Is it at all possible for a trained eye to be able to determine which cryptographic hash function is used to hash users passwords in a database table for a specific application. We have an application that doesn’t use oracles default authentication so the application user hashes aren’t stored within $sys.users, they are in a random table specific to the application. My question is, if you can see the hashes in that table, could you tell which hash function hashed them? Or is there a tool to feed the hash into and for it to tell you which hash function hashed these passwords? Its hard to identify a tool to run dictionary password tests over if you don’t know what hash function is used.