Analysis of Leaked B-K Lightning Passwords
B-K Lightning was recently victim of an SQL injection. The team behind it used an automated tool to find the SQL injection and then used another tool to gather the data. This is evident inside the data itself. I removed the injection data as it would lower the quality of this analysis.
No passwords where cracked as the site keeps their passwords in clear-text.
The Results
The leak contains a total of 3288 passwords.
Length distribution
Average password length: 7.132295
Character distribution
Unique character distribution
Contained in common wordlists
Top 30 most common passwords
Top 30 longest passwords
Notes
The data this analysis is based on is doubtful as it was extracted without any regards to data consistency. This is partly due to an error based SQL injection was used (limits the length of the strings given) and the fact that it was extracted from the output of the web application itself.
No passwords where cracked as the site keeps their passwords in clear-text.
The Results
The leak contains a total of 3288 passwords.
Length distribution
Average password length: 7.132295
Character distribution
Unique character distribution
Contained in common wordlists
Top 30 most common passwords
Top 30 longest passwords
Notes
The data this analysis is based on is doubtful as it was extracted without any regards to data consistency. This is partly due to an error based SQL injection was used (limits the length of the strings given) and the fact that it was extracted from the output of the web application itself.
Comments
Post a Comment