TrackSomebody.com

october27thgroup.com pentesting, pci, red team

illmob.org

85,100 Forbidden Dropbox Passwords

June 8th, 2015 by admin in cracking

Jerod Brennen was messing around with opening the dropbox mobile app and stumbled across a javascript file that checked a user’s signup password. Inside was a file called pw.html, which had a line inside the javascript that had 85100 passwords that users were forbidden to use when signing up. It was part of an old project that Dropbox had integrated into their app called zxcvbn (You can test it live ::HERE::). Apparently WordPress also has the JavaScript library into their code too.

They had based most of the passwords on a study by Mark Burnett from 2005 and 2012 that compiled the 500 and 10000 most common passwords which we covered a few years back. The handy password cracking list is available on Jerod’s site for download ::HERE::

Leave a reply