How to find out if your Linkedin password was found via PowerShell

First you need to download the combo_not.zip file and unpack it.
(for example read the comments on this post: http://tweakers.net/nieuws/82411/wachtwoorden-miljoenen-linkedin-gebruikers-op-straat.html )

Next drop the combo_not.txt file in your C:\ drive: C:\combo_not.txt

Now open PowerShell or PowerShell ISE and run the PowerShell script below:
(don’t forget to change YourPasswordHere):

cd c:\
$pass = "YourPasswordHere"
$sha1 = [System.Security.Cryptography.SHA1]::Create()
$bytes = [System.Text.Encoding]::UTF8.GetBytes($pass)
$hashArray = $sha1.ComputeHash($bytes)
$hashArray | foreach -Begin{$str=''} -Process{$str += "{0:x2}" -f $_} -End{$str}
$str2 = [String]::Concat("00000", $str.Substring(5))
findstr -I $str .\combo_not.txt
findstr -I $str2 .\combo_not.txt

I tested it and didn’t give a result, so that must be a good thing 😉 (let’s hope it is not due to this quick script 🙂 )

LinkedIn commented on the stolen passwords/hashes. Read it here: http://blog.linkedin.com/2012/06/06/linkedin-member-passwords-compromised/

Update: apprently the first 5 bits need to be set to 0 to do another check if it is hacked
Update2: updated the script
Update3: reply from LinkedIn

Please post a comment if there are any suggestions/mistakes.

Learn more about the PowerShell pipeline script function: begin, process and end:

Advertisements

Intercept LinkedIn passwords via https


(via)

At the Microsoft TechDays 2012 in Belgium, white hat Paula Januszkiewicz shows how the tool Fiddler can be used to intercept the password of a LinkedIn user. The reason is because the password is not being encrypted by LinkedIn, although https is being used.