So, there’s this CloudFlare HTTPS traffic memory leak that happened and it is good idea to change passwords for all of your sites that are using cloudflare. Full list of sites using cloudflare is available on above mentioned Github page.
I’m using pass, simple password manager that stores all of the credentials in gpg encrypted files. I’m not going on explaining what it is in more details since if you’re reading this blog you probably at least know of it. If you have ever used it you know it doesn’t have all those fancy features online password managers like Lastpass have so in case such as this it gets a bit harder to automatically check sites that are affected.
I’ve put together a little bash script to help you check which of your site passwords needs to be changed. Keep in mind that script is basically just comparing list of your gpg files with list of sites using CloudFlare, so I really hope that you’ve think through your pass entry naming scheme properly (using domain name as name of the file).
Script will also print out only entries that needs to be changed along with date of the last change. February 24th, 2017 is date we’re comparing it against. So, without further ado, here’s the script:
#!/bin/bash LIST="/tmp/sorted_unique_cf.txt" URL="https://raw.githubusercontent.com/pirate/sites-using-cloudflare/master/sorted_unique_cf.txt" HOMEDIR="/home/$(whoami)/.password-store/" DATE="Feb 24, 2017" NEEDSCHANGING="/tmp/needs-changing.txt" if [ ! -f "$LIST" ]; then wget -O "$LIST" "$URL" &>/dev/null else echo "$LIST already exists. Checking agains that, to update it remove file manually." fi for SITE in $(find "$HOMEDIR" -type f -iname "*.gpg" -printf "%f\n" | sed 's/\.gpg$//g'); do grep -F -x "$SITE" "$LIST" done > "$NEEDSCHANGING" while read -r CHSITE; do find "$HOMEDIR" -type f -iname "*$CHSITE*" ! -newermt "$DATE" -printf "%TY-%Tm-%Td %P\n" done < "$NEEDSCHANGING"
Save it as some file, let’s say
passbleed-check.sh and run it:
chmod 0700 passbleed-check.sh ./passbleed-check.sh