This project aims to assist in the search for leaked passwords while maintaining a high level of privacy using the k-anonymity method.

Related tags

CryptographyHashCheck
Overview

Password_HashCheck

This project aims to assist in the search for leaked passwords while maintaining a high level of privacy using the k-anonymity method.

To achieve this, the APIs of different services are used, sending only a part of the Hash of the password we want to check, for example, the first 5 characters.

Prerequisites

The project needs some libraries in order to work, to install it use the next command:

pip install -r requirements

Remember that Python 3 is required.

Usage

passme.py [FUNC] [ELEMENT] -engine [ENGINE] -api_key [API_KEY]
    FUNC:       The kind of element tha you want to check, it can be -h/--hash or -p/--password
                or -f/--file or -l/--list or --help.

    ELEMENT:    The "Hash", "Password" or the name of the file that contains a list of 
                hashes or password separeted by a new line.

    ENGINE:     The leaks engine that you want to be used, by default it uses HIBP (Have I been PWN).

    API_KEY:    The API_KEY necessary for some functions of some engines.

Functions

PASSME_HASH

The main project function receives the hashed password, the engine to be used and the API key.

Depending on the engine that is received, both the API key and the hashed password will be sent to one function or another.

If you want to add your own engine or an engine that is not already implemented, simply add one more option here.

passme_hash(hashed_password, engine="HIBP", api_key="0")

PASSME_PASSWORD

This function hashes the password it receives using SHA-1 and sends the hash to the passme_hash() function.

passme_password(password, engine="HIBP", api_key="0")

PASSME_FILE

This function reads one by one the lines of the received file to check each password, giving information about the received password and whether it has been filtered or not.

passme_file(filename, engine="HIBP", api_key="0")

PASSME_LIST

This function reads one by one the lines of the received file to check each hash, giving information about the received hash and whether it has been filtered or not.

passme_list(filename, engine="HIBP", api_key="0")

PASSME_LIST

The function that deals with the HIBP (Have i been pwned) API, sends the first five characters of the hash, then compares it with the full hash to see if the password/hash has been leaked.

engine_HIBP(hashed_password, engine, api_key)

Test

This project has a series of tests to check the correct operation of all its functions, for this purpose the "pytest" library has been used. To run the tests, install pytest with the following command:

pip install pytest

Once installed, simply run the "pytest" command to have the tests run automatically, any errors encountered will be returned by the terminal.

The results of the test in the lab are the following:

Python Version Function Hash Function List Function Password RANDOM Hash RANDOM Password Comment
3.9
3.8
3.7
3.6
3.5 Random.choice is not available in Python 3.5 // Deprecated Python Version

License

This project is licensed under the GNU General Public License - see the LICENSE file for details

Contact

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

This software doesn't have a QA Process. This software is a Proof of Concept.

If you have any problems, you can contact:

[email protected] - Ideas Locas CDCO - Telefónica

Disclaimer

In many places it can be a crime to install software on a computer that does not belong to you, without the owner's consent. We do not approve the use of PoC for any illegal purpose. To download or use our software in any way, you must acknowledge and approve the following:

1 - You declare that this PoC will be used exclusively in a legal manner. If you are in doubt as to the legality, consult a licensed attorney in the jurisdiction where you will be using this PoC.

2 - You acknowledge that the computer on which the software is to be installed is yours or you have the owner's consent to manage and install the software on it.

Owner
Telefónica
Telefónica official source code platform
Telefónica
Run with one command grafana, prometheus, and a python script to collect and display cryptocurrency prices and track your wallet balance.

CryptoWatch Track your favorite crypto coin price and your wallet balance. Install Create .env: ADMIN_USER=admin ADMIN_PASSWORD=admin Configure you

Rafael Zimmermann 13 Dec 13, 2022
A simple key-based text encryption process that encrypts a string based in a list of characteres pairs.

