From f0ea2bc60fa4c01c02bb61f7fedf5394aade22d7 Mon Sep 17 00:00:00 2001 From: Mohamed Ben Date: Thu, 20 Jul 2023 14:42:08 +0100 Subject: [PATCH] Add Tomba Service --- README.md | 2 ++ h8mail/utils/classes.py | 50 ++++++++++++++++++++++++++++++++++- h8mail/utils/gen_config.py | 20 +++++++------- h8mail/utils/print_results.py | 8 +++++- h8mail/utils/run.py | 5 ++++ 5 files changed, 74 insertions(+), 11 deletions(-) diff --git a/README.md b/README.md index 16e70b2..5ace404 100644 --- a/README.md +++ b/README.md @@ -74,6 +74,8 @@ | [Dehashed.com](https://dehashed.com/) - Service | Cleartext passwords, hashs and salts, usernames, IPs, domain | :white_check_mark: :key: | | [IntelX.io](https://intelx.io/signup) - Service (free trial) | Cleartext passwords, hashs and salts, usernames, IPs, domain, Bitcoin Wallets, IBAN | :white_check_mark: :key: | | :new: [Breachdirectory.org](https://breachdirectory.org) - Service (free) | Cleartext passwords, hashs and salts, usernames, domain | :construction: :key: | +| [Tomba.io](https://tomba.io/) - Service (free tier) | Number of related emails | :white_check_mark: :key: | +| [Tomba.io](https://tomba.io/) - Service (free tier) | Cleartext related emails, Chasing | :white_check_mark: :key: | *:key: - API key required* diff --git a/h8mail/utils/classes.py b/h8mail/utils/classes.py index 53799af..049573c 100644 --- a/h8mail/utils/classes.py +++ b/h8mail/utils/classes.py @@ -486,6 +486,54 @@ def get_hunterio_private(self, api_key): ) print(ex) + def get_tomba_counter_private(self, api_key, api_secret): + try: + c.info_news("[" + self.target + "]>[tomba.io private counter]") + target_domain = self.target.split("@")[1] + self.headers.update({"X-Tomba-Key": api_key}) + self.headers.update({"X-Tomba-Secret": api_secret}) + url = f"https://api.tomba.io/v1/email-count?domain={target_domain}" + req = self.make_request(url) + self.headers.popitem() + response = req.json() + if response["data"]["total"] != 0: + self.data.append(("TOMBA_COUNTER", response["data"]["total"])) + c.good_news( + "Found {num} related emails for {target} using tomba.io (private)".format( + num=response["data"]["total"], target=self.target + ) + ) + except Exception as ex: + c.bad_news("tomba.io (public API) error: " + self.target) + print(ex) + + def get_tomba_search_private(self, api_key, api_secret): + try: + c.info_news("[" + self.target + "]>[tomba.io private search]") + target_domain = self.target.split("@")[1] + self.headers.update({"X-Tomba-Key": api_key}) + self.headers.update({"X-Tomba-Secret": api_secret}) + url = f"https://api.tomba.io/v1/domain-search?domain={target_domain}&limit=10" + req = self.make_request(url) + self.headers.popitem() + response = req.json() + b_counter = 0 + for e in response["data"]["emails"]: + self.data.append(("TOMBA_SEARCH", e["email"])) + b_counter += 1 + if self.pwned != 0: + self.pwned += 1 + c.good_news( + "Found {num} related emails for {target} using tomba.io (private)".format( + num=b_counter, target=self.target + ) + ) + except Exception as ex: + c.bad_news( + f"tomba.io (private API) error for {self.target}:" + ) + print(ex) + def get_snusbase(self, api_url, api_key, user_query): try: if user_query == "ip": @@ -838,7 +886,7 @@ def get_dehashed(self, api_email, api_key, user_query): except Exception as ex: c.bad_news(f"Dehashed error with {self.target}") print(ex) - + def get_breachdirectory(self, user, passw, user_query): # Todo: implement password source search when email has answer c.info_news("[" + self.target + "]>[breachdirectory.org]") diff --git a/h8mail/utils/gen_config.py b/h8mail/utils/gen_config.py index ba59343..938202c 100644 --- a/h8mail/utils/gen_config.py +++ b/h8mail/utils/gen_config.py @@ -10,20 +10,22 @@ def gen_config_file(): config = """[h8mail] ; h8mail will automatically detect present keys & launch services accordingly ; Uncomment to activate -;hunterio = -;snusbase_token = -;;weleakinfo_priv = -;;weleakinfo_pub = -;hibp = +;hunterio = +;snusbase_token = +;;weleakinfo_priv = +;;weleakinfo_pub = +;hibp = ;leak-lookup_pub = 1bf94ff907f68d511de9a610a6ff9263 -;leak-lookup_priv = -;emailrep = -;dehashed_email = +;leak-lookup_priv = +;emailrep = +;dehashed_email = ;dehashed_key = ;intelx_key = ;intelx_maxfile = 10 -;breachdirectory_user = +;breachdirectory_user = ;breachdirectory_pass = +;tomba_key = +;tomba_secret = """ dest_config.write(config) c.good_news( diff --git a/h8mail/utils/print_results.py b/h8mail/utils/print_results.py index 31b43bc..cc4e34f 100644 --- a/h8mail/utils/print_results.py +++ b/h8mail/utils/print_results.py @@ -33,6 +33,12 @@ def print_results(results, hide=False): ) if "HUNTER_RELATED" in t.data[i][0]: c.print_result(t.target, t.data[i][1], "HUNTER_RELATED") + if "TOMBA_COUNTER" in t.data[i][0]: + c.print_result( + t.target, str(t.data[i][1]) + " RELATED EMAILS", "TOMBA_COUNTER" + ) + if "TOMBA_SEARCH" in t.data[i][0]: + c.print_result(t.target, t.data[i][1], "TOMBA_SEARCH") if "EMAILREP" in t.data[i][0]: c.print_result( t.target, str(t.data[i][1]), t.data[i][0] @@ -57,4 +63,4 @@ def print_results(results, hide=False): c.print_result(t.target, t.data[i][1], t.data[i][0]) if "BREACHDR" in t.data[i][0]: c.print_result(t.target, t.data[i][1], t.data[i][0]) - + diff --git a/h8mail/utils/run.py b/h8mail/utils/run.py index 4d9bd35..91391e9 100644 --- a/h8mail/utils/run.py +++ b/h8mail/utils/run.py @@ -87,6 +87,11 @@ def target_factory(targets, user_args): current_target.get_emailrepio(api_keys["emailrep"]) if "hunterio" in api_keys and query == "email": current_target.get_hunterio_private(api_keys["hunterio"]) + if ("tomba_key" in api_keys + and "tomba_secret" in api_keys + ): + current_target.get_tomba_counter_private(api_keys["tomba_key"], api_keys["tomba_secret"]) + current_target.get_tomba_search_private(api_keys["tomba_key"], api_keys["tomba_secret"]) if "intelx_key" in api_keys: current_target.get_intelx(api_keys) if "snusbase_token" in api_keys: