[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Can "rockyou" wordlist be packaged in Debian?



Hi,

>From Wikipedia[1]:

"Based in San Francisco, California, RockYou was founded in 2005 by
Lance Tokuda and Jia Shen. The company's first product, a slide show
service, was designed to work as an application widget. Later
applications included various forms of voice mail, text and photo
stylization, and games.

[...]

In December 2009, the company experienced a data breach resulting in
the exposure of over 32 million user accounts. This resulted from
storing user data in an unencrypted database and not patching a
ten-year-old SQL vulnerability. RockYou failed to provide a
notification of the breach to users and miscommunicated the extent of
the breach."

[1] https://en.wikipedia.org/wiki/RockYou


Well, the quoted event resulted in a file with 14 million passwords,
distributed by Kali Linux. These passwords are widely used by most
common users around the world and are a very good dictionary for
crackers as John the Ripper and Aircrack-ng. It is useful for security
checks, forensics investigations, etc. A little example:

bowhunter6
bowhunter3
bowhouse
bowflex1
bowfinger

Can rockyou be packaged in Debian, considering that Kali will put a
DFSG-compatible license for this wordlist?

Thanks a lot in advance.

Regards,

Eriberto


Reply to: