Contents
While scanning the deep and dark web for stolen, leaked or lost data, 4iQ discovered a single file with a database of 1.4 billion clear text credentials — the largest aggregate database found in the dark web to date.
None of the passwords are encrypted, and what’s scary is the 4iQ has tested a subset of these passwords and most of the have been verified to be true.
分析
该集合数据库中包含从Bitcoin、Pastebin、LinkedIn、MySpace、Netflix、YouPorn、Last.FM、Zoosk、Badoo、RedBox以及游戏平台(Minecraft和Runescape等)泄漏的数据,以及Anti Public,Exploit.in泄漏的凭证列表。
源文件
二进制未压缩41G
|
1 |
magnet:?xt=urn:btih:7ffbcd8cee06aba2ce6561688cf68ce2addca0a3&dn=BreachCompilation&tr=udp%3A%2F%2Ftracker.openbittorrent.com%3A80&tr=udp%3A%2F%2Ftracker.leechers-paradise.org%3A6969&tr=udp%3A%2F%2Ftracker.coppersurfer.tk%3A6969&tr=udp%3A%2F%2Fglotorrents.pw%3A6969&tr=udp%3A%2F%2Ftracker.opentrackr.org%3A1337 |
二进制压缩11G
|
1 |
magnet:?xt=urn:btih:09250e1953e5a7fefeaa6206e81d02e53b5b374a&dn=BreachCompilation.tar.bz2&tr=udp://tracker.leechers-paradise.org:6969/announce&tr=udp://tracker.opentrackr.org:1337/announce&tr=udp://tracker.pirateparty.gr:6969&tr=udp://tracker.coppersurfer.tk:6969/announce&tr=udp://tracker.zer0day.to:1337/announce |
处理文件
breachcompilation.txt.7z
处理方式:
|
1 |
grep -rohP '(?<=:).*$' | uniq > breachcompilation.txt |
体积大小:
|
1 2 |
4.1G compressed 9.0G uncompressed |
说明:
|
1 |
No personal information included - just a list of passwords. |
下载地址:
|
1 |
magnet:?xt=urn:btih:5a9ba318a5478769ddc7393f1e4ac928d9aa4a71&dn=breachcompilation.txt.7z&tr=udp://tracker.opentrackr.org:1337/announce&tr=udp://tracker.zer0day.to:1337/announce&tr=udp://tracker.coppersurfer.tk:6969/announce&tr=udp://tracker.leechers-paradise.org:6969/announce&tr=udp://tracker.internetwarriors.net:1337/announce&tr=udp://mgtracker.org:6969/announce&tr=udp://explodie.org:6969/announce |
来源:
https://gist.github.com/scottlinux/9a3b11257ac575e4f71de811322ce6b3
breachcompilationuniq.txt.7z
处理方式:breachcompilationuniq.txt.7z基础上,排序和去重
|
1 |
LC_ALL=C sort -uo |
下载地址:
https://files.vkk.me/storage/breachcompilationuniq.txt.7z
体积大小:
|
1 |
944.4 MB, expands to 4.07 GB |
数据量:
|
1 2 |
1,012,024,699 lines in original file 384,153,427 lines after sorting and removing duplicates |
来源:
https://www.reddit.com/r/netsec/comments/7kqpx9/recent_14_billion_password_breach_compilation_as/
breach_compilation_passwords_ordered_by_frequency.tar.gz
处理方式:
|
1 |
grep -arohP '(?<=:|;|\t).*$' | sort --parallel=8 | uniq -c | sort -nr --parallel=8 | sed 's/^ *[0-9]* //' > output |
下载地址:
https://mega.nz/#!MuJlQRaC!Rlfonl4x33JR96m0T5N5FZh5mR3-MOdjUXEDYaUGBsE
体积大小:
|
1 |
1.65 GB |
数据量:
|
1 |
total unique passwords: 451.427.517, total rows: 1.400.553.862, total rows considered correctly parsed: 1.400.325.742 |
来源:
https://www.reddit.com/r/netsec/comments/7kqpx9/recent_14_billion_password_breach_compilation_as/
相关项目
- https://github.com/philipperemy/tensorflow-1.4-billion-password-analysis:使用深度学习和NLP来分析14亿的明文密码
在线查询
https://pwdquery.xyz/:输入邮箱,隐藏部分的泄露密码
https://verify.4iq.com/:输入邮箱,自动将泄露密码发送到邮箱上
https://haveibeenpwned.com/Passwords:输入密码,确认是否泄露
参考链接:
ee