Created
September 4, 2012 13:32
-
-
Save lsauer/3621183 to your computer and use it in GitHub Desktop.
Analyzed: AntiSec Hackers 1 Million Apple Device ID Leak
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
##free use :) lo sauer 2012; writeup: http://www.lsauer.com/2012/09/analyzed-antisec-hackers-leaked-1.html | |
DROP TABLE IF EXISTS `test`.`iosleak`; | |
CREATE TABLE `test`.`iosleak` ( | |
`appleUUID` varchar(45) NOT NULL, | |
`appleToken` varchar(68) NOT NULL, | |
`deviceName` varchar(100) NOT NULL, | |
`deviceType` varchar(45) NOT NULL, | |
`id` int(11) unsigned zerofill NOT NULL AUTO_INCREMENT, | |
PRIMARY KEY (`id`) USING BTREE | |
) ENGINE=InnoDB AUTO_INCREMENT=1048561 DEFAULT CHARSET=latin1; | |
LOAD DATA INFILE '~\\Downloads\\iphonelist.txt' INTO TABLE test.iosleak | |
FIELDS TERMINATED BY ',' ENCLOSED BY '\'' ESCAPED BY '\\' | |
LINES TERMINATED BY '\n' STARTING BY ''; | |
SELECT DISTINCT deviceType, COUNT(deviceType ) FROM iosleak i GROUP BY deviceType; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
##Doing histograms in raw SQL is awkward -> | |
##so we extract the data and use a flexible scripting environment e.g. PiPal@Ruby 1.9 | |
SELECT DISTINCT deviceName INTO OUTFILE '~\\iosDevnames.txt' FROM iosleak; | |
##rather than using SQL as follows: | |
## x-axis: DISTINCT LENGTH(deviceName) ; | |
## y-axis: COUNT( LENGTH(deviceName) ) ; | |
## ...SELECT DISTINCT LENGTH(deviceName) AS x FROM iosleak i GROUP BY x; | |
SELECT DISTINCT LENGTH(deviceName) AS udnlength, COUNT(*) AS occurances FROM iosleak i GROUP BY len ORDER BY udnlength; | |
#result: | |
udnlength, occurances | |
0, 51 | |
1, 1504 | |
2, 2271 | |
3, 6747 | |
4, 15250 | |
5, 22208 | |
6, 67434 | |
7, 23660 | |
8, 21093 | |
9, 26194 | |
10, 37806 | |
11, 46720 | |
12, 69044 #max! | |
13, 84977 | |
14, 91913 | |
15, 78467 | |
16, 67491 | |
17, 47494 | |
18, 37302 | |
19, 34569 | |
20, 32856 | |
21, 34267 | |
22, 35548 | |
23, 29625 | |
24, 24550 | |
25, 17822 | |
26, 11773 | |
27, 11482 | |
28, 5259 | |
29, 5940 | |
30, 2274 | |
31, 1611 | |
32, 1064 | |
33, 822 | |
34, 606 | |
35, 414 | |
36, 393 | |
37, 262 | |
38, 224 | |
39, 150 | |
40, 138 | |
41, 103 | |
42, 86 | |
43, 102 | |
44, 49 | |
45, 34 | |
46, 38 | |
47, 29 | |
48, 20 | |
49, 19 | |
50, 11 | |
51, 16 | |
52, 18 | |
53, 7 | |
54, 11 | |
55, 8 | |
56, 9 | |
57, 11 | |
58, 8 | |
59, 4 | |
60, 17 | |
61, 12 | |
62, 7 | |
63, 7 | |
64, 4 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
▓ | |
▓▓▓ | |
▓▓▓▓▓ ▓▓ | |
▓▓▓▓▓ ▓▓▓ | |
▓▓▓▓▓▓▓▓▓ | |
▓▓▓▓▓▓▓▓▓ | |
