Difference between revisions of "Passwords"

From SkullSecurity
Jump to: navigation, search
(Leaked passwords)
Line 13: Line 13:
 
   <td>[http://www.openwall.com/john/ John the Ripper]</td>
 
   <td>[http://www.openwall.com/john/ John the Ripper]</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/john.txt.bz2 john.txt.bz2] (10,934 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/john.txt.bz2 john.txt.bz2] (10,934 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/john.txt john.txt] (21,935 bytes)</td>
+
   <td>n/a</td>
 
   <td>Simple, extremely good, designed to be modified</td>
 
   <td>Simple, extremely good, designed to be modified</td>
 
  </tr>
 
  </tr>
  
 
  <tr>
 
  <tr>
   <td>[http://www.oxid.it/cain.html Cain & Able]</td>
+
   <td>[http://www.oxid.it/cain.html Cain & Abel]</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/cain.txt.bz2 cain.txt.bz2] (1,069,968 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/cain.txt.bz2 cain.txt.bz2] (1,069,968 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/cain.txt cain.txt] (3,149,586 bytes)</td>
+
   <td>n/a</td>
 
   <td>Fairly comprehensive, not ordered</td>
 
   <td>Fairly comprehensive, not ordered</td>
 
  </tr>
 
  </tr>
Line 27: Line 27:
 
   <td>Conficker worm</td>
 
   <td>Conficker worm</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/conficker.txt.bz2 conficker.txt.bz2] (1411 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/conficker.txt.bz2 conficker.txt.bz2] (1411 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/conficker.txt conficker.txt] (702 bytes)</td>
+
   <td>n/a</td>
 
   <td>Used by conficker worm to spread -- low quality</td>
 
   <td>Used by conficker worm to spread -- low quality</td>
 
  </tr>
 
  </tr>
Line 34: Line 34:
 
   <td>[http://www.whatsmypass.com/?p=415 500 worst passwords]</td>
 
   <td>[http://www.whatsmypass.com/?p=415 500 worst passwords]</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/500-worst-passwords.txt.bz2 500-worst-passwords.txt.bz2] (1868 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/500-worst-passwords.txt.bz2 500-worst-passwords.txt.bz2] (1868 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/500-worst-passwords.txt 500-worst-passwords.txt] (3493 bytes)</td>
+
   <td>n/a</td>
 
  </tr>
 
  </tr>
  
Line 40: Line 40:
 
   <td>[http://techcrunch.com/2009/12/27/twitter-banned-passwords/ 370 Banned Twitter passwords]</td>
 
   <td>[http://techcrunch.com/2009/12/27/twitter-banned-passwords/ 370 Banned Twitter passwords]</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/twitter-banned.txt.bz2 twitter-banned.txt.bz2] (1509 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/twitter-banned.txt.bz2 twitter-banned.txt.bz2] (1509 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/twitter-banned.txt twitter-banned.txt] (2780 bytes)</td>
+
   <td>n/a</td>
 
  </tr>
 
  </tr>
 
</table>
 
</table>
 
  
 
==Leaked passwords==
 
==Leaked passwords==
Line 63: Line 62:
 
   <td>Rockyou</td>
 
   <td>Rockyou</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/rockyou.txt.bz2 rockyou.txt.bz2] (60,498,886 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/rockyou.txt.bz2 rockyou.txt.bz2] (60,498,886 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/rockyou.txt rockyou.txt] (139,921,497 bytes)</td>
+
   <td>n/a</td>
 
   <td rowspan='2'>2009-12</td>
 
   <td rowspan='2'>2009-12</td>
 
   <td rowspan='2'>Best list available; huge, stolen unencrypted</td>
 
   <td rowspan='2'>Best list available; huge, stolen unencrypted</td>
Line 70: Line 69:
 
   <td>Rockyou with count</td>
 
   <td>Rockyou with count</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/rockyou-withcount.txt.bz2 rockyou-withcount.txt.bz2] (59,500,255 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/rockyou-withcount.txt.bz2 rockyou-withcount.txt.bz2] (59,500,255 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/rockyou-withcount.txt rockyou-withcount.txt] (254,676,625 bytes)</td>
+
   <td>n/a</td>
 
  </tr>
 
  </tr>
  
Line 76: Line 75:
 
   <td>phpbb</td>
 
   <td>phpbb</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/phpbb.txt.bz2 phpbb.txt.bz2] (868,606 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/phpbb.txt.bz2 phpbb.txt.bz2] (868,606 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/phpbb.txt phpbb.txt] (1,574,395 bytes)</td>
+
   <td>n/a</td>
 
   <td rowspan='3'>2009-01</td>
 
   <td rowspan='3'>2009-01</td>
 
   <td rowspan='3'>Ordered by commonness<br>Cracked from md5 by Brandon Enright<br>(97%+ coverage)</td>
 
