This project aims to assist in the search for leaked passwords while maintaining a high level of privacy using the k-anonymity method.

Related tags

CryptographyHashCheck
Overview

Password_HashCheck

This project aims to assist in the search for leaked passwords while maintaining a high level of privacy using the k-anonymity method.

To achieve this, the APIs of different services are used, sending only a part of the Hash of the password we want to check, for example, the first 5 characters.

Prerequisites

The project needs some libraries in order to work, to install it use the next command:

pip install -r requirements

Remember that Python 3 is required.

Usage

passme.py [FUNC] [ELEMENT] -engine [ENGINE] -api_key [API_KEY]
    FUNC:       The kind of element tha you want to check, it can be -h/--hash or -p/--password
                or -f/--file or -l/--list or --help.

    ELEMENT:    The "Hash", "Password" or the name of the file that contains a list of 
                hashes or password separeted by a new line.

    ENGINE:     The leaks engine that you want to be used, by default it uses HIBP (Have I been PWN).

    API_KEY:    The API_KEY necessary for some functions of some engines.

Functions

PASSME_HASH

The main project function receives the hashed password, the engine to be used and the API key.

Depending on the engine that is received, both the API key and the hashed password will be sent to one function or another.

If you want to add your own engine or an engine that is not already implemented, simply add one more option here.

passme_hash(hashed_password, engine="HIBP", api_key="0")

PASSME_PASSWORD

This function hashes the password it receives using SHA-1 and sends the hash to the passme_hash() function.

passme_password(password, engine="HIBP", api_key="0")

PASSME_FILE

This function reads one by one the lines of the received file to check each password, giving information about the received password and whether it has been filtered or not.

passme_file(filename, engine="HIBP", api_key="0")

PASSME_LIST

This function reads one by one the lines of the received file to check each hash, giving information about the received hash and whether it has been filtered or not.

passme_list(filename, engine="HIBP", api_key="0")

PASSME_LIST

The function that deals with the HIBP (Have i been pwned) API, sends the first five characters of the hash, then compares it with the full hash to see if the password/hash has been leaked.

engine_HIBP(hashed_password, engine, api_key)

Test

This project has a series of tests to check the correct operation of all its functions, for this purpose the "pytest" library has been used. To run the tests, install pytest with the following command:

pip install pytest

Once installed, simply run the "pytest" command to have the tests run automatically, any errors encountered will be returned by the terminal.

The results of the test in the lab are the following:

Python Version Function Hash Function List Function Password RANDOM Hash RANDOM Password Comment
3.9
3.8
3.7
3.6
3.5 Random.choice is not available in Python 3.5 // Deprecated Python Version

License

This project is licensed under the GNU General Public License - see the LICENSE file for details

Contact

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

This software doesn't have a QA Process. This software is a Proof of Concept.

If you have any problems, you can contact:

[email protected] - Ideas Locas CDCO - Telefónica

Disclaimer

In many places it can be a crime to install software on a computer that does not belong to you, without the owner's consent. We do not approve the use of PoC for any illegal purpose. To download or use our software in any way, you must acknowledge and approve the following:

1 - You declare that this PoC will be used exclusively in a legal manner. If you are in doubt as to the legality, consult a licensed attorney in the jurisdiction where you will be using this PoC.

2 - You acknowledge that the computer on which the software is to be installed is yours or you have the owner's consent to manage and install the software on it.

Owner
Telefónica
Telefónica official source code platform
Telefónica
Stenography encryption script

ImageCrypt Project description Installation Usage Project description Project AlexGyver on Python by TheK4n Design by Пашушка Byte packing in decimal

Kan 5 Dec 14, 2022
Fully configurable automated python script to collect most visted pages based on google dork

Ranked pages collector Fully configurable automated python script to collect most visted pages based on google dork Usage This project is still under

Security Analyzer 9 Sep 10, 2022
A lightweight encryption library in python.

XCrypt About This was initially a project to prove that I could make a strong encryption but I decided to publish it so that the internet peoples coul

Anonymous 8 Sep 10, 2022
Generate simple encrypted messages!

