khast3x / h8mail Goto Github PK
View Code? Open in Web Editor NEWEmail OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email
License: Other
Email OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email
License: Other
Hi mate, awesome project! Thank you so much for coming up with this.
Wondering if you will be willing to accept anything else rather than an e-mail as target. From time to time, we search for hash, domain, name, company name etc...
Would you be looking into it ?
Cheers
Ideas for future release:
Check larger types of inputs with API services
Check if running latest version of h8mail
HTML report
When trying to install h8mail using pip3 install h8mail, it confirms but does not execute.
When cloning and git repo and running the python setup.py install command, results in below error:
╰─➤ sudo python setup.py install 1 ↵
/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/distutils/dist.py:267: UserWarning: Unknown distribution option: 'python_requires'
warnings.warn(msg)
Traceback (most recent call last):
File "setup.py", line 46, in
zip_safe=False,
File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/distutils/core.py", line 111, in setup
_setup_distribution = dist = klass(attrs)
File "/System/Library/Frameworks/Python.framework/Versions/2.7/Extras/lib/python/setuptools/dist.py", line 268, in init
self.fetch_build_eggs(attrs['setup_requires'])
File "/System/Library/Frameworks/Python.framework/Versions/2.7/Extras/lib/python/setuptools/dist.py", line 313, in fetch_build_eggs
replace_conflicting=True,
File "/System/Library/Frameworks/Python.framework/Versions/2.7/Extras/lib/python/pkg_resources/init.py", line 843, in resolve
dist = best[req.key] = env.best_match(req, ws, installer)
File "/System/Library/Frameworks/Python.framework/Versions/2.7/Extras/lib/python/pkg_resources/init.py", line 1088, in best_match
return self.obtain(req, installer)
File "/System/Library/Frameworks/Python.framework/Versions/2.7/Extras/lib/python/pkg_resources/init.py", line 1100, in obtain
return installer(requirement)
File "/System/Library/Frameworks/Python.framework/Versions/2.7/Extras/lib/python/setuptools/dist.py", line 380, in fetch_build_egg
return cmd.easy_install(req)
File "/System/Library/Frameworks/Python.framework/Versions/2.7/Extras/lib/python/setuptools/command/easy_install.py", line 638, in easy_install
return self.install_item(spec, dist.location, tmpdir, deps)
File "/System/Library/Frameworks/Python.framework/Versions/2.7/Extras/lib/python/setuptools/command/easy_install.py", line 668, in install_item
dists = self.install_eggs(spec, download, tmpdir)
File "/System/Library/Frameworks/Python.framework/Versions/2.7/Extras/lib/python/setuptools/command/easy_install.py", line 851, in install_eggs
return self.build_and_install(setup_script, setup_base)
File "/System/Library/Frameworks/Python.framework/Versions/2.7/Extras/lib/python/setuptools/command/easy_install.py", line 1079, in build_and_install
self.run_setup(setup_script, setup_base, args)
File "/System/Library/Frameworks/Python.framework/Versions/2.7/Extras/lib/python/setuptools/command/easy_install.py", line 1067, in run_setup
raise DistutilsError("Setup script exited with %s" % (v.args[0],))
distutils.errors.DistutilsError: Setup script exited with error in urllib3 setup command: 'extras_require' must be a dictionary whose values are strings or lists of strings containing valid project/version requirement specifiers.
Describe what you were trying to get done.
Tell us what happened, what went wrong, and what you expected to happen.
python3 -m h8mail -t [email protected] -c config.ini
[>] Showing results for [email protected]
LEAKLOOKUP_PUB |[email protected] > myfitnesspal.com
LEAKLOOKUP_PUB |[email protected] > netlog.com
LEAKLOOKUP_PUB |[email protected] > jobstreet.com
Session Recap:
Target | Status
[email protected] | Breach Found (3 elements)
am i able to see the passwords for these breached sites?
