generated from sn0int/sn0int-modules
-
Notifications
You must be signed in to change notification settings - Fork 1
/
hibp.lua
60 lines (50 loc) · 1.58 KB
/
hibp.lua
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
-- Description: check email addresses for pw leaks using v3 of hibp api
-- Version: 0.2.1
-- Keyring-Access: hibp
-- Source: emails
-- License: GPL-3.0
function run(emailaddress)
-- initial work by rickmer, just made it work for hibp v3
API_URL = 'https://haveibeenpwned.com/api/v3/breachedaccount/'
local creds = keyring('hibp')[1]
if not creds then
return 'hibp api key is required, please visit https://haveibeenpwned.com/API/Key'
end
local API_KEY = creds['access_key']
headers = {}
headers['user_agent'] = 'sn0int hibp module'
headers['hibp-api-key'] = API_KEY
req = http_request(
http_mksession(),
'GET', API_URL .. emailaddress['value'] ..
'?truncateResponse=false&includeUnverified=false',
{headers=headers})
res = http_send(req)
if last_err() then return end
if res['status'] == 404 then
info('0 breaches found')
return
end
if res['status'] ~= 200 then
return 'http error: ' .. res['status']
end
api_output = json_decode(res['text'])
if last_err() then return end
if #api_output > 0
then
for counter = 1, #api_output
do
breach_id = db_add('breach', {
value=api_output[counter]['Description'],
})
if breach_id then
db_add('breach-email', {
breach_id=breach_id,
email_id=emailaddress['id'],
})
end
end
info(#api_output .. ' breaches found')
end
sleep(1.5)
end