Commit graph

86 commits

Author SHA1 Message Date
179cd36d7f
#27: Implement NTLM hash support for PwnedPassAPI
This PR implements support for NTLM hashes as announced by Troy Hunt:
https://s.pebcak.de/@troyhunt@infosec.exchange/109833758367903768

For this we needed to be able to calculate MD4 hashes, as NTLM basically is calculated like this: `MD4(UTF-16LE(pw))`. For this we ported the official golang.org/x/crypto/md4 package, so we can still claim that "only depends on Go stdlib"

A new Client option has been introduced: `WithPwnedNTLMHash`. If the client is initalized with this option, all generic methods (`ListHashesPassword` and `CheckPassword`) will  operate on NTLM hashes.

Additionally, there are now equivalent methods for checking passwords and listing hashes for NTLM: `CheckNTLM` and `ListHashesNTLM`
2023-02-09 17:07:20 +01:00
2b0b51ae17
Merge pull request #25 from wneessen/fix/24-verify-and-overhaul-the-error-handling-of-the-different-apis
Fix/24 verify and overhaul the error handling of the different apis
2022-12-22 16:02:53 +01:00
f143794341
Overhauling error handling of the different APIs as part of #24
- More error generalization
- Fixed PwnedPasswords API errors
- Added SHA1 hash validation with corresponding error
- More tests for error handling
2022-12-22 15:59:48 +01:00
c5ea330401
Overhauling error handling of the different APIs as part of #24
- Generalized errors
- Updated version number and User-Agent string
- Made default timeout a const
2022-12-22 11:55:56 +01:00
9c4b20b01e
Overhauling error handling of the different APIs as part of #24
- Overhauled the breaches API
- Added more tests
2022-12-22 11:55:06 +01:00
ec5038a041
Merge pull request #23 from wneessen/fix/22-should-return-httpresponse-for-paste
Fix missing HTTP response return in PastedAccount method.
2022-12-22 10:02:55 +01:00
e42f8b3101
Fix missing HTTP response return in PastedAccount method.
Fixes #22

- In case of a HTTP error the PastedAccount method is supposed to return the HTTP response, since this can hold valuable information about the reason why the request failed. Instead, it was returning `nil`. This PR fixes this behaviour.
- Additionally, this PR introduces tests to catch such oversights
- Finally a proper `error.New()` error has been introduces, to that `error.Is()` can be used on common error that are detected by the module
2022-12-22 09:57:57 +01:00
8a77d77ee6
Merge pull request #20 from wneessen/testcoverage
Better test coverage
2022-10-29 17:02:40 +02:00
77a3b1f3c5
Better test coverage 2022-10-29 16:58:56 +02:00
f21e27fe8b
Merge pull request #19 from wneessen/golangci-lint
Implement a golangci-lint workflow and the accordingly GH action
2022-10-29 15:53:00 +02:00
20ebd4c965
Implement a golangci-lint workflow and the accordingly GH action 2022-10-29 15:32:12 +02:00
a931f4aef3
Merge pull request #18 from wneessen/test-coverage
Fixes and test coverage
2022-10-01 16:12:31 +02:00
f1d9046155
Fixed failing test 2022-10-01 16:10:25 +02:00
2a92929c20
Better test coverage for breaches API 2022-10-01 16:06:56 +02:00
a8623f1162
Fixed mixed pointer/copy assignment in ApiDate type 2022-10-01 16:05:50 +02:00
540e745c7f
Fixed output results in PwnedPassApi tests 2022-10-01 15:04:06 +02:00
bc1c5d0914
Merge pull request #16 from wneessen/14-prefix
Skip padding results
2022-06-09 16:22:14 +02:00
8fe5b208a5
#14: Skip padding results in the API response, which can be identified by having a zero count 2022-06-09 16:21:10 +02:00
3ab68b9110
Merge pull request #15 from wneessen/14-prefix
#14: Add `ListHashes*()` methods to get access to all returned hashes
2022-06-08 17:29:17 +02:00
05ea767ee1
#14: Add ListHashes*() methods to get access to all returned hashes
- This method replaces the previously private apiCall() method
- Added `ListHashesSHA1()` as well as `ListHashesPassword()` to keep consistency in the naming schema
- Added length checks for SHA1() methods
- Added length check for Prefix() method
2022-06-08 17:26:41 +02:00
1642ee7255
Update README.md
Added awesome-go badge
2022-05-09 09:14:11 +02:00
659a359ea0
Merge pull request #12 from wneessen/v1_0_2
v1.0.2
2022-05-08 12:49:14 +02:00
504c711df2
v1.0.2: Update README.md 2022-05-08 12:46:47 +02:00
70996a1415
v1.0.2: Update README.md 2022-05-08 12:46:00 +02:00
1c699aca31
v1.0.2: More tests and better README.md. 2022-05-08 12:44:20 +02:00
b326983899
Merge pull request #11 from wneessen/move_example_code_to_testfiles
Move example code to testfiles
2022-05-08 12:13:09 +02:00
5f40d8b8de
Make GoLinter happy 2022-05-08 12:09:39 +02:00
fc0ea3bd48
Updated README.md, package description and version number for v1.0.2 release 2022-05-08 12:07:33 +02:00
77e5a4345d
Moved all code examples into the test files using GoDoc syntax 2022-05-08 12:02:58 +02:00
43c99d2889
Merge remote-tracking branch 'origin/main' 2022-05-07 15:59:57 +02:00
49b2ac95f6
More test coverage 2022-05-07 15:59:20 +02:00
ce8872c72d
Merge pull request #10 from wneessen/codecov-rename
Codecov rename
2022-05-07 15:05:36 +02:00
90124586b8
Update codecov_testonly.yml 2022-05-07 15:05:09 +02:00
356b48bed7
Create codecov.yml 2022-05-07 15:04:51 +02:00
2cd451a84d
Update codecov_testonly.yml 2022-05-07 15:03:43 +02:00
27b95c19bc
Update and rename codecov.yml to codecov_testonly.yml 2022-05-07 15:03:09 +02:00
41c8f9eefc
Update codecov.yml 2022-05-07 14:59:31 +02:00
467f2961c6
Merge pull request #9 from wneessen/Add_RLS_to_all_test
Add rls to all test
2022-05-07 14:58:18 +02:00
2af48736df
Update sonarqube.yml 2022-05-07 14:57:14 +02:00
af15c66865
Adding RateLimitSleep() to all tests 2022-05-07 14:55:33 +02:00
0ded55e697
Update codecov.yml 2022-05-07 14:48:22 +02:00
61330a2405
Update sonarqube.yml 2022-05-07 14:48:05 +02:00
21f15be49f
Merge pull request #8 from wneessen/codecov
Integrate with codecov
2022-05-07 14:45:09 +02:00
0f9acdd229
Create codecov.yml 2022-05-07 14:40:23 +02:00
d97d31ff9b
Create codecov.yml 2022-05-07 14:38:00 +02:00
68f9edf0a4
Update sonarqube.yml
Added API token for tests (via secrets) and excluded the example code
2022-05-07 14:35:35 +02:00
2467a860e1
Update sonarqube.yml 2022-04-13 09:43:27 +02:00
a328e950b6
Update sonar-project.properties 2022-04-13 09:42:37 +02:00
69dc70da63
Merge remote-tracking branch 'origin/main' 2022-04-12 22:52:31 +02:00
842cc122a5
Fix code smell in WithUserAgent() option detected by SonarQube 2022-04-12 22:52:24 +02:00