hibp 0.0.1

data/.gitignore

@@ -0,0 +1,17 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in hibp.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2014 Michael Henriksen
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,64 @@
+# Have I Been Pwned?
+
+A simple tool to check a bunch of email addresses against the [Have I Been Pwned?](https://haveibeenpwned.com/) API.
+
+![HIBP extracting emails from a web page](http://i.imgur.com/7gIS39J.png)
+
+## Installation
+
+    $ gem install hibp
+
+## Usage
+
+HIBP supports different ways of feeding it email addresses:
+
+### Give it a list:
+
+    $ hibp -l "somone@gmail.com,someoneelse@yahoo.com,johndoe@hotmail.com"
+
+### Find emails in a file
+
+    $ hibp -f /path/to/some/file.txt
+
+The file does not need to only contain email addresses, they will be extracted with a regular expression.
+
+### Find emails on a web page
+
+    $ hibp -w http://somecompany.com/about/employees
+
+Extracts all e-mails on the web page.
+
+For more options, see `$ hibp --help`.
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request
+
+## License
+
+Copyright (c) 2014 Michael Henriksen
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/Rakefile

@@ -0,0 +1 @@
+require "bundler/gem_tasks"

data/bin/hibp

@@ -0,0 +1,125 @@
+#!/usr/bin/env ruby
+# coding: utf-8
+
+require 'optparse'
+require 'net/http'
+require 'methadone'
+require 'paint'
+require 'ruby-progressbar'
+require 'thread/pool'
+require 'hibp'
+
+class App
+  include Methadone::Main
+
+  class FileNotReadableError < StandardError; end
+
+  def self.print_report(report)
+    puts Paint["\n [☠] BREACHED ACCOUNTS:", :red]
+
+    report.breached_accounts.each_pair do |email, pwned_websites|
+      puts Paint["  * #{email}: Found in: #{pwned_websites.join(', ')}", :red]
+    end
+
+    puts "\n ---------------------------------------- \n\n"
+
+    puts Paint[" [✔] CLEAN ACCOUNTS:", :green]
+
+    report.clean_accounts.each do |email|
+      puts Paint["  * #{email}", :green]
+    end
+
+    puts "\n"
+
+    if !report.failed_accounts.count.zero?
+      puts "---------------------------------------- \n\n"
+
+      puts Paint[" [⚡]  ACCOUNT CHECKS THAT ENCOUNTERED ERROR:", :red]
+
+      report.failed_accounts.each_pair do |email, exception|
+        puts Paint["  * #{email}: #{exception.class}: #{exception.message}", :red]
+      end
+    end
+  end
+
+  main do
+    begin
+
+      if options.include?('no-color')
+        Paint.mode = 0
+      end
+
+      if !options.include?('no-banner')
+        puts Paint[Hibp.banner, :blue]
+      end
+
+      if options[:list]
+        emails = Hibp.extract_emails(options[:list])
+      elsif options[:file]
+        if File.readable?(options[:file])
+          emails = Hibp.extract_emails(File.read(options[:file]))
+        else
+          raise FileNotReadableError.new("#{options[:file]} does not exist or is not readable")
+        end
+      elsif options[:web]
+        http_client = Hibp::HttpClient.new
+        response    = http_client.do_get(options[:web])
+        emails      = Hibp.extract_emails(response.body)
+      else
+        help_now!("You must give me some e-mails to check...")
+      end
+
+      if emails.count.zero?
+        puts Paint[" Sorry, I could not find any emails to check; exiting.", :red]
+        exit!
+      end
+
+      puts Paint[" Checking #{emails.count} #{emails.count == 1 ? 'email' : 'emails'}...\n", :blue]
+
+      progress_bar = ProgressBar.create(:total => emails.count, :format => ' %a %B %p%% %t |%e')
+      report       = Hibp::Report.new
+      thread_pool  = Thread.pool(options[:threads].to_i)
+
+      emails.each do |email|
+        thread_pool.process do
+          begin
+            if pwned_websites = Hibp::Api.breached_account?(email)
+              report.add_breached_account(email, pwned_websites)
+            else
+              report.add_clean_account(email)
+            end
+          rescue => ex
+            report.add_failed_account(email, ex)
+          end
+          progress_bar.increment
+        end
+      end
+
+      thread_pool.shutdown
+      print_report(report)
+
+    rescue Exception => e
+      if !e.is_a?(Interrupt)
+        puts Paint[" [⚡] WARP CORE BREACH!", :red]
+        puts Paint["      * #{e.class}: #{e.message}", :red]
+      else
+        print_report(report) if defined?(report)
+        exit!
+      end
+    end
+  end
+
+  options['threads'] = 3
+
+  on("-l EMAILS", "--list", "List of emails")
+  on("-f FILE", "--file", "Path to a file containing emails")
+  on("-w URL", "--web", "URL to extract emails from")
+  on("-t THREADS", "--threads", "Number of concurrent threads to use")
+  on("--no-banner", "Don't display HIBP banner")
+  on("--no-color", "Don't colorize output")
+
+  description "A simple tool to check a bunch of emails against the haveibeenpwned.com API."
+  version Hibp::VERSION
+
+  go!
+end

