[MySQL Database]
SERVER: 69.60.7.205
USER: root
PASSWORD: m00nsh1n3
PORT:9254
After gaining access to gawkers MySQL database we stumble upon a huge
table containing ~1,500,000 users. After a few days of dumping we
decided that 1.3 million was enough.
Gawker uses a really outdated hashing algorithm known as DES (Data Encryption Standard).
Because DES has a maximum of 8chars using a password like "abcdefgh1234" only the
first 8 characters "abcdefgh" are encrypted and stored in the database. If your
password is longer than 8 characters you only need to enter the first 8 characters
to log in!
YA DONT SAY!!
?
Because of this we were only able to recover the first 8 characters of someones password!
If the password is 8 characters long there's a good chance that it migt be longer
than 8 characters! But still, there's 1000's of people using 1 - 8 character passwords
for us to have some fun with!
We managed to crack ~200,000 hashes, if you want the rest of them cracking
DO IT YOUR FUCKING SELF! >:3
Here's a quote of encouragement for gawker users from Scott:
"We'll continue to look into this, but as I commented on your site earlier, we have no evidence that any of our readers' user accounts/passwords have been compromised. They are not stored in plain text and are on entirely different systems than the third-party hosted Campfire screenshots that appear in this article.
There's no evidence to suggest any Gawker Network user accounts were compromised, and passwords are encrypted (not stored in plain text) anyway, so stealing passwords isn't even possible."
Here's a handfull of interesting hashes from the other associated blogs.
Some maybe fake/spam accounts, can't be bothered to test them all.