   <td rowspan='3'>Ordered by commonness<br>Cracked from md5 by Brandon Enright<br>(97%+ coverage)</td>
Line 83: Line 82:
 
   <td>phpbb with count</td>
 
   <td>phpbb with count</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/phpbb-withcount.txt.bz2 phpbb-withcount.txt.bz2] (872,867 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/phpbb-withcount.txt.bz2 phpbb-withcount.txt.bz2] (872,867 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/phpbb-withcount.txt phpbb-withcount.txt] (3,049,507 bytes)</td>
+
   <td>n/a</td>
 
  </tr>
 
  </tr>
 
  <tr>
 
  <tr>
 
   <td>phpbb with md5</td>
 
   <td>phpbb with md5</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/phpbb-withmd5.txt.bz2 phpbb-withmd5.txt.bz2] (4,117,887 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/phpbb-withmd5.txt.bz2 phpbb-withmd5.txt.bz2] (4,117,887 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/phpbb-withmd5.txt phpbb-withmd5.txt] (7,659,241 bytes)</td>
+
   <td>n/a</td>
 
  </tr>
 
  </tr>
  
Line 94: Line 93:
 
   <td>MySpace</td>
 
   <td>MySpace</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/myspace.txt.bz2 myspace.txt.bz2] (175,970 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/myspace.txt.bz2 myspace.txt.bz2] (175,970 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/myspace.txt myspace.txt] (356,352 bytes)</td>
+
   <td>n/a</td>
 
   <td rowspan='2'>2006-10</td>
 
   <td rowspan='2'>2006-10</td>
 
   <td rowspan='2'>Captured via phishing</td>
 
   <td rowspan='2'>Captured via phishing</td>
Line 101: Line 100:
 
   <td>MySpace - with count</td>
 
   <td>MySpace - with count</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/myspace-withcount.txt.bz2 myspace-withcount.txt.bz2] (179,929 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/myspace-withcount.txt.bz2 myspace-withcount.txt.bz2] (179,929 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/myspace-withcount.txt myspace-withcount.txt] (653,504 bytes)</td>
+
   <td>n/a</td>
 
  </tr>
 
  </tr>
  
Line 107: Line 106:
 
   <td>Hotmail</td>
 
   <td>Hotmail</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/hotmail.txt.bz2 hotmail.txt.bz2] (47,195 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/hotmail.txt.bz2 hotmail.txt.bz2] (47,195 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/hotmail.txt hotmail.txt] (87,383 bytes)</td>
+
   <td>n/a</td>
 
   <td rowspan='2'>Unknown</td>
 
   <td rowspan='2'>Unknown</td>
 
   <td rowspan='2'>Isn't clearly understood how these were stolen</td>
 
   <td rowspan='2'>Isn't clearly understood how these were stolen</td>
Line 114: Line 113:
 
   <td>Hotmail with count</td>
 
   <td>Hotmail with count</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/hotmail-withcount.txt.bz2 hotmail-withcount.txt.bz2] (47,975 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/hotmail-withcount.txt.bz2 hotmail-withcount.txt.bz2] (47,975 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/hotmail-withcount.txt hotmail-withcount.txt] (158,831 bytes)</td>
+
   <td>n/a</td>
 
  </tr>  
 
  </tr>  
 
   
 
   
Line 120: Line 119:
 
   <td>[http://forums.crosswalk.com/m_4252083/mpage_1/tm.htm Faithwriters]</td>
 
   <td>[http://forums.crosswalk.com/m_4252083/mpage_1/tm.htm Faithwriters]</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/faithwriters.txt.bz2 faithwriters.txt.bz2] (39,327 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/faithwriters.txt.bz2 faithwriters.txt.bz2] (39,327 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/faithwriters.txt faithwriters.txt] (72,695 bytes)</td>
+
   <td>n/a</td>
 
   <td rowspan='2'>2009-03</td>
 
   <td rowspan='2'>2009-03</td>
 
   <td rowspan='2'>Religious passwords</td>
 
   <td rowspan='2'>Religious passwords</td>
Line 127: Line 126:
 
   <td>Faithwriters - with count</td>
 
   <td>Faithwriters - with count</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/faithwriters-withcount.txt.bz2 faithwriters-withcount.txt.bz2] (40,233 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/faithwriters-withcount.txt.bz2 faithwriters-withcount.txt.bz2] (40,233 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/faithwriters-withcount.txt faithwriters-withcount.txt] (139,480 bytes)</td>
+
   <td>n/a</td>
 
  </tr>
 
  </tr>
  
Line 133: Line 132:
 
   <td>Elitehacker</td>
 
   <td>Elitehacker</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/elitehacker.txt.bz2 elitehacker.txt.bz2] (3,690 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/elitehacker.txt.bz2 elitehacker.txt.bz2] (3,690 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/elitehacker.txt elitehacker.txt] (6,516 bytes)</td>
+
   <td>n/a</td>
 
