Gawker

DysgraphiaDysgraphia Locked
edited December 2010 in Spurious Generalities
ONLINE PUBLISHER Gawker is probably regretting appearing a little too confident in a web chat room.
A staff member happened to say on Gawker's Campfire logs that the magazine was not afraid of 4Chan. Apparently some members of 4chan decided that Gawker should be absolutely terrified of them and set to work hacking its website.
The hackers found their way into the database where the names, emails and passwords of anyone who had commented on Gawker story were stored. That is about 1.5 million people
.
An unknown and unverified source said in a note to Mediaite that the hack was motivated by Gawker's haughty attitude towards 4Chan.
Apparently it only took a few hours for the 4Chan hackers to find a way to dump all of Gawker's source code. It was a little more difficult to find their way into the user database, but they got there eventually.
Gawker initially denied that the hack had taken place, but later admitted it. It said that the hackers would have got the passwords, but those are encrypted. However it warned that simple ones might be vulnerable to a brute-force attack.
On the Gawker website it is recommending that users change their passwords on the Gawker comment system and on any other sites on which they've used the same passwords. Readers should also change their company email password and any passwords that might have appeared in email messages.
Gawker admitted that it is "deeply embarrassed by this breach".


Read more: http://www.theinquirer.net/inquirer/news/1931890/gawker-hacked#ixzz181fHicGc
The Inquirer - Computer hardware news and downloads. Visit the download store today.

Take that hipsters.

Torrent: http://thepiratebay.org/torrent/6036819/Gawker_Sites_Hacked_Databases__amp__More

Downloading...

Comments

  • edited September 2014
    With Attention To <a href="http://www.myforskolinfree.com/forskolin-125mg">myforskolinfree.com get forskolin 125mg</a> fat. <a href="http://www.myforskolinfree.com/how-to-take-forskolin">how to take forskolin from myforskolinfree.com</a> Soda is packed with unhealthy carbohydrates <a href="http://www.myforskolinfree.com/pure-forskolin">pure forskolin</a> the "result" in increased <a href="http://www.myforskolinfree.com/solaray-forskohlii">solaray forskohlii</a> ! 100% natural! <a href="http://www.myforskolinfree.com/forskolin-glaucoma">forskolin glaucoma from myforskolinfree.com</a> of your body <a href="http://www.myforskolinfree.com/forskolin-extract">top forskolin extract</a> period of time <a href="http://www.myforskolinfree.com/forskolin-and-weight-loss">top forskolin and weight loss</a> actually always desired. <a href="http://www.myforskolinfree.com/coleus-forskohlii-manufacturers">coleus forskohlii manufacturers myforskolinfree.com</a> The endomorphs are the mengeluarkan lebih <a href="http://www.myforskolinfree.com/forskolin-erection">top forskolin erection</a> Increasing the production of .
  • DysgraphiaDysgraphia Locked
    edited December 2010
    LOL. This is so stupid. Over 100,000 people use "password" as their password. Along with qwerty.

    LOL.

    Still trying to find some chick.
  • edited December 2010
    I can't believe how terrible some people's passwords are. :facepalm:
  • DysgraphiaDysgraphia Locked
    edited December 2010
    They really deserve it.
  • fanglekaifanglekai Regular
    edited December 2010
    Fucking fail. People should use password algorithms like I talked about in my password algorithm thread.
  • DysgraphiaDysgraphia Locked
    edited December 2010
    That's even worse. They'll pick up on it so fast.

    Facebook:
    login: [email protected] Pass: facebook_fangle

    They'll find the correlation with other accounts.
  • fanglekaifanglekai Regular
    edited December 2010
    :facepalm: the point of an algorithm is you make it really complex and not fucking retarded.


    Facebook:
    login: [email protected] Pass: 918fangle@#gmail378facebook

    So then the algorithm would be 918______@#gmail378_____. If they don't know your other usernames and if you don't use that username on a shitton of sites there's no way they'd figure it out. No one is going to bother with 1.5 MILLION names. Plus they won't look at it and immediately think omg it's an algorithm.
  • edited December 2010
    I quite like the algorithm I've been using - it's on the same thread.
  • OnesanOnesan Acolyte
    edited December 2010
    160322 password hashes cracked, 587780 left

    Hehe that could take a while
    Dfg wrote: »
    NO I will not go for the e-mails and passwords. But it's good to have some Million e-mails accessible to you :D.

    Thats all right, im on it, should make a interesting wordlist in the future, i wish i wasnt drunk when i sarted on it, it would have occoured to me to actually awk the already cracked passwords to make a list to clear them off on the cleaned up 'full_db.log'

    anyway 258147 password hashes cracked, 489955 left, once im done (as many as i can be fucked with XD) ill make a pass dictionary for NiS out of it
  • DfgDfg Admin
    edited December 2010
    Downloading it because I want the CMS source code. This is AWESOME!
  • fanglekaifanglekai Regular
    edited December 2010
    lol wut u gonna do with the source code?
  • DfgDfg Admin
    edited December 2010
    fanglekai wrote: »
    lol wut u gonna do with the source code?

