Skip to content

Commit

Permalink
Merge pull request #89 from khast3x/2.5.3
Browse files Browse the repository at this point in the history 
2.5.3
  • Loading branch information
@khast3x
khast3x authored Jul 12, 2020
2 parents 1c06a1a + fdcfd22 commit eec9ae2
Show file tree
Hide file tree
Showing 12 changed files with 723 additions and 148 deletions.
2 changes: 2 additions & 0 deletions .gitignore
View file
Original file line number Diff line number Diff line change
Expand Up @@ -110,3 +110,5 @@ h8mail_keys.ini
h8mail_config.ini
keysbackup.ini
.vscode/launch.json
file1.bin
*.txt
49 changes: 27 additions & 22 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,21 +61,21 @@

#### APIs

| Service | Functions | Status |
|----------------------------------------------------------------|:-----------------------------------------------------------------:|:--------------------------:|
| [HaveIBeenPwned(v3)](https://haveibeenpwned.com/) | Number of email breaches | :white_check_mark: :key: |
| [HaveIBeenPwned Pastes(v3)](https://haveibeenpwned.com/Pastes) | URLs of text files mentioning targets | :white_check_mark: :key: |
| [Hunter.io](https://hunter.io/) - Public | Number of related emails | :white_check_mark: |
| [Hunter.io](https://hunter.io/) - Service (free tier) | Cleartext related emails, Chasing | :white_check_mark: :key: |
| ~~[WeLeakInfo](https://weleakinfo.com/) - Public~~ | Number of search-able breach results |:white_large_square: :key: |
| ~~[WeLeakInfo](https://weleakinfo.com/) - Service~~ | Cleartext passwords, hashs and salts, usernames, IPs, domain |:white_large_square: :key: |
| [Snusbase](https://snusbase.com/) - Service | Cleartext passwords, hashs and salts, usernames, IPs - Fast :zap: | :white_check_mark: :key: |
| [Leak-Lookup](https://leak-lookup.com/) - Public | Number of search-able breach results | :white_check_mark: (:key:) |
| [Leak-Lookup](https://leak-lookup.com/) - Service | Cleartext passwords, hashs and salts, usernames, IPs, domain | :white_check_mark: :key: |
| [Emailrep.io](https://emailrep.io/) - Service (free) | Last seen in breaches, social media profiles | :white_check_mark: :key: |
| [Scylla.sh](https://scylla.sh/) - Service (free) | Cleartext passwords, hashs and salts, usernames, IPs, domain | :white_check_mark: |
| [Dehashed.sh](https://dehashed.com/) - Service | Cleartext passwords, hashs and salts, usernames, IPs, domain | :white_large_square: :key: |

| Service | Functions | Status |
|-|-|-|
| [HaveIBeenPwned(v3)](https://haveibeenpwned.com/) | Number of email breaches | :white_check_mark: :key: |
| [HaveIBeenPwned Pastes(v3)](https://haveibeenpwned.com/Pastes) | URLs of text files mentioning targets | :white_check_mark: :key: |
| [Hunter.io](https://hunter.io/) - Public | Number of related emails | :white_check_mark: |
| [Hunter.io](https://hunter.io/) - Service (free tier) | Cleartext related emails, Chasing | :white_check_mark: :key: |
| ~~[WeLeakInfo](https://weleakinfo.com/) - Public~~ | Number of search-able breach results | :construction: :key: |
| ~~[WeLeakInfo](https://weleakinfo.com/) - Service~~ | Cleartext passwords, hashs and salts, usernames, IPs, domain | :construction: :key: |
| [Snusbase](https://snusbase.com/) - Service | Cleartext passwords, hashs and salts, usernames, IPs - Fast :zap: | :white_check_mark: :key: |
| [Leak-Lookup](https://leak-lookup.com/) - Public | Number of search-able breach results | :white_check_mark: (:key:) |
| [Leak-Lookup](https://leak-lookup.com/) - Service | Cleartext passwords, hashs and salts, usernames, IPs, domain | :white_check_mark: :key: |
| [Emailrep.io](https://emailrep.io/) - Service (free) | Last seen in breaches, social media profiles | :white_check_mark: :key: |
| [Scylla.sh](https://scylla.sh/) - Service (free) | Cleartext passwords, hashs and salts, usernames, IPs, domain | :white_check_mark: |
| [Dehashed.sh](https://dehashed.com/) - Service | Cleartext passwords, hashs and salts, usernames, IPs, domain | :construction: :key: |
| [IntelX.io](https://intelx.io/signup) - Service (free) | Cleartext passwords, hashs and salts, usernames, IPs, domain, Bitcoin Wallets, IBAN | :white_check_mark: :key: |

*:key: - API key required*

Expand All @@ -95,7 +95,7 @@ usage: h8mail [-h] [-t USER_TARGETS [USER_TARGETS ...]]
[-gz LOCAL_GZIP_SRC [LOCAL_GZIP_SRC ...]] [-sf]
[-ch [CHASE_LIMIT]] [--power-chase] [--hide] [--debug]
[--gen-config]