   <td rowspan='2'>2009-07</td>
 
   <td rowspan='2'>2009-07</td>
 
   <td rowspan='2'>Part of zf05.txt</td>
 
   <td rowspan='2'>Part of zf05.txt</td>
Line 140: Line 139:
 
   <td>Elitehacker - with count</td>
 
   <td>Elitehacker - with count</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/elitehacker-withcount.txt.bz2 elitehacker-withcount.txt.bz2] (3,846 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/elitehacker-withcount.txt.bz2 elitehacker-withcount.txt.bz2] (3,846 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/elitehacker-withcount.txt elitehacker-withcount.txt] (13,676 bytes)</td>
+
   <td>n/a</td>
 
  </tr>
 
  </tr>
  
Line 146: Line 145:
 
   <td>Hak5</td>
 
   <td>Hak5</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/hak5.txt.bz2 hak5.txt.bz2] (16,490 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/hak5.txt.bz2 hak5.txt.bz2] (16,490 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/hak5.txt hak5.txt] (24,714 bytes)</td>
+
   <td>n/a</td>
 
   <td rowspan='2'>2009-07</td>
 
   <td rowspan='2'>2009-07</td>
 
   <td rowspan='2'>Part of zf05.txt</td>
 
   <td rowspan='2'>Part of zf05.txt</td>
Line 153: Line 152:
 
   <td>Hak5 - with count</td>
 
   <td>Hak5 - with count</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/hak5-withcount.txt.bz2 hak5-withcount.txt.bz2] (16,947 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/hak5-withcount.txt.bz2 hak5-withcount.txt.bz2] (16,947 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/hak5-withcount.txt hak5-withcount.txt] (43,522 bytes)</td>
+
   <td>n/a</td>
 
  </tr>
 
  </tr>
  
Line 159: Line 158:
 
   <td>[http://www.f-secure.com/weblog/archives/00001915.html Älypää]</td>
 
   <td>[http://www.f-secure.com/weblog/archives/00001915.html Älypää]</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/alypaa.txt.bz2 alypaa.txt.bz2] (5,178 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/alypaa.txt.bz2 alypaa.txt.bz2] (5,178 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/alypaa.txt alypaa.txt] (11,634 bytes)</td>
+
   <td>n/a</td>
 
   <td rowspan='2'>2010-03</td>
 
   <td rowspan='2'>2010-03</td>
 
   <td rowspan='2'>Finnish passwords</td>
 
   <td rowspan='2'>Finnish passwords</td>
Line 166: Line 165:
 
   <td>[http://www.f-secure.com/weblog/archives/00001915.html alypaa] - with count</td>
 
   <td>[http://www.f-secure.com/weblog/archives/00001915.html alypaa] - with count</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/alypaa-withcount.txt.bz2 alypaa-withcount.txt.bz2] (6,013 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/alypaa-withcount.txt.bz2 alypaa-withcount.txt.bz2] (6,013 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/alypaa-withcount.txt alypaa-withcount.txt] (22,706 bytes)</td>
+
   <td>n/a</td>
 
  </tr>
 
  </tr>
  
Line 172: Line 171:
 
   <td>[http://twitter.com/FSLabsAdvisor/status/12585285761 Facebook (Pastebay)]</td>
 
   <td>[http://twitter.com/FSLabsAdvisor/status/12585285761 Facebook (Pastebay)]</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/facebook-pastebay.txt.bz2 facebook-pastebay.txt.bz2] (375 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/facebook-pastebay.txt.bz2 facebook-pastebay.txt.bz2] (375 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/facebook-pastebay.txt facebook-pastebay.txt] (500 bytes)</td>
+
   <td>n/a</td>
 
   <td rowspan='2'>2010-04</td>
 
   <td rowspan='2'>2010-04</td>
 
   <td rowspan='2'>Found on Pastebay;<br>appear to be malware-stolen.</td>
 
   <td rowspan='2'>Found on Pastebay;<br>appear to be malware-stolen.</td>
Line 179: Line 178:
 
   <td>[http://twitter.com/FSLabsAdvisor/status/12585285761 Facebook (Pastebay)] - w/ count</td>
 
   <td>[http://twitter.com/FSLabsAdvisor/status/12585285761 Facebook (Pastebay)] - w/ count</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/facebook-pastebay-withcount.txt.bz2 facebook-pastebay-withcount.txt.bz2] (407 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/facebook-pastebay-withcount.txt.bz2 facebook-pastebay-withcount.txt.bz2] (407 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/facebook-pastebay-withcount.txt facebook-pastebay-withcount.txt] (940 bytes)</td>
+
   <td>n/a</td>
 
