Cloudflare / Pass Checker

Fri, 24 Feb 2017 04:19:24 -0800 

Hi there
Just learnt today about the cloudflare fiasco. Good that I use pass and have seperate passwords for things. 


Also, usually I store stuff in Web\domain.tld when I need to make an 
account at domain.tld.



So, I wrote a small bash script that allows to check the Cloudflare 
domain list with your pass entries to see, if there are services that 
you use that could be compromised.


The current cloudflare domain list can be found here:

https://github.com/pirate/sites-using-cloudflare

I'm not sure how accurate that is but it has over 4 million domains.


Since the script uses bash and bash isn't so slow, it takes quite a 
while to parse everything (still parsing on my system).



Basically what the script does is build an array of your pass entries - 
omitting the .gpg and the path.



Then it reads out the first 1000 entries in the cloudflare list and 
iterates them over each pass entry. If there's a match, it should write 
to a seperate text file.



All you have to do is download the attached script, set the path to your 
password-store and the cloudflare domain list and let it run. As said, 
it will take quite a long time.


Feel free to improve the script ;)

Stephan

#!/usr/bin/env bash

cfFile="/home/<user>/Desktop/git-repos/sites-using-cloudflare/sorted_unique_cf.txt"
passStore="/home/<user>/.password-store"
numLines="1000"

getPassEntries() {
    # Check all files in the password store
    while IFS= read -rd '' file; do
        # Remove .gpg
        name="${file%.*}"
        # Remove path
        name="${name##*/}"
        passArr+=("${name}")
    done < <(find "$passStore" -type f -iname "*.gpg" -print0)
}

countCFEntries() {
    cfLines=$(cat "${cfFile}" | wc -l)
}

loopCFEntries() {
    s=1
    e=$((s + numLines -1))
    while [[ ${s} -lt ${cfLines} ]]; do
        unset cfArr
        cfArr=( $(sed -n "${s},${e}p" "${cfFile}" ) )
        for i in "${cfArr[@]}"; do
            printf '%s\n' "Testing: ${i}"
#           inArray "${i}" "${passArr[@]}" && printf '%s\n' "MATCH ${i} --> 
${h}" || printf '%s\n' "${i} --> ${h}"
            for j in "${passArr[@]}"; do
#               printf '%s\n' "${i} --> ${j}"
                [[ $i = ?(*.)"$j" ]] && printf '%s\n' "MATCH: ${i} --> ${j}" && 
printf '%s\n' "${i} - ${j}" >> "matches.txt"
            done
        done
        s=$((e + 1))
        e=$((s + numLines -1))
    done
}


# Usage: inArray "${value}" "${array[@]}"
inArray() {
    local n=$1 h
    shift
    for h; do
        [[ $n = ?(*.)"$h" ]] && return
    done
    return 1
}


getPassEntries
#printf '%s\n' "${passArr[@]}"
countCFEntries
#printf '%s\n' "${cfLines}"
loopCFEntries

_______________________________________________
Password-Store mailing list
[email protected]
https://lists.zx2c4.com/mailman/listinfo/password-store






















					Reply via email to