At some rare places instead of a : the database entries are seperated by a ; which throws things of
I have replaced
t.breachcomp_passw.append(line.split(":")[1])
with
t.breachcomp_passw.append(re.split("[;:]",line)[-1])
for me to make it work.
seems HIBP API Keys changed/stopped working..
[] HIBP free tier will stop working on the 2019/08/18] You can already use a purchased API key using h8mail (config file)
[
[!] Could not contact HIBP for [email protected]
401
Hello khast3x
I hope that you are well, I just wanted to see if you could guide me a little in regards to a situation in which after I complete the install process I dont find the h8mail.py file, I have downloaded the package using the zip download and also using "git clone".
I reviewed multiple information sites including looking for instructions about the install process including following the instructions given on this site without any successful solution.
``
oot@HCKA223:/.25/search#/.25/search# cd h8mail/
root@HCKA223:
root@HCKA223:/.25/search/h8mail# ls/.25/search/h8mail#
Dockerfile h8mail LICENSE Makefile PyPi.rst README.md setup.py tests
root@HCKA223:
root@HCKA223:~/.25/search/h8mail# cat README.md
Collecting h8mail
Downloading https://files.pythonhosted.org/packages/55/8f/574301e40762f344c0b687b9b9e17f085260b8cb0d415f2466cf70065a87/h8mail-2.5.tar.gz
Complete output from command python setup.py egg_info:
Traceback (most recent call last):
File "", line 1, in
File "/tmp/pip-install-hloLaX/h8mail/setup.py", line 12, in
with open("PyPi.rst") as readme_file:
IOError: [Errno 2] No such file or directory: 'PyPi.rst'
root@HCKA223:/.25/search/h8mail# pip install -r requirements.txt/.25/search/h8mail#
Requirement already satisfied: requests in /usr/lib/python2.7/dist-packages (from -r requirements.txt (line 1)) (2.21.0)
root@HCKA223:
root@HCKA223:/.25/search/h8mail#/.25/search/h8mail#
root@HCKA223:
root@HCKA223:/.25/search/h8mail# pip3 install h8mail/.25/search/h8mail#
Requirement already satisfied: h8mail in /usr/local/lib/python3.7/dist-packages/h8mail-2.5-py3.7.egg (2.5)
Requirement already satisfied: requests in /usr/lib/python3/dist-packages (from h8mail) (2.21.0)
root@HCKA223:
root@HCKA223:~/.25/search/h8mail# python3 setup.py install
running install
running bdist_egg
running egg_info
....
arching for requests==2.21.0
Best match: requests 2.21.0
Adding requests 2.21.0 to easy-install.pth file
Using /usr/lib/python3/dist-packages
Finished processing dependencies for h8mail==2.5
root@HCKA223:/.25/search/h8mail#/.25/search/h8mail# ls
root@HCKA223:
build dist Dockerfile h8mail h8mail.egg-info LICENSE Makefile PyPi.rst README.md setup.py tests
root@HCKA223:/.25/search/h8mail#/.25/search/h8mail#
root@HCKA223:
i will really appreciate if you could give me hand about this question, it may be something simple but unfortunately I have not been able to find a solution.
Thank you for your time.
I configured the API keys for the dehashed.com service, and it all works well, but each time I make a query(any, email or domain) it returns a bunch of junk data(1000+) along with some valid results at the beginning.
False negatives while doing compressed file searching
Obviously I use whatbreach to get my databases (because i'm cool like that ;p). Anyways [email protected]
has been breached in one of Adobe's breaches, this file is a tar.gz
that decompressed to a gz
file that decompresses to a file named cred
while using h8mail to search through the file it will not provide any information, but it will show that there are occurrences if i use -lb
.
h8mail -t [email protected] -gz Adobe\ 152M.tar -sk --loose
h8mail is free & open-source. Please report scammers.
