generated from sn0int/sn0int-modules
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathleakprobe.lua
54 lines (45 loc) · 1.47 KB
/
leakprobe.lua
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
-- Description: Check email/pw leaks via leakprobe.net API
-- Version: 0.1.0
-- Keyring-Access: leakprobe
-- Source: emails
-- License: GPL-3.0
function run(arg)
API_URL = 'https://leakprobe.net/api/v1/api.php'
local creds = keyring('leakprobe')[1]
if not creds then
return 'leakprobe api key is required, please login and visit https://leakprobe.net/documentation.php'
end
local session = http_mksession()
local req = http_request(session, 'GET', API_URL, {
query={
apiKey=creds['secret_key'],
dataFormat='JSON',
email=arg['value'],
}
})
local api_output = http_fetch_json(req)
if last_err() then return end
for idx = 1, #api_output
do
local entry = api_output[idx]
local breach_id = db_add('breach', {
value=entry['location'],
})
if breach_id then
local dbpw = entry['password']
-- normalize missing fields
if entry['salt'] == 'N/A' then
entry['salt'] = ''
end
if (dbpw == nil or dbpw == '') then
-- TODO implement hash only breaches datatype into sn0int
dbpw = 'type:' ..entry['hashType'] ..', salt:' ..entry['salt'] ..', hash:' .. entry['hash']
end
db_add('breach-email', {
breach_id=breach_id,
email_id=arg['id'],
password=dbpw
})
end
end
end