▓▓▓▓▓▓▓▓▓▓ | |
▓▓▓▓▓▓▓▓▓▓▓ | |
▓▓▓▓▓▓▓▓▓▓▓▓▓ | |
▓▓▓▓▓▓▓▓▓▓▓▓▓▓ | |
▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ | |
▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ | |
▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ | |
▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ | |
▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ | |
▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓ | |
000000000011111111112222222222333333333344444444445555555555666666666677 | |
012345678901234567890123456789012345678901234567890123456789012345678901 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Total entries = 567816 | |
Total unique entries = 567463 | |
Top 10 passwords | |
iPod = 3 (0.0%) | |
iPad 1 = 3 (0.0%) | |
iPhone = 3 (0.0%) | |
Brian's iPad 2 = 2 (0.0%) | |
zahra = 2 (0.0%) | |
Yulia = 2 (0.0%) | |
Yogi’s iPad = 2 (0.0%) | |
Yi's iPad = 2 (0.0%) | |
xing 的 iPad = 2 (0.0%) | |
Wilf’s iPad = 2 (0.0%) | |
Top 10 base words | |
iphone = 4671 (0.82%) | |
ipad = 783 (0.14%) | |
s ipad = 400 (0.07%) | |
s iphone = 397 (0.07%) | |
ipod = 392 (0.07%) | |
lfcs = 283 (0.05%) | |
s ipod = 73 (0.01%) | |
iphone4s = 49 (0.01%) | |
ipad de = 42 (0.01%) | |
ituned = 33 (0.01%) | |
Password length (length ordered) | |
1 = 50 (0.01%) | |
2 = 613 (0.11%) | |
3 = 3067 (0.54%) | |
4 = 5550 (0.98%) | |
5 = 9546 (1.68%) | |
6 = 12952 (2.28%) | |
7 = 12888 (2.27%) | |
8 = 14571 (2.57%) | |
9 = 17403 (3.06%) | |
10 = 18999 (3.35%) | |
11 = 23807 (4.19%) | |
12 = 30503 (5.37%) | |
13 = 33146 (5.84%) | |
14 = 36765 (6.47%) | |
15 = 36634 (6.45%) | |
16 = 34702 (6.11%) | |
17 = 30772 (5.42%) | |
18 = 26972 (4.75%) | |
19 = 28647 (5.05%) | |
20 = 29011 (5.11%) | |
21 = 30675 (5.4%) | |
22 = 30491 (5.37%) | |
23 = 27051 (4.76%) | |
24 = 21587 (3.8%) | |
25 = 16471 (2.9%) | |
26 = 11142 (1.96%) | |
27 = 7420 (1.31%) | |
28 = 4969 (0.88%) | |
29 = 3461 (0.61%) | |
30 = 2113 (0.37%) | |
31 = 1512 (0.27%) | |
32 = 1010 (0.18%) | |
33 = 743 (0.13%) | |
34 = 547 (0.1%) | |
35 = 405 (0.07%) | |
36 = 353 (0.06%) | |
37 = 252 (0.04%) | |
38 = 218 (0.04%) | |
39 = 140 (0.02%) | |
40 = 130 (0.02%) | |
41 = 158 (0.03%) | |
42 = 79 (0.01%) | |
43 = 62 (0.01%) | |
44 = 46 (0.01%) | |
45 = 30 (0.01%) | |
46 = 36 (0.01%) | |
47 = 30 (0.01%) | |
48 = 19 (0.0%) | |
49 = 17 (0.0%) | |
50 = 10 (0.0%) | |
51 = 12 (0.0%) | |
52 = 13 (0.0%) | |
53 = 5 (0.0%) | |
54 = 5 (0.0%) | |
55 = 6 (0.0%) | |
56 = 8 (0.0%) | |
57 = 12 (0.0%) | |
58 = 6 (0.0%) | |
59 = 2 (0.0%) | |
60 = 8 (0.0%) | |
61 = 5 (0.0%) | |
62 = 3 (0.0%) | |
