So Linkedin hashes have recently been leaked onto the net, and plenty of people have been cracking them. Meanwhile eHarymony passwords were also leaked!
The hashes are here and a quick download is all thats needed. wget them to prevent your browser from trying to render the entire txt file!
Throwing a dictionary at it with 80,546,115 words in it results in 22% cracked passwords.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 | $ ./oclHashcat-plus64.bin eharmony.txt -r rules/best64.rule /wordlists/all -o eharmony_cracked.txt oclHashcat-plus v0.08 by atom starting... Hashes: 1513805 Unique digests: 1513805 Bitmaps: 21 bits, 1048576 entries, 0x000fffff mask, 4194304 bytes Rules: 78 GPU-Loops: 128 GPU-Accel: 40 Password lengths range: 1 - 15 Platform: AMD compatible platform found Watchdog: Temperature limit set to 90c Device #1: Cayman, 2048MB, 0Mhz, 22MCU Device #1: Allocating 132MB host-memory Device #1: Kernel ./kernels/4098/m0000_a0.Cayman.64.kernel (1017600 bytes) Scanning dictionary /wordlists/all: 1047584 bytes (0.11%), 95282 words, 743Scanning dictionary /wordlists/all: 142470999 bytes (14.73%), 14334904 wordScanning dictionary /wordlists/all: 774778437 bytes (80.13%), 70419646 wordScanned dictionary /wordlists/all: 966941733 bytes, 80546115 words, 6282596970 keyspace, starting attack... [s]tatus [p]ause [r]esume [q]uit => Status.......: Exhausted Rules.Type...: File (rules/best64.rule) Input.Mode...: File (/wordlists/all) Hash.Target..: File (eharmony.txt) Hash.Type....: MD5 Time.Running.: 1 min, 47 secs Time.Left....: 0 secs Time.Util....: 107586.1ms/8581.7ms Real/CPU, 8.7% idle Speed........: 49834.4k c/s Real, 340.2M c/s GPU Recovered....: 336064/1513805 Digests, 0/1 Salts Progress.....: 6282596970/6282596970 (100.00%) Rejected.....: 921106758/6282596970 (14.66%) HW.Monitor.#1: 25% GPU, 47c Temp Started: Fri Jun 8 17:05:58 2012 Stopped: Fri Jun 8 17:07:49 2012 |
From a quick look of the passwords being cracked it looks as though they are all being coverted to UPPERCASE before the MD5 hashing algorithm is being applied:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 | a8c8b4a90fe6388ab0186cd91d9a3310:UDDUDD 2a79fe3deb34c778e8e314f7c0635e10:KLEMENTE 0a49a8273be7d92c430c94bb328b5f10:1ODONOVAN 2987d667ca22e84d938a76a4e225b410:DKADKA 77044ebe74a1164c392698919901be10:CASILLAS77 d73b2f64cc4c5b7f0ff0b4b567e2cc10:RSLARSLA ed244698bd3b0dc29337e95cd502d310:VINSKY dc8d30ee20d2efc2ac184c209709dd10:LINETA 94587c0c5a469a4c207d1ed35d12e910:BADGURL1 45331b07c71001234a40134745294911:TMATMA b26cd6bfa5539103141a1ea5d91b4a11:C0L0MBIA 35463970c55f5a60a18bae9fa3724b11:WEBSTAR1 5faccfde0e3af22471822dcb8f3c4f11:KUSUMO cf10578cf078d9995d79dd2144425111:KOTIKI c4b6d73f5e120f9df38105d720b67411:BIMANN 15e78a2ae1141216487bcaeb51808711:GUEGUE fb808931d19048b6bbdde175a3d18c11:GADOSKI 27de447ce1e241ec30e2aa02cb48a011:HEINI1 4ed25db987dd34c57e72715dec73c711:MAGODEOZ1 bae3b18c16de4c373c7653ebf9caf011:DRILLING12 |
Using this I’m going to attempt a bruteforce 8 character attack using UPPERCASE and digits to see how well it does (minimum password length of 5chars). We’ll need to run the brute force for each length 5-8 so we’ll do the following:
- -1 ?u?d ?1?1?1?1?1 (5 chars)
- -1 ?u?d ?1?1?1?1?1?1 (6 chars)
- -1 ?u?d ?1?1?1?1?1?1?1 (7 chars)
- -1 ?u?d ?1?1?1?1?1?1?1?1 (8 chars)
The 8 char length took 51 minutes on my PC (left GPU at no more than 90% so that PC was still useable)
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 | ---------- 5 char --------- Status.......: Exhausted Input.Mode...: Mask (?1?1?1?1?1) Hash.Target..: File (eharmony.txt) Hash.Type....: MD5 Time.Running.: 13 secs Time.Left....: 0 secs Time.Util....: 13013.2ms/14.4ms Real/CPU, 0.1% idle Speed........: 4646.5k c/s Real, 4886.3k c/s GPU Recovered....: 46587/1513805 Digests, 0/1 Salts Progress.....: 60466176/60466176 (100.00%) Rejected.....: 0/60466176 (0.00%) HW.Monitor.#1: 16% GPU, 48c Temp ---------- 6 char --------- Status.......: Exhausted Input.Mode...: Mask (?1?1?1?1?1?1) Hash.Target..: File (eharmony.txt) Hash.Type....: MD5 Time.Running.: 1 min, 11 secs Time.Left....: 0 secs Time.Util....: 71149.9ms/13.4ms Real/CPU, 0.0% idle Speed........: 30594.3k c/s Real, 17782.3k c/s GPU Recovered....: 253159/1513805 Digests, 0/1 Salts Progress.....: 2176782336/2176782336 (100.00%) Rejected.....: 0/2176782336 (0.00%) HW.Monitor.#1: 0% GPU, 48c Temp ---------- 7 char --------- Status.......: Exhausted Input.Mode...: Mask (?1?1?1?1?1?1?1) Hash.Target..: File (eharmony.txt) Hash.Type....: MD5 Time.Running.: 3 mins, 41 secs Time.Left....: 0 secs Time.Util....: 221940.9ms/13.9ms Real/CPU, 0.0% idle Speed........: 353.1M c/s Real, 286.8M c/s GPU Recovered....: 279715/1513805 Digests, 0/1 Salts Progress.....: 78364164096/78364164096 (100.00%) Rejected.....: 0/78364164096 (0.00%) HW.Monitor.#1: 33% GPU, 52c Temp ---------- 8 char --------- Status.......: Exhausted Input.Mode...: Mask (?1?1?1?1?1?1?1?1) Hash.Target..: File (eharmony.txt) Hash.Type....: MD5 Time.Running.: 51 mins, 55 secs Time.Left....: 0 secs Time.Util....: 3115494.9ms/488.0ms Real/CPU, 0.0% idle Speed........: 905.5M c/s Real, 453.2M c/s GPU Recovered....: 251261/1513805 Digests, 0/1 Salts Progress.....: 2821109907456/2821109907456 (100.00%) Rejected.....: 0/2821109907456 (0.00%) HW.Monitor.#1: 38% GPU, 57c Temp |
combined that’s 830722 (54% of the hashes):
1 2 | $wc -l eharmony_cracked_brute.txt 830722 eharmony_cracked_brute.txt |
So combined with the wordlist attempt and removing the duplicates gives us 919326 cracked passwords, that’s 60%.
Maybe with more time, more GPUs and including special charters would get me further? I dont think running it for 5 days would do me much good in the electricity and heat department! ?u?d?s