</tr>
 
</tr>
  
Line 185: Line 184:
 
   <td>Unknown porn site</td>
 
   <td>Unknown porn site</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/porn-unknown.txt.bz2 porn-unknown.txt.bz2] (30,600 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/porn-unknown.txt.bz2 porn-unknown.txt.bz2] (30,600 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/porn-unknown.txt porn-unknown.txt] (57,836 bytes)</td>
+
   <td>n/a</td>
 
   <td rowspan='2'>2010-08</td>
 
   <td rowspan='2'>2010-08</td>
 
   <td rowspan='2'>Found on angelfire.com. No clue where they originated, but clearly porn site.</td>
 
   <td rowspan='2'>Found on angelfire.com. No clue where they originated, but clearly porn site.</td>
Line 192: Line 191:
 
   <td>Unknown porn site - w/ count</td>
 
   <td>Unknown porn site - w/ count</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/porn-unknown-withcount.txt.bz2 porn-unknown-withcount.txt.bz2] (31,899 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/porn-unknown-withcount.txt.bz2 porn-unknown-withcount.txt.bz2] (31,899 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/porn-unknown-withcount.txt porn-unknown-withcount.txt] (122,548 bytes)</td>
+
   <td>n/a</td>
 
</tr>
 
</tr>
  
Line 198: Line 197:
 
   <td>[http://sla.ckers.org/forum/read.php?3,35591 Ultimate Strip Club List]</td>
 
   <td>[http://sla.ckers.org/forum/read.php?3,35591 Ultimate Strip Club List]</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/tuscl.txt.bz2 tuscl.txt.bz2] (176,291 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/tuscl.txt.bz2 tuscl.txt.bz2] (176,291 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/tuscl.txt tuscl.txt] (324,743 bytes)</td>
+
   <td>n/a</td>
 
   <td rowspan='2'>2010-09</td>
 
   <td rowspan='2'>2010-09</td>
 
   <td rowspan='2'>Thanks to Mark Baggett for finding!</td>
 
   <td rowspan='2'>Thanks to Mark Baggett for finding!</td>
Line 205: Line 204:
 
   <td>Ultimate Strip Club List - w/ count</td>
 
   <td>Ultimate Strip Club List - w/ count</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/tuscl-withcount.txt.bz2 tuscl-withcount.txt.bz2] (182,441 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/tuscl-withcount.txt.bz2 tuscl-withcount.txt.bz2] (182,441 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/tuscl-withcount.txt tuscl-withcount.txt] (635,303 bytes)</td>
+
   <td>n/a</td>
 
</tr>
 
</tr>
  
Line 211: Line 210:
 
   <td>[Facebook Phished]</td>
 
   <td>[Facebook Phished]</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/facebook-phished.txt.bz2 facebook-phished.txt.bz2] (14,457 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/facebook-phished.txt.bz2 facebook-phished.txt.bz2] (14,457 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/facebook-phished.txt facebook-phished.txt] (25,688 bytes)</td>
+
   <td>n/a</td>
 
   <td rowspan='2'>2010-09</td>
 
   <td rowspan='2'>2010-09</td>
 
   <td rowspan='2'>Thanks to Andrew Orr for reporting</td>
 
   <td rowspan='2'>Thanks to Andrew Orr for reporting</td>
Line 218: Line 217:
 
   <td>Facebook Phished - w/ count</td>
 
   <td>Facebook Phished - w/ count</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/facebook-phished-withcount.txt.bz2 facebook-phished-withcount.txt.bz2] (14,941 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/facebook-phished-withcount.txt.bz2 facebook-phished-withcount.txt.bz2] (14,941 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/facebook-phished-withcount.txt facebook-phished-withcount.txt] (45,224 bytes)</td>
+
   <td>n/a</td>
 
</tr>
 
</tr>
  
Line 224: Line 223:
 
   <td>Carders.cc</td>
 
   <td>Carders.cc</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/carders.cc.txt.bz2 carders.cc.txt.bz2] (8,936 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/carders.cc.txt.bz2 carders.cc.txt.bz2] (8,936 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/carders.cc.txt carders.cc.txt] (16,760 bytes)</td>
+
   <td>n/a</td>
 
   <td rowspan='2'>2010-05</td>
 
   <td rowspan='2'>2010-05</td>
 
   <td rowspan='2'></td>
 
   <td rowspan='2'></td>
Line 231: Line 230:
 
   <td>Carders.cc - w/ count</td>
 
   <td>Carders.cc - w/ count</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/carders.cc-withcount.txt.bz2 carders.cc-withcount.txt.bz2] (9,774 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/carders.cc-withcount.txt.bz2 carders.cc-withcount.txt.bz2] (9,774 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/carders.cc-withcount.txt carders.cc-withcount.txt] (31,992 bytes)</td>
+
   <td>n/a</td>
 
