Skip navigation

Tag Archives: bcrypt

Earlier today, the full dump of Ashley Madison has finally leaked on an .onion (Tor) website. A more complete analysis will follow in the next days. Also check out the write up on part 2 of the leak.

TL;DR :

  • The leaked files seem totally legit
  • 33 million accounts and user personal information have leaked
  • 36 million email addresses have leaked (you might get some spam…)
  • Accounts’ passwords were stored in a secure way and while they won’t be cracked as a whole, someone targeting you might crack your password. Change it.
  • The dump was made on 11/07/15 (July). If you registered your account after this date, you are mostly safe. If you registered before, your personal information are at risk and I advise you to take measures to protect yourself from identity/credit card theft.

 

Leak content

The leak contains the following files :

am_tree

Those compressed files weight ~ 10GB (and about 35GB uncompressed).

README

The readme file contains the following text:

  _______ _____ __  __ ______ _       _    _ _____  _ 
 |__   __|_   _|  \/  |  ____( )     | |  | |  __ \| |
    | |    | | | \  / | |__  |/ ___  | |  | | |__) | |
    | |    | | | |\/| |  __|   / __| | |  | |  ___/| |
    | |   _| |_| |  | | |____  \__ \ | |__| | |    |_|
    |_|  |_____|_|  |_|______| |___/  \____/|_|    (_)

Avid Life Media has failed to take down Ashley Madison and Established Men. We have explained the fraud, deceit, and stupidity of ALM and their members. Now everyone gets to see their data.

Find someone you know in here? Keep in mind the site is a scam with thousands of fake female profiles. See ashley madison fake profile lawsuit; 90-95% of actual users are male. Chances are your man signed up on the world’s biggest affair site, but never had one. He just tried to. If that distinction matters.

Find yourself in here? It was ALM that failed you and lied to you. Prosecute them and claim damages. Then move on with your life. Learn your lesson and make amends. Embarrassing now, but you’ll get over it.

Any data not signed with key 6E50 3F39 BA6A EAAD D81D ECFF 2437 3CD5 74AB AA38 is fake.

74ABAA38.txt

This file contains the GPG public key that can be used to check that all the files were created by the author and *not* modified by some third party. They are all legit in this case.

CreditCardTransactions.7z

This archive contains *all* the credit card transactions from the past 7 years! (The first csv file dates back to March 2008). All those csv files contains the names, street address, amount paid and email address of everyone who paid something on AshleyMadison. Those ~2600 files represent more than 9.600.000 transactions !

am_am.dump

Here comes the interesting part. This file contains 32 million user data: first/last names, street address, phone numbers, relationship status, what they are looking for, if they drink, smoke, their security question, date of birth, nickname, etc…

ashleymadisondump.7z

This archive mostly contains administrative documents about AM internals some of them were published a few days after the breach was announced.

aminno_member.dump

I don’t know where does this database dump come from, but it also contains some personal data.

aminno_member_email.dump

About 36 million email addresses. (Gonna make some stats on them in a second time)

member_details.dump

Physical description: eyes color, weight, height, hair color, body type, “ethnicity”, caption…

member_login.dump

This database dump contains more than 30 million usernames + hashed passwords. The passwords are hashed with the bcrypt algorithm and
a huge cost factor of 12, which makes a global attack on the password very unlikely (even for most commons passwords). However, attacking a single (or a couple) of passwords is still possible and you definitely need to change your password.

Tables schema

To give you an idea of what is stored in the database, here are the different tables schema of the database. Fields name are really explicit.

