Cloudflare / Pass Checker

[Simon Lackerbauer]

On 02/25/2017 03:25 PM, Chris Warrick wrote:
> There’s a comprehensive list of suffixes here:
> https://github.com/publicsuffix/list/blob/master/public_suffix_list.dat
> For my needs, I edited the domain list I got from pass manually
> (searching for lines with more than one dot). Here’s my approach:
> 
> ls -1R ~/.password-store | sed -e 's/.gpg$//' -e 's/.*:$//' -e
> 's/.*\/$//' -e '/^$/d' -e 's/.*@//' | uniq > passwords.txt
> vim passwords.txt
> grep -xof passwords.txt sorted_unique_cf.txt
> 

Hi Chris, hi Stephan,

It's a little late, but for the sake of posterity, I guess it won't hurt
with my updated solution.

You both indeed raise a valid concern I didn't think about, mostly
because I have so few third level and down domains saved in pass.
(Incidentally, one of them was on the list, so thanks for pointing out
my error!)

I still think this problem can be solved in a timely and fully automated
way: by splitting the domain name along dots and just matching against
every possible second level domain that can yield.

So, for sub2.sub.domain.co.tld it will try to match

co.tld
domain.co.tld
sub.domain.co.tld
sub2.sub.domain.co.tld

This will only net you a few more domains to be matched in most
use-cases for which it's feasible at all (as in: for those people who
use that specific naming convention for their pass entries) and as such
will finish matching within a few seconds at most.

Thanks again for pointing out my oversight.

Simon

-- 
www.lackerbauer.com
8A86 BD14 1859 44F2 5B83  6908 4B81 EE5D 6A56 A4DE
-------------- next part --------------
A non-text attachment was scrubbed...
Name: test_for_cf.sh
Type: application/x-shellscript
Size: 636 bytes
Desc: not available
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20170303/fd4505b6/attachment.bin>