</tr>
 
</tr>
  
Line 237: Line 236:
 
   <td>Singles.org</td>
 
   <td>Singles.org</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/singles.org.txt.bz2 singles.org.txt.bz2] (50,697 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/singles.org.txt.bz2 singles.org.txt.bz2] (50,697 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/singles.org.txt singles.org.txt] (106,925 bytes)</td>
+
   <td>n/a</td>
 
   <td rowspan='2'>2010-10</td>
 
   <td rowspan='2'>2010-10</td>
 
   <td rowspan='2'></td>
 
   <td rowspan='2'></td>
Line 244: Line 243:
 
   <td>Singles.org - w/ count</td>
 
   <td>Singles.org - w/ count</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/singles.org-withcount.txt.bz2 singles.org-withcount.txt.bz2] (52,884 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/singles.org-withcount.txt.bz2 singles.org-withcount.txt.bz2] (52,884 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/singles.org-withcount.txt singles.org-withcount.txt] (204,797 bytes)</td>
+
   <td>n/a</td>
 
</tr>
 
</tr>
  
Line 277: Line 276:
 
   <td>(reserved)</td>
 
   <td>(reserved)</td>
 
   <td>(reserved)</td>
 
   <td>(reserved)</td>
   <td rowspan='2'>2010-05</td>
+
   <td rowspan='2'>2010-12</td>
 
   <td rowspan='2'></td>
 
   <td rowspan='2'></td>
 
</tr>
 
</tr>
Line 287: Line 286:
  
 
<tr>
 
<tr>
   <td>Free-Hack.com</td>
+
   <td>Carders.cc (second time hacked)</td>
 
   <td>(reserved)</td>
 
   <td>(reserved)</td>
 
   <td>(reserved)</td>
 
   <td>(reserved)</td>
   <td rowspan='2'>2010-12-25</td>
+
   <td rowspan='2'>2010-12</td>
 
   <td rowspan='2'></td>
 
   <td rowspan='2'></td>
 
</tr>
 
</tr>
 
<tr>
 
<tr>
   <td>Free-Hack.com w/count</td>
+
   <td>Carders.cc w/count (second time hacked)</td>
 
   <td>(reserved)</td>
 
   <td>(reserved)</td>
 
   <td>(reserved)</td>
 
   <td>(reserved)</td>
Line 300: Line 299:
  
 
</table>
 
</table>
 
===Coverage (Rockyou)===
 
I did some calculations and determined how many passwords you'd need, on average, to crack which percentage of users' passwords, based on the leaked passwords from Rockyou.com. These lists will crack the advertised amount on an average cross-section of people if no password restrictions are in place:
 
 
<table style='border-width: 1px; border-spacing: 2px; border-color: gray; border-style: outset; border-collapse: separate; color: #c0c0c0; font-size: 8pt;'>
 
<tr>
 
  <td width='150'><strong>Passwords</strong></td>
 
  <td width='150'><strong>Coverage</strong></td>
 
  <td width='250'><strong>Download</strong></td>
 
</tr>
 
<tr><td>13</td><td>4.99%</td><td>[http://downloads.skullsecurity.org/passwords/rockyou-5.txt rockyou-5.txt] (104 bytes)</td></tr>
 
<tr><td>92</td><td>10.00%</td><td>[http://downloads.skullsecurity.org/passwords/rockyou-10.txt rockyou-10.txt] (723 bytes)</td></tr>
 
<tr><td>249</td><td>15.01%</td><td>[http://downloads.skullsecurity.org/passwords/rockyou-15.txt rockyou-15.txt] (1,943 bytes)</td></tr>
 
<tr><td>512</td><td>20.00%</td><td>[http://downloads.skullsecurity.org/passwords/rockyou-20.txt rockyou-20.txt] (3,998 bytes)</td></tr>
 
<tr><td>929</td><td>25.00%</td><td>[http://downloads.skullsecurity.org/passwords/rockyou-25.txt rockyou-25.txt] (7,229 bytes)</td></tr>
 
<tr><td>1556</td><td>30.00%</td><td>[http://downloads.skullsecurity.org/passwords/rockyou-30.txt rockyou-30.txt] (12,160 bytes)</td></tr>
 
<tr><td>2506</td><td>35.00%</td><td>[http://downloads.skullsecurity.org/passwords/rockyou-35.txt rockyou-35.txt] (19,648 bytes)</td></tr>
 
<tr><td>3957</td><td>40.00%</td><td>[http://downloads.skullsecurity.org/passwords/rockyou-40.txt rockyou-40.txt] (31,220 bytes)</td></tr>
 
<tr><td>6164</td><td>45.00%</td><td>[http://downloads.skullsecurity.org/passwords/rockyou-45.txt rockyou-45.txt] (49,133 bytes)</td></tr>
 
