MD5 Hash of all proxy addresses

If you haven’t heard, most of the commenting accounts on Gawker Media sites have been compromised. A copy of their database, including MD5 hashed e-mail addresses and DES hashed passwords has been published.

If like me, you’re concerned people in your organisation may have been effected here’s a quick script which will provide hashes for each proxy address your users have. You can then compare the hashes to those in the Gawker CSV published here.

function hashMd5 ($inString)
{
	if ($inString.Length -lt 3)
	{
		return;
	}
	$inString = $inString.ToLower()
	$csp = [System.Security.Cryptography.MD5CryptoServiceProvider];
	$ha = new-object $csp
	$hashByteArray = $ha.ComputeHash($([Char[]]$inString));
	foreach ($byte in $hashByteArray) { $result += “{0:X}” -f $byte }
	$output = New-Object PsObject
	$output | Add-Member NoteProperty ProxyAddress $inString
	$output | Add-Member NoteProperty HashValue ($result)
	echo $output.ProxyAddress   $output.hashValue

}
Get-Mailbox | select -expand EmailAddresses | %{ hashMd5($_.SmtpAddress) }

Comments

• MD5 Hash Generator says:

  Great script, Dave. Probably a good exercise for any company to go through to determine if any corporate accounts are compromised.