Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Facing some troubles against the local test #15

Closed
Cyb0rgbytes opened this issue Dec 20, 2018 · 7 comments
Closed

Facing some troubles against the local test #15

Cyb0rgbytes opened this issue Dec 20, 2018 · 7 comments

Comments

@Cyb0rgbytes
Copy link

Cyb0rgbytes commented Dec 20, 2018
edited

Great effort and work on the tool wish you all the best ! @khast3x
As the title claims,
I've been testing around with the normal lookup It's working great, however without showing passwords for obvious reasons, just breaches sources. I couldn't get the services with api to work because they charge money for their API's as i noticed.
So, I downloaded the breachcompilation to actually go ahead and test it, I got the txt sorted and went ahead to test. I got these errors:
Warning: Breach compilation [Errno 2] No such file or directory: '/root/h8mail/BreachCompilation/query.sh': '/root/h8mail/BreachCompilation/query.sh'

Seems like the query.sh is missing so i got a query from here: https://gist.github.com/nlitsme/6f138e72b328c28520d64d7e03f2d5f9

Later on, after several testings I ran this command as explained:
python h8mail.py -t targets.txt -bc ../Downloads/BreachCompilation/ --local
I got false breached signals with no passwords shown.

I know im missing something, will be glad if someone is able to point it out!

Cheers
@Cyb0rgbytes Cyb0rgbytes mentioned this issue Dec 21, 2018
Closed
@khast3x
Copy link
Owner

khast3x commented Dec 21, 2018
edited

Hello,

Did you download the 44GiB Torrent locally? That's the "Breach Compilation", and is mandatory for the option.

The torrent is the actual DB h8mail will search with the -bc option.

The torrent also includes the aforementioned query.sh associated.

Best

@Cyb0rgbytes
Copy link
Author

Hello,

Did you download the 44GiB Torrent locally? That's the "Breach Compilation", and is mandatory for the option.

The torrent is the actual DB h8mail will search with the -bc option.

The torrent also includes the aforementioned query.sh associated.

Best

Hey,

Thanks for replying !
I downloaded it from this link in the usage section of the tool, https://ghostbin.com/paste/2cbdn, I'm not sure if that's the correct one!

All i can see is a breachcompilation.7z, I uncompressed it, sorted it with these commands :

LC_ALL=C sort --parallel=8 -u breachcompilation.txt -o breachcompilation.sorted.txt
sed -i -e's/^\s*//' breachcompilation.sorted.txt

for some reason, the file has only a txt file, the rest of the files aren't available!
So, I guess this is where the issue presist from.

@dkramer47
Copy link

I'm not exactly sure why, but I think it's probably because your breach compilation file is setup differently than what it expects.

Try using the same magnet link that I did to redownload it, I won't give it here, but just search "breach compilation download" on Google. I got mine off of raidforums.

Also, my usage of it is:
python3 h8mail.py -t youremail@domain.com -bc ./BreachCompilation -v -l

@Cyb0rgbytes
Copy link
Author

I'm not exactly sure why, but I think it's probably because your breach compilation file is setup differently than what it expects.

Try using the same magnet link that I did to redownload it, I won't give it here, but just search "breach compilation download" on Google. I got mine off of raidforums.

Also, my usage of it is:
python3 h8mail.py -t youremail@domain.com -bc ./BreachCompilation -v -l

Okay I'll check it out, and retry.
Did you use these commands to sort it out or transform it to small parts because it's 44 gb i think
LC_ALL=C sort --parallel=8 -u breachcompilation.txt -o breachcompilation.sorted.txt
sed -i -e's/^\s*//' breachcompilation.sorted.txt

Or there is no need to do that?
Also how are you running your system is it virtual or dual because im using it on Vmware

Thanks!

@dkramer47
Copy link

For me it came pre-sorted, so all I had to do was run the command. I'm just running it a bootable usb, I find that I like being able to take it with me and plug it into any machine I might want to!

@Cyb0rgbytes
Copy link
Author

For me it came pre-sorted, so all I had to do was run the command. I'm just running it a bootable usb, I find that I like being able to take it with me and plug it into any machine I might want to!

Yeah I normally use bootables usb's, they're much reliable.
Anyhow i got it to work thanks for the replies!
it seems like the email i was trying to target is only breached with either a hash or salt included not as plain text whereas other targets proves that the method works fine!

Thanks!

@RomanNepal
Copy link

why am i getting -lb/--local-breach: at least one argument expected error? Help me I am really stuck

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@khast3x @dkramer47 @Cyb0rgbytes @RomanNepal