Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

2.5.4 2 #97

Merged
merged 4 commits into from
Aug 5, 2020
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 4 additions & 4 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -72,7 +72,7 @@
| [Leak-Lookup](https://leak-lookup.com/) - Service | Cleartext passwords, hashs and salts, usernames, IPs, domain | :white_check_mark: :key: |
| [Emailrep.io](https://emailrep.io/) - Service (free) | Last seen in breaches, social media profiles | :white_check_mark: :key: |
| [Scylla.sh](https://scylla.sh/) - Service (free) | Cleartext passwords, hashs and salts, usernames, IPs, domain | :white_check_mark: |
| [Dehashed.sh](https://dehashed.com/) - Service | Cleartext passwords, hashs and salts, usernames, IPs, domain | :construction: :key: |
| [Dehashed.sh](https://dehashed.com/) - Service | Cleartext passwords, hashs and salts, usernames, IPs, domain | :white_check_mark: :key: |
| :new: [IntelX.io](https://intelx.io/signup) - Service (free trial) | Cleartext passwords, hashs and salts, usernames, IPs, domain, Bitcoin Wallets, IBAN | :white_check_mark: :key: |

*:key: - API key required*
Expand Down Expand Up @@ -169,17 +169,17 @@ $ h8mail -t [email protected]
$ h8mail -t targets.txt -c config.ini -o pwned_targets.csv
```

###### Query a list of targets against local copy of the Breach Compilation, pass API keys for [Snusbase](https://snusbase.com/) from the command line
###### Query a list of targets against local copy of the Breach Compilation, pass API key for [Snusbase](https://snusbase.com/) from the command line
```bash
$ h8mail -t targets.txt -bc ../Downloads/BreachCompilation/ -k "snusbase_url=$snusbase_url,snusbase_token=$snusbase_token"
$ h8mail -t targets.txt -bc ../Downloads/BreachCompilation/ -k "snusbase_token=$snusbase_token"
```

###### Query without making API calls against local copy of the Breach Compilation
```bash
$ h8mail -t targets.txt -bc ../Downloads/BreachCompilation/ -sk
```

###### Search every .gz file for targets found in targets.txt locally
###### Search every .gz file for targets found in targets.txt locally, skip default checks

```bash
$ h8mail -t targets.txt -gz /tmp/Collection1/ -sk
Expand Down
31 changes: 15 additions & 16 deletions h8mail/utils/classes.py
Original file line number Diff line number Diff line change
Expand Up @@ -389,7 +389,7 @@ def get_scylla(self, user_query="email"):
response = self.make_request(
url,
verify=False,
auth=requests.auth.HTTPBasicAuth("sammy", "BasicPassword!"),
# auth=requests.auth.HTTPBasicAuth("sammy", "BasicPassword!"),
)
self.headers.popitem()

Expand All @@ -401,7 +401,7 @@ def get_scylla(self, user_query="email"):
data = response.json()
total = 0
for d in data:
for field, k in d["_source"].items():
for field, k in d["fields"].items():
if k is not None:
total += 1
c.good_news(
Expand All @@ -410,28 +410,28 @@ def get_scylla(self, user_query="email"):
)
)
for d in data:
for field, k in d["_source"].items():
if "User" in field and k is not None:
for field, k in d["fields"].items():
if "user" in field and k is not None:
self.data.append(("SCYLLA_USERNAME", k))
self.pwned += 1
elif (
"Email" in field and k is not None and user_query != "email"
"email" in field and k is not None and user_query != "email"
):
self.data.append(("SCYLLA_EMAIL", k))
self.pwned += 1
elif "Password" in field and k is not None:
elif "password" in field and k is not None:
self.data.append(("SCYLLA_PASSWORD", k))
self.pwned += 1
elif "PassHash" in field and k is not None:
elif "passhash" in field and k is not None:
self.data.append(("SCYLLA_HASH", k))
self.pwned += 1
elif "PassSalt" in field and k is not None:
elif "passsalt" in field and k is not None:
self.data.append(("SCYLLA_HASHSALT", k))
self.pwned += 1
elif "IP" in field and k is not None:
elif "ip" in field and k is not None:
self.data.append(("SCYLLA_LASTIP", k))
self.pwned += 1
elif "Domain" in field and k is not None:
elif "domain" in field and k is not None:
self.data.append(("SCYLLA_SOURCE", k))
self.pwned += 1
except Exception as ex:
Expand Down Expand Up @@ -736,11 +736,6 @@ def get_weleakinfo_pub(self, api_key):

def get_dehashed(self, api_email, api_key, user_query):
try:
# New Dehashed API needs fixing, waiting for devs to respond
c.bad_news("Dehashed is temporarily unavailable")
c.bad_news("This should be fixed in the next updates\n")
return

if user_query == "hash":
user_query == "hashed_password"
if user_query == "ip":
Expand Down Expand Up @@ -803,11 +798,15 @@ def get_dehashed(self, api_email, api_key, user_query):
("DHASHD_ID", result[tag] + " (type: " + tag + ")")
)
self.pwned += 1

# Documentation and JSON are not synced, using both source keys
if "obtained_from" in result and self.not_exists(
result["obtained_from"]
):
self.data.append(("DHASHD_SOURCE", result["obtained_from"]))
if "database_name" in result and self.not_exists(
result["database_name"]
):
self.data.append(("DHASHD_SOURCE", result["database_name"]))

if response["balance"] is not None:
self.data.append(
Expand Down
17 changes: 16 additions & 1 deletion h8mail/utils/colors.py
Original file line number Diff line number Diff line change
Expand Up @@ -168,6 +168,21 @@ def print_result(target, data, source):
colors.reset,
)
)
# Underscore to avoid coloring service with "email" in name
elif "_EMAIL" in source:
print(
"{}{:15}{}|{}{:>25.25}{} > {}{}{}".format(
colors.fg.lightblue,
source,
colors.fg.lightgrey,
colors.fg.pink,
target,
colors.fg.lightgrey,
colors.fg.lightgrey,
data,
colors.reset,
)
)
elif "USER" in source:
print(
"{}{:15}{}|{}{:>25.25}{} > {}{}{}".format(
Expand All @@ -184,7 +199,7 @@ def print_result(target, data, source):
)
elif "SOURCE" in source:
print(
"{}{:15}{}|{}{:>25.25}{} > {}{}{}".format(
"{}{:15}{}|{}{:>25.25}{} > {}{}{}\n".format(
colors.fg.lightblue,
source,
colors.fg.lightgrey,
Expand Down