<tr><td>9438</td><td>50.00%</td><td>[http://downloads.skullsecurity.org/passwords/rockyou-50.txt rockyou-50.txt] (75,912 bytes)</td></tr>
 
<tr><td>14236</td><td>55.00%</td><td>[http://downloads.skullsecurity.org/passwords/rockyou-55.txt rockyou-55.txt] (115,186 bytes)</td></tr>
 
<tr><td>21041</td><td>60.00%</td><td>[http://downloads.skullsecurity.org/passwords/rockyou-60.txt rockyou-60.txt] (170,244 bytes)</td></tr>
 
<tr><td>30290</td><td>65.00%</td><td>[http://downloads.skullsecurity.org/passwords/rockyou-65.txt rockyou-65.txt] (244,535 bytes)</td></tr>
 
<tr><td>42661</td><td>70.00%</td><td>[http://downloads.skullsecurity.org/passwords/rockyou-70.txt rockyou-70.txt] (344,231 bytes)</td></tr>
 
<tr><td>59187</td><td>75.00%</td><td>[http://downloads.skullsecurity.org/passwords/rockyou-75.txt rockyou-75.txt] (478,948 bytes)</td></tr></table>
 
  
 
===Statistics===
 
===Statistics===
Line 351: Line 325:
 
   <td>English</td>
 
   <td>English</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/english.txt.bz2 english.txt.bz2] (1,368,101 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/english.txt.bz2 english.txt.bz2] (1,368,101 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/english.txt english.txt] (4,032,153 bytes)</td>
+
   <td>n/a</td>
 
   <td>My combination of a couple lists, from [https://twitter.com/xorrbit Andrew Orr], Brandon Enright, and [http://xd-blog.com.ar/ Seth]</td>
 
   <td>My combination of a couple lists, from [https://twitter.com/xorrbit Andrew Orr], Brandon Enright, and [http://xd-blog.com.ar/ Seth]</td>
 
  </tr>
 
  </tr>
Line 358: Line 332:
 
   <td>German</td>
 
   <td>German</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/german.txt.bz2 german.txt.bz2] (2,371,487 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/german.txt.bz2 german.txt.bz2] (2,371,487 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/german.txt german.txt] (8,827,974 bytes)</td>
+
   <td>n/a</td>
 
   <td>Compiled by Brandon Enright</td>
 
   <td>Compiled by Brandon Enright</td>
 
  </tr>
 
  </tr>
Line 365: Line 339:
 
   <td>[http://ha.ckers.org/blog/20090417/us-cities-dictionary/ American cities]</td>
 
   <td>[http://ha.ckers.org/blog/20090417/us-cities-dictionary/ American cities]</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/us_cities.txt.bz2 us_cities.txt.bz2] (77,081 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/us_cities.txt.bz2 us_cities.txt.bz2] (77,081 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/us_cities.txt us_cities.txt] (207,041 bytes)</td>
+
   <td>n/a</td>
 
   <td>Generated by RSnake</td>
 
   <td>Generated by RSnake</td>
 
  </tr>
 
  </tr>
Line 372: Line 346:
 
   <td>"Porno"</td>
 
   <td>"Porno"</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/porno.txt.bz2 porno.txt.bz2] (7,158,285 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/porno.txt.bz2 porno.txt.bz2] (7,158,285 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/porno.txt porno.txt] (46,955,376 bytes)</td>
+
   <td>n/a</td>
 
   <td>World's largest porno password collection!<br>Created by [http://reusablesec.blogspot.com/ Matt Weir]
 
   <td>World's largest porno password collection!<br>Created by [http://reusablesec.blogspot.com/ Matt Weir]
 
  </tr>  
 
  </tr>  
Line 379: Line 353:
 
   <td>Honeynet</td>
 
   <td>Honeynet</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/honeynet.txt.bz2 honeynet.txt.bz2] (889,525 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/honeynet.txt.bz2 honeynet.txt.bz2] (889,525 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/honeynet.txt honeynet.txt] (2,906,298 bytes)</td>
+
   <td>n/a</td>
 
   <td rowspan='2'>From a honeynet run by [http://twitter.com/jgimer Joshua Gimer]</td>
 
   <td rowspan='2'>From a honeynet run by [http://twitter.com/jgimer Joshua Gimer]</td>
 
  </tr>
 
  </tr>
Line 385: Line 359:
 
   <td>Honeynet - w/ count</td>
 
   <td>Honeynet - w/ count</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/honeynet-withcount.txt.bz2 honeynet-withcount.txt.bz2] (901,868 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/honeynet-withcount.txt.bz2 honeynet-withcount.txt.bz2] (901,868 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/honeynet-withcount.txt honeynet-withcount.txt] (4,040,938 bytes)</td>
+
   <td>n/a</td>
 
