BaconHash API

BaconHash exposes a simple REST API at https://api.baconhash.pw. All endpoints require a Bearer token in the Authorization header. Contact me to obtain a token.

Authentication

Send your token as a standard HTTP Bearer header on every request:

Authorization: Bearer <your-token>

Endpoints

GET /search/{hash}

Look up a single hash. The hash is passed as a URL path segment and accepts any supported format.

# Plain MD5 hash
curl https://api.baconhash.pw/search/2707569be0aff4a956388a851c68b4c6 \
     -H "Authorization: Bearer <token>"

{
  "hash": "2707569be0aff4a956388a851c68b4c6",
  "found": true,
  "type": "md5",
  "plain": "potato123"
}

# user:hash format
curl "https://api.baconhash.pw/search/pcaro:2707569be0aff4a956388a851c68b4c6" \
     -H "Authorization: Bearer <token>"

{
  "hash": "2707569be0aff4a956388a851c68b4c6",
  "found": true,
  "type": "md5",
  "plain": "potato123",
  "user": "pcaro"
}

# Domain dump line (NTLM) – URL-encode the value
curl "https://api.baconhash.pw/search/DOMAIN%5CAdmin%3A500%3Aaad3b435b51404eeaad3b435b51404ee%3A2000c92a544e63c3345c2b4a4d2379de%3A%3A%3A" \
     -H "Authorization: Bearer <token>"

{
  "hash": "2000c92a544e63c3345c2b4a4d2379de",
  "found": true,
  "type": "ntlm",
  "plain": "potato123",
  "user": "Admin",
  "domain": "DOMAIN"
}

POST /search

Look up multiple hashes in a single request. Send a JSON body with a hashes array; results are returned in the same order as inputs.

curl -X POST https://api.baconhash.pw/search \
     -H "Authorization: Bearer <token>" \
     -H "Content-Type: application/json" \
     -d '{
       "hashes": [
         "2707569be0aff4a956388a851c68b4c6",
         "da39a3ee5e6b4b0d3255bfef95601890afd80709",
         "notahash"
       ]
     }'

{
  "results": [
    {"hash": "2707569be0aff4a956388a851c68b4c6", "found": true,  "type": "md5",  "plain": "potato123"},
    {"hash": "da39a3ee5e6b4b0d3255bfef95601890afd80709", "found": true, "type": "sha1", "plain": ""},
    {"hash": "notahash", "found": false, "error": "Unrecognised hash format."}
  ]
}

Supported hash formats

Format	Example
Plain MD5 / NTLM 32 hex chars	`2707569be0aff4a956388a851c68b4c6`
Plain SHA1 40 hex chars	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
`user:hash`	`pcaro:2707569be0aff4a956388a851c68b4c6`
Domain dump NTLM, with or without domain	Administrator:500:aad3b435…:2000c92a…::: DOMAIN\Admin:500:aad3b435…:2000c92a…:::
LDAP SHA1 base64-encoded	`{SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g=`

CLI client

The bacon client is a lightweight Bash script that wraps the API. Download it and store your token in ~/.baconhash:

# Download the client
curl -o bacon https://baconhash.pw/bacon && chmod +x bacon

# Store your token
echo "<your-token>" > ~/.baconhash

# Look up a single hash
./bacon 2707569be0aff4a956388a851c68b4c6

# Look up a file of hashes (one per line)
./bacon hashes.txt

Response fields

Field	Type	Description
`hash`	string	The normalised hex hash that was looked up.
`found`	boolean	Whether a matching plaintext was found.
`type`	string \| null	Hash algorithm (`md5`, `ntlm`, `sha1`) when found.
`plain`	string \| null	Plaintext if found.
`user`	string \| null	Username parsed from the input.
`domain`	string \| null	Domain parsed from the input.
`error`	string \| null	Error message if the input format was unrecognised.