def _download_database(self, chunk_size=8192):
"""
download the database if it is available
"""
answer = prompt(
"discovered publicly available database for query {}, do you want to download [y/N]"
.format(self.query))
flatten = lambda l: [str(item) for sublist in l for item in sublist]
database_links = flatten(self.database_links)
to_download = []
for db in database_links:
try:
to_download.append(db.split('"')[3])
except Exception:
pass
if answer == "y":
if not os.path.exists(self.downloads_directory):
os.makedirs(self.downloads_directory)
for link in to_download:
local_filename = link.split("/")[-1]
local_file_path = "{}/{}".format(self.downloads_directory,
local_filename)
if not os.path.exists(local_file_path):
with requests.get(link,
stream=True,
proxies=self.proxies,
headers=self.headers) as downloader:
downloader.raise_for_status()
with open(local_file_path, "wb") as path:
for chunk in downloader.iter_content(
chunk_size=chunk_size):
if chunk:
path.write(chunk)
self.downloaded_databases.append(local_file_path)
else:
info("skipping download as requested")
return self.downloaded_databases
def main():
try:
opt = Parser().optparse()
print(BANNER)
res = Parser().check_opts(opt)
if res is not None:
to_search = res
else:
to_search = []
do_not_search = []
if len(to_search) == 0:
if opt.singleEmail is None and opt.emailFile is None:
warn(
"you have not provided an email to scan, redirecting to the help menu"
)
subprocess.call(["python", "whatbreach.py", "--help"])
exit(1)
if opt.singleEmail is not None:
info("starting search on single email address: {}".format(
opt.singleEmail))
to_search = [opt.singleEmail]
elif opt.emailFile is not None:
try:
open(opt.emailFile).close()
except IOError:
error("unable to open file, does it exist?")
exit(1)
with open(opt.emailFile) as emails:
info("parsing email file: {}".format(opt.emailFile))
to_search = emails.readlines()
info("starting search on a total of {} email(s)".format(
len(to_search)))
for email in to_search:
email = email.strip()
if opt.checkTenMinuteEmail:
if check_ten_minute_email(email,
TEN_MINUTE_EMAIL_EXTENSION_LIST):
warn("email: {} appears to be a ten minute email".format(
email))
answer = prompt("would you like to process the email[y/N]")
if answer.startswith("n"):
do_not_search.append(email)
if email not in do_not_search:
info("searching breached accounts on HIBP related to: {}".
format(email))
account_dumps = BeenPwnedHook(email).account_hooker()
info("searching for paste dumps on HIBP related to: {}".format(
email))
if opt.searchPastebin:
paste_dumps = BeenPwnedHook(email).paste_hooker()
else:
warn("suppressing discovered pastes")
paste_dumps = []
if account_dumps is not None and paste_dumps is not None:
info(
"found a total of {} database breach(es) and a total of {} paste(s) pertaining to: {}"
.format(len(account_dumps), len(paste_dumps), email))
if opt.searchDehashed:
found_databases = DehashedHook(account_dumps).hooker()
else:
warn("suppressing discovered databases")
found_databases = {}
for i, dump in enumerate(paste_dumps, start=1):
found_databases["Paste#{}".format(i)] = str(dump)
display_found_databases(found_databases)
if opt.downloadDatabase:
for item in found_databases.keys():
if "Paste" not in item:
info(
"searching for downloadable databases using query: {}"
.format(item.lower()))
downloaded = DatabasesTodayHook(
str(item),
downloads_directory=opt.saveDirectory
).hooker()
if len(downloaded) != 0:
info(
"downloaded a total of {} database(s) pertaining to query: {}"
.format(len(downloaded), item))
display_found_databases(downloaded,
is_downloaded=True)
else:
warn(
"no databases appeared to be preset and downloadable related to query: {}"
.format(str(item)))
elif account_dumps is not None and paste_dumps is None:
info(
"found a total of {} database breach(es) pertaining to: {}"
.format(len(account_dumps), email))
if opt.searchDehashed:
found_databases = DehashedHook(account_dumps).hooker()
else:
warn("suppressing discovered databases")
found_databases = {}
if len(found_databases) != 0:
display_found_databases(found_databases)
if opt.downloadDatabase:
for item in found_databases.keys():
if "Paste" not in item:
info(
"searching for downloadable databases using query: {}"
.format(item.lower()))
downloaded = DatabasesTodayHook(
str(item),
downloads_directory=opt.saveDirectory
).hooker()
if len(downloaded) != 0:
info(
"downloaded a total of {} database(s) pertaining to query: {}"
.format(len(downloaded), item))
display_found_databases(
downloaded, is_downloaded=True)
else:
warn(
"no databases appeared to be preset and downloadable related to query: {}"
.format(str(item)))
else:
warn(
"no output to show, most likely due to output suppression"
)
elif account_dumps is None and paste_dumps is not None:
# this should never happen
error(
"no database dumps found nor any pastes found for: {}".