Version 2.2 - "HAILTEAM"
._____. ._____. ;____________;
| ._. | | ._. | ; h8mail ;
| !_| |_|_|_! | ;------------;
!___| |_______! Heartfelt Email OSINT
.___|_|_| |___. Use responsibly!
| ._____| |_. | ;____________________;
| !_! | | !_! | ; github.com/khast3x ;
!_____! !_____! ;--------------------;
[>] Targets:
['[email protected]']
[~] Removing duplicates
[~] Target factory started for [email protected]
[~] Terminating worker pool
__________________________________________________________________________________________
[>] Showing results for [email protected]
[~] No results founds
__________________________________________________________________________________________
Session Recap:
Target | Status
__________________________________________________________________________________________
[email protected] | Not Compromised
__________________________________________________________________________________________
Execution time (seconds): 0.1438760757446289
h8mail -t [email protected] -lb cred
h8mail is free & open-source. Please report scammers.
Version 2.2 - "HAILTEAM"
._____. ._____. ;____________;
| ._. | | ._. | ; h8mail ;
| !_| |_|_|_! | ;------------;
!___| |_______! Heartfelt Email OSINT
.___|_|_| |___. Use responsibly!
| ._____| |_. | ;____________________;
| !_! | | !_! | ; github.com/khast3x ;
!_____! !_____! ;--------------------;
[>] Targets:
[email protected]
[~] Removing duplicates
[~] Target factory started for [email protected]
[{'Name': 'Adobe'}, {'Name': 'OnlinerSpambot'}, {'Name': 'RiverCityMedia'}, {'Name': 'VerificationsIO'}]
[>] Found 4 breaches for [email protected] using HIBP
[~] No pastes found for [email protected] using HIBP PASTE
[>] Found 0 related emails for [email protected] using Hunter.IO
[~] Using file cred
[~] Worker [96175] is searching for targets in cred (3481316319 bytes)
[>] Found occurrence [cred] Line 436679: 111285261-|--|[email protected]|-FP220B6GQV8=-|-Munsters|--
^C[!] Caught KeyboardInterrupt, terminating workers
__________________________________________________________________________________________
[>] Showing results for [email protected]
HIBP |[email protected] > Adobe
HIBP |[email protected] > OnlinerSpambot
HIBP |[email protected] > RiverCityMedia
HIBP |[email protected] > VerificationsIO
__________________________________________________________________________________________
Session Recap:
Target | Status
__________________________________________________________________________________________
[email protected] | Breach Found (4 elements)
__________________________________________________________________________________________
Execution time (seconds): 31.479928970336914
Hello,
I'm having two issues..
The first one is regarding h8mail.py
Whenever I run the commands:
apt-get install nodejs
git clone https://github.com/khast3x/h8mail.git
cd h8mail
pip3 install -r requirements.txt
python3 h8mail.py -h
It says the following:
python3: can't open file 'h8mail.py': [Errno 2] No such file or directory
The second one: regarding HIBP
Whenever I run the command:
h8mail -t [[email protected]]
It says the following in one of the lines:
[!] Could not contact HIBP for [[email protected]]
403
Any advice as to how to solve these two issues would be much appreciated.
Hi @khast3x
Looking for your kind help. I am trying to modify the DEHASHED section in classes.py in my local copy. As i have stated in my previous issue #62 that requests.get is not returning anything in case of Dehash, hence i tried to check the same in another way.
I have commented the make_request call from get_dehashed fucntion. But still o improvement. Then i have executed in debug and saw, the old method is getting called.
Am i missing anything? Is there anywhere else i need to change/ update anything to get my new chunk of code working?
Earnestly looking for your help at the earliest please.
Regards
I'm currently working on getting a emailed.io api key and a scylla key, how do I add both api keys into the program? Also will the limit on emailrep.io be resolved along with the scylla issue?
https://liferay.dev/blogs/-/blogs/enable-ansi-colors-in-windows-command-prompt
Confirmed works with h8mail
When using h8mail i get this message on multiple api service requests.
