Skip to content

Commit

Permalink
Adding the Laposte module
Browse files Browse the repository at this point in the history
  • Loading branch information
philwantsfish committed Jul 17, 2016
1 parent 75e26e2 commit ed9268c
Show file tree
Hide file tree
Showing 7 changed files with 87 additions and 12 deletions.
23 changes: 14 additions & 9 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -9,24 +9,26 @@ A command line tool to detect shared passwords
List options:

```
$ java -jar shard-1.3.jar --help
Shard 1.3
Usage: java -jar shard-1.3.jar [options]
$ java -jar shard.jar --help
Shard 1.4
Usage: java -jar shard-1.4.jar [options]
-u, --username <value> Username to test
-p, --password <value> Password to test
-f, --file <value> File containing a set of credentials
--format <value> The format of the credentials. Must be a regular expression with 2 capture groups. The first capture group for the username and the second capture group for the password. Defaults to a regex that will match:
"username":"password"
"username":"password"
-l, --list List available modules
-v, --version <value> Print the version
-v, --version Print the version
--modules <value> Only run specific modules. A comma separated list
--help prints this usage text
```

List available modules:

``` bash
$ java -jar shard-1.3.jar -l
$ java -jar shard.jar -l
Available modules:
Facebook
LinkedIn
Expand All @@ -38,6 +40,7 @@ Available modules:
Kijiji
DigitalOcean
Vimeo
Laposte

```

Expand All @@ -46,14 +49,14 @@ Available modules:
Given a username and password shard will attempt to authenticate with multiple sites:

``` bash
$ java -jar shard-1.3.jar -u username-here -p password-here
$ java -jar shard-1.4.jar -u username-here -p password-here
21:16:25.950 [+] Running in single credential mode
21:16:30.302 [+] username-here:password-here - Reddit, Instagram
```
To test multiple credentials supply a filename. By default this expects one credential per line in the format `"username":"password"`. Custom formats can be supplied with the `--format` option

```
$ java -jar shard-1.3.jar -f /tmp/creds.txt
$ java -jar shard.jar -f /tmp/creds.txt
21:16:39.501 [+] Running in multi-credential mode
21:16:39.516 [+] Parsed 2 credentials
21:16:42.794 [+] username1:password1 - Reddit, Instagram
Expand Down Expand Up @@ -84,9 +87,11 @@ Dependencies:
- JSoup is used for HTTP communication and HTML parsing
- spray-json is used for handling json

If Scala is not your thing check out the secondary_implementations, these are rewrites of shard in other languages. If you add a module to one of these implementations I will rewrite in Scala and add it to the main project as well.

## Bugs, Requests, and Feedback

Contact me or use this GitHub project
Contact me, join the [Gitter](https://gitter.im/philwantsfish/shard) room, or use this GitHub project



Expand Down
3 changes: 2 additions & 1 deletion src/main/scala/fish/philwants/ModuleFactory.scala
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ object ModuleFactory {
BitBucketModule,
KijijiModule,
DigitalOceanModule,
VimeoModule
VimeoModule,
LaposteModule
)
}
2 changes: 1 addition & 1 deletion src/main/scala/fish/philwants/Runner.scala
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ case class ValidCredentials(creds: Credentials, modules: Seq[AbstractModule])

object Runner extends LazyLogging {
val defaultCredentialRegex = """"((?:\"|[^"])+)":"((?:\"|[^"])+)""""
val versionNumber = "1.2"
val versionNumber = "1.4"

def singleCredentialMode(username: String, password: String, moduleFilter: Seq[String]): Unit = {
logger.info("Running in single credential mode")
Expand Down
46 changes: 46 additions & 0 deletions src/main/scala/fish/philwants/modules/LaposteModule.scala
Original file line number Diff line number Diff line change
@@ -0,0 +1,46 @@
package fish.philwants.modules

import fish.philwants.Credentials
import scala.collection.JavaConversions._
import org.jsoup.nodes.FormElement

object LaposteModule extends AbstractModule {
val uri = "https://laposte.net/"
val moduleName = "Laposte"

def tryLogin(creds: Credentials): Boolean = {
val loginUri = "https://www.laposte.net/accueil"
val resp = get(loginUri)
.validateTLSCertificates(false)
.execute()

// Parse the form the response
val form: FormElement = resp
.parse()
.select("form")
.first()
.asInstanceOf[FormElement]

// Update the form data to include username and password
val usernameKey = "login"
val passwordKey = "password"
val formdata: Map[String, String] = form
.formData()
.map { e => e.key() -> e.value() }
.toMap
val updatedFormData = formdata + (usernameKey -> creds.username) + (passwordKey -> creds.password)

// Send login request
val loginUri2 = "https://compte.laposte.net/login.do"
val loginResp = post(loginUri2)
.header("Content-Type", "application/x-www-form-urlencoded")
.data(updatedFormData)
.cookies(resp.cookies())
.followRedirects(false)
.validateTLSCertificates(false)
.execute()

// Check login result
loginResp.statusCode() == 302
}
}
2 changes: 1 addition & 1 deletion src/test/scala/fish/philwants/AmazonModuleTest.scala
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ import org.scalatest.{FlatSpec, Matchers}
import TestCredentials._

class AmazonModuleTest extends FlatSpec with Matchers {
"Amazon module" should "detect a successful login" in {
"Amazon module" should "detect a successful login" ignore {
val creds = Credentials(AMAZON_USERNAME, AMAZON_PASSWORD)
val mod = AmazonModule
mod.tryLogin(creds) shouldBe true
Expand Down
19 changes: 19 additions & 0 deletions src/test/scala/fish/philwants/LaposteModuleTest.scala
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
package fish.philwants

import fish.philwants.modules.LaposteModule
import org.scalatest.{FlatSpec, Matchers}
import TestCredentials._

class LaposteModuleTest extends FlatSpec with Matchers {
"Laposte module" should "detect a successful login" in {
val creds = Credentials(LAPOSTE_USERNAME, LAPOSTE_PASSWORD)
val mod = LaposteModule
mod.tryLogin(creds) shouldBe true
}

it should "detect a failed login" in {
val creds = Credentials(BAD_USERNAME_EMAIL, BAD_PASSWORD)
val mod = LaposteModule
mod.tryLogin(creds) shouldBe false
}
}
4 changes: 4 additions & 0 deletions src/test/scala/fish/philwants/TestCredentials.scala
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ object TestCredentials {
val GENERIC_USERNAME_EMAIL = ???
val GENERIC_USERNAME = ???
val GENERIC_PASSWORD = ???
val GENERIC_PASSWORD_WITH_CAPITAL = ???

val FACEBOOK_USERNAME = GENERIC_USERNAME_EMAIL
val FACEBOOK_PASSWORD = GENERIC_PASSWORD
Expand Down Expand Up @@ -40,6 +41,9 @@ object TestCredentials {
val VIMEO_USERNAME = GENERIC_USERNAME_EMAIL
val VIMEO_PASSWORD = GENERIC_PASSWORD

val LAPOSTE_USERNAME = "[email protected]"
val LAPOSTE_PASSWORD = GENERIC_PASSWORD_WITH_CAPITAL

val BAD_USERNAME_EMAIL = "[email protected]"
val BAD_USERNAME = "shardtesting-badusername"
val BAD_PASSWORD = "badpassword"
Expand Down

0 comments on commit ed9268c

Please sign in to comment.