CREATE TABLE `am_am_member` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`createdon` timestamp NULL DEFAULT NULL,
`createdby` int(11) DEFAULT NULL,
`updatedon` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
`updatedby` int(11) DEFAULT NULL,
`admin` int(11) DEFAULT NULL,
`status` int(11) DEFAULT NULL,
`account_type` int(11) DEFAULT NULL,
`membership_status` int(11) DEFAULT NULL,
`ad_source` int(11) NOT NULL DEFAULT ‘0’,
`profile_number` int(11) DEFAULT NULL,
`nickname` varchar(16) DEFAULT NULL,
`first_name` varchar(24) DEFAULT NULL,
`last_name` varchar(24) DEFAULT NULL,
`street1` varchar(70) DEFAULT NULL,
`street2` varchar(70) DEFAULT NULL,
`city` varchar(28) DEFAULT NULL,
`zip` varchar(16) DEFAULT NULL,
`state` int(11) DEFAULT NULL,
`latitude` double NOT NULL DEFAULT ‘0’,
`longitude` double NOT NULL DEFAULT ‘0’,
`country` int(11) DEFAULT NULL,
`phone` varchar(24) DEFAULT NULL,
`work_phone` varchar(24) DEFAULT NULL,
`mobile_phone` varchar(24) DEFAULT NULL,
`gender` int(11) DEFAULT NULL,
`dob` date DEFAULT NULL,
`profile_caption` varchar(64) DEFAULT NULL,
`profile_ethnicity` int(11) DEFAULT NULL,
`profile_weight` int(11) DEFAULT NULL,
`profile_height` int(11) DEFAULT NULL,
`profile_bodytype` int(11) DEFAULT NULL,
`profile_smoke` int(11) DEFAULT NULL,
`profile_drink` int(11) DEFAULT NULL,
`profile_initially_seeking` int(11) DEFAULT NULL,
`profile_relationship` int(11) DEFAULT NULL,
`pref_opento` varchar(164) NOT NULL DEFAULT  »,
`pref_opento_other` varchar(28) DEFAULT NULL,
`pref_opento_abstract` mediumtext NOT NULL,
`pref_turnsmeon` varchar(164) NOT NULL DEFAULT  »,
`pref_turnsmeon_other` varchar(28) DEFAULT NULL,
`pref_turnsmeon_abstract` mediumtext,
`pref_lookingfor` varchar(164) NOT NULL DEFAULT  »,
`pref_lookingfor_other` varchar(28) DEFAULT NULL,
`pref_lookingfor_abstract` mediumtext,
`main_photo` int(11) DEFAULT NULL,
`security_question` int(1) NOT NULL DEFAULT ‘0’,
`security_answer` varchar(32) NOT NULL DEFAULT  »,