"expecting value: line 1 column 1 (char 0)"
Googled til the cows came home.
Hello, I am getting an error when running python3 h8mail.py -t [email protected]
.
Error: Request could not be made for [email protected] HTTPSConnectionPool(host='haveibeenpwned.com', port=443): Max retries exceeded with url: /api/v2/breachedaccount/[email protected]?truncateResponse=true (Caused by NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x7f80a83d7780>: Failed to establish a new connection: [Errno -2] Name or service not known')) Traceback (most recent call last): File "h8mail.py", line 230, in <module> main(args) File "h8mail.py", line 200, in main breached_targets = target_factory(targets, api_keys) File "h8mail.py", line 146, in target_factory current_target.get_hibp() File "/root/h8mail/classes.py", line 75, in get_hibp response = self.make_request(url) File "/root/h8mail/classes.py", line 48, in make_request if response.status_code == 429: UnboundLocalError: local variable 'response' referenced before assignment
Hi @khast3x ,
Python3 requests.get is not returning any content but only status code. But the api is working fine as i have tried the same with CURL. Need your intervention please
I attempted to get the results for a email address I knew was involved in a breach and to get provided with the hash/clear text password. When it finished it returned saying that the email was involved in a breach but did not return with the hash/password.
H8mail -t <Target email>
I am running a single target against a user name,
h8mail -t <email_address>
[>] Targets:
<email_address>
[] Removing duplicates] Target factory started for <email_address>
[
[] HIBP free tier will stop working on the 2019/08/18] You can already use a purchased API key using h8mail (config file)
[
[!] Could not contact HIBP for <email_address> 401
Unfortunately I do not know why there is a 401 error, it does tell me that there are breachs found (13 elements) but with no information, as see in your screen shots when you run the command.
You advise for this n00b using your tool would be awesome.
I ran python3 h8mail.py -t [email protected]
and the script return me this error:
Warning: Could not contact HIBP using CF bypass
Any idea ?
Whenever I execute the following command I get a WinError 193
h8mail.exe -t [email protected] -bc D:\BC\BreachCompilation
[>] Targets:
[email protected]
[] Removing duplicates] Target factory started for [email protected]
[
[!] Could not contact HIBP for [email protected]
403
[>] Found 0 related emails for [email protected] using Hunter.IO
[>] Found additional data with emailrep.io
[~] Looking up [email protected] in BreachCompilation
[!] Breach compilation
[WinError 193] %1 is not a valid Win32 application
The script runs fine, up until I actually ask it to search the emails. Which it gives this error:
Traceback (most recent call last): File "h8mail.py", line 228, in <module> ui.setup(verbose=args.verbosity) # Show debug messages if -v True AttributeError: module 'ui' has no attribute 'setup'
Quick note as well, not the same issue as the "No module named ui" incidents with issue 11.
hi,
i installed h8mail with pip3 (because pip didnt work) and when i launch the program it says:
Traceback (most recent call last):
File "h8mail.py", line 4, in
import ui
ImportError: No module named ui
thanks for the tool but i have this error
Traceback (most recent call last):
File "h8mail.py", line 228, in
ui.setup(verbose=args.verbosity) # Show debug messages if -v True
AttributeError: module 'ui' has no attribute 'setup'
I want to write an output file (-o
flag).
h8mail -sk --local-breach dumps/non-gz/ --gzip dumps/gz/ -o example.csv -q domain -t example.com
As you can see, no actual output is written even when there are results found.
I launched a scan with an email that I have previously tried.
The first time H8mail checked in scylla.sh without a prior configuration, the second time that I tried with the same email It hasn't checked in scylla but only in emailrep.
I tried to remove the software and to install it another time and to run the software by using other email with the same results.
