Multiple gpg keyid search (script?)
January 13, 2013 11:25 AM Subscribe
I have a file listing all my long keyID's for GPG and want to lookup the emails associated with these.
I know the URL to do this is:
http://pool.sks-keyservers.net:11371/pks/lookup?op=vindex&search=
and the command is:
gpg --keyserver subset.pool.sks-keyservers.net --search-keys
But while I can do it with bash scripting for the commndline that command doesn't seem to find any of the keys I'm loking for.
Perhaps I can do it with a webscraper like scrapy? Or how can I just query that webpage repeatedly with curl and differeing keyID's and save it so I can grep for @ email addresses?
Here's a sample of what I want to get the emails out of:
BFD626E9E7E33BEFAAE1773AAF65AE980C825691
4AD605094A71F58A288798E915781F58CDB2035C
E2E704E21AE3B2982AEA67E755E2E5CAAA7B03D8
CB8C76F75031D397D3D43E25D8D37CDC80AD896A
5DCE001705FD8BFD5393D0991016CEC635EEA426
777D20CC1A9195721C18483A73F0EAC9B665CEAE
2AF53915AB21C06AB0DA40FB8BE390A001783095
ADCE8685F8A579AD7473F8F3359D80CC09FA3867
EC7588DC114335696EEA7A444375E8D0871AD5AA
D7122D53735F8F86509071C7A6CF5DA9B76A9024
I know the URL to do this is:
http://pool.sks-keyservers.net:11371/pks/lookup?op=vindex&search=
and the command is:
gpg --keyserver subset.pool.sks-keyservers.net --search-keys
But while I can do it with bash scripting for the commndline that command doesn't seem to find any of the keys I'm loking for.
Perhaps I can do it with a webscraper like scrapy? Or how can I just query that webpage repeatedly with curl and differeing keyID's and save it so I can grep for @ email addresses?
Here's a sample of what I want to get the emails out of:
BFD626E9E7E33BEFAAE1773AAF65AE980C825691
4AD605094A71F58A288798E915781F58CDB2035C
E2E704E21AE3B2982AEA67E755E2E5CAAA7B03D8
CB8C76F75031D397D3D43E25D8D37CDC80AD896A
5DCE001705FD8BFD5393D0991016CEC635EEA426
777D20CC1A9195721C18483A73F0EAC9B665CEAE
2AF53915AB21C06AB0DA40FB8BE390A001783095
ADCE8685F8A579AD7473F8F3359D80CC09FA3867
EC7588DC114335696EEA7A444375E8D0871AD5AA
D7122D53735F8F86509071C7A6CF5DA9B76A9024
If you save the keyIDs to a file called keys.txt (without manually adding '0x'), you can then extract the email addresses with this:
while read line; do curl -s "http://pool.sks-keyservers.net:11371/pks/lookup?op=vindex&search=0x$line" | perl -nle 'print "$1" if (/<(.*?)>/)'; done < keys.txt
posted by James Scott-Brown at 1:00 PM on January 13, 2013
while read line; do curl -s "http://pool.sks-keyservers.net:11371/pks/lookup?op=vindex&search=0x$line" | perl -nle 'print "$1" if (/<(.*?)>/)'; done < keys.txt
posted by James Scott-Brown at 1:00 PM on January 13, 2013
Response by poster: Thanks James, the curl loop was what I needed.
All the best greppers seem to use perl. I had to switch to grep:
while read line; do curl -s "http://pool.sks-keyservers.net:11371/pks/lookup?op=vindex&search=0x$line" |grep -Eio '([[:alnum:]_.-]+@[[:alnum:]_.-]+?\.[[:alpha:].]{2,6})' ; done < keys1-processed1.txt.csv
This was strangley rewarding.
This could be abused. There should be some way of protecting PGP users from spam harvesting this way
posted by jago25_98 at 5:37 AM on January 16, 2013
All the best greppers seem to use perl. I had to switch to grep:
while read line; do curl -s "http://pool.sks-keyservers.net:11371/pks/lookup?op=vindex&search=0x$line" |grep -Eio '([[:alnum:]_.-]+@[[:alnum:]_.-]+?\.[[:alpha:].]{2,6})' ; done < keys1-processed1.txt.csv
This was strangley rewarding.
This could be abused. There should be some way of protecting PGP users from spam harvesting this way
posted by jago25_98 at 5:37 AM on January 16, 2013
This thread is closed to new comments.
Without this, the queries will all fail.
eg.
http://pool.sks-keyservers.net:11371/pks/lookup?op=vindex&search=BFD626E9E7E33BEFAAE1773AAF65AE980C825691 FAILS
http://pool.sks-keyservers.net:11371/pks/lookup?op=vindex&search=0xBFD626E9E7E33BEFAAE1773AAF65AE980C825691 WORKS
posted by James Scott-Brown at 12:40 PM on January 13, 2013