  </tr>
 
  </tr>
  
Line 391: Line 365:
 
   <td>File locations</td>
 
   <td>File locations</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/file-locations.txt.bz2 file-locations.txt.bz2] (1,724 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/file-locations.txt.bz2 file-locations.txt.bz2] (1,724 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/file-locations.txt file-locations.txt] (8,945 bytes)</td>
+
   <td>n/a</td>
 
   <td>Potential logfile locations (for LFI, etc).<br>Thanks to [http://xd-blog.com.ar/ Seth]!</td>
 
   <td>Potential logfile locations (for LFI, etc).<br>Thanks to [http://xd-blog.com.ar/ Seth]!</td>
 
  </tr>
 
  </tr>
Line 398: Line 372:
 
   <td>Fuzzing strings (Python)</td>
 
   <td>Fuzzing strings (Python)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/fuzzing-strings.txt.bz2 fuzzing-strings.txt.bz2] (276 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/fuzzing-strings.txt.bz2 fuzzing-strings.txt.bz2] (276 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/fuzzing-strings.txt fuzzing-strings.txt] (724 bytes)</td>
+
   <td>n/a</td>
 
   <td>Thanks to [http://xd-blog.com.ar/ Seth]!</td>
 
   <td>Thanks to [http://xd-blog.com.ar/ Seth]!</td>
 
  </tr>
 
  </tr>
Line 405: Line 379:
 
   <td>PHPMyAdmin locations</td>
 
   <td>PHPMyAdmin locations</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/phpmyadmin-locations.txt.bz2 phpmyadmin-locations.txt.bz2] (304 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/phpmyadmin-locations.txt.bz2 phpmyadmin-locations.txt.bz2] (304 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/phpmyadmin-locations.txt phpmyadmin-locations.txt] (1,635 bytes)</td>
+
   <td>n/a</td>
 
   <td>Potential PHPMyAdmin locations.<br>Thanks to [http://xd-blog.com.ar/ Seth]!</td>
 
   <td>Potential PHPMyAdmin locations.<br>Thanks to [http://xd-blog.com.ar/ Seth]!</td>
 
  </tr>
 
  </tr>
Line 412: Line 386:
 
   <td>Web extensions</td>
 
   <td>Web extensions</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/web-extensions.txt.bz2 web-extensions.txt.bz2] (117 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/web-extensions.txt.bz2 web-extensions.txt.bz2] (117 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/web-extensions.txt web-extensions.txt] (139 bytes)</td>
+
   <td>n/a</td>
 
   <td>Common extensions for Web files.<br>Thanks to [http://www.open-labs.org/ dirb]!</td>
 
   <td>Common extensions for Web files.<br>Thanks to [http://www.open-labs.org/ dirb]!</td>
 
  </tr>
 
  </tr>
Line 419: Line 393:
 
   <td>Web mutations</td>
 
   <td>Web mutations</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/web-mutations.txt.bz2 web-mutations.txt.bz2] (177 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/web-mutations.txt.bz2 web-mutations.txt.bz2] (177 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/web-mutations.txt web-mutations.txt] (244 bytes)</td>
+
   <td>n/a</td>
 
   <td>Common 'mutations' for Web files.<br>Thanks to [http://www.open-labs.org/ dirb]!</td>
 
   <td>Common 'mutations' for Web files.<br>Thanks to [http://www.open-labs.org/ dirb]!</td>
 
  </tr>
 
  </tr>
Line 444: Line 418:
 
   <td>Full names</td>
 
   <td>Full names</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/facebook-names-unique.txt.bz2 facebook-names-unique.txt.bz2] (479,332,623 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/facebook-names-unique.txt.bz2 facebook-names-unique.txt.bz2] (479,332,623 bytes)</td>
   <td>facebook-names-unique.txt (1,609,962,544 bytes)</td>
+
   <td>n/a</td>
 
   <td rowspan='2'>2010-08</td>
 
   <td rowspan='2'>2010-08</td>
 
   <td rowspan='2'>&nbsp;</td>
 
   <td rowspan='2'>&nbsp;</td>
Line 451: Line 425:
 
   <td>Full names - w/ count</td>
 
   <td>Full names - w/ count</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/facebook-names-withcount.txt.bz2 facebook-names-withcount.txt.bz2] (477,274,173 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/facebook-names-withcount.txt.bz2 facebook-names-withcount.txt.bz2] (477,274,173 bytes)</td>
   <td>facebook-names-withcount.txt (2,410,990,224 bytes)</td>
+
   <td>n/a</td>
 
  </tr>
 
  </tr>
  
Line 457: Line 431:
 
