Ashley Madison part 1: Getting the database
I downloaded the Ashley Madison database dump.
The dump was available here http://pastie.org/10360347. I downloaded it in an Ubuntu VM for safety precautions.
The files available:
am_am.dump.gz
aminno_member.dump.gz
aminno_member_email.dump.gz
ashleymadisondump.7z
CreditCardTransactions.7z
member_details.dump.gz
member_login.dump.gz
The file member_login.dump is a MySQL database backup. First I installed the database with:
$ sudo apt-get install mysql-server
Start MySQL with
$
mysql -u root -p
Now we need to create a new database and restore from the backup. We’ll go ahead and import member_login.dump and member_details.dump:
$ mysql
> create database AshMad
> use AshMad
$ mysql -u root -p < Downloads/dmps/member_login.dump
$ mysql -u root -p < Downloads/dumps/member_details.dump
And now MySQL will import the database.
Note: Do not use the MySQL source command to import large databases. Source is designed to run a small number of SQL queries, and will take a long time to import a large database.
Let’s explore the imported tables.
mysql> use AshMad; Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -A Database changed mysql> show tables; +------------------+ | Tables_in_AshMad | +------------------+ | member_login | | member_details | +------------------+ 2 rows in set (0.00 sec) mysql> show columns from member_login; +----------+--------------+------+-----+---------+----------------+ | Field | Type | Null | Key | Default | Extra | +----------+--------------+------+-----+---------+----------------+ | pnum | int(11) | NO | PRI | NULL | auto_increment | | username | varchar(28) | NO | UNI | | | | password | varchar(128) | NO | | | | | loginkey | varchar(36) | NO | MUL | | | | notify | int(4) | NO | | 0 | | +----------+--------------+------+-----+---------+----------------+ 5 rows in set (0.00 sec)
Now we’re going to dump the password column into a text file for a password cracker. This might take a few minutes, as there are almost 4 million rows.
> select password from member_login into outfile 'ashmadpasswords.txt' lines terminated by '\n';
Now we have the passwords in a .txt document in the file /var/lib/mysql/AshMad/ashmadpasswords.txt;
Lets check the file to see what we have:
$ head -10 /var/lib/mysql/AshMad/ashmadpasswords.txt $2a$12$6YEtyM93L2EQkHzs/PSP6OKEiW6fS3dSZCozzDrMKhHqRmI6NjS1S 111111Iwillneverdoitagain $2a$12$3V0bFXAv1b4DT1KHh3uqjumaRYysI.NNpgXlcFEfulNUoBYtBEtTG 111111Iwillneverdoitagain $2a$12$8b5m318FP10GzXI.mtJyh.L.LFjK5iZMwen9gJ68OrkrSLJrKsq1e 111111Iwillneverdoitagain $2a$12$XC2CQOA5agBimTPHdvcsKOVgKkDwfjXFPyZjNhCFxhxj0yZS/T9f. 111111Iwillneverdoitagain $2a$12$4FOWYjeL4AtnSuWqP7.1NeeBejEvwBFI/K3Pjt2r0jg5RhnPF38ja $2a$12$zK2RRlnbtzm/0X0ZSuMrJ.L8v4KSOGnOuXDtDcPkw.ic6qeV.cg4i
And that’s it for part 1.