Tags:

Multiple gpg keyid search (script?)
January 13, 2013 11:25 AM   Subscribe

I have a file listing all my long keyID's for GPG and want to lookup the emails associated with these.

I know the URL to do this is:
http://pool.sks-keyservers.net:11371/pks/lookup?op=vindex&search=

and the command is:
gpg --keyserver subset.pool.sks-keyservers.net --search-keys

But while I can do it with bash scripting for the commndline that command doesn't seem to find any of the keys I'm loking for.

Perhaps I can do it with a webscraper like scrapy? Or how can I just query that webpage repeatedly with curl and differeing keyID's and save it so I can grep for @ email addresses?

Here's a sample of what I want to get the emails out of:


BFD626E9E7E33BEFAAE1773AAF65AE980C825691

4AD605094A71F58A288798E915781F58CDB2035C
E2E704E21AE3B2982AEA67E755E2E5CAAA7B03D8
CB8C76F75031D397D3D43E25D8D37CDC80AD896A
5DCE001705FD8BFD5393D0991016CEC635EEA426
777D20CC1A9195721C18483A73F0EAC9B665CEAE

2AF53915AB21C06AB0DA40FB8BE390A001783095
ADCE8685F8A579AD7473F8F3359D80CC09FA3867
EC7588DC114335696EEA7A444375E8D0871AD5AA
D7122D53735F8F86509071C7A6CF5DA9B76A9024
posted by jago25_98 to technology (3 answers total)
 
Did you remember to prefix these keys with '0x'?

Without this, the queries will all fail.

eg.
http://pool.sks-keyservers.net:11371/pks/lookup?op=vindex&search=BFD626E9E7E33BEFAAE1773AAF65AE