The command that I ran:
`h8mail -t <email>`
I tryd to check a list of nicknames that saved in a textfile (.txt)
h8mail -t targets.txt --loose
but h8mail uses the filename as a target itself
`[>] h8mail is up to date
[>] Targets:
['targets.txt']
[~] Removing duplicates
[~] Target factory started for targets.txt
[~] HIBP free tier will stop working on the 2019/08/18
[~] You can already use a purchased API key using h8mail (config file)
[!] Could not contact HIBP for targets.txt
401
[!] hunter.io (pubic API) error: targets.txt
list index out of range
[!] Could not contact emailrep for targets.txt`
but i can´t drop the "--loose" command because the file contains no email adresses
what am i doing wrong?
thanks for help in advance!
when ever i manage to launch h8mail using the command h8mail
or even h8mail -h
i get this following error
Traceback (most recent call last): File "/usr/local/bin/h8mail", line 11, in <module> load_entry_point('h8mail==2.3', 'console_scripts', 'h8mail')() File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 489, in load_entry_point return get_distribution(dist).load_entry_point(group, name) File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 2852, in load_entry_point return ep.load() File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 2443, in load return self.resolve() File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 2449, in resolve module = __import__(self.module_name, fromlist=['__name__'], level=0) File "/usr/local/lib/python2.7/dist-packages/h8mail-2.3-py2.7.egg/h8mail/__main__.py", line 2, in <module> from .utils.run import main File "/usr/local/lib/python2.7/dist-packages/h8mail-2.3-py2.7.egg/h8mail/utils/run.py", line 10, in <module> from .breachcompilation import breachcomp_check File "/usr/local/lib/python2.7/dist-packages/h8mail-2.3-py2.7.egg/h8mail/utils/breachcompilation.py", line 18 c.info_news(f"Looking up {t.target} in BreachCompilation") ^ SyntaxError: invalid syntax
Hello not sure I’m placing this in the right location I am new to github and how all this works so sorry if this is all wrong. I had a couple request or ideas and was hoping to see if it’s possible
Incorporating the ability to search for a username not just email
Preset config for setting location of breach compilation folder so the directory and flag doesn’t have to be inputted each time.
Thanks again
Ph33rz(Chris )
WeLeakInfo.to is the replacement to weleakinfo.com, any chance you can update the call?
I´m new at this, and aparrently h8mail is running well (not explicit errors during install nor execution) but i have some questions.
i did find 3 security breaches using haveibeenpwned on targets mail
but h8mail dont find anything, it says "not compromised"
i think im missing the whole point of this wonderful tool.
thank you, haunter
if i use another accounts that i find on internet in some h8mail tutorials and they did retrive results!!
Use bozo-buster and hash-buster
How to configure config.ini? I didn't understand how this part works
I followed the instructions to the T but it still isnt working? it says the following errors below.
user@parrot]─[~/h8mail]
└──╼ $pip install -r requirements.tx
Could not open requirements file: [Errno 2] No such file or directory: 'requirements.tx'
┌─[✗]─[user@parrot]─[~/h8mail]
└──╼ $python h8mail.py -h
python: can't open file 'h8mail.py': [Errno 2] No such file or directory
┌─[✗]─[user@parrot]─[~/h8mail]
└──╼ $pip install -r requirements.txt
Could not open requirements file: [Errno 2] No such file or directory: 'requirements.txt'
┌─[✗]─[user@parrot]─[~/h8mail]
└──╼ $python3 h8mail.py -h
python3: can't open file 'h8mail.py': [Errno 2] No such file or directory
┌─[✗]─[user@parrot]─[~/h8mail]
└──╼ $
here.
hi guys so when i run the command python h8mail.py -t ([email protected]) -bc ../Downloads/BreachCompilation/ --local i get an error saying Warning: Breach compilation [WinError 2] The system cannot find the file specified
the breach compilation file is located in Downloads on my C: drive, i tried everything. any ideas how to solve this?