63 = 5 (0.0%) | |
64 = 3 (0.0%) | |
65 = 3 (0.0%) | |
66 = 3 (0.0%) | |
67 = 4 (0.0%) | |
68 = 2 (0.0%) | |
69 = 2 (0.0%) | |
75 = 2 (0.0%) | |
87 = 2 (0.0%) | |
95 = 2 (0.0%) | |
Password length (count ordered) | |
14 = 36765 (6.47%) | |
15 = 36634 (6.45%) | |
16 = 34702 (6.11%) | |
13 = 33146 (5.84%) | |
17 = 30772 (5.42%) | |
21 = 30675 (5.4%) | |
12 = 30503 (5.37%) | |
22 = 30491 (5.37%) | |
20 = 29011 (5.11%) | |
19 = 28647 (5.05%) | |
23 = 27051 (4.76%) | |
18 = 26972 (4.75%) | |
11 = 23807 (4.19%) | |
24 = 21587 (3.8%) | |
10 = 18999 (3.35%) | |
9 = 17403 (3.06%) | |
25 = 16471 (2.9%) | |
8 = 14571 (2.57%) | |
6 = 12952 (2.28%) | |
7 = 12888 (2.27%) | |
26 = 11142 (1.96%) | |
5 = 9546 (1.68%) | |
27 = 7420 (1.31%) | |
4 = 5550 (0.98%) | |
28 = 4969 (0.88%) | |
29 = 3461 (0.61%) | |
3 = 3067 (0.54%) | |
30 = 2113 (0.37%) | |
31 = 1512 (0.27%) | |
32 = 1010 (0.18%) | |
33 = 743 (0.13%) | |
2 = 613 (0.11%) | |
34 = 547 (0.1%) | |
35 = 405 (0.07%) | |
36 = 353 (0.06%) | |
37 = 252 (0.04%) | |
38 = 218 (0.04%) | |
41 = 158 (0.03%) | |
39 = 140 (0.02%) | |
40 = 130 (0.02%) | |
42 = 79 (0.01%) | |
43 = 62 (0.01%) | |
1 = 50 (0.01%) | |
44 = 46 (0.01%) | |
46 = 36 (0.01%) | |
45 = 30 (0.01%) | |
47 = 30 (0.01%) | |
48 = 19 (0.0%) | |
49 = 17 (0.0%) | |
52 = 13 (0.0%) | |
51 = 12 (0.0%) | |
57 = 12 (0.0%) | |
50 = 10 (0.0%) | |
60 = 8 (0.0%) | |
56 = 8 (0.0%) | |
55 = 6 (0.0%) | |
58 = 6 (0.0%) | |
53 = 5 (0.0%) | |
54 = 5 (0.0%) | |
63 = 5 (0.0%) | |
61 = 5 (0.0%) | |
67 = 4 (0.0%) | |
66 = 3 (0.0%) | |
62 = 3 (0.0%) | |
64 = 3 (0.0%) | |
65 = 3 (0.0%) | |
59 = 2 (0.0%) | |
75 = 2 (0.0%) | |
68 = 2 (0.0%) | |
69 = 2 (0.0%) | |
87 = 2 (0.0%) | |
95 = 2 (0.0%) | |
|| | |
||| | |
||||| || | |
||||| ||| | |
||||||||| | |
||||||||| | |
|||||||||| | |
||||||||||| | |
||||||||||||| | |
|||||||||||||| | |
||||||||||||||| | |
||||||||||||||||| | |
||||||||||||||||| | |
||||||||||||||||||| | |
|||||||||||||||||||| | |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| | |
000000000011111111112222222222333333333344444444445555555555666666666677 | |
012345678901234567890123456789012345678901234567890123456789012345678901 | |
One to six characters = 31772 (5.6%) | |
One to eight characters = 59229 (10.43%) | |
More than eight characters = 508587 (89.57%) | |
Only lowercase alpha = 13323 (2.35%) | |
Only uppercase alpha = 5403 (0.95%) | |
Only alpha = 18726 (3.3%) | |
Only numeric = 0 (0.0%) | |
First capital last symbol = 3341 (0.59%) | |
First capital last number = 21058 (3.71%) | |
Months | |
january = 9 (0.0%) | |
march = 130 (0.02%) | |
april = 157 (0.03%) | |
may = 1097 (0.19%) | |
june = 137 (0.02%) | |
july = 38 (0.01%) | |
august = 164 (0.03%) | |
september = 5 (0.0%) | |
october = 6 (0.0%) | |
november = 3 (0.0%) | |
december = 4 (0.0%) | |
Days | |
monday = 9 (0.0%) | |
wednesday = 4 (0.0%) | |
thursday = 1 (0.0%) | |
friday = 16 (0.0%) | |
saturday = 1 (0.0%) | |
sunday = 11 (0.0%) | |
Months (Abreviated) | |
jan = 3195 (0.56%) | |
feb = 53 (0.01%) | |
mar = 17375 (3.06%) | |
apr = 288 (0.05%) | |
may = 1097 (0.19%) | |
jun = 1231 (0.22%) | |
jul = 1767 (0.31%) | |
aug = 733 (0.13%) | |
sept = 26 (0.0%) | |
oct = 183 (0.03%) | |
nov = 745 (0.13%) | |
dec = 337 (0.06%) | |
Days (Abreviated) | |
mon = 4863 (0.86%) | |
tues = 5 (0.0%) | |
wed = 100 (0.02%) | |
thurs = 22 (0.0%) | |
fri = 676 (0.12%) | |
sat = 487 (0.09%) | |
sun = 1221 (0.22%) | |
Includes years | |
1975 = 6 (0.0%) | |
1976 = 4 (0.0%) | |
1977 = 10 (0.0%) | |
1978 = 8 (0.0%) | |
1979 = 7 (0.0%) | |
1980 = 6 (0.0%) | |
1981 = 3 (0.0%) | |
1982 = 5 (0.0%) | |
1983 = 7 (0.0%) | |
1984 = 5 (0.0%) | |
1985 = 7 (0.0%) | |
1986 = 2 (0.0%) | |
1987 = 6 (0.0%) | |
1988 = 8 (0.0%) | |
1989 = 6 (0.0%) | |
1990 = 5 (0.0%) | |
1991 = 4 (0.0%) | |
1992 = 6 (0.0%) | |
1993 = 4 (0.0%) | |
1994 = 2 (0.0%) | |
1995 = 5 (0.0%) | |
1996 = 4 (0.0%) | |
1997 = 5 (0.0%) | |
1998 = 2 (0.0%) | |
1999 = 6 (0.0%) | |
2000 = 47 (0.01%) | |
2001 = 21 (0.0%) | |
2002 = 14 (0.0%) | |
2003 = 7 (0.0%) | |
2004 = 6 (0.0%) | |
2005 = 9 (0.0%) | |
2006 = 3 (0.0%) | |
2007 = 14 (0.0%) | |
2008 = 17 (0.0%) | |
2009 = 37 (0.01%) | |
2010 = 249 (0.04%) | |
2011 = 368 (0.06%) | |
2012 = 57 (0.01%) | |
2013 = 6 (0.0%) | |
2014 = 3 (0.0%) | |
2015 = 1 (0.0%) | |
2016 = 2 (0.0%) | |
2017 = 1 (0.0%) | |
2018 = 1 (0.0%) | |
2019 = 2 (0.0%) | |
2020 = 4 (0.0%) | |
Years (Top 10) | |
2011 = 368 (0.06%) | |
2010 = 249 (0.04%) | |
2012 = 57 (0.01%) | |
2000 = 47 (0.01%) | |
2009 = 37 (0.01%) | |
2001 = 21 (0.0%) | |
2008 = 17 (0.0%) | |
2007 = 14 (0.0%) | |
2002 = 14 (0.0%) | |
1977 = 10 (0.0%) | |
Single digit on the end = 21230 (3.74%) | |
Two digits on the end = 2913 (0.51%) | |
Three digits on the end = 1049 (0.18%) | |
Last number | |
0 = 1061 (0.19%) | |
1 = 2802 (0.49%) | |
2 = 13498 (2.38%) | |
3 = 1607 (0.28%) | |
4 = 5874 (1.03%) | |
5 = 713 (0.13%) | |
6 = 600 (0.11%) | |
7 = 703 (0.12%) | |
8 = 558 (0.1%) | |
9 = 558 (0.1%) | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
| | | |
| | | |
|| | | |
|| | | |
||||| | |
|||||||||| | |
0123456789 | |
Last digit | |
