PEPE – Post-Exploitation Pastebin Emails
Collect information about leaked email addresses from Pastebin
The script parses Pastebin email:password dumps and gathers information about each email address. It supports Google, Trumail, Pipl, FullContact, and HaveIBeenPwned. Moreover, it allows you to send an informational mail to a person about his leaked password, at the end every information lands in Elasticsearch for further exploration.
It supports only one format – email:password.
Everything else will not work!
For now, notification works when it finds a match on FullContact and next send you email address and associated social media accounts.
Install
git clone https://github.com/woj-ciech/pepe.git
pip install -r requirements
Config
{"domains":
{ #domains to whitelist or blacklist
"whitelist": [""],
"blacklist": ["yahoo.com"]
},
"keys":
{ #API KEYS
"pushsafer": "API_KEY",
"fullcontact": "API_KEY",
"pipl": "API_KEY"
},
"gmail":
{ #GMAIL credentials and informational message that will be send
"username": "your_username@gmail.com",
"password": "password",
"message": "Hey,\n\nI am a security researcher and I want to inform you that your password !PASSWORD! has been leaked and you should change it immediately.\nThis email is part of the research, you can find more about it on https://medium.com/@wojciech\n\nStay safe!"},
"elasticsearch":
{ #ElasticSearch connection info
"host": "127.0.0.1",
"port": 9200}
}
Use
root@kali:~/PycharmProjects/pepe# python pepe.py -h
usage: pepe.py [-h] [--file FILE] [--stream] [--interactive]
[--modules MODULES [MODULES ...]] [--elasticsearch]
[--whitelist] [--blacklist]
,=.
,=''''==.__.=" o".___
,=.==" ___/
,==.," , , \,===""
< ,==) "'"=._.==) `=='' `" `
clover/snark^
http://ascii.co.uk/art/platypus
Post Exploitation Pastebin Emails
github.com/woj-ciech
medium.com/@woj_ciech
Example:
python pepe.py --file <dump.txt> --interactive --whitelist
python pepe.py --file <dump.txt> --modules hibp google trumail --elasticsearch --blacklist
optional arguments:
-h, --help show this help message and exit
--file FILE Load file
--stream Stream Pastebin
--interactive Interactive mode
--modules MODULES [MODULES ...]
Modules to check in non-interactive mode
--elasticsearch Output to ElasticSearch
--whitelist Whitelist
--blacklist Blacklist
Source: https://github.com/woj-ciech/
