Ashley Madison part 1: Getting the database

By on

I downloaded the Ashley Madison database dump.

The dump was available here http://pastie.org/10360347. I downloaded it in an Ubuntu VM for safety precautions.

The files available:

am_am.dump.gz
aminno_member.dump.gz
aminno_member_email.dump.gz
ashleymadisondump.7z
CreditCardTransactions.7z
member_details.dump.gz
member_login.dump.gz

The file member_login.dump is a MySQL database backup. First I installed the database with:

$ sudo apt-get install mysql-server

Start MySQL with

$ mysql -u root -p

Now we need to create a new database and restore from the backup. We’ll go ahead and import member_login.dump and member_details.dump:

$ mysql

> create database AshMad

> use AshMad

$ mysql -u root -p < Downloads/dmps/member_login.dump

$ mysql -u root -p < Downloads/dumps/member_details.dump

And now MySQL will import the database.
Note: Do not use the MySQL source command to import large databases. Source is designed to run a small number of SQL queries, and will take a long time to import a large database.

Let’s explore the imported tables.

mysql> use AshMad;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Database changed

mysql> show tables;
+------------------+
| Tables_in_AshMad |
+------------------+
| member_login     |
| member_details   |
+------------------+
2 rows in set (0.00 sec)

mysql> show columns from member_login;
+----------+--------------+------+-----+---------+----------------+
| Field    | Type         | Null | Key | Default | Extra          |
+----------+--------------+------+-----+---------+----------------+
| pnum     | int(11)      | NO   | PRI | NULL    | auto_increment |
| username | varchar(28)  | NO   | UNI |         |                |
| password | varchar(128) | NO   |     |         |                |
| loginkey | varchar(36)  | NO   | MUL |         |                |
| notify   | int(4)       | NO   |     | 0       |                |
+----------+--------------+------+-----+---------+----------------+
5 rows in set (0.00 sec)

Now we’re going to dump the password column into a text file for a password cracker. This might take a few minutes, as there are almost 4 million rows.

> select password from member_login into outfile 'ashmadpasswords.txt' lines terminated by '\n';

Now we have the passwords in a .txt document in the file /var/lib/mysql/AshMad/ashmadpasswords.txt;

Lets check the file to see what we have:

$ head -10 /var/lib/mysql/AshMad/ashmadpasswords.txt 
$2a$12$6YEtyM93L2EQkHzs/PSP6OKEiW6fS3dSZCozzDrMKhHqRmI6NjS1S
111111Iwillneverdoitagain
$2a$12$3V0bFXAv1b4DT1KHh3uqjumaRYysI.NNpgXlcFEfulNUoBYtBEtTG
111111Iwillneverdoitagain
$2a$12$8b5m318FP10GzXI.mtJyh.L.LFjK5iZMwen9gJ68OrkrSLJrKsq1e
111111Iwillneverdoitagain
$2a$12$XC2CQOA5agBimTPHdvcsKOVgKkDwfjXFPyZjNhCFxhxj0yZS/T9f.
111111Iwillneverdoitagain
$2a$12$4FOWYjeL4AtnSuWqP7.1NeeBejEvwBFI/K3Pjt2r0jg5RhnPF38ja
$2a$12$zK2RRlnbtzm/0X0ZSuMrJ.L8v4KSOGnOuXDtDcPkw.ic6qeV.cg4i

And that’s it for part 1.

Leave a Reply

Your email address will not be published. Required fields are marked *