Determine if an email address exists or not on ProtonMail with NeutrOSINT without alerting the target.
Alternative to ProtOSINT since the validation using the API doesn't work anymore.
This tool uses selenium to connect to ProtonMail and checks if email addresses are valid or not. The "light" mode is faster and only uses the API to determine the validity of a Protonmail email address. No need to have a Protonmail account.
- "x-pm-uid" is in fact valid for 24 hours. It must be generated again to perform requests. This is now fixed and every requests generate a new AUTH cookie to perform searches.
- @OSINT_Tactical found that it was possible to determine the source address of a protonmail business domain if the catch-all functionnality is enabled for this domain. I implemented that in the code.
- Protonmail added a new field and a cookie for API requests: "x-pm-uid" and "AUTH-XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX". With the tests I've done, these values must be generated one and then can be reused over time.
- Added regex to check emails syntax
- Business email addresses are now detected both in light mode and with selenium. In light mode it only gives an idea if a domain is a business domain used with protonmail but can't determine if email exists. You must you the selenium version to be sure of that (with username and password).
- Changed print format to be more python3 friendly
This 2.0 version introduces a new 'mode': Light mode.
Thanks to @Nenaff_, I knew it was possible to request the verification of an email without the use of selenium.
This is way faster but if you have a lot of email addresses to verify you'll be blocked after 100 requests (don't know precisely how much time but at least more than an hour).
The solution is either to use a proxy to bypass this limitation or use the other mode of NeutrOSINT which uses username and password (but you need to have a valid account - you can create one for free).
- API limit with light mode: 100 requests per hour.
- Free protonmail accounts are limited to 100 entries for 'To' field. But the tool handles this. It just takes a bit more time.
- If the string 'None' appears in the creation date for valid accounts then it means the API limit is probably reached. Since this is not the same API as for the light mode, here we have only 16 requests per hour.
- For some obscure reasons, sometimes selenium isn't able to get access to the 'New Email' button. In this case it is recommended to run the script again.
You must have Chrome Browser installed on your machine:
wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb
sudo apt install ./google-chrome-stable_current_amd64.debTested on Ubuntu 20.04.4 LTS x64 and Kali Linux 2021.1 x64
pip install -r requirements.txtYou must have a valid Protonmail account to use the selenium mode. But you can also you the light mode (-l) which uses the Protonmail API without the need to create a Protonmail account.
Show help message:
python3 main.py -hRun the light mode using the protonmail API:
python3 main.py -l -e 'EMAIL_TO_VERIFY' Run with selenium by specifying username and password.
python3 main.py -u 'USERNAME' -p 'PASSWORD' -f 'FILE_CONTAING_EMAILS.txt' The light mode calls the Protonmail API at this endpoint: https://account.proton.me/api/users/available
Depending on the status code, we can determine if an email address already exists or not.
But since May, 2023 it now needs a valid AUTH token to perform requests to the API.
This token is generated in the generate_auth_cookie function.
First, request an API access token to https://account.proton.me/api/auth/v4/sessions
Then, get a valid AUTH cookie through https://account.proton.me/api/core/v4/auth/cookies
The selenium mode uses selenium with the given credentials to connect to protonmail, go to 'New Email', then fills in the 'To' field with all the email addresses to check.
Do you want to support me?
You can buy me a coffee here:
Thanks in advance to anyone donating ❤️