Check if your Linkedin password was stolen

As you all probably heard, there were some stolen passwords from Linkedin this morning (announcement). A simple way to check if your password belongs to the ones stolen is by using the following script:

#!/bin/bash                                                                                        
 
if [ ! -f 'combo_not.txt' ]
then
    if [ ! -f 'combo_not.zip' ]
    then
        echo "Downloading the list of sha1s"
        wget http://wordpress.phobostechnology.com/wp-content/uploads/2012/06/combo_not.zip
    fi
    echo "Unziping"
    unzip combo_not.zip
fi
 
mine=$(echo -n "$1" | sha1sum | cut -d' ' -f1);
mine0="00000"${mine:5};
echo "checking "$mine
echo " and     "$mine0
echo "===found:"
grep -e $mine -e $mine0 combo_not.txt

Do chmod +x on the script and then run it placing a space in front, so that the command does not appear in the history of commands.
For example:

 $  ./check.sh 123456
checking 7c4a8d09ca3762af61e59520943dc26494f8941b
 and     00000d09ca3762af61e59520943dc26494f8941b
===found:
00000d09ca3762af61e59520943dc26494f8941b

PS. Yes, someone is using the password 123456!

Comments are closed.