Merge pull request #97 from khast3x/2.5.4-2

2.5.4 2

README.md

@@ -72,7 +72,7 @@
 | [Leak-Lookup](https://leak-lookup.com/) - Service | Cleartext passwords, hashs and salts, usernames, IPs, domain | :white_check_mark: :key: |
 | [Emailrep.io](https://emailrep.io/) - Service (free) | Last seen in breaches, social media profiles | :white_check_mark: :key: |
 | [Scylla.sh](https://scylla.sh/) - Service (free) | Cleartext passwords, hashs and salts, usernames, IPs, domain | :white_check_mark: |
-| [Dehashed.sh](https://dehashed.com/) - Service | Cleartext passwords, hashs and salts, usernames, IPs, domain | :construction: :key: |
+| [Dehashed.sh](https://dehashed.com/) - Service | Cleartext passwords, hashs and salts, usernames, IPs, domain | :white_check_mark: :key: |
 | :new: [IntelX.io](https://intelx.io/signup) - Service (free trial) | Cleartext passwords, hashs and salts, usernames, IPs, domain, Bitcoin Wallets, IBAN | :white_check_mark: :key: |
 
 *:key: - API key required*  
@@ -169,17 +169,17 @@ $ h8mail -t [email protected]
 $ h8mail -t targets.txt -c config.ini -o pwned_targets.csv
 ```
 
-###### Query a list of targets against local copy of the Breach Compilation, pass API keys for [Snusbase](https://snusbase.com/) from the command line
+###### Query a list of targets against local copy of the Breach Compilation, pass API key for [Snusbase](https://snusbase.com/) from the command line
 ```bash
-$ h8mail -t targets.txt -bc ../Downloads/BreachCompilation/ -k "snusbase_url=$snusbase_url,snusbase_token=$snusbase_token"
+$ h8mail -t targets.txt -bc ../Downloads/BreachCompilation/ -k "snusbase_token=$snusbase_token"
 ```
 
 ###### Query without making API calls against local copy of the Breach Compilation
 ```bash
 $ h8mail -t targets.txt -bc ../Downloads/BreachCompilation/ -sk
 ```
 
-###### Search every .gz file for targets found in targets.txt locally
+###### Search every .gz file for targets found in targets.txt locally, skip default checks
 
 ```bash
 $ h8mail -t targets.txt -gz /tmp/Collection1/ -sk

h8mail/utils/classes.py

@@ -389,7 +389,7 @@ def get_scylla(self, user_query="email"):
             response = self.make_request(
                 url,
                 verify=False,
-                auth=requests.auth.HTTPBasicAuth("sammy", "BasicPassword!"),
+                # auth=requests.auth.HTTPBasicAuth("sammy", "BasicPassword!"),
             )
             self.headers.popitem()
 
@@ -401,7 +401,7 @@ def get_scylla(self, user_query="email"):
             data = response.json()
             total = 0
             for d in data:
-                for field, k in d["_source"].items():
+                for field, k in d["fields"].items():
                     if k is not None:
                         total += 1
             c.good_news(
@@ -410,28 +410,28 @@ def get_scylla(self, user_query="email"):
                 )
             )
             for d in data:
-                for field, k in d["_source"].items():
-                    if "User" in field and k is not None:
+                for field, k in d["fields"].items():
+                    if "user" in field and k is not None:
                         self.data.append(("SCYLLA_USERNAME", k))
                         self.pwned += 1
                     elif (
-                        "Email" in field and k is not None and user_query != "email"
+                        "email" in field and k is not None and user_query != "email"
                     ):
                         self.data.append(("SCYLLA_EMAIL", k))
                         self.pwned += 1
-                    elif "Password" in field and k is not None:
+                    elif "password" in field and k is not None:
                         self.data.append(("SCYLLA_PASSWORD", k))
                         self.pwned += 1
-                    elif "PassHash" in field and k is not None:
+                    elif "passhash" in field and k is not None:
                         self.data.append(("SCYLLA_HASH", k))
                         self.pwned += 1
-                    elif "PassSalt" in field and k is not None:
+                    elif "passsalt" in field and k is not None:
                         self.data.append(("SCYLLA_HASHSALT", k))
                         self.pwned += 1
-                    elif "IP" in field and k is not None:
+                    elif "ip" in field and k is not None:
                         self.data.append(("SCYLLA_LASTIP", k))
                         self.pwned += 1
-                    elif "Domain" in field and k is not None:
+                    elif "domain" in field and k is not None:
                         self.data.append(("SCYLLA_SOURCE", k))
                         self.pwned += 1
         except Exception as ex:
@@ -736,11 +736,6 @@ def get_weleakinfo_pub(self, api_key):
 
     def get_dehashed(self, api_email, api_key, user_query):
         try:
-            # New Dehashed API needs fixing, waiting for devs to respond
-            c.bad_news("Dehashed is temporarily unavailable")
-            c.bad_news("This should be fixed in the next updates\n")
-            return
-
             if user_query == "hash":
                 user_query == "hashed_password"
             if user_query == "ip":
@@ -803,11 +798,15 @@ def get_dehashed(self, api_email, api_key, user_query):
                                 ("DHASHD_ID", result[tag] + " (type: " + tag + ")")
                             )
                             self.pwned += 1
-
+                    # Documentation and JSON are not synced, using both source keys
                     if "obtained_from" in result and self.not_exists(
                         result["obtained_from"]
                     ):
                         self.data.append(("DHASHD_SOURCE", result["obtained_from"]))
+                    if "database_name" in result and self.not_exists(
+                        result["database_name"]
+                    ):
+                        self.data.append(("DHASHD_SOURCE", result["database_name"]))
 
                 if response["balance"] is not None:
                     self.data.append(

h8mail/utils/colors.py

@@ -168,6 +168,21 @@ def print_result(target, data, source):
                     colors.reset,
                 )
             )
+        # Underscore to avoid coloring service with "email" in name
+        elif "_EMAIL" in source:
+            print(
+                "{}{:15}{}|{}{:>25.25}{} > {}{}{}".format(
+                    colors.fg.lightblue,
+                    source,
+                    colors.fg.lightgrey,
+                    colors.fg.pink,
+                    target,
+                    colors.fg.lightgrey,
+                    colors.fg.lightgrey,
+                    data,
+                    colors.reset,
+                )
+            )
         elif "USER" in source:
             print(
                 "{}{:15}{}|{}{:>25.25}{} > {}{}{}".format(
@@ -184,7 +199,7 @@ def print_result(target, data, source):
             )
         elif "SOURCE" in source:
             print(
-                "{}{:15}{}|{}{:>25.25}{} > {}{}{}".format(
+                "{}{:15}{}|{}{:>25.25}{} > {}{}{}\n".format(
                     colors.fg.lightblue,
                     source,
                     colors.fg.lightgrey,