2.5.4 2

README.md

@@ -72,7 +72,7 @@
 | [Leak-Lookup](https://leak-lookup.com/) - Service | Cleartext passwords, hashs and salts, usernames, IPs, domain | :white_check_mark: :key: |
 | [Emailrep.io](https://emailrep.io/) - Service (free) | Last seen in breaches, social media profiles | :white_check_mark: :key: |
 | [Scylla.sh](https://scylla.sh/) - Service (free) | Cleartext passwords, hashs and salts, usernames, IPs, domain | :white_check_mark: |
-| [Dehashed.sh](https://dehashed.com/) - Service | Cleartext passwords, hashs and salts, usernames, IPs, domain | :construction: :key: |
+| [Dehashed.sh](https://dehashed.com/) - Service | Cleartext passwords, hashs and salts, usernames, IPs, domain | :white_check_mark: :key: |
 | :new: [IntelX.io](https://intelx.io/signup) - Service (free trial) | Cleartext passwords, hashs and salts, usernames, IPs, domain, Bitcoin Wallets, IBAN | :white_check_mark: :key: |
 
 *:key: - API key required* 
@@ -169,17 +169,17 @@ $ h8mail -t [email protected]
 $ h8mail -t targets.txt -c config.ini -o pwned_targets.csv
 ```
 
-###### Query a list of targets against local copy of the Breach Compilation, pass API keys for [Snusbase](https://snusbase.com/) from the command line
+###### Query a list of targets against local copy of the Breach Compilation, pass API key for [Snusbase](https://snusbase.com/) from the command line
 ```bash
-$ h8mail -t targets.txt -bc ../Downloads/BreachCompilation/ -k "snusbase_url=$snusbase_url,snusbase_token=$snusbase_token"
+$ h8mail -t targets.txt -bc ../Downloads/BreachCompilation/ -k "snusbase_token=$snusbase_token"
 ```
 
 ###### Query without making API calls against local copy of the Breach Compilation
 ```bash
 $ h8mail -t targets.txt -bc ../Downloads/BreachCompilation/ -sk
 ```
 
-###### Search every .gz file for targets found in targets.txt locally
+###### Search every .gz file for targets found in targets.txt locally, skip default checks
 
 ```bash
 $ h8mail -t targets.txt -gz /tmp/Collection1/ -sk

h8mail/utils/classes.py

@@ -389,7 +389,7 @@ def get_scylla(self, user_query="email"):
  response = self.make_request(
  url,
  verify=False,
- auth=requests.auth.HTTPBasicAuth("sammy", "BasicPassword!"),
+ # auth=requests.auth.HTTPBasicAuth("sammy", "BasicPassword!"),
  )
  self.headers.popitem()
 
@@ -401,7 +401,7 @@ def get_scylla(self, user_query="email"):
  data = response.json()
  total = 0
  for d in data:
- for field, k in d["_source"].items():
+ for field, k in d["fields"].items():
  if k is not None:
  total += 1
  c.good_news(
@@ -410,28 +410,28 @@ def get_scylla(self, user_query="email"):
  )
  )
  for d in data:
- for field, k in d["_source"].items():
- if "User" in field and k is not None:
+ for field, k in d["fields"].items():
+ if "user" in field and k is not None:
  self.data.append(("SCYLLA_USERNAME", k))
  self.pwned += 1
  elif (
- "Email" in field and k is not None and user_query != "email"
+ "email" in field and k is not None and user_query != "email"
  ):
  self.data.append(("SCYLLA_EMAIL", k))
  self.pwned += 1
- elif "Password" in field and k is not None:
+ elif "password" in field and k is not None:
  self.data.append(("SCYLLA_PASSWORD", k))
  self.pwned += 1
- elif "PassHash" in field and k is not None:
+ elif "passhash" in field and k is not None:
  self.data.append(("SCYLLA_HASH", k))
  self.pwned += 1
- elif "PassSalt" in field and k is not None:
+ elif "passsalt" in field and k is not None:
  self.data.append(("SCYLLA_HASHSALT", k))
  self.pwned += 1
- elif "IP" in field and k is not None:
+ elif "ip" in field and k is not None:
  self.data.append(("SCYLLA_LASTIP", k))
  self.pwned += 1
- elif "Domain" in field and k is not None:
+ elif "domain" in field and k is not None:
  self.data.append(("SCYLLA_SOURCE", k))
  self.pwned += 1
  except Exception as ex:
@@ -736,11 +736,6 @@ def get_weleakinfo_pub(self, api_key):
 
  def get_dehashed(self, api_email, api_key, user_query):
  try:
- # New Dehashed API needs fixing, waiting for devs to respond
- c.bad_news("Dehashed is temporarily unavailable")
- c.bad_news("This should be fixed in the next updates\n")
- return
-
  if user_query == "hash":
  user_query == "hashed_password"
  if user_query == "ip":
@@ -803,11 +798,15 @@ def get_dehashed(self, api_email, api_key, user_query):
  ("DHASHD_ID", result[tag] + " (type: " + tag + ")")
  )
  self.pwned += 1
-
+ # Documentation and JSON are not synced, using both source keys
  if "obtained_from" in result and self.not_exists(
  result["obtained_from"]
  ):
  self.data.append(("DHASHD_SOURCE", result["obtained_from"]))
+ if "database_name" in result and self.not_exists(
+ result["database_name"]
+ ):
+ self.data.append(("DHASHD_SOURCE", result["database_name"]))
 
  if response["balance"] is not None:
  self.data.append(

h8mail/utils/colors.py

@@ -168,6 +168,21 @@ def print_result(target, data, source):
  colors.reset,
  )
  )
+ # Underscore to avoid coloring service with "email" in name
+ elif "_EMAIL" in source:
+ print(
+ "{}{:15}{}|{}{:>25.25}{} > {}{}{}".format(
+ colors.fg.lightblue,
+ source,
+ colors.fg.lightgrey,
+ colors.fg.pink,
+ target,
+ colors.fg.lightgrey,
+ colors.fg.lightgrey,
+ data,
+ colors.reset,
+ )
+ )
  elif "USER" in source:
  print(
  "{}{:15}{}|{}{:>25.25}{} > {}{}{}".format(
@@ -184,7 +199,7 @@ def print_result(target, data, source):
  )
  elif "SOURCE" in source:
  print(
- "{}{:15}{}|{}{:>25.25}{} > {}{}{}".format(
+ "{}{:15}{}|{}{:>25.25}{} > {}{}{}\n".format(
  colors.fg.lightblue,
  source,
  colors.fg.lightgrey,