Wednesday 27 June 2012

Is your Linkedin Password Hacked


How to check if your Linkedin password has been stolen

There are two multiple ways of checking your linkedin password hash. Here, I am focusing on two ways of searching your password hash via different leaks available online.

1. Combo_not.zip via Python script

The passwords were uploaded online in a 270mb text file via https://disk.yandex.net .(Mirrors pastebin.com  or pastie.org ) You can check if your password is in that list by first creating your password in SHA-1 format and then check the txt file for it.
Pastebin Download Page
Pastebin mirror page for Linkedin dump
Pastebin mirror page for Linkedin dump
Pastie Download Page
Pastie mirror page for Linkedin dump
Pastie mirror page for Linkedin dump

After downloading combo_not.zip please extract the combo_not.zip and you will find out combo_not.txt file which need to be further analyzed for your password offline.
A python script is available online for converting your password into sha1 hash and search combo_not.txt for your sha1 hash match. You will need python interpreter for running above python script. The source code of python script is following.
"""
 Save this file as linkedin_hash.py and ensure it's
 in the same folder as combo_not.txt
 """
 
from hashlib import sha1
import sys
 
password = sys.argv[1]
hsh = sha1(password).hexdigest()
x = 0

for line in open('combo_not.txt','r'):
 if hsh == line.strip():
  x += 1
 elif "00000" + hsh[5:] == line.strip():
  x += 1 
print "Number of matches: %d" % x




Now execute the program by typing python linkedin_hash.py password. Replace the parameter with your password. This will show you exact result of your password.









2. 'Linkedin SHA1 Passwords' Torrent and PHP 



First download the linkedin password hash torrent and extract the archive. After extracting archive please ensure that you have PHP cli and grep is installed on the system. 






thepiratebay Linkedin SHA1 passwords


thepiratebay Linkedin SHA1 passwords








For Linux Systems




Run 



php -r 'echo sha1("password") . "\n";'







This will generate your sha1 password hash. Now we have to find our password hash from the give dump.



Run 



grep 'your sha1_hash' sha1.txt




For Windows Systems




Run






E:\Downloads\xampp\php>php -a

Interactive mode enabled




<?php

echo sha1("linkedin");

?>7728240c80b6bfd450849405e8500d6d207783b6^C



E:\Downloads\xampp\php>






Now run grep 







E:\Downloads\xampp\php>grep "7728240c80b6bfd450849405e8500d6d207783b6" combo_not

.txt




//Convert first five bytes into 0 and bingo




E:\Downloads\xampp\php>grep "0000040c80b6bfd450849405e8500d6d207783b6" combo_not

.txt

0000040c80b6bfd450849405e8500d6d207783b6




E:\Downloads\xampp\php>













Linkedin saved sha1 password unsalted which makes russians to break easily. Hope we all have to learn from above hack.







Thanks



Bhokaldied














































Posted by



at







































No comments:















Post a Comment


















        

      









Subscribe to:
Post Comments (Atom)