Main
Codex
Librarium Whitehat
Advisories
Blog Pics
"Inveniam viam aut faciam" : I will either find a way, or I shall make one

Adeptus-Mechanicus - BlogMe


EHarmony – Plaintext and Hashdump

Well, I have cracked more then 80%  of the EHarmony  hashdump so time for me to report on the passwords and release the plaintexts. I will update this page as I get to 90% and so on. I used cracking this hashdump to test my LinkedIn plaintexts and to explain some hashcat basics (see here).

  • the hashes are MD5, but there seems to be a few non-MD5 entries that hashcat will complain about
  • the hacker who released them has removed all duplicates
  • EHarmony converted all lowercase to uppercase thus greatly reducing the keyspace for cracking
  • I am guessing that these passwords represent a password rules change, there are some passwords that look like they were cut off at 14 characters but also a very few with more then 14 characters. Also there are almost no passwords with special characters in them. I would guess that at some time EHarmony changed the password rules and this hashdump represents passwords from before and after that change.
  • Here is the hashdump
  • Here are the plaintexts (currently 1258045 of 1513805 or 83% done)
  • Here are some rules which were generated by hashcat when using the “g” option

Address : <http://www.adeptus-mechanicus.com/codex/ehdic/ehdic.php>

Published by erich, on September 15th, 2012 at 7:09 pm. Filled under: General1 Comment

One Response to “EHarmony – Plaintext and Hashdump”

  1. […] EHarmony – Plaintext and Hashdump (adeptus-mechanicus.com) […]

    Pingback by Bashing The Hash: IBM X-Force On Password Follies on September 21, 2012 at 6:22 am



Leave a Reply