2 = 13498 (2.38%) | |
4 = 5874 (1.03%) | |
1 = 2802 (0.49%) | |
3 = 1607 (0.28%) | |
0 = 1061 (0.19%) | |
5 = 713 (0.13%) | |
7 = 703 (0.12%) | |
6 = 600 (0.11%) | |
8 = 558 (0.1%) | |
9 = 558 (0.1%) | |
Last 2 digits (Top 10) | |
11 = 497 (0.09%) | |
01 = 374 (0.07%) | |
10 = 324 (0.06%) | |
64 = 218 (0.04%) | |
02 = 182 (0.03%) | |
12 = 168 (0.03%) | |
00 = 156 (0.03%) | |
23 = 150 (0.03%) | |
32 = 144 (0.03%) | |
13 = 135 (0.02%) | |
Last 3 digits (Top 10) | |
011 = 253 (0.04%) | |
010 = 160 (0.03%) | |
001 = 80 (0.01%) | |
000 = 72 (0.01%) | |
007 = 55 (0.01%) | |
012 = 49 (0.01%) | |
002 = 47 (0.01%) | |
123 = 42 (0.01%) | |
101 = 30 (0.01%) | |
009 = 30 (0.01%) | |
Last 4 digits (Top 10) | |
2011 = 237 (0.04%) | |
2010 = 146 (0.03%) | |
2012 = 43 (0.01%) | |
2000 = 20 (0.0%) | |
2009 = 15 (0.0%) | |
3000 = 13 (0.0%) | |
9000 = 11 (0.0%) | |
0000 = 10 (0.0%) | |
1111 = 9 (0.0%) | |
2001 = 9 (0.0%) | |
Last 5 digits (Top 10) | |
42229 = 8 (0.0%) | |
58811 = 5 (0.0%) | |
11111 = 5 (0.0%) | |
22222 = 3 (0.0%) | |
62010 = 3 (0.0%) | |
82836 = 3 (0.0%) | |
12011 = 3 (0.0%) | |
11003 = 3 (0.0%) | |
10112 = 3 (0.0%) | |
01017 = 3 (0.0%) | |
Character sets | |
mixedalpha: 30829 (5.43%) | |
loweralpha: 13323 (2.35%) | |
mixedalphaspecial: 6905 (1.22%) | |
upperalpha: 5403 (0.95%) | |
mixedalphanum: 2477 (0.44%) | |
loweralphaspecial: 2157 (0.38%) | |
loweralphanum: 1657 (0.29%) | |
mixedalphaspecialnum: 1418 (0.25%) | |
upperalphanum: 1114 (0.2%) | |
upperalphaspecial: 989 (0.17%) | |
upperalphaspecialnum: 782 (0.14%) | |
loweralphaspecialnum: 555 (0.1%) | |
special: 72 (0.01%) | |
Character set ordering | |
othermask: 503580 (88.69%) | |
allstring: 49555 (8.73%) | |
stringspecialstring: 7505 (1.32%) | |
stringdigit: 4015 (0.71%) | |
stringdigitstring: 1016 (0.18%) | |
stringspecial: 916 (0.16%) | |
stringspecialdigit: 820 (0.14%) | |
specialstringspecial: 242 (0.04%) | |
specialstring: 95 (0.02%) | |
allspecial: 72 (0.01%) | |
Hashcat masks (Top 10) | |
?u?l?l?l?l?l?s?s?s?l?s?l?u?l?l: 5949 (1.05%) | |
?u?l?l?l?l?s?s?s?l?s?l?u?l?l: 5791 (1.02%) | |
?u?l?l?l?l?s?u?l?l?l?l?l?s?s?s?l?s?l?u?l?l: 4803 (0.85%) | |
?u?l?l?l?l?l: 4314 (0.76%) | |
?u?l?l?l?l?l?l?s?s?s?l?s?l?u?l?l: 4276 (0.75%) | |
?u?l?l?l?l: 4139 (0.73%) | |
?u?l?l?l?l?s?u?l?l?l?l?s?s?s?l?s?l?u?l?l: 3988 (0.7%) | |
?u?l?l?l?s?u?l?l?l?l?l?s?s?s?l?s?l?u?l?l: 3939 (0.69%) | |
?u?l?l?l?l?s?u?l?l?l?l?l?l?s?s?s?l?s?l?u?l?l: 3857 (0.68%) | |
?u?l?l?l?l?l?s?u?l?l?l?l?l?s?s?s?l?s?l?u?l?l: 3489 (0.61%) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment