Learned that the LinkedIn hash list had some things done to obscure the hash some. I changed the code to work with the obscured hashes.

This commit is contained in:
GRMrGecko 2014-09-17 15:35:56 -05:00
parent 441dc5e3b6
commit 16615a55f1

View File

@ -186,7 +186,7 @@ if ($_MGM['path'][1]=="email") {
} else if ($_MGM['path'][1]=="hash") { } else if ($_MGM['path'][1]=="hash") {
connectToDatabase(); connectToDatabase();
if (!empty($_REQUEST['sha1'])) { if (!empty($_REQUEST['sha1'])) {
$entries = databaseQuery("SELECT * FROM `sha1` WHERE `hash`=%s", $_REQUEST['sha1']); $entries = databaseQuery("SELECT * FROM `sha1` WHERE `hash`=%s OR `hash`=%s", "00000".substr($_REQUEST['sha1'],5), $_REQUEST['sha1']);// The LinkedIn hashes seemed to have the first 5 characters replaced with 00000 because the person who uploaded on torrent sites decided that they didn't want to share the real hash.
$entry = databaseFetchAssoc($entries); $entry = databaseFetchAssoc($entries);
if ($entry!=null) { if ($entry!=null) {
?><h3 style="color: #ff0000">Password was stolen by hackers via <?=$entry['leak']?>.</h3><? ?><h3 style="color: #ff0000">Password was stolen by hackers via <?=$entry['leak']?>.</h3><?