How to find out if your Linkedin password was found via PowerShell

First you need to download the combo_not.zip file and unpack it.
(for example read the comments on this post: http://tweakers.net/nieuws/82411/wachtwoorden-miljoenen-linkedin-gebruikers-op-straat.html )

Next drop the combo_not.txt file in your C:\ drive: C:\combo_not.txt

Now open PowerShell or PowerShell ISE and run the PowerShell script below:
(don’t forget to change YourPasswordHere):

cd c:\
$pass = "YourPasswordHere"
$sha1 = [System.Security.Cryptography.SHA1]::Create()
$bytes = [System.Text.Encoding]::UTF8.GetBytes($pass)
$hashArray = $sha1.ComputeHash($bytes)
$hashArray | foreach -Begin{$str=''} -Process{$str += "{0:x2}" -f $_} -End{$str}
$str2 = [String]::Concat("00000", $str.Substring(5))
findstr -I $str .\combo_not.txt
findstr -I $str2 .\combo_not.txt

I tested it and didn’t give a result, so that must be a good thing ;-) (let’s hope it is not due to this quick script :-) )

LinkedIn commented on the stolen passwords/hashes. Read it here: http://blog.linkedin.com/2012/06/06/linkedin-member-passwords-compromised/

Update: apprently the first 5 bits need to be set to 0 to do another check if it is hacked
Update2: updated the script
Update3: reply from LinkedIn

Please post a comment if there are any suggestions/mistakes.

Learn more about the PowerShell pipeline script function: begin, process and end:

About these ads

One thought on “How to find out if your Linkedin password was found via PowerShell

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s