Gravatars Can Leak Users' Email Addresses

abell writes "Gravatar offers a global avatar service, using an MD5 hash of the user's email as avatar ID. This piece of information in some cases is enough to retrieve the original email address. Testing a simple attack on stackoverflow.com, I was able to determine the email addresses of more than 10% of the site's users."

Public address

[AlpineR]

Here's my own Gravatar hash:

b835b33911b93c136d8e61cbbbe6736d

Who will be the first to crack it?

Re:Public address

[Yvan256]

Is it wagnerr@umich.edu?

Re:Public address

[palegray.net]

I'm certain his email must be umich@wagnerr.edu. Now I just need to figure out why he's attending Wagner of all schools, and how the heck they managed to typo their own domain name.

Re:Public address

[grcumb]

That took all of one second to find in an md5 lookup database. And thirty seconds for me to realize that I could have looked two lines higher to see it in plaintext next to your userid. :wallbash:

Upside: You get to keep your geek card.

Downside: You'll never survive the world outside your basement.

8^)

Re:So let's change the algorithm.

[geekpowa]

The attack doesn't rely on MD5 itself or MD5 collisions. It would work no matter what hashing algorithm was used.

Re:So let's change the algorithm.

[Firehed]

I disagree.

Granted, those are basically very unsophisticated databases that just store lookup values, but it's relatively easy to bruteforce an MD5 hash down into one of the possible original strings (obviously with any algorithm that has a fixed output size with limitless inputs like MD5 there are infinite inputs that will hash down to a single md5sum, but when you're trying to get a valid email address out of a hash it's easy to pick the right one). Couple that with the fact that in this situation, you know that the entire string is lowercased and probably 60% of the gravatar emails (probably more like 90% actually) are going to come from one of four or five domains... reversal becomes quite easy. If you're bored, you could spin up a few Amazon EC2 or Rackspace Cloud Server instances to dump out some large tables. One each for gmail, yahoo, msn, aol, whatever else; it'd be a very simple script to make. You could probably cover every alphanumeric email address under 12 characters overnight, at a cost of about a dollar and ten minutes of scripting.

The thing to realize here is that gravatar doesn't md5 emails to hide them from people who want to obscure their identity, just to obscure them from spambots. So it's really a non-issue. If you're that concerned, leave your blog comments with a fake email address.

Re:e9af4cb49c97162d6be3ea8c6ca90a46

Your email is: tyler.szabo _AT_ gmail.com

md5 -s "tyler.szabo@gmail.com"
MD5 ("tyler.szabo@gmail.com") = e9af4cb49c97162d6be3ea8c6ca90a46

For bonus points, your name is Tyler Szabo, you go to University of Waterloo and plan on graduating in 2011. You work at Amazon. You are in a relationship with a Kaylan Elizabeth L. (last name withheld as a courtesy, I'm sure you know who I mean :) ).

I found out you registered this, looked up your avatar on Gravatar, found you on Stack Overflow which gave me your real name (searched for Szabo assuming that was something to do with you). Using this, I looked you up on Facebook, Twitter, and various other sites. Your single avatar helped me link everything together. Once I had your real name from Stack Overflow it became easy.

Good times. Perhaps this reveals another security vulnerability? One avatar links -ALL- your social networking.

I also have your parents, previous employers, etc, but won't post those here :)

Re:So let's change the algorithm.

[DrSkwid]

1) register as a website with gravatar, find out how long the salt is
2) register on stackoverflow with your email address
3) enumerate the possibilities until you find the hash of your own address and therefore the salt
4) extract 8000+ emails from stackoverflow
5) repeat for other sites