   <td>First names</td>
 
   <td>First names</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/facebook-firstnames.txt.bz2 facebook-firstnames.txt.bz2] (16,464,124 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/facebook-firstnames.txt.bz2 facebook-firstnames.txt.bz2] (16,464,124 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/facebook-firstnames.txt facebook-firstnames.txt] (38,352,885 bytes)</td>
+
   <td>n/a</td>
 
   <td rowspan='2'>2010-08</td>
 
   <td rowspan='2'>2010-08</td>
 
   <td rowspan='2'>&nbsp;</td>
 
   <td rowspan='2'>&nbsp;</td>
Line 464: Line 438:
 
   <td>First names - w/ count</td>
 
   <td>First names - w/ count</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/facebook-firstnames-withcount.txt.bz2 facebook-firstnames-withcount.txt.bz2] (73,134,218 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/facebook-firstnames-withcount.txt.bz2 facebook-firstnames-withcount.txt.bz2] (73,134,218 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/facebook-firstnames-withcount.txt facebook-firstnames-withcount.txt] (16,375,441 bytes)</td>
+
   <td>n/a</td>
 
  </tr>
 
  </tr>
  
Line 470: Line 444:
 
   <td>Last names</td>
 
   <td>Last names</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/facebook-lastnames.txt.bz2 facebook-lastnames.txt.bz2] (21,176,444 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/facebook-lastnames.txt.bz2 facebook-lastnames.txt.bz2] (21,176,444 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/facebook-lastnames.txt facebook-lastnames.txt] (48,721,637 bytes)</td>
+
   <td>n/a</td>
 
   <td rowspan='2'>2010-08</td>
 
   <td rowspan='2'>2010-08</td>
 
   <td rowspan='2'>&nbsp;</td>
 
   <td rowspan='2'>&nbsp;</td>
Line 477: Line 451:
 
   <td>Last names - w/ count</td>
 
   <td>Last names - w/ count</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/facebook-lastnames-withcount.txt.bz2 facebook-lastnames-withcount.txt.bz2] (21,166,232 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/facebook-lastnames-withcount.txt.bz2 facebook-lastnames-withcount.txt.bz2] (21,166,232 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/facebook-lastnames-withcount.txt facebook-lastnames-withcount.txt] (91,677,133 bytes)</td>
+
   <td>n/a</td>
 
  </tr>
 
  </tr>
  
Line 483: Line 457:
 
   <td>First initial last names</td>
 
   <td>First initial last names</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/facebook-f.last.txt.bz2 facebook-f.last.txt.bz2] (67,110,776 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/facebook-f.last.txt.bz2 facebook-f.last.txt.bz2] (67,110,776 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/facebook-f.last.txt facebook-f.last.txt] (162,453,486 bytes)</td>
+
   <td>n/a</td>
 
   <td rowspan='2'>2010-08</td>
 
   <td rowspan='2'>2010-08</td>
 
   <td rowspan='2'>&nbsp;</td>
 
   <td rowspan='2'>&nbsp;</td>
Line 490: Line 464:
 
   <td>First initial last names - w/ count</td>
 
   <td>First initial last names - w/ count</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/facebook-f.last-withcount.txt.bz2 facebook-f.last-withcount.txt.bz2] (66,348,431 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/facebook-f.last-withcount.txt.bz2 facebook-f.last-withcount.txt.bz2] (66,348,431 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/facebook-f.last-withcount.txt facebook-f.last-withcount.txt] (300,739,870 bytes)</td>
+
   <td>n/a</td>
 
  </tr>
 
  </tr>
  
Line 496: Line 470:
 
   <td>First name last initial</td>
 
   <td>First name last initial</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/facebook-first.l.txt.bz2 facebook-first.l.txt.bz2] (37,463,798 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/facebook-first.l.txt.bz2 facebook-first.l.txt.bz2] (37,463,798 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/facebook-first.l.txt facebook-first.l.txt] (92,986,407 bytes)</td>
+
   <td>n/a</td>
 
   <td rowspan='2'>2010-08</td>
 
   <td rowspan='2'>2010-08</td>
 
   <td rowspan='2'>&nbsp;</td>
 
   <td rowspan='2'>&nbsp;</td>
Line 503: Line 477:
 
   <td>First name last initial</td>
 
   <td>First name last initial</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/facebook-first.l-withcount.txt.bz2 facebook-first.l-withcount.txt.bz2] (36,932,295 bytes)</td>
 
   <td>[http://downloads.skullsecurity.org/passwords/facebook-first.l-withcount.txt.bz2 facebook-first.l-withcount.txt.bz2] (36,932,295 bytes)</td>
   <td>[http://downloads.skullsecurity.org/passwords/facebook-first.l-withcount.txt facebook-first.l-withcount.txt] (175,729,831 bytes)</td>
+
   <td>n/a</td>
 
  </tr>
 
  </tr>
 
</table>
 
</table>

Revision as of 03:46, 21 September 2011