CREATE TABLE `aminno_member` (
`pnum` int(11) NOT NULL DEFAULT ‘0’,
`approved` tinyint(1) NOT NULL DEFAULT ‘0’,
`signupvid` varchar(64) NOT NULL DEFAULT  »,
`signupip` varchar(15) NOT NULL DEFAULT  »,
`sponsor` int(8) NOT NULL DEFAULT ‘0’,
`nickname` varchar(28) CHARACTER SET utf8 COLLATE utf8_general_mysql500_ci NOT NULL DEFAULT  »,
`gender` int(1) NOT NULL DEFAULT ‘0’,
`ishost` tinyint(1) NOT NULL DEFAULT ‘0’,
`flags` int(11) NOT NULL DEFAULT ‘0’,
`fraud_flag` int(11) NOT NULL DEFAULT ‘0’,
`country` int(1) NOT NULL DEFAULT ‘0’,
`state` int(3) NOT NULL DEFAULT ‘0’,
`zip` varchar(16) NOT NULL DEFAULT  »,
`latitude` double NOT NULL DEFAULT ‘0’,
`longitude` double NOT NULL DEFAULT ‘0’,
`timezone` int(3) NOT NULL DEFAULT ‘0’,
`city` varchar(28) NOT NULL DEFAULT  »,
`adsource` int(2) NOT NULL DEFAULT ‘0’,
`seeking` int(2) NOT NULL DEFAULT ‘0’,
`dob` date NOT NULL DEFAULT ‘0000-00-00’,
`credits` int(5) NOT NULL DEFAULT ‘0’,
`flatrate` timestamp NOT NULL DEFAULT ‘0000-00-00 00:00:00’,
`accept_collect` tinyint(1) NOT NULL DEFAULT ‘1’,
`accept_host_contact` tinyint(1) NOT NULL DEFAULT ‘1’,
`accept_mail_auto_responder` tinyint(1) NOT NULL DEFAULT ‘1’,
`restrict_global` tinyint(1) NOT NULL DEFAULT ‘0’,
`restrict_bc` tinyint(1) NOT NULL DEFAULT ‘0’,
`bc_mail_last_time` timestamp NOT NULL DEFAULT ‘0000-00-00 00:00:00’,
`bc_chat_last_time` timestamp NOT NULL DEFAULT ‘0000-00-00 00:00:00’,
`reply_mail_last_time` timestamp NOT NULL DEFAULT ‘0000-00-00 00:00:00’,
`photos_public` int(1) NOT NULL DEFAULT ‘0’,
`photos_private` int(2) NOT NULL DEFAULT ‘0’,
`keywords` mediumtext NOT NULL,
`set_chat_enabled` int(1) NOT NULL DEFAULT ‘1’,
`set_chat_available` int(1) NOT NULL DEFAULT ‘1’,
`set_show_profile` tinyint(1) NOT NULL DEFAULT ‘1’,
`set_show_online` tinyint(1) NOT NULL DEFAULT ‘1’,
`set_view_rated` tinyint(1) NOT NULL DEFAULT ‘0’,
`mail_auto_responder` int(5) NOT NULL DEFAULT ‘0’,
`mail_auto_responder_msg` varchar(255) DEFAULT NULL,
`security_question` int(1) NOT NULL DEFAULT ‘0’,
`security_answer` varchar(32) NOT NULL DEFAULT  »,
`caption` varchar(64) DEFAULT NULL,
`ethnicity` int(11) DEFAULT NULL,
`weight` int(11) DEFAULT NULL,
`height` int(11) DEFAULT NULL,
`bodytype` int(11) DEFAULT NULL,
`smoking` int(11) DEFAULT NULL,
`limits` int(11) DEFAULT NULL,
`opento` varchar(164) NOT NULL DEFAULT  »,
`opento_other` varchar(28) DEFAULT NULL,
`opento_abstract` mediumtext NOT NULL,
`turnsmeon` varchar(164) NOT NULL DEFAULT  »,
`turnsmeon_other` varchar(28) DEFAULT NULL,
`turnsmeon_abstract` mediumtext NOT NULL,
`lookingfor` varchar(164) NOT NULL DEFAULT  »,
`lookingfor_other` varchar(28) DEFAULT NULL,
`lookingfor_abstract` mediumtext NOT NULL,
`eye_color` int(11) NOT NULL DEFAULT ‘0’,
`hair_color` int(11) NOT NULL DEFAULT ‘0’,
`updatedon` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,

CREATE TABLE `aminno_member_email` (
`pnum` int(11) NOT NULL DEFAULT ‘0’,
`email` varchar(128) NOT NULL DEFAULT  »,
`isvalid` tinyint(1) NOT NULL DEFAULT ‘1’,
`html` tinyint(1) NOT NULL DEFAULT ‘0’,
`optin` int(1) NOT NULL DEFAULT ‘0’,
`notify_newmail` int(1) NOT NULL DEFAULT ‘1’,
`notify_newmember` int(1) NOT NULL DEFAULT ‘1’,
`notify_login` int(1) NOT NULL DEFAULT ‘1’,
`notify_offer` tinyint(1) NOT NULL DEFAULT ‘1’,

CREATE TABLE `member_details` (
`pnum` int(11) unsigned NOT NULL,
`eye_color` int(11) unsigned NOT NULL DEFAULT ‘0’,
`hair_color` int(11) unsigned NOT NULL DEFAULT ‘0’,
`dob` date DEFAULT NULL,
`profile_caption` varchar(64) DEFAULT NULL,
`profile_ethnicity` int(11) unsigned DEFAULT NULL,
`profile_weight` int(11) unsigned DEFAULT NULL,
`profile_height` int(11) unsigned DEFAULT NULL,
`profile_bodytype` int(11) unsigned DEFAULT NULL,
`profile_smoke` int(11) unsigned DEFAULT NULL,
`profile_drink` int(11) unsigned DEFAULT NULL,
`profile_initially_seeking` int(11) unsigned DEFAULT NULL,

CREATE TABLE `member_login` (
`pnum` int(11) NOT NULL AUTO_INCREMENT,
`username` varchar(28) CHARACTER SET utf8 COLLATE utf8_general_mysql500_ci NOT NULL DEFAULT  »,
`password` varchar(128) NOT NULL DEFAULT  »,
`loginkey` varchar(36) NOT NULL DEFAULT  »,
`notify` int(4) NOT NULL DEFAULT ‘0’,