have I been pwned to check. I decided to use a breach that included their email, name, and phone number. This would give me enough info to confirm later that this is the correct person. dehashed and intelligence x can also be used to find breaches if the ones on have I been pwned are not useful.
Now it’s time to find out where it can be accessed or downloaded from. I like to first go to intelligence x as this will give the file name of the breach. This is important for google dorking the file itself. Sometimes if the file is a text file, intelligence will leave the part you need unobfuscated which would mean skipping downloading the breach. However, this time we are not so lucky.
Using the file name of the breach in a google dork gives us a link to a torrent on btdigg. btdigg is a site that hosts torrent files and I have found a lot of breaches on here. The torrent file is called MyCloud and is a collection of breaches which includes the one we are following.
Now that we have the torrent file for MyCloud, it’s time to download what we want. I use qBittorrent. I don’t want to download the whole torrent file as we only want our one breach so I only select the file we need. Make sure to seed for a while after it’s downloaded!
The breach is in a MySQL dump. We will need to load it into a database to access
sudo mysql dbname < dump.sql
inside MySQL run these commands
use database_name; (this will switch to the database we loaded)
show tables; (shows all the tables in the database)
SELECT * FROM table WHERE email="firstname.lastname@example.org" but replace with the real table and email to find the phone number.
you could also do a grep on the dump file as it isn’t a binary, but depending on how big the dump is, it will take a long time to complete. The loading into the database will also be slow if the dump is big too.
After finding the number and checking that it belongs to my friend using people search websites, I texted them and got a response!
Gaining extra information from an email address
By Collin, 2023-08-03