I closed off scylla because stupid script kiddies were being stupid. Any user of h8mail is welcome to use this however, as I'm confident you're not stupid script kiddies :). The u/p you all may use:
sammy / BasicPassword!
Hope you all continue to enjoy scylla.sh. Reach me at [email protected] with any questions!
Hi,
Is there any way I can add a domain as target or a wildcard for emails?
Trying to execute a command like, h8mail -h, did not work properly. I'm not sure if this error is really anything significant but I'm unfamiliar with Python so I decided to ask.
Created a virtual environment venv on user home folder using
virtualenv -p /usr/bin/python3 venv
then went in there doing
cd venv
source bin/activate
pip3 install h8mail
h8mail -h
This was the response
Traceback (most recent call last):
File "/home/matt/venv/bin/h8mail", line 5, in
from h8mail.main import main
File "/home/matt/venv/lib/python3.5/site-packages/h8mail/main.py", line 2, in
from .utils.run import main
File "/home/matt/venv/lib/python3.5/site-packages/h8mail/utils/run.py", line 10, in
from .breachcompilation import breachcomp_check
File "/home/matt/venv/lib/python3.5/site-packages/h8mail/utils/breachcompilation.py", line 18
c.info_news(f"Looking up {t.target} in BreachCompilation")
^
SyntaxError: invalid syntax
[!] Something went wrong with gzip worker
Compressed file ended before the end-of-stream marker was reached
[>] Showing results for
[~] No results founds
Session Recap:
Target | Status
<redacted> | Not Compromised
Execution time (seconds): 4769.6074821949005
Done
How do i make get my dehash API to work? i have inserted my "dehash_key" in h8mail_config.ini. what do i insert in "dehash_email" ? and how do i run it with the API?
Trying to find my own accounts passwords and although breaches have been detected I cant actually see the clear text password to confirm that is not a false positive.
I ran python3 -m h8mail -t [email protected] -o Desktop
Program was like: found a breach. writing to CSV output. but no output or password was outputted? Please help.
Hello! I noticed after messing around using theharvester to get emails and then using h8mail to check them for breaches using the breach compilation (I'm not doing anything illegal, I promise), that the email "[email protected]" caused a list index out of range crash. Now I know it's not someone's real email, but it caused the entire list check to fail.
I'm not too familiar with python, but I found changing line 178 in h8mail.py from "if line:" to "if ":" in line" fixed it from what I can tell, so maybe it's a good solution, or maybe it causes other things to go wrong that I'm not aware of.
Just wanted to tell you <3
Use an approach closer to:
h8mail.py --opt "all,hun,gp,hibp,sb"
Link to documentation
Great effort and work on the tool wish you all the best ! @khast3x
As the title claims,
I've been testing around with the normal lookup It's working great, however without showing passwords for obvious reasons, just breaches sources. I couldn't get the services with api to work because they charge money for their API's as i noticed.
So, I downloaded the breachcompilation to actually go ahead and test it, I got the txt sorted and went ahead to test. I got these errors:
Warning: Breach compilation [Errno 2] No such file or directory: '/root/h8mail/BreachCompilation/query.sh': '/root/h8mail/BreachCompilation/query.sh'
Seems like the query.sh is missing so i got a query from here: https://gist.github.com/nlitsme/6f138e72b328c28520d64d7e03f2d5f9
Later on, after several testings I ran this command as explained:
python h8mail.py -t targets.txt -bc ../Downloads/BreachCompilation/ --local
I got false breached signals with no passwords shown.
I know im missing something, will be glad if someone is able to point it out!
Cheers
Directly send user_args, and retrieve API keys from their. Use the object to correctly interpret user input regarding services to query
I installed with pip3
I am trying to run a batch of emails through the local data
h8mail -t '/home/username/Documents/Target.txt' -bc '/home/username/Documents/BreachCompilation' --local
h8mail: error: argument -lb/--local-breach: expected at least one argument
Love using the program but would like the ability to run dehashed as another site to pull information from.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.