Compare commits

..

No commits in common. "master" and "beta" have entirely different histories.
master ... beta

4 changed files with 38 additions and 110 deletions

View File

@ -8,7 +8,6 @@ verify_ssl = true
[packages]
requests = "*"
pyinstaller = "*"
argparse = "*"
[requires]
python_version = "3.7"

11
Pipfile.lock generated
View File

@ -1,7 +1,7 @@
{
"_meta": {
"hash": {
"sha256": "72f7b87a032a3c10cfa8b0914121403db30a4f3582386cce2f516a1b7f897b42"
"sha256": "38e2af2d59158d85bb4d55eb3140a0745c9eb21635643df4b2192cdd0abc2074"
},
"pipfile-spec": 6,
"requires": {
@ -23,14 +23,6 @@
],
"version": "==0.16.1"
},
"argparse": {
"hashes": [
"sha256:62b089a55be1d8949cd2bc7e0df0bddb9e028faefc8c32038cc84862aefdd6e4",
"sha256:c31647edb69fd3d465a847ea3157d37bed1f95f19760b11a47aa91c04b666314"
],
"index": "pypi",
"version": "==1.4.0"
},
"certifi": {
"hashes": [
"sha256:59b7658e26ca9c7339e00f8f4636cdfe59d34fa37b9b04f6f9e9926b3cece1a5",
@ -47,6 +39,7 @@
},
"future": {
"hashes": [
"sha256:1d73b8a1aab19cb8c2c961ba82bf93860e1fb7d361be21e7288691c068cd3cfc",
"sha256:67045236dcfd6816dc439556d009594abf643e5eb48992e36beac09c2ca659b8"
],
"version": "==0.17.1"

2
build.sh Executable file → Normal file
View File

@ -2,4 +2,4 @@
mkdir -p build
cd build
pyinstaller --distpath=../dist --workpath=../build -y ../src/have_I_b33n_pwned.py
pyinstaller --distpath=../dist --workpath=../build ../src/have_I_b33n_pwned.py

130
src/have_I_b33n_pwned.py Executable file → Normal file
View File

@ -22,82 +22,43 @@
# updater script for nextcloud
#
# TODO
# - add feature: also check for email breaches
# - add feature: keepass integration? isnt there something like this already?
# - handle mail API exeption more precisely
from os import name
from sys import argv, stdout, exit
from re import match
from argparse import ArgumentParser
from hashlib import sha1
from getpass import getpass
import requests
from requests import get
if name == 'nt': # disable colors for windows environment
(RED, GREEN, RESET) = ("", "", "")
else:
(RED, GREEN, RESET) = ("\033[1;31m", "\033[0;32m", "\033[0;0m")
PASSWORD_API = 'https://api.pwnedpasswords.com/range/'
MAIL_API = 'https://haveibeenpwned.com/api/v2/breachedaccount/'
RED = "\033[1;31m"
GREEN = "\033[0;32m"
RESET = "\033[0;0m"
API = 'https://api.pwnedpasswords.com/range/'
ROW = '{:<30}{:<10}{:<45}'
HIDDEN = True
INFINITE = True
parser = ArgumentParser(
description='Check if your email or password appears in a data leak.',
epilog='Moritz Münch, moritzmuench@mailbox.org, willipink.eu, GPL3+')
parser.add_argument('input',
nargs='*',
metavar='password or mail adress',
help='''You can specify passwords and mail adresses seperated by spaces.
If the password contains a space you have to enclose it in quotes like ' or
"''')
parser.add_argument('-s', '-show', '--show',
nargs='?',
help='Show entered in leak summary')
args = parser.parse_args()
if args.show:
HIDDEN = False
def input_prompt():
def header():
print()
print(ROW.format('password', 'leaked', 'sha1'))
print('-' * 80)
def prompt_password():
print()
password = getpass('Tell me your password: ')
global HIDDEN
if HIDDEN:
user_input = getpass('Tell me your password or mail adress: ')
else:
user_input = input('Tell me your password or mail adress: ')
check_mail_or_password(user_input)
HIDDEN = True
header()
query(password)
def check_mail_or_password(user_input):
valid_mail = match(r'^[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\.[a-zA-Z0-9-.]+$', user_input)
if valid_mail:
query_mail(valid_mail.group())
else:
query_password(user_input)
def no_connection_to(url):
''' Warn about no connection to *url* and exit '''
stdout.write(RED)
print('Could not connect to {}, please check your internet connection'.format(url))
stdout.write(RESET)
exit(1)
def query_password(password):
''' Query the first 5 digits of the sha1 hash of the user input
ti the haveibeenpwned.com api. '''
def query(password):
password_hash = sha1(password.encode('UTF-8')).hexdigest().upper()
request = password_hash[:5]
try:
response = requests.get(PASSWORD_API + request).text
except requests.exceptions.ConnectionError:
no_connection_to(PASSWORD_API)
response = get(API + request).text
hash_searched = 'not yet'
for answer in response.splitlines():
data = answer.split(':')
@ -105,53 +66,28 @@ def query_password(password):
if password_hash == combined_hash:
hash_searched = int(data[1])
break
if hash_searched == 'not yet':
stdout.write(GREEN)
else:
stdout.write(RED)
if HIDDEN:
password = '*' * len(password)
print(ROW.format('password', 'leaked', 'sha1'))
print('-' * 80)
print(ROW.format(password, hash_searched, password_hash))
stdout.write(RESET)
if INFINITE:
input_prompt()
def query_mail(mail):
try:
response = requests.get(MAIL_API + mail).json()
for breach in response:
print('Name: {}'.format(breach['Name']))
print('Title: {}'.format(breach['Title']))
print('Domain: {}'.format(breach['Domain']))
print('Breach date: {}'.format(breach['BreachDate']))
print('Added date: {}'.format(breach['AddedDate']))
print('Modified date: {}'.format(breach['ModifiedDate']))
print('Pwn count: {}'.format(breach['PwnCount']))
print('Description: {}'.format(breach['Description']))
stdout.write(RED)
print('Breached data: {}'.format(', '.join([data for data in breach['DataClasses']])))
stdout.write(RESET)
print('Verified: {}'.format('yes' if breach['IsVerified'] == 1 else 'No'))
print('Fabricated: {}'.format('yes' if breach['IsFabricated'] == 1 else 'No'))
print('Sensitive: {}'.format('yes' if breach['IsSensitive'] == 1 else 'No'))
print('Retired: {}'.format('yes' if breach['IsRetired'] == 1 else 'No'))
print('Spam: {}'.format('yes' if breach['IsSpamList'] == 1 else 'No'))
except requests.exceptions.ConnectionError:
no_connection_to(MAIL_API)
except:
stdout.write(GREEN)
print('The mail adress {} is not in the leak database.'.format(mail))
stdout.write(RESET)
query_password(mail)
if HIDDEN:
prompt_password()
if __name__ == '__main__':
if args.input:
for user_input in args.input:
check_mail_or_password(user_input)
if len(argv) < 2:
prompt_password()
else:
INFINITE = True
input_prompt()
header()
for password in argv[1:]:
query(password)
print()
exit(0)