Cloudflare / Pass Checker
www.passwordstore.org at sjau.ch
www.passwordstore.org at sjau.ch
Fri Feb 24 13:13:17 CET 2017
Hi there
Just learnt today about the cloudflare fiasco. Good that I use pass and
have seperate passwords for things.
Also, usually I store stuff in Web\domain.tld when I need to make an
account at domain.tld.
So, I wrote a small bash script that allows to check the Cloudflare
domain list with your pass entries to see, if there are services that
you use that could be compromised.
The current cloudflare domain list can be found here:
https://github.com/pirate/sites-using-cloudflare
I'm not sure how accurate that is but it has over 4 million domains.
Since the script uses bash and bash isn't so slow, it takes quite a
while to parse everything (still parsing on my system).
Basically what the script does is build an array of your pass entries -
omitting the .gpg and the path.
Then it reads out the first 1000 entries in the cloudflare list and
iterates them over each pass entry. If there's a match, it should write
to a seperate text file.
All you have to do is download the attached script, set the path to your
password-store and the cloudflare domain list and let it run. As said,
it will take quite a long time.
Feel free to improve the script ;)
Stephan
-------------- next part --------------
#!/usr/bin/env bash
cfFile="/home/<user>/Desktop/git-repos/sites-using-cloudflare/sorted_unique_cf.txt"
passStore="/home/<user>/.password-store"
numLines="1000"
getPassEntries() {
# Check all files in the password store
while IFS= read -rd '' file; do
# Remove .gpg
name="${file%.*}"
# Remove path
name="${name##*/}"
passArr+=("${name}")
done < <(find "$passStore" -type f -iname "*.gpg" -print0)
}
countCFEntries() {
cfLines=$(cat "${cfFile}" | wc -l)
}
loopCFEntries() {
s=1
e=$((s + numLines -1))
while [[ ${s} -lt ${cfLines} ]]; do
unset cfArr
cfArr=( $(sed -n "${s},${e}p" "${cfFile}" ) )
for i in "${cfArr[@]}"; do
printf '%s\n' "Testing: ${i}"
# inArray "${i}" "${passArr[@]}" && printf '%s\n' "MATCH ${i} --> ${h}" || printf '%s\n' "${i} --> ${h}"
for j in "${passArr[@]}"; do
# printf '%s\n' "${i} --> ${j}"
[[ $i = ?(*.)"$j" ]] && printf '%s\n' "MATCH: ${i} --> ${j}" && printf '%s\n' "${i} - ${j}" >> "matches.txt"
done
done
s=$((e + 1))
e=$((s + numLines -1))
done
}
# Usage: inArray "${value}" "${array[@]}"
inArray() {
local n=$1 h
shift
for h; do
[[ $n = ?(*.)"$h" ]] && return
done
return 1
}
getPassEntries
#printf '%s\n' "${passArr[@]}"
countCFEntries
#printf '%s\n' "${cfLines}"
loopCFEntries
More information about the Password-Store
mailing list