They do know the hash function, there are only a few standard password hash functions and the hash itself generally specifies which hash function was used to create it. Creating a custom hash function and then keeping it a secret is generally not practical or useful. It’s hard to test the security of a hash function, the standard ones in use are considered secure because they’ve been around a while and nobody has figured out how to break them yet. Your custom hash function built by your barely cryptography literate engineers would probably be deeply flawed, and the entire premise is an anti-pattern called “security through obscurity.”