Email information and password lookup tool

optional arguments:
Expand Down Expand Up @@ -144,18 +144,16 @@ optional arguments:
-ch [CHASE_LIMIT], --chase [CHASE_LIMIT]
Add related emails from hunter.io to ongoing target
list. Define number of emails per target to chase.
Requires hunter.io private API key
Requires hunter.io private API key if used without
power-chase
--power-chase Add related emails from ALL API services to ongoing
target list. Use with --chase. Requires a private API
key
target list. Use with --chase
--hide Only shows the first 4 characters of found passwords
to output. Ideal for demonstrations
--debug Print request debug information
--gen-config, -g Generates a configuration file template in the current
working directory & exits. Will overwrite existing
h8mail_config.ini file


```
-----
Expand Down Expand Up @@ -227,7 +225,14 @@ $ h8mail -u "https://pastebin.com/raw/kQ6WNKqY" "list_of_urls.txt"
* Logo generated using Hatchful by Shopify
* [Jake Creps](https://twitter.com/jakecreps) for his [h8mail v2 introduction](https://jakecreps.com/2019/06/21/h8mail/)
* [Alejandro Caceres](https://twitter.com/_hyp3ri0n) for making scylla.sh available. Be sure to [support](https://www.buymeacoffee.com/Eiw47ImnT) him if you can
* [Dehashed](https://dehashed.com) for being developer friendly
* [IntelX](https://intelx.io) for being developer friendly
:purple_heart: **h8mail can be found in:**
* [BlackArch Linux](https://blackarch.org/recon.html)
* [Tsurugi DFIR VM](https://tsurugi-linux.org/)
* [Trace Labs OSINT VM](https://www.tracelabs.org/trace-labs-osint-vm/)
-----
## :tangerine: Related open source projects
Expand Down
174 changes: 79 additions & 95 deletions h8mail/utils/classes.py
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
#!/usr/bin/env python
# -*- coding: utf-8 -*-

from .intelx import intelx as i
from time import sleep
from .colors import colors as c
import requests
Expand Down Expand Up @@ -111,97 +110,6 @@ def make_request(
print(response)
return response

# Deprecated
def get_hibp(self):
try:
sleep(1.3)
c.info_news(c.bold + "HIBP free tier will stop working on the 2019/08/18")
c.info_news(
c.bold
+ "You can already use a purchased API key using h8mail (config file)"
+ c.reset
)
url = "https://haveibeenpwned.com/api/v2/breachedaccount/{}?truncateResponse=true".format(
self.target
)
response = self.make_request(url)
if response.status_code not in [200, 404]:
c.bad_news("Could not contact HIBP for " + self.target)
print(response.status_code)
return

if response.status_code == 200:
data = response.json()
for d in data: # Returned type is a dict of Name : Service
for _, ser in d.items():
self.data.append(("HIBP", ser))
self.pwned += 1

c.good_news(
"Found {num} breaches for {target} using HIBP".format(
num=len(self.data) - 1, target=self.target
)
)
self.get_hibp_pastes()

elif response.status_code == 404:
c.info_news("No breaches found for {} using HIBP".format(self.target))
else:
c.bad_news(
"HIBP: got API response code {code} for {target}".format(
code=response.status_code, target=self.target
)
)
except Exception as ex:
c.bad_news("HIBP error: " + self.target)
print(ex)

# Deprecated
def get_hibp_pastes(self):
try:
sleep(1.3)
url = "https://haveibeenpwned.com/api/v2/pasteaccount/{}".format(
self.target
)
response = self.make_request(url)
if response.status_code not in [200, 404]:
c.bad_news("Could not contact HIBP PASTE for " + self.target)
print(response.status_code)
print(response)
return

if response.status_code == 200:

data = response.json()
for d in data: # Returned type is a dict of Name : Service
self.pwned += 1
if "Pastebin" in d["Source"]:
self.data.append(
("HIBP_PASTE", "https://pastebin.com/" + d["Id"])
)
else:
self.data.append(("HIBP_PASTE", d["Id"]))

c.good_news(
"Found {num} pastes for {target} using HIBP".format(
num=len(data), target=self.target
)
)

elif response.status_code == 404:
c.info_news(
"No pastes found for {} using HIBP PASTE".format(self.target)
)
else:
c.bad_news(
"HIBP PASTE: got API response code {code} for {target}".format(
code=response.status_code, target=self.target
)
)
except Exception as ex:
c.bad_news("HIBP PASTE error: " + self.target)
print(ex)

# New HIBP API
def get_hibp3(self, api_key):
try:
Expand Down Expand Up @@ -292,6 +200,82 @@ def get_hibp3_pastes(self):
c.bad_news("HIBP v3 PASTE error: " + self.target)
print(ex)

def get_intelx(self, api_keys):
try:
intel_files = []
intelx = i(key=api_keys["intelx_key"], ua="h8mail-v.{h8ver}-OSINT-and-Education-Tool (PythonVersion={pyver}; Platform={platfrm})".format(
