search

megadose / holehe

holehe allows you to check if the mail is used on different sites like twitter, instagram and will retrieve information on sites with the forgotten password function.
GNU General Public License v3.0
7.31k stars 811 forks source link

flickr.py show allways Rate_limit #37

Closed ro-gi closed 3 years ago

ro-gi commented 3 years ago

The flickr module is allways returning Rate_limit = true. Flickr must have changed something. Based on this: https://www.aware-online.com/en/email-to-flickr-account-part1/ i could produce a working version for this module, just don't know how to submit (for now)

ro-gi commented 3 years ago

Sorry but i don't know how to make pull request, i will learn

import json
import re

from holehe.core import *
from holehe.localuseragent import *

async def flickr(email, client, out):
    name = "flickr"
    debug = False
    url = "https://www.flickr.com/services/rest/"
    headers = {
        'User-Agent': random.choice(ua["browsers"]["chrome"]),
        'Accept': '*/*',
        'Accept-Language': 'en-US',
        'Connection': 'keep-alive',
        'TE': 'Trailers',
    }
    params = {
        "find_email": str(email),
        "format": "json",
        "api_key": "3bd7fc028a16a9d42c017814f4e91b9d",
        "method": "flickr.people.findByEmail"
    }

    # Start API get
    try:
        response = await client.get(url, headers=headers, params=params)        
    except Exception as e:
        if debug: 
            print("get error:\n", e)
        return_error()
    if debug:
        print(response)
        print(response.text)

    # parse response to serialize
    try:
        regx = "^jsonFlickrApi\(({.*})\)$"
        json_str = re.search(regx, response.text)[1]
        data = json.loads(json_str)
    except Exception as e:
        if debug:
            print("error, response can't be serialized:\n", e)
        return_error()

    # Check response
    if "stat" in data:
        if data["stat"] == "ok":
            if "user" in data:
                if "username" in data["user"]:
                    if "_content" in data["user"]["username"]:
                        out.append({
                            "name": name,
                            "rateLimit": False,
                            "exists": True,
                            "emailrecovery": None,
                            "phoneNumber": None,
                            "others": None
                            # "others": data["user"]["username"]["_content"]         
                        })
                        # Adding a value to "other" produce the error:
                        # File "/home/investigator/.local/lib/python3.7/site-packages/holehe/core.py", line 124, in maincore
                        #    toprint += " / FullName " + results["others"]["FullName"]
                        #    TypeError: string indices must be integers

                    else:
                        if debug:
                            print("no _content in data[user]")    
                        return_error()    
                else:
                    if debug:
                        print("no username in data")
                        print("data\n", data)
                    return_error()    
        elif data["stat"] == "fail":
            if "code" in data:
                if data["code"] == 1:
                    out.append({"name": name,
                        "rateLimit": False,
                        "exists": False,
                        "emailrecovery": None,
                        "phoneNumber": None,
                        "others": None})
                elif data["code"] == 100:
                    if debug:
                        print(data["message"])       
                    return_error()    
        else:
            if debug:
                print("unknown data stat: ", data["stat"] )
            return_error()
    else:
        if debug:
            print("No stat in data")
        return_error()

    def return_error():
        out.append({"name": name,
                    "rateLimit": True,
                    "exists": False,
                    "emailrecovery": None,
                    "phoneNumber": None,
                    "others": None})
        return None
megadose commented 3 years ago

Thanks you very much, the problem with your method is that if you ban the api key the module will not work anymore that's why nothing is hardcoded in holehe.

ro-gi commented 3 years ago

Hi, I understand and also dislike the usage of api keys, but it's the only way I found to make it work. The key is not mine, i googled to get one, so this key is half public. But your right, we don't know how long it's gonna work, but that's the problem with any OSINT "trick". I'll understand if you don't update. Have a nice evening Rogi

Sent from ProtonMail mobile

-------- Original Message -------- On Dec 21, 2020, 7:11 PM, megadose wrote:

Thanks you very much, the problem with your method is that if you ban the api key the module will not work anymore that's why nothing is hardcoded in holehe.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or unsubscribe.

megadose commented 3 years ago

Thank you very much for telling me the problem is it's ok it's patch image

ro-gi commented 3 years ago

Great job, i just tested and it work.

Your "simple" query looks a bit magical to me, but your code's much better than my proposal, i agree. Have a nice evening rogi

‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Monday, December 21, 2020 7:36 PM, megadose notifications@github.com wrote:

Closed #37.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or unsubscribe.