data/hibp.gemspec

@@ -0,0 +1,29 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'hibp/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "hibp"
+  spec.version       = Hibp::VERSION
+  spec.authors       = ["Michael Henriksen"]
+  spec.email         = ["michenriksen@neomailbox.ch"]
+  spec.description   = %q{A simple tool to check a bunch of email addresses against the Have I Been Pwned? API.}
+  spec.summary       = %q{A simple tool to check a bunch of email addresses against the Have I Been Pwned? API.}
+  spec.homepage      = "https://github.com/michenriksen/hibp"
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files`.split($/)
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+
+  spec.add_dependency 'httparty'
+  spec.add_dependency 'methadone'
+  spec.add_dependency 'paint'
+  spec.add_dependency 'ruby-progressbar'
+  spec.add_dependency 'thread'
+
+  spec.add_development_dependency 'bundler', '~> 1.3'
+  spec.add_development_dependency 'rake'
+end

data/lib/hibp.rb

@@ -0,0 +1,30 @@
+require 'cgi'
+require 'json'
+
+require 'httparty'
+
+require 'hibp/version'
+require 'hibp/http_client'
+require 'hibp/api'
+require 'hibp/report'
+
+module Hibp
+  EMAIL_REGEX = /[-0-9a-zA-Z.+_]+@[-0-9a-zA-Z.+_]+\.[a-zA-Z]{2,4}/
+
+  def self.banner
+    banner = <<EOB
+
+ ### ###                #     # ### ######  ######
+ ### ###                #     #  #  #     # #     #
+  #                     #     #  #  #     # #     #
+ #   ### ##### #####    #######  #  ######  ######
+     ###                #     #  #  #     # #
+      #                 #     #  #  #     # #
+     #                  #     # ### ######  #
+EOB
+  end
+
+  def self.extract_emails(haystack)
+    haystack.scan(EMAIL_REGEX)
+  end
+end

data/lib/hibp/api.rb

@@ -0,0 +1,18 @@
+module Hibp
+  class Api
+    BASE_URI = 'https://haveibeenpwned.com/api'
+
+    def self.breached_account?(email)
+      JSON.parse(http_client.do_get("#{BASE_URI}/breachedaccount/#{CGI.escape(email)}").body)
+    rescue Hibp::HttpClient::ClientError => ex
+      return false if ex.status == 404
+      raise ex
+    end
+
+  private
+
+    def self.http_client
+      @http_client ||= Hibp::HttpClient.new()
+    end
+  end
+end

