Analysis Of The Cancao Nova Leak

Yet another site has been breached by hackers. An automated SQL injection tool was used to extract the data from the website. No signs of automated vulnerability scanning tools in the data.

2047 hashes were cracked out of 2641 hashes. That is 77.5%. Total amount of time spent: 22 minutes

The Results 

Length distribution
Average password length: 7.32489

Character distribution

Unique character distribution

Contained in common wordlists

Top 30 most common passwords

Top 30 longest passwords
The passwords reflect the religious nature of the site as well as the non-english origin of the site. I used a Spanish wordlist with  on the site to achieve maximum coverage.


Popular posts from this blog

Reducing the size of self-contained .NET Core applications

.NET Compression Libraries Benchmark

Broad And Narrow Phase Collision Detection Systems