February 23, 2018, 09:55:28 AM
Welcome, Guest. Please login or register.

"Have you tried turning it off and then on again?"

Author Topic: CloudBleed Checker  (Read 1008 times)

Offline Amonsec

  • Top Hat Member
  • Prospect
  • ********
  • Posts: 49
  • Internets: +36/-0
  • 1336 working to become 1337
CloudBleed Checker
« on: March 15, 2017, 03:59:03 AM »
Hi everybody.
A little bit latter, sadly, today we gonna see how we can find if we need to change our password after the Cloud Bleed bug scandal.

For more information:
Or less technically here:

  • Export to CSV
First we need to create a CSV file with our passwords, and I hope people here didn't use same password for all services/web-sites/applications.

For Firefox passwords export :

For Google Chrome and Opera passwords export :

For Keepass / KeepassX passwords export :

For other type of password export it's easy to find a tutorial on Google. :)
  • Run the script
Here we going to use an Python (2.7) script from github:

  • OSX, or Linux environments;
  • Python 2.7 or later;
  • Existing /tmp/password.csv from the above steps;
  • check.py from this project existing in /tmp/check.py.
Now we can run the script and see if we are r3kt:
Code: [Select]
root@ths-amonsec:/opt# git clone https://github.com/aarondunlop/CloudBleed.git
root@ths-amonsec:/opt# cp CloudBleed/check.py /tmp/ && cd /tmp/
root@ths-amonsec:/tmp# chmod +x check.py
root@ths-amonsec:/tmp# ./check.py

Fortunately all my passwords are safe , but it's not the case of everybody.
It's very important to check this things, to not being pwn later.

Hope this little post help few people.
I gonna try to be more quicker next time for event like that.


« Last Edit: March 15, 2017, 05:03:31 AM by _amonsec »
"A computer is only as good as it's user" - R4V3N
OSCP (2017)

Offline doctane

  • Top Hat Member
  • Experienced
  • ********
  • Posts: 155
  • Internets: +14/-0
  • Never should of trusted hollywood!
    • Public key
Re: CloudBleed Checker
« Reply #1 on: June 22, 2017, 04:57:32 PM »
Good write up will deff check mine out!!
Don't blink, don't move. You feel that, as your worries fade away? You hear that? That's the Sound of Madness, calling for you!