1 2 3 4 5 6 7 8 9 10 11 12 | Status.......: Running Input.Mode...: Mask (?1?1?1?1?1?1?1?1) Hash.Target..: File (eharmony.txt) Hash.Type....: MD5 Time.Running.: 8 secs Time.Left....: 5 days, 10 hours Time.Util....: 8851.9ms/0.0ms Real/CPU, 0.0% idle Speed........: 1097.8M c/s Real, 1126.6M c/s GPU Recovered....: 128/1513805 Digests, 0/1 Salts Progress.....: 9717678080/513798374428641 (0.00%) Rejected.....: 0/9717678080 (0.00%) HW.Monitor.#1: 91% GPU, 50c Temp |
I thought it would make sense to run pipal(by digininja) against it, especially for some more info into the masks to use.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 | Total entries = 919325 Total unique entries = 919325 Top 10 passwords JDKING7 = 1 (0.0%) DIGFAST = 1 (0.0%) EP65KZ = 1 (0.0%) ZEN1964 = 1 (0.0%) IDNASG = 1 (0.0%) SIDDIPET = 1 (0.0%) JCSLIGHT = 1 (0.0%) CATSGOT = 1 (0.0%) OCIMAFAN = 1 (0.0%) ACAASA = 1 (0.0%) Top 10 base words lisa = 246 (0.03%) tina = 190 (0.02%) eric = 175 (0.02%) usmc = 169 (0.02%) mama = 160 (0.02%) nana = 156 (0.02%) barb = 152 (0.02%) emma = 150 (0.02%) lola = 143 (0.02%) diva = 139 (0.02%) Password length (length ordered) 5 = 46600 (5.07%) 6 = 253175 (27.54%) 7 = 279736 (30.43%) 8 = 251294 (27.33%) 9 = 37970 (4.13%) 10 = 27265 (2.97%) 11 = 11438 (1.24%) 12 = 6525 (0.71%) 13 = 3315 (0.36%) 14 = 1885 (0.21%) 15 = 133 (0.01%) Password length (count ordered) 7 = 279736 (30.43%) 6 = 253175 (27.54%) 8 = 251294 (27.33%) 5 = 46600 (5.07%) 9 = 37970 (4.13%) 10 = 27265 (2.97%) 11 = 11438 (1.24%) 12 = 6525 (0.71%) 13 = 3315 (0.36%) 14 = 1885 (0.21%) 15 = 133 (0.01%) | ||| ||| ||| ||| ||| ||| ||| ||| ||| ||| ||| ||| ||||| |||||| |||||||||||||||| 0000000000111111 0123456789012345 One to six characters = 299773 (32.61%) One to eight characters = 830801 (90.37%) More than eight characters = 88524 (9.63%) Only lowercase alpha = 0 (0.0%) Only uppercase alpha = 382609 (41.62%) Only alpha = 382609 (41.62%) Only numeric = 1242 (0.14%) First capital last symbol = 18 (0.0%) First capital last number = 410160 (44.62%) Months january = 9 (0.0%) february = 1 (0.0%) march = 119 (0.01%) april = 121 (0.01%) may = 1910 (0.21%) june = 234 (0.03%) july = 173 (0.02%) august = 30 (0.0%) september = 4 (0.0%) october = 17 (0.0%) november = 17 (0.0%) december = 16 (0.0%) Days monday = 5 (0.0%) tuesday = 2 (0.0%) thursday = 1 (0.0%) friday = 9 (0.0%) saturday = 2 (0.0%) sunday = 7 (0.0%) Months (Abreviated) jan = 2333 (0.25%) feb = 413 (0.04%) mar = 6972 (0.76%) apr = 532 (0.06%) may = 1910 (0.21%) jun = 1037 (0.11%) jul = 840 (0.09%) aug = 660 (0.07%) sept = 104 (0.01%) oct = 518 (0.06%) nov = 849 (0.09%) dec = 829 (0.09%) Days (Abreviated) mon = 3681 (0.4%) tues = 12 (0.0%) wed = 254 (0.03%) thurs = 6 (0.0%) fri = 571 (0.06%) sat = 722 (0.08%) sun = 1294 (0.14%) Includes years 1975 = 450 (0.05%) 1976 = 451 (0.05%) 1977 = 480 (0.05%) 1978 = 487 (0.05%) 1979 = 483 (0.05%) 1980 = 561 (0.06%) 1981 = 502 (0.05%) 1982 = 507 (0.06%) 1983 = 552 (0.06%) 1984 = 599 (0.07%) 1985 = 516 (0.06%) 1986 = 502 (0.05%) 1987 = 514 (0.06%) 1988 = 437 (0.05%) 1989 = 459 (0.05%) 1990 = 359 (0.04%) 1991 = 322 (0.04%) 1992 = 269 (0.03%) 1993 = 206 (0.02%) 1994 = 216 (0.02%) 1995 = 270 (0.03%) 1996 = 