON encoded. You will always receive the ''hash'', ''found'', and ''result'' parameters in your response. The ''hash'' parameter is the hash you submitted, the ''found'' parameter will be ''true'' if the hash was found in the database or ''false'' if it was not. The final ''result'' parameter will contain the password if one has been found or ''null'' if no password has been found. | ||
+ | === Inserting new passwords === | ||
+ | If you find a hash that is not in the database but you know the password for, you can add to our database by inserting the new password. The ''/v1/insert'' endpoint accepts a '''PUT''' request with the '''password''' option. | ||
+ | |||
+ | Example: | ||
+ | <pre>curl -XPUT 'https://hashdb.insomnia247.nl/v1/insert' -d 'password=newpassword'</pre> | ||
+ | |||
+ | This will also return the hashes for you; | ||
+ | {"md5":"5e9d11a14ad1c8dd77e98ef9b53fd1ba","sha1":"f2c57870308dc87f432e5912d4de6f8e322721ba","sha256":"089542505d659cecbb988bb5ccff5bccf85be2dfa8c221359079aee2531298bb","password":"newpassword"} | ||
==What comes back if something is wrong?== | ==What comes back if something is wrong?== | ||
+ | ===GET requests=== | ||
:When a hash is not in the database: '''{"hash":"0123456789abdef0123456789abcdef0","found":false,"result":null}''' | :When a hash is not in the database: '''{"hash":"0123456789abdef0123456789abcdef0","found":false,"result":null}''' | ||
:Invalid hashing algorithm: HTTP 404 Error. | :Invalid hashing algorithm: HTTP 404 Error. | ||
:Invalid hash: HTTP 400 Error. | :Invalid hash: HTTP 400 Error. | ||
:Something terribly wrong: HTTP 500 Error. Please inform us if this happens. | :Something terribly wrong: HTTP 500 Error. Please inform us if this happens. | ||
+ | |||
+ | |||
+ | ===PUT requests=== | ||
+ | :When the '''password''' option is not set: HTTP 400 Error. | ||
+ | :When the wrong HTTP verb is used (ie. not PUT): HTTP 404 Error. | ||
Latest revision as of 00:31, 12 September 2019
Contents
What does it do?
The API interface allows you to retrieve passwords from the database in a single simple http request.
This means you can easily add hash lookups into your website or application.
How do I use it?
Looking up hashes
You send an HTTP request to https://hashdb.insomnia247.nl/v1/hashfunction/passwordhash.
Example:
https://hashdb.insomnia247.nl/v1/md5/de038c8d3a8e15b0c8578280ac12cffd
will return:
{"hash":"de038c8d3a8e15b0c8578280ac12cffd","found":true,"result":"ex499er4+!on$"}
Currently the md5, sha1, and sha256 hashing algorithms are supported.
The results are always JSON encoded. You will always receive the hash, found, and result parameters in your response. The hash parameter is the hash you submitted, the found parameter will be true if the hash was found in the database or false if it was not. The final result parameter will contain the password if one has been found or null if no password has been found.
Inserting new passwords
If you find a hash that is not in the database but you know the password for, you can add to our database by inserting the new password. The /v1/insert endpoint accepts a PUT request with the password option.
Example:
curl -XPUT 'https://hashdb.insomnia247.nl/v1/insert' -d 'password=newpassword'
This will also return the hashes for you;
{"md5":"5e9d11a14ad1c8dd77e98ef9b53fd1ba","sha1":"f2c57870308dc87f432e5912d4de6f8e322721ba","sha256":"089542505d659cecbb988bb5ccff5bccf85be2dfa8c221359079aee2531298bb","password":"newpassword"}
What comes back if something is wrong?
GET requests
- When a hash is not in the database: {"hash":"0123456789abdef0123456789abcdef0","found":false,"result":null}
- Invalid hashing algorithm: HTTP 404 Error.
- Invalid hash: HTTP 400 Error.
- Something terribly wrong: HTTP 500 Error. Please inform us if this happens.
PUT requests
- When the password option is not set: HTTP 400 Error.
- When the wrong HTTP verb is used (ie. not PUT): HTTP 404 Error.
Some special chars show up weird
Some chars will require you support the utf-8 charset. For an HTML page you can force this support by adding the following meta tag between your head tags:
- <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
Is it free?
Yes, it is, and will continue to be free for the foreseeable future. We would appreciate it if you give us credit for it though.
I plan to use it in a pretty big site/application. How many requests can I make?
Though it should be able to handle a fair amount of requests, there's always going to be a limit. If you're planning to use it a lot, please contact us.
We can discuss if we'll be able to handle the amount of requests, or if you can perhaps set up your own local copy of the database.