Simple Cipher Encrypter About | New Features | Exemple | How To Use | License ℹ️ About A simple key-based text encryption process that encrypts a stri

Guilherme Farrel 1 Oct 21, 2021
A curated list for getting up to speed on crypto and decentralized networks

crypto reading list A curated list for getting up to speed on crypto and decentralized networks. The content on the toplevel page contains what we con

Jump Crypto 1.1k Jan 07, 2023
Message Encrypt and decrypt software // allows you to encrypt the secrete message and decrypt Another Encryption Message. |

Message-Encrypy-Decrypt-App Message Encrypt and decrypt software // allows you to encrypt the secrete message and decrypt Another Encryption Message.

Abdulrahman-Haji 2 Dec 16, 2021
A really, really bad way to encrypt your text

deoxyencryptingnucleicacids A really, really bad way to encrypt your text. A general description of the scheme Encoding: The ascii plaintext is first

Sam Pinkerton 1 Nov 01, 2021
Atomkraft - Lightweight e2e testing for cosmos blockchains

Atomkraft End-to-end testing of Cosmos blockchains should be easy and reproducib

Informal Systems 57 Dec 16, 2022
blockchain address database

Blockchain Address Ownership Database The database is in data/addresses.db This is a SQLite database of addresses from several blockchains. It's obtai

37 Nov 26, 2022
Python FFI bindings for libsecp256k1 (maintained)

secp256k1-py Python FFI bindings for libsecp256k1 (an experimental and optimized C library for EC operations on curve secp256k1). Previously maintaine

Rusty Russell 29 Dec 29, 2022
GmJEWEL - The monorepo for the Greedy Merchants Guild

Greedy Merchants Guild Hello! Welcome to the monorepo for the Greedy Merchants G

Greedy Merchants Guild 5 Mar 09, 2022
Simple crypto & blockchain implementation written in Python

JaamoCoin - simple Python blockchain example This is a very simple blockchain example written in Python. Based on this tutorial: https://medium.com/co

Jaakko Alajoki 1 Jan 07, 2022
Algorand-app - This tutorial is designed to get you started with Algorand development in a step by step process

Getting Started This tutorial is designed to get you started with Algorand devel

Connor 1 Jan 06, 2022
Implementation of Smart Batch Auction for NFT launches on Tezos.

NFT Smart Batch Auction Smart Batch Auctions are an improvement over the traditional first come first serve (FCFS) NFT drops. FCFS design has been in

Anshu Jalan 5 May 06, 2022
Marketplace but with cryptocurrencies only.

MoneroMarket Marketplace but with cryptocurrencies only. MoneroMarket was created as a way to be able to use cryptocurrencies as an actual currency to

Janoher 35 Jan 01, 2023
Tool to compare smart contracts source code

smartdiffer Tool to compare smart contracts source code. Heavily relies on API of Etherscan and Diffchecker. Installation pip install smartdiffer API

Roman Moskalenko 23 Nov 16, 2022
This is an experimental AES-encrypted RPC API for ESP 8266.

URPC This is an experimental AES-encrypted RPC API for ESP 8266. Usage The server folder contains a sample ESP 8266 project. Simply set the values in

Ian Walton 1 Oct 26, 2021
Hyval will store your information encrypted and decrypt it when needed

Hyval will store your information encrypted and decrypt it when needed

soroush safari 3 Oct 31, 2021
Pogramme de chiffrement et déchiffrement césar d'un message en python3.

Chiffrement Cesar En Python3 Pogramme de chiffrement et déchiffrement césar d'un message en python3. Explication du chiffrement César avec complexité

Malik Makkes 1 Mar 26, 2022
A simple, terminal password manager in Python.

A simple, terminal password manager in Python.

81 Nov 22, 2022
Powerful Tool to encrypt and decrypt files using AES.

AEScryptor Tool Description Encrypt and Decrypt files with AES-128 (16bytes key). AES mode = CFB (cipher Feedback) security = super safe! Usage [1] Ch

5 Jan 12, 2022
zhash is a simple Python tool which allows to create/crack hashes

zhash zhash is a simple python tool which allows you to crack/create hashes. Below are the list of supported algorithms that zhash can crack Supported

3 May 27, 2022