format(email))
else:
error("email {} was not found in any breach".format(email))
if opt.staySalty:
# i know that you think that you know shit
# all the shade that's coming at me I wonder who throws it
# you can't see the vision boy, you must be outta focus
# that's a real hot program homie, I wonder who wrote it? oh shit
# (lyrics ripped from iSpy by Kyle, all I do is steal bruh)
warn("all this code was stolen with <3 by Eku")
except KeyboardInterrupt:
error("user quit the session")
def main():
try:
opt = Parser().optparse()
print(BANNER)
res = Parser().check_opts(opt)
if res is not None:
to_search = res
else:
to_search = []
do_not_search = []
if len(to_search) == 0:
if opt.singleEmail is None and opt.emailFile is None:
warn("you have not provided an email to scan, redirecting to the help menu")
subprocess.call(["python", "whatbreach.py", "--help"])
exit(1)
api_tokens = grab_api_tokens()
if opt.searchHunterIo and opt.singleEmail is not None:
info("starting search on hunter.io using {}".format(opt.singleEmail))
file_results = HunterIoHook(
opt.singleEmail, api_tokens["hunter.io"], verify_emails=opt.verifyEmailsThroughHunterIo
).hooker()
with open(file_results) as data:
emails = json.loads(data.read())["discovered_emails"]
for email in emails:
to_search.append(email)
elif opt.searchHunterIo and opt.emailFile is not None:
if not test_file(opt.emailFile):
error("unable to open filename, does it exist?")
exit(1)
api_tokens = grab_api_tokens()
with open(opt.emailFile) as data:
for email in data.readlines():
email = email.strip()
file_results = HunterIoHook(
email, api_tokens["hunter.io"], verify_emails=opt.verifyEmailsThroughHunterIo
).hooker()
with open(file_results) as results:
discovered_emails = json.loads(results.read())["discovered_emails"]
for discovered in discovered_emails:
to_search.append(discovered)
elif opt.singleEmail is not None:
info("starting search on single email address: {}".format(opt.singleEmail))
to_search = [opt.singleEmail]
elif opt.emailFile is not None:
if not test_file(opt.emailFile):
error("unable to open filename, does it exist?")
exit(1)
with open(opt.emailFile) as emails:
info("parsing email file: {}".format(opt.emailFile))
to_search = emails.readlines()
info("starting search on a total of {} email(s)".format(len(to_search)))
for email in to_search:
email = email.strip()
if opt.checkTenMinuteEmail:
if check_ten_minute_email(email, TEN_MINUTE_EMAIL_EXTENSION_LIST):
warn("email: {} appears to be a ten minute email".format(email))
answer = prompt("would you like to process the email[y/N]")
if answer.startswith("n"):
do_not_search.append(email)
if opt.checkEmailAccounts:
info("searching for possible profiles related to {}".format(email))
searcher = EmailRepHook(email)
results = searcher.hooker()
if results is not None and len(results) != 0:
info(
"found a total of {} possible profiles associated with {} on the following domains:".format(
len(results), email
)
)
for domain in results:
print("\t-> {}".format(domain.title()))
else:
warn("no possible profiles discovered for email: {}".format(email))
if email not in do_not_search:
if opt.throttleRequests != 0:
time.sleep(opt.throttleRequests)
info("searching breached accounts on HIBP related to: {}".format(email))
account_dumps = BeenPwnedHook(email, retry=opt.retryOnFail).account_hooker()
info("searching for paste dumps on HIBP related to: {}".format(email))
if opt.searchPastebin:
paste_dumps = BeenPwnedHook(email, retry=opt.retryOnFail).paste_hooker()
else:
warn("suppressing discovered pastes")
paste_dumps = []
if opt.searchWeLeakInfo:
info("searching weleakinfo.com for breaches related to: {}".format(email))
searcher = WeLeakInfoHook(email, api_tokens["weleakinfo.com"])
tmp = set()
results = searcher.hooker()
if results is not None:
if account_dumps is not None:
original_length = len(account_dumps)
else:
original_length = 0
if account_dumps is not None:
for item in account_dumps:
tmp.add(item)
if results is not None:
for item in results:
tmp.add(item)
if len(tmp) != 0:
account_dumps = list(tmp)
new_length = len(account_dumps)
amount_discovered = new_length - original_length
if amount_discovered != 0:
info(
"discovered a total of {} more breaches from weleakinfo.com".format(
new_length - original_length
)
)
else:
warn("did not discover any breaches")
else:
warn("did not discover any new databases from weleakinfo.com")
else:
warn("unable to search weleakinfo.com is your API key correct?")
