Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 01 Sep 2015 23:56:21 +0200
From: magnum <>
Subject: Re: Anyone looked at the Ashley Madison data yet?

On 2015-08-26 07:49, Solar Designer wrote:
> Actually, for a likely top 100 list from a 100k sub-list, you don't need
> a community effort.  This can be done by one person using one machine in
> a few days.  Just take a few hundred top passwords from existing such
> lists, add four lines:
> ashley
> madison
> (...)

Here's what I call a freaking good password list:

$ git blame password.lst | grep -Ei "ashley|madison"
97895eb7 (Solar 2005-12-15 22:36:44 +0000  167) ashley
97895eb7 (Solar 2005-12-15 22:36:44 +0000  209) madison
97895eb7 (Solar 2005-12-15 22:36:44 +0000 1233) ashley1

Those two words have been present in JtR's default password.lst since 
December 2005, almost ten years ago. The file starts with 13 lines of 
comments, so both are within the top 200.

Hum hum, but does it stop there? What about the file before that commit?

$ git blame 97895eb7^ -- ../run/password.lst|grep -Ei "ashley|madison"
^ad53c2d (Solar 2002-04-10 14:13:24 +0000  164) Ashley
^ad53c2d (Solar 2002-04-10 14:13:24 +0000  179) ashley
^ad53c2d (Solar 2002-04-10 14:13:24 +0000  187) madison

The two words have been in there for all of the git history, imported 
from Solar's CVS that starts at 10 April 2002 (that was version 
1.6.31-dev "for Owl"). They've been there *at least* that long.

That was the best laugh I've had for a good while ^^


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.