data/lib/hibp/http_client.rb

@@ -0,0 +1,99 @@
+module Hibp
+  class HttpClient
+    include HTTParty
+
+    class HttpError < StandardError; end
+    class ConnectionError < HttpError; end
+
+    class RequestError < HttpError
+      attr_reader :status, :body
+
+      def initialize(method, path, status, body, options)
+        @status = status
+        @body   = body
+        super("#{method} to #{path} returned status #{status} - options: #{options.inspect}")
+      end
+    end
+
+    class ClientError < RequestError; end
+    class ServerError < RequestError; end
+
+    class UnhandledError < StandardError; end
+
+    DEFAULT_TIMEOUT = 0.5 #seconds
+    DEFAULT_RETRIES = 3
+
+    Response = Struct.new(:status, :headers, :body)
+
+    HANDLED_EXCEPTIONS = [
+      ServerError,
+      ClientError,
+      Timeout::Error,
+      Errno::ETIMEDOUT,
+      Errno::ECONNRESET,
+      Errno::ECONNREFUSED,
+      Errno::ENETUNREACH,
+      Errno::EHOSTUNREACH,
+      EOFError
+    ]
+
+    def initialize(config = {})
+      @config = {
+        :timeout => DEFAULT_TIMEOUT,
+        :retries => DEFAULT_RETRIES,
+      }.merge(config)
+      default_timeout = @config[:timeout]
+    end
+
+    def do_get(path, params=nil, opt={})
+      do_request(:get, path, {:query => params}.merge(opt))
+    end
+
+    def do_post(path, params=nil, opt={})
+      do_request(:post, path, {:body => params}.merge(opt))
+    end
+
+    def do_put(path, params=nil, opt={})
+      do_request(:put, path, {:body => params}.merge(opt))
+    end
+
+    def do_delete(path, params=nil, opt={})
+      do_request(:delete, path, {:query => params}.merge(opt))
+    end
+
+  private
+
+    def do_request(method, path, options)
+      with_retries do
+        response = self.class.send(method, path, options)
+
+        handle_possible_error(method.to_s.upcase, path, response, options)
+
+        Response.new(response.code, response.headers, response.body)
+      end
+    end
+
+    def handle_possible_error(method, path, response, options)
+      if response.code >= 500
+        raise ServerError.new(method, path, response.code, response.body, options)
+      elsif response.code >= 400
+        raise ClientError.new(method, path, response.code, response.body, options)
+      end
+    end
+
+    def with_retries(&block)
+      tries ||= @config[:retries]
+      yield
+    rescue *HANDLED_EXCEPTIONS, ServerError => ex
+      if (tries -= 1) > 0
+        sleep 0.2
+        retry
+      end
+      raise ex
+    rescue ClientError => ex
+      raise ex
+    rescue => ex
+      raise UnhandledError.new(ex.message)
+    end
+  end
+end

data/lib/hibp/report.rb

@@ -0,0 +1,24 @@
+module Hibp
+  class Report
+
+    attr_reader :breached_accounts, :clean_accounts, :failed_accounts
+
+    def initialize
+      @breached_accounts = {}
+      @clean_accounts    = []
+      @failed_accounts   = {}
+    end
+
+    def add_breached_account(email, pwned_websites)
+      @breached_accounts[email] = pwned_websites
+    end
+
+    def add_clean_account(email)
+      @clean_accounts << email
+    end
+
+    def add_failed_account(email, exception)
+      @failed_accounts[email] = exception
+    end
+  end
+end

data/lib/hibp/version.rb

@@ -0,0 +1,3 @@
+module Hibp
+  VERSION = "0.0.1"
+end

metadata

@@ -0,0 +1,173 @@
+--- !ruby/object:Gem::Specification
+name: hibp
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+  prerelease: 
+platform: ruby
+authors:
+- Michael Henriksen
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-01-17 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: httparty
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: methadone
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: paint
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: ruby-progressbar
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: thread
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: A simple tool to check a bunch of email addresses against the Have I
+  Been Pwned? API.
+email:
+- michenriksen@neomailbox.ch
+executables:
+- hibp
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- bin/hibp
+- hibp.gemspec
+- lib/hibp.rb
+- lib/hibp/api.rb
+- lib/hibp/http_client.rb
+- lib/hibp/report.rb
+- lib/hibp/version.rb
+homepage: https://github.com/michenriksen/hibp
+licenses:
+- MIT
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.28
+signing_key: 
+specification_version: 3
+summary: A simple tool to check a bunch of email addresses against the Have I Been
+  Pwned? API.
+test_files: []