241 (0.03%) 1997 = 242 (0.03%) 1998 = 302 (0.03%) 1999 = 347 (0.04%) 2000 = 915 (0.1%) 2001 = 544 (0.06%) 2002 = 505 (0.05%) 2003 = 522 (0.06%) 2004 = 605 (0.07%) 2005 = 722 (0.08%) 2006 = 848 (0.09%) 2007 = 856 (0.09%) 2008 = 900 (0.1%) 2009 = 763 (0.08%) 2010 = 552 (0.06%) 2011 = 129 (0.01%) 2012 = 142 (0.02%) 2013 = 65 (0.01%) 2014 = 39 (0.0%) 2015 = 42 (0.0%) 2016 = 39 (0.0%) 2017 = 33 (0.0%) 2018 = 37 (0.0%) 2019 = 42 (0.0%) 2020 = 251 (0.03%) Years (Top 10) 2000 = 915 (0.1%) 2008 = 900 (0.1%) 2007 = 856 (0.09%) 2006 = 848 (0.09%) 2009 = 763 (0.08%) 2005 = 722 (0.08%) 2004 = 605 (0.07%) 1984 = 599 (0.07%) 1980 = 561 (0.06%) 1983 = 552 (0.06%) Single digit on the end = 85199 (9.27%) Two digits on the end = 121769 (13.25%) Three digits on the end = 64658 (7.03%) Last number 0 = 37103 (4.04%) 1 = 78555 (8.54%) 2 = 47467 (5.16%) 3 = 47703 (5.19%) 4 = 35107 (3.82%) 5 = 36429 (3.96%) 6 = 32691 (3.56%) 7 = 38031 (4.14%) 8 = 33141 (3.6%) 9 = 36991 (4.02%) | | | | | | ||| ||| |||||| | | |||||||||| |||||||||| |||||||||| |||||||||| |||||||||| |||||||||| |||||||||| 0123456789 Last digit 1 = 78555 (8.54%) 3 = 47703 (5.19%) 2 = 47467 (5.16%) 7 = 38031 (4.14%) 0 = 37103 (4.04%) 9 = 36991 (4.02%) 5 = 36429 (3.96%) 4 = 35107 (3.82%) 8 = 33141 (3.6%) 6 = 32691 (3.56%) Last 2 digits (Top 10) 23 = 12432 (1.35%) 12 = 9446 (1.03%) 11 = 8886 (0.97%) 01 = 8687 (0.94%) 00 = 7434 (0.81%) 22 = 6963 (0.76%) 21 = 6915 (0.75%) 13 = 6713 (0.73%) 69 = 6580 (0.72%) 07 = 5889 (0.64%) Last 3 digits (Top 10) 123 = 6754 (0.73%) 007 = 1923 (0.21%) 000 = 1840 (0.2%) 234 = 1733 (0.19%) 101 = 1298 (0.14%) 777 = 1297 (0.14%) 001 = 1282 (0.14%) 420 = 1281 (0.14%) 111 = 1167 (0.13%) 008 = 1129 (0.12%) Last 4 digits (Top 10) 1234 = 1356 (0.15%) 2008 = 813 (0.09%) 2007 = 776 (0.08%) 2006 = 755 (0.08%) 2000 = 753 (0.08%) 2009 = 685 (0.07%) 2005 = 645 (0.07%) 2004 = 539 (0.06%) 2345 = 538 (0.06%) 1984 = 498 (0.05%) Last 5 digits (Top 10) 12345 = 462 (0.05%) 23456 = 146 (0.02%) 54321 = 77 (0.01%) 55555 = 64 (0.01%) 11111 = 58 (0.01%) 77777 = 57 (0.01%) 00000 = 48 (0.01%) 13579 = 44 (0.0%) 56789 = 42 (0.0%) 96969 = 34 (0.0%) Character sets upperalphanum: 535352 (58.23%) upperalpha: 382609 (41.62%) numeric: 1242 (0.14%) upperalphaspecial: 68 (0.01%) upperalphaspecialnum: 38 (0.0%) specialnum: 3 (0.0%) Character set ordering stringdigit: 396200 (43.1%) allstring: 382609 (41.62%) digitstring: 54770 (5.96%) stringdigitstring: 48114 (5.23%) othermask: 25651 (2.79%) digitstringdigit: 10661 (1.16%) alldigit: 1242 (0.14%) stringspecialstring: 49 (0.01%) stringspecial: 16 (0.0%) stringspecialdigit: 13 (0.0%) Hashcat masks (Top 10) ?u?u?u?u?u?u?u?u: 121805 (13.25%) ?u?u?u?u?u?u: 101111 (11.0%) ?u?u?u?u?u?u?u: 88475 (9.62%) ?u?u?u?d?d?d?d: 52666 (5.73%) ?u?u?u?u?d?d: 38723 (4.21%) ?u?u?u?u?u?d?d: 32912 (3.58%) ?u?u?d?d?d?d: 30207 (3.29%) ?u?u?u?u?d?d?d?d: 28667 (3.12%) ?u?u?u?u?u?u?d?d: 27044 (2.94%) ?u?u?u?u?u?u?d: 26176 (2.85%) |
Leave a Reply
You must be logged in to post a comment.