ghostproject.fr/search.php query for leaked paswords is now broken

[HenkPoley]

Their main website still responds with results. So it should still be possible to get to them.

It appears they now want you to use a particular cookie "test=1".

diff --git a/Core/ispwned.py b/Core/ispwned.py
index 44af319..12ad603 100644
--- a/Core/ispwned.py
+++ b/Core/ispwned.py
@@ -21,7 +21,9 @@ def grab_password(email):
     # No docs(Because no API), just found it by analyzing the network and told the admin :D
     url  = "https://ghostproject.fr/search.php"
     data = {"param":email}
-    req = requests.post(url,headers=UserAgent,data=data)
+    jar = requests.cookies.RequestsCookieJar()
+    jar.set('test', '1', domain='ghostproject.fr')
+    req = requests.post(url,headers=UserAgent,data=data,cookies=jar)
     result = req.text.split("\\n")
     if "Error" in req.text or len(result)==2:
         return False

[HenkPoley]

This change additionally fixes the problem that sometimes a semicolon is used as email & password separator instead of a colon:

-    result = req.text.split("\\n")
+    result = req.text.replace(';',':').split("\\n")

[HenkPoley]

Note that it will still crash and burn with accounts for which (I guess) an empty password was found. They have no colon or semicolon, just an email address.