if account_dumps is not None and paste_dumps is not None:
info(
"found a total of {} database breach(es) and a total of {} paste(s) pertaining to: {}".format(
len(account_dumps), len(paste_dumps), email
)
)
if opt.searchDehashed:
if len(account_dumps) > 20:
warn(
"large amount of database breaches, obtaining links from "
"dehashed (this may take a minute)"
)
found_databases = DehashedHook(account_dumps).hooker()
else:
warn("suppressing discovered databases")
found_databases = {}
for i, dump in enumerate(paste_dumps, start=1):
found_databases["Paste#{}".format(i)] = str(dump)
display_found_databases(found_databases, download_pastes=opt.downloadPastes)
if opt.downloadDatabase:
for item in found_databases.keys():
if "Paste" not in item:
info("searching for downloadable databases using query: {}".format(item.lower()))
downloaded = DatabasesTodayHook(
str(item), downloads_directory=opt.saveDirectory
).hooker()
if len(downloaded) != 0:
info(
"downloaded a total of {} database(s) pertaining to query: {}".format(
len(downloaded), item
)
)
display_found_databases(
downloaded, is_downloaded=True, download_pastes=opt.downloadPastes
)
else:
warn(
"no databases appeared to be present and downloadable related to query: {}".format(
str(item)
)
)
elif account_dumps is not None and paste_dumps is None:
info("found a total of {} database breach(es) pertaining to: {}".format(len(account_dumps), email))
if opt.searchDehashed:
if len(account_dumps) > 20:
warn(
"large amount of database breaches, obtaining links from "
"dehashed (this may take a minute)"
)
found_databases = DehashedHook(account_dumps).hooker()
else:
warn("suppressing discovered databases")
found_databases = {}
if len(found_databases) != 0:
display_found_databases(found_databases, download_pastes=opt.downloadPastes)
if opt.downloadDatabase:
for item in found_databases.keys():
if "Paste" not in item:
info("searching for downloadable databases using query: {}".format(item.lower()))
downloaded = DatabasesTodayHook(
str(item), downloads_directory=opt.saveDirectory
).hooker()
if len(downloaded) != 0:
info(
"downloaded a total of {} database(s) pertaining to query: {}".format(
len(downloaded), item
)
)
display_found_databases(
downloaded, is_downloaded=True, download_pastes=opt.downloadPastes
)
else:
warn(
"no databases appeared to be present and downloadable related to query: {}".format(
str(item)
)
)
else:
warn("no output to show, most likely due to output suppression or dehashed")
elif account_dumps is None and paste_dumps is not None:
# this should never happen
error("no database dumps found nor any pastes found for: {}".format(email))
else:
error("email {} was not found in any breach".format(email))
if opt.staySalty:
# i know that you think that you know shit
# all the shade that's coming at me I wonder who throws it
# you can't see the vision boy, you must be outta focus
# that's a real hot program homie, I wonder who wrote it? oh shit
# (lyrics ripped from iSpy by Kyle, all I do is steal bruh)
warn("all this code was stolen with <3 by Eku")
except KeyboardInterrupt:
error("user quit the session")