    Check it and run a gawker like website. I already downloaded and looked it. It's awesome. Everything is in PHP and we can easily use gawker cms for totse cms :D. But I just want to learn from it and NO I will not go for the e-mails and passwords. But it's good to have some Million e-mails accessible to you :D.
  • edited December 2010
    Onesan wrote: »
    160322 password hashes cracked, 587780 left

    Hehe that could take a while



    Thats all right, im on it, should make a interesting wordlist in the future, i wish i wasnt drunk when i sarted on it, it would have occoured to me to actually awk the already cracked passwords to make a list to clear them off on the cleaned up 'full_db.log'

    anyway 258147 password hashes cracked, 489955 left, once im done (as many as i can be fucked with XD) ill make a pass dictionary for NiS out of it

    You should release the passwords in a torrent with the TOTSE URL on it ;)
  • DfgDfg Admin
    edited December 2010
    trx100 wrote: »
    You should release the passwords in a torrent with the TOTSE URL on it ;)

    Beat me to it.

    ^THIS.

    But release the list in packs and in the pack we will add some Totse guides and other pamlets.

    Now that would be a great package. Consider opening a wordlist and you already have guides on using it and some BI guides about exploiting things using that information.

    I am sure the downloaders would love that.
  • fanglekaifanglekai Regular
    edited December 2010
    Do it. And use the source code to help totse!
  • OnesanOnesan Acolyte
    edited December 2010
    Dfg wrote: »
    Beat me to it.

    ^THIS.

    But release the list in packs and in the pack we will add some Totse guides and other pamlets.

    Now that would be a great package. Consider opening a wordlist and you already have guides on using it and some BI guides about exploiting things using that information.

    I am sure the downloaders would love that.


    We will have to do that, ill let it run for maybe 24 hours more but its slowing down im sad to report

    guesses: 1011 time: 0:05:01:07 (3) c/s: 262294K trying: conghT - colix2
    259035 password hashes cracked, 489067 left

    wish i had compiled my own version with mpi support so it would support running on more than one core, dedicating 5 to the task and leaving one left to post "hey check this out" posts screenshot, would be entertaining imo.
  • KatzenklavierKatzenklavier Regular
    edited December 2010
    OMG.

    Paypal...
  • edited December 2010
    Can we have an update on how far it's gotten? Also, you should post a guide on password cracking or something ;)
  • OnesanOnesan Acolyte
    edited December 2010
    trx100 wrote: »
    Can we have an update on how far it's gotten? Also, you should post a guide on password cracking or something ;)

    261459 password hashes cracked, 486643 left

    i compiled a seperate mpi patched jtr but it seems somewhat ineffective it seems it effectivly created 5 processes of john each searching the same 'hashspace' or whatever the correct word is judging by how it was displaying multiple success notifications for the same user and password :(

    Of course it was awesome watching my shiny new processor get stressed, even if it was ultimately in vain

    1292380455.png
    edit: if your wondering about the easily crackable dictionary attack in that pic, the mpi patched version was incompatible with the older binarys restore point so i had to start from scratch :(

    Some of these passes have been interesting, when will people learn that 6 to 8 char des crypted passwords are insecure whatever the complexity

    some 6 char examples for your entertainment, theres quite a few 8 char ones but they have scrolled too far for me to conveniently get them right now this second
    hyenas (omgwtfbbq)
    hyster (Cgirl)
    hyster (gGem)
    h1mate (Fwiffo)
    guesses: 3352 time: 0:12:18:24 (3) c/s: 262752K trying: h18382 - h18333
    hjklnm (jcunningham)
    hjklnm (jerusalemcunningham)
    hpsoni (hpsss)
    hbrule (dwightmccarthy)
    hbrule (theherp80)
    hc1996 (paynewhitney)
    hdav29 (infomodel)
    hsd123 (DCDomer)
  • edited December 2010
    This thread has made me want to write a guide on using JTR. Good job so far bro :D
  • KatzenklavierKatzenklavier Regular
    edited December 2010
    jcunningham

    Lol.
  • DfgDfg Admin
    edited December 2010
    Onesan that's awesome. :D
  • OnesanOnesan Acolyte
    edited December 2010
    update

    28101995 (GMF)
    guesses: 5930 time: 1:06:03:34 (3) c/s: 262746K trying: 28104048 - 28104636
    28121960 (pmillsaj)
  • duuudeduuude Regular
    edited December 2010
    trx100 wrote: »
    This thread has made me want to write a guide on using JTR. Good job so far bro :D

    That would be interesting, I would like to know how it works.
  • edited December 2010
    duuude wrote: »
    That would be interesting, I would like to know how it works.

    That's the only problem - I need to learn how to use it before actually writing the guide :D

    I'll work on it over christmas, along with those other guides.
Sign In or Register to comment.