Premio's Shift is a very simple text encryption, you can use it to send secret messages to your friends. Table of Content Table of Content How it work

Peterson Adami Candido 3 Aug 06, 2021
Blockchain Python Implementation

Blockchain Python Implementation

0918nobita 2 Nov 21, 2021
A bot written in Python to automatically buy tokens on the Binance Smart Chain as soon as liquidity is provided

A bot written in Python to automatically buy tokens on the Binance Smart Chain as soon as liquidity is provided. If you’ve found this bot useful and have profited from it please consider donating any

473 Dec 25, 2022
A simple and secure password-based encryption & decryption algorithm based on hash functions, implemented solely based on python.

pyhcrypt A simple and secure password-based encryption & decryption algorithm based on hash functions, implemented solely based on python. Usage Pytho

Hongfei Xu 3 Feb 08, 2022
wdepy: Decryption and Inspection for PGP WDE Disks

This is a small python tool to inspect and decrypt disk images encrypted with PGP Whole Disk Encryption (including the Symantec-branded versions like Symantec Drive Encryption). It takes advantage of

Brendan Dolan-Gavitt 17 Oct 07, 2022
Certifi: Python SSL Certificates

(Python Distribution) A carefully curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts.

Certifi 608 Jan 02, 2023
Generate Random ETH addresses and Private Keys and Saved to file.

ethgen.py Generate Random ETH addresses and Private Keys and Saved to file. ETH address the file is stored in ETH-address.txt. ETH private keys the fi

deanondroid 2 Dec 21, 2021
😈 Shining is a tool that enables engineers to remotely pull smart contract code in multi-file situations.

👑 Shining 😈 Shining is a tool that enables engineers to remotely pull smart contract code in multi-file situations. Shining is the name of one of my

xxxeyJ 15 Jun 17, 2022
Python program that handles the creation, encryption and storage of log/journal files. Kinda works like a diary of sorts.

LucaSoft J.O.U.R.N.A.L The J.O.U.R.N.A.L (Just anOther User Redaction & Navigation Assistant by Lucaspec72) is a Python program that handles the creat

Lucaspec72 8 Oct 27, 2021
This project is a proof of concept to create a dashboard using Dash to display information about various cryptocurrencies.

This project is a WIP as a way to display useful information about cryptocurrencies. It's currently being actively developed as a proof of concept, and a way to visualize more useful data about vario

7 Apr 21, 2022
Gearbox-vyper-contracts - Auxillary contracts for the Gearbox Protocol written in Vyper

Gearbox Vyper Contracts Auxillary contracts for the Gearbox Protocol written in

Edward Amor 4 Jan 07, 2022
blockchain address database

Blockchain Address Ownership Database The database is in data/addresses.db This is a SQLite database of addresses from several blockchains. It's obtai

37 Nov 26, 2022
PyCrypter , A Tool To Encrypt/Decrypt Text/Code With Ease And Safe Using Password !

PyCrypter PyCrypter , A Tool To Encrypt/Decrypt Text/Code With Ease And Safe Using Password ! Requirements pyfiglet And colorama Usage First Clone The

1 Nov 12, 2021
BETCOIN BET is a digital currency system created with python

BETCOIN BET is a digital currency created with python and flask with features of a centralized bank, wallet system, and open transaction history of al

Ujjwal Kumar 3 Nov 16, 2021
Encrypt your code without a worry. Stark utilizes the base64, hashlib and Crypto lib to encrypt your code which cannot be decrypted with any online tools.

Stark Encrypt your code without a worry. Stark utilizes the base64, hashlib and Crypto lib to encrypt your code which cannot be decrypted with any onl

cliphd 3 Sep 10, 2021
JS Deobfuscation is a Python script that deobfuscates JS code and it's time saver for you

JS Deobfuscation is a Python script that deobfuscate JS code and it's time saver for you. Although it may not work with high degrees of obfuscation, it's a pretty nice tool to help you even if it's j

Quatrecentquatre 3 May 01, 2022
The Qis|krypt⟩ is a software suite of protocols of quantum cryptography and quantum communications

The Qis|krypt⟩ is a software suite of protocols of quantum cryptography and quantum communications, as well, other protocols and algorithms, built using IBM’s open-source Software Development Kit for

Qiskrypt 14 Oct 31, 2022