I assume you have all heard about Lulzsec over the past few months so I will not go into their backstory and instead get straight to the point.
Yesterday, 26th June 2011, they released their last data dump on ThePirateBay (TPB) containing usernames and passwords from a few different sources. One of those sources was hackforums.net, I myself had registered here once upon a time. Luckily I had signed up with a disposable password. It turns out however that, yes, that password was leaked in the final lulzsec data dump.
The data dump has now been removed from TPB due to some of the files allegedly being infected with malware. So I found this site which allows you to search for your email address to see if you may have been effected; http://dazzlepod.com/lulzsec/final/
So then I began to wonder, If I was on that list, who else I knew may have been on it.
So I decided to write a quick Ruby script which would check just that.
First off, I had to download my Google contacts. To do this simply go to http://contacts.google.com.
I exported all of my contacts in Excel format. Highlighted the email column and pasted them into a file called contacts.txt. (remove the column name from the text file)
Then simply run my (very rushed, it’s 1AM) Ruby script which can be found here; http://www.pastie.org/2126584 (you will need to install the Typhoeus gem)
#!/usr/bin/env ruby
require 'rubygems'
require 'net/http'
require 'typhoeus'
found_emails = []
hydra = Typhoeus::Hydra.new(:max_concurrency => 20, :timeout => 2000)
file_contents = File.open("contacts.txt","r") {|file| file.readlines.collect{|line| line.chomp}}
emails = file_contents
emails.each do |email|
request = Typhoeus::Request.new("http://dazzlepod.com/lulzsec/final/?email="+email.to_s)
request.on_complete do |response|
puts "Trying " + email
if response.body =~ %r{<strong>1 account</strong>}
found_emails.push(email)
end
end
hydra.queue(request)
end
hydra.run
puts found_emails.size.to_s
puts found_emails.inspect
Out of my 900 contacts, 4 of them were in the lulzsec data dump. I have informed them.
Try it out and inform your contacts too!
11 Responses
My email was found on the list too.
[...] Catch full post here! [...]
@DarkLight
I since got a hold of a copy of the actual database dump. The passwords are all hashed and salted. Doesn’t mean they can’t be cracked, it’s just a lot harder to do.
[...] Did lulzsec expose your friends password? [...]
Thanks much for your downright post.this is the words that sustains me to normal straight during my day.
Fisher Capital Management
Fisher Capital Management
Wow, nice post here. This actually taught me something…
This is a good blog,it teach me mang things.Thank for your share!
unbelievable. this is so strange that I find it amusing, thanks for sharing :)
The other day, while I was at work, my sister stole my iPad and tested to see if it can survive a thirty foot drop, just so she can be a youtube sensation. My iPad is now broken and she has 83 views. I know this is entirely off topic but I had to share it with someone!
intelligent stuff….you are the person only who share knowledge to the fullest…and not like
those proprietary people
your post made me aware.. and it’s nice to know that my email isn’t on the list..
great post anyway..