def emailToBreachedAccounts(email=None): ''' Method that checks if the given email is stored in the HIBP website. :param email: email to verify. ''' me = MaltegoTransform() jsonData = HIBP.checkIfEmailWasHacked(email=email) # This returns a dictionary like: # [{"Title":"Adobe","Name":"Adobe","Domain":"adobe.com","BreachDate":"2013-10-4","AddedDate":"2013-12-04T00:12Z","PwnCount":152445165,"Description":"The big one. In October 2013, 153 million Adobe accounts were breached with each containing an internal ID, username, email, <em>encrypted</em> password and a password hint in plain text. The password cryptography was poorly done and <a href=\"http://stricture-group.com/files/adobe-top100.txt\" target=\"_blank\">many were quickly resolved back to plain text</a>. The unencrypted hints also <a href=\"http://www.troyhunt.com/2013/11/adobe-credentials-and-serious.html\" target=\"_blank\">disclosed much about the passwords</a> adding further to the risk that hundreds of millions of Adobe customers already faced.","DataClasses":["Email addresses","Password hints","Passwords","Usernames"]}] newEntities = [] for breach in jsonData: # Defining the main entity aux ={} aux["type"] = "i3visio.breach" aux["value"] = str(breach["Title"]) aux["attributes"] = [] # Defining the attributes recovered att ={} att["type"] = "i3visio.domain" att["value"] = str(breach["Domain"]) att["attributes"] = [] aux["attributes"].append(att) att ={} att["type"] = "@added_date" att["value"] = str(breach["AddedDate"]) att["attributes"] = [] aux["attributes"].append(att) att ={} att["type"] = "@breach_date" att["value"] = str(breach["BreachDate"]) att["attributes"] = [] aux["attributes"].append(att) att ={} att["type"] = "@total_pwned" att["value"] = str(breach["PwnCount"]) att["attributes"] = [] aux["attributes"].append(att) att ={} att["type"] = "@description" att["value"] = str(breach["Description"]) att["attributes"] = [] aux["attributes"].append(att) # Appending the entity newEntities.append(aux) me.addListOfEntities(newEntities) # Returning the output text... me.returnOutput()
# but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see <http://www.gnu.org/licenses/>. # ################################################################################## import argparse import json import osrframework.thirdparties.haveibeenpwned_com.checkIfEmailWasHacked as HIBP if __name__ == "__main__": parser = argparse.ArgumentParser(description='A library that wraps an account search onto haveibeenpwned.com.', prog='checkIfEmailWasHacked.py', epilog="", add_help=False) # Adding the main options # Defining the mutually exclusive group for the main options parser.add_argument('-q', '--query', metavar='<hash>', action='store', help='query to be performed to haveibeenpwned.com.', required=True) groupAbout = parser.add_argument_group('About arguments', 'Showing additional information about this program.') groupAbout.add_argument('-h', '--help', action='help', help='shows this help and exists.') groupAbout.add_argument('--version', action='version', version='%(prog)s 0.1.0', help='shows the version of the program and exists.') args = parser.parse_args() print json.dumps(HIBP.checkIfEmailWasHacked(email=args.query), indent=2)
def emailToBreachedAccounts(email=None): ''' Method that checks if the given email is stored in the HIBP website. :param email: email to verify. ''' me = MaltegoTransform() jsonData = HIBP.checkIfEmailWasHacked(email=email) # This returns a dictionary like: # [{"Title":"Adobe","Name":"Adobe","Domain":"adobe.com","BreachDate":"2013-10-4","AddedDate":"2013-12-04T00:12Z","PwnCount":152445165,"Description":"The big one. In October 2013, 153 million Adobe accounts were breached with each containing an internal ID, username, email, <em>encrypted</em> password and a password hint in plain text. The password cryptography was poorly done and <a href=\"http://stricture-group.com/files/adobe-top100.txt\" target=\"_blank\">many were quickly resolved back to plain text</a>. The unencrypted hints also <a href=\"http://www.troyhunt.com/2013/11/adobe-credentials-and-serious.html\" target=\"_blank\">disclosed much about the passwords</a> adding further to the risk that hundreds of millions of Adobe customers already faced.","DataClasses":["Email addresses","Password hints","Passwords","Usernames"]}] newEntities = [] for breach in jsonData: # Defining the main entity aux = {} aux["type"] = "i3visio.breach" aux["value"] = str(breach["Title"]) aux["attributes"] = [] # Defining the attributes recovered att = {} att["type"] = "i3visio.domain" att["value"] = str(breach["Domain"]) att["attributes"] = [] aux["attributes"].append(att) att = {} att["type"] = "@added_date" att["value"] = str(breach["AddedDate"]) att["attributes"] = [] aux["attributes"].append(att) att = {} att["type"] = "@breach_date" att["value"] = str(breach["BreachDate"]) att["attributes"] = [] aux["attributes"].append(att) att = {} att["type"] = "@total_pwned" att["value"] = str(breach["PwnCount"]) att["attributes"] = [] aux["attributes"].append(att) att = {} att["type"] = "@description" att["value"] = str(breach["Description"]) att["attributes"] = [] aux["attributes"].append(att) # Appending the entity newEntities.append(aux) me.addListOfEntities(newEntities) # Returning the output text... me.returnOutput()