This project aims to assist in the search for leaked passwords while maintaining a high level of privacy using the k-anonymity method.

Related tags

CryptographyHashCheck
Overview

Password_HashCheck

This project aims to assist in the search for leaked passwords while maintaining a high level of privacy using the k-anonymity method.

To achieve this, the APIs of different services are used, sending only a part of the Hash of the password we want to check, for example, the first 5 characters.

Prerequisites

The project needs some libraries in order to work, to install it use the next command:

pip install -r requirements

Remember that Python 3 is required.

Usage

passme.py [FUNC] [ELEMENT] -engine [ENGINE] -api_key [API_KEY]
    FUNC:       The kind of element tha you want to check, it can be -h/--hash or -p/--password
                or -f/--file or -l/--list or --help.

    ELEMENT:    The "Hash", "Password" or the name of the file that contains a list of 
                hashes or password separeted by a new line.

    ENGINE:     The leaks engine that you want to be used, by default it uses HIBP (Have I been PWN).

    API_KEY:    The API_KEY necessary for some functions of some engines.

Functions

PASSME_HASH

The main project function receives the hashed password, the engine to be used and the API key.

Depending on the engine that is received, both the API key and the hashed password will be sent to one function or another.

If you want to add your own engine or an engine that is not already implemented, simply add one more option here.

passme_hash(hashed_password, engine="HIBP", api_key="0")

PASSME_PASSWORD

This function hashes the password it receives using SHA-1 and sends the hash to the passme_hash() function.

passme_password(password, engine="HIBP", api_key="0")

PASSME_FILE

This function reads one by one the lines of the received file to check each password, giving information about the received password and whether it has been filtered or not.

passme_file(filename, engine="HIBP", api_key="0")

PASSME_LIST

This function reads one by one the lines of the received file to check each hash, giving information about the received hash and whether it has been filtered or not.

passme_list(filename, engine="HIBP", api_key="0")

PASSME_LIST

The function that deals with the HIBP (Have i been pwned) API, sends the first five characters of the hash, then compares it with the full hash to see if the password/hash has been leaked.

engine_HIBP(hashed_password, engine, api_key)

Test

This project has a series of tests to check the correct operation of all its functions, for this purpose the "pytest" library has been used. To run the tests, install pytest with the following command:

pip install pytest

Once installed, simply run the "pytest" command to have the tests run automatically, any errors encountered will be returned by the terminal.

The results of the test in the lab are the following:

Python Version Function Hash Function List Function Password RANDOM Hash RANDOM Password Comment
3.9
3.8
3.7
3.6
3.5 Random.choice is not available in Python 3.5 // Deprecated Python Version

License

This project is licensed under the GNU General Public License - see the LICENSE file for details

Contact

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

This software doesn't have a QA Process. This software is a Proof of Concept.

If you have any problems, you can contact:

[email protected] - Ideas Locas CDCO - Telefónica

Disclaimer

In many places it can be a crime to install software on a computer that does not belong to you, without the owner's consent. We do not approve the use of PoC for any illegal purpose. To download or use our software in any way, you must acknowledge and approve the following:

1 - You declare that this PoC will be used exclusively in a legal manner. If you are in doubt as to the legality, consult a licensed attorney in the jurisdiction where you will be using this PoC.

2 - You acknowledge that the computer on which the software is to be installed is yours or you have the owner's consent to manage and install the software on it.

Owner
Telefónica
Telefónica official source code platform
Telefónica
An BlockChain Based solution for storing the medical records

Blockchain-based Medical Records 📄 Abstract Blockchain has the ability to keep an incorruptible, decentralized, and transparent log of all patient da

Yuvraj Singh Deora 3 Jan 14, 2022
EncryptAGit - Encrypt Your Git Repos

EncryptAGit - Encrypt Your Git Repos

midnite_runr 25 Oct 06, 2022
Skepticoin is a peer-to-peer digital currency that enables you to send money online

What is Skepticoin? Skepticoin is a peer-to-peer digital currency that enables you to send money online. It's also the central community of people who

64 Aug 06, 2022
Stenography encryption script

ImageCrypt Project description Installation Usage Project description Project AlexGyver on Python by TheK4n Design by Пашушка Byte packing in decimal

Kan 5 Dec 14, 2022
Python Script for signingn LetsEncrypt certificate with certbot, and update them into Fortigate

Python Script for signingn LetsEncrypt certificate with certbot, and update them into Fortigate (to be used into the WEB VPN or Load Balancer certificate)

6 Jan 03, 2023
Generate simple encrypted messages!

Premio's Shift is a very simple text encryption, you can use it to send secret messages to your friends. Table of Content Table of Content How it work

Peterson Adami Candido 3 Aug 06, 2021
wdepy: Decryption and Inspection for PGP WDE Disks

This is a small python tool to inspect and decrypt disk images encrypted with PGP Whole Disk Encryption (including the Symantec-branded versions like Symantec Drive Encryption). It takes advantage of

Brendan Dolan-Gavitt 17 Oct 07, 2022
Linear encryption software programmed with python

Echoder linear encryption software programmed with python How does it work? The text in the text section runs a function with two keys entered keys mu

Emre Orhan 4 Dec 20, 2021
一个关于摩斯密码解密与加密的库 / A library about encoding and decoding Morse code.

Morsecoder By Lemonix 介绍 一个关于摩斯密码解密与加密的库

Heat Studio 10 Jun 28, 2022
This program can encrypt and decrypt your files so that they can no longer be identified.

File_Cryptographer Table of Contents: About the Program Features Requirements Preview Credits Reach Me See Also About the Program: with this program,

Sina.f 6 Nov 20, 2022
A python tool to track prices of various cryptocurrencies and alert

CryptoPriceTracker This is a tool to track prices of various cryptocurrencies and alert the user once the user defined maximum & minimum target is rea

1 Oct 01, 2021
Image AES256 crypt-decrypt

Image AES256 crypt-decrypt

Damian Panek 37 Nov 09, 2021
J. Brandon Walker 1 May 13, 2022
This python module can analyse cryptocurrency news for any number of coins given and return a sentiment. Can be easily integrated with a Trading bot to keep an eye on the news.

Python script that analyses news headline or body sentiment and returns the overall media sentiment of any given coin. It can take multiple coins an

185 Dec 22, 2022
This is an experimental AES-encrypted RPC API for ESP 8266.

URPC This is an experimental AES-encrypted RPC API for ESP 8266. Usage The server folder contains a sample ESP 8266 project. Simply set the values in

Ian Walton 1 Oct 26, 2021
Python Encryption Name Game

Python 3.9.7 Encryption Name Game Encrypt a name with numbers using a Caesar cipher! You can choose different numbers to encrypt your name from 1 to o

Armand Brunelle 3 Dec 24, 2021
Basic Ethereum Miner Lib

EthMine ⛏ Basic Ethereum Miner Library. Developers can integrate this algorithm to mine blocks from their ethereum supported chain efficiently. Instal

Jaival Patel 1 Oct 30, 2021
E2EE disabling plugin for Synapse

E2EE disabling plugin for Synapse This Pluggable Module disables end-to-end encryption in a self-hosted Synapse servers. It works by stripping out req

Konstantin Sharlaimov 9 Nov 30, 2022
A bot written in Python to automatically buy tokens on the Binance Smart Chain as soon as liquidity is provided

A bot written in Python to automatically buy tokens on the Binance Smart Chain as soon as liquidity is provided. If you’ve found this bot useful and have profited from it please consider donating any

473 Dec 25, 2022