Menu Home

Is your Linkedin password leaked?

Pink Floyd – Keep Talking

News has been spinning around the net that over 6 Million passwords from Linkedin have been leaked.

The general advice is to change your password, but what if you want to check that your password is on the list? You should still change your password anyway, but there’s nothing stopping you from checking. Here’s how (Linux is assumed, adjust to suit your OS):

Method 1:
Put your trust in this website.  I didn’t, but that’s not to say that they’re not legit though: www.leakedin.org

Method 2:
Download the list of leaked passwords from here: www.mediafire.com/?n307hutksjstow3 (116M)  It’s just a list of hashed passwords, no other information seems to have been leaked.

While that downloads, calculate your hashed password e.g.

echo -n password | sha1sum
5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8  -

It seems that the crackers are marking passwords they’ve successfully worked with (up to the point of this version of the list) by zeroing out the first 5 chars, so we can do this with sed:

echo -n password | sha1sum | sed -r "s/^(.{0})(.{5})/\100000/"
000001e4c9b93f3f0682250b6cf8331b7ee68fd8  -

When the file has finished downloading, give it a cursory virus scan:

rawiri@minty ~ $ clamscan Downloads/SHA1.txt_1.rar 
Downloads/SHA1.txt_1.rar: OK

----------- SCAN SUMMARY -----------
Known viruses: 1248587
Engine version: 0.97.3
Scanned directories: 0
Scanned files: 1
Infected files: 0
Data scanned: 0.00 MB
Data read: 116.25 MB (ratio 0.00:1)
Time: 3.675 sec (0 m 3 s)
rawiri@minty ~ $

Cool, now with the file unrar’d, we simply search for the password hashes using grep:

rawiri@minty ~/Downloads $ grep 5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8 SHA1.txt
rawiri@minty ~/Downloads $ grep 000001e4c9b93f3f0682250b6cf8331b7ee68fd8 SHA1.txt
000001e4c9b93f3f0682250b6cf8331b7ee68fd8
rawiri@minty ~/Downloads $

Because the example password is a dictionary word, the second hash is basically guaranteed to be found.

Method 3:
Give me your hashes and I’ll check for you, honest 😉

As it turns out, my password is in fact on the list, so I’ll be changing my Linkedin password ASAP.

Categories: Geeking Out News Technology

rawiri