h8ver=__version__,
pyver=sys.version.split(" ")[0],
platfrm=platform.platform().split("-")[0],
))
from .intelx_helpers import intelx_getsearch
from .localsearch import local_search
from os import remove, fspath

maxfile = 10
if api_keys["intelx_maxfile"]:
maxfile = int(api_keys["intelx_maxfile"])
search = intelx_getsearch(self.target, intelx, maxfile)
if self.debug:
import json

print(json.dumps(search, indent=4))

for record in search["records"]:
filename = record["systemid"].strip() + ".txt"
intel_files.append(filename)
if record["media"] is not 24:
c.info_news(
"Skipping {name}, not text ({type})".format(
type=record["mediah"], name=record["name"]
)
)
continue
c.good_news(
"["
+ self.target
+ "]>[intelx.io] Fetching "
+ record["name"]
+ " as file "
+ filename
+ " ("
+ "{:,.0f}".format(record["size"] / float(1 << 20))
+ " MB)"
)
intelx.FILE_READ(record["systemid"], 0, record["bucket"], filename)
found_list = local_search([filename], [self.target])
for f in found_list:
self.pwned += 1
self.data.append(
(
"INTELX.IO",
"{name} | Line: {line} - {content}".format(
name=record["name"].strip(),
line=f.line,
content=" ".join(f.content.split()),
),
)
)
# print(contents) # Contains search data
for f in intel_files:
if self.debug:
c.info_news(
"["
+ self.target
+ "]>[intelx.io] [DEBUG] Keeping {file}".format(file=f)
)
else:
c.info_news(
"["
+ self.target
+ "]>[intelx.io] Removing {file}".format(file=f)
)
remove(f)

except Exception as ex:
c.bad_news("intelx.io error: " + self.target)
print(ex)

def get_emailrepio(self, api_key=""):
try:
sleep(0.5)
Expand Down Expand Up @@ -473,7 +457,7 @@ def get_hunterio_public(self):
)
)
except Exception as ex:
c.bad_news("hunter.io (pubic API) error: " + self.target)
c.bad_news("hunter.io (public API) error: " + self.target)
print(ex)

def get_hunterio_private(self, api_key):
Expand Down Expand Up @@ -766,7 +750,7 @@ def get_dehashed(self, api_email, api_key, user_query):
try:
# New Dehashed API needs fixing, waiting for devs to respond
c.bad_news("Dehashed is temporarily unavailable")
c.bad_news("This should be fixed in the next updated\n")
c.bad_news("This should be fixed in the next updates\n")
return

if user_query == "hash":
Expand Down
2 changes: 2 additions & 0 deletions h8mail/utils/gen_config.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,8 @@ def gen_config_file():
;emailrep =
;dehashed_email =
;dehashed_key =
;intelx_key =
;intelx_maxfile = 10
"""
dest_config.write(config)
c.good_news(
Expand Down
40 changes: 21 additions & 19 deletions h8mail/utils/helpers.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,19 +59,19 @@ def print_banner(b_type="intro"):
if keep:
code += 36
keep = False
else:
else:
keep = True
elif "warn" in b_type:
print(
c.fg.pink,
"\t Check out the new wiki!\n\t https://bit.ly/37xaQVh\n\n",
c.fg.lightgrey,
"\t\t h8mail 2.5.3 release post: \n\t\t https://khast3x.club/posts/h2-5-3/\n\n",
c.reset,
)
elif "version" in b_type:
print(
"\t",
c.fg.lightgrey,
"Version " + __version__ + ' - "ROCKSMASSON.2" ',
c.fg.pink,
"Version " + __version__ + ' - "ROCKSMASSON.3" ',
c.reset,
)

Expand Down Expand Up @@ -102,7 +102,7 @@ def get_emails_from_file(targets_file, user_args):
target_fd = open(targets_file).readlines()
c.info_news("Parsing emails from" + targets_file)
for line in target_fd:
e = fetch_emails(line, user_args)
e = fetch_emails(line.strip(), user_args)
if e is None:
continue
else:
Expand Down Expand Up @@ -172,20 +172,22 @@ def check_latest_version():
"""
Fetches local version and compares it to github api tag version
"""
response = requests.request(
url="https://api.github.com/repos/khast3x/h8mail/releases/latest", method="GET"
)
data = response.json()
latest = data["tag_name"]
if __version__ == data["tag_name"]:
c.good_news("h8mail is up to date")
else:
c.bad_news(
"Not running latest h8mail version. [Current: {current} | Latest: {latest}]".format(
current=__version__, latest=latest
)
try:
response = requests.request(
url="https://api.github.com/repos/khast3x/h8mail/releases/latest", method="GET"
)

data = response.json()
latest = data["tag_name"]
if __version__ == data["tag_name"]:
c.good_news("h8mail is up to date")
else:
c.bad_news(
"Not running latest h8mail version. [Current: {current} | Latest: {latest}]".format(
current=__version__, latest=latest
)
)
except Exception:
c.bad_news("Could not check for updates. Is Github blocking requests?")
def check_scylla_online():
"""
Checks if scylla.sh is online
Expand Down
Loading

0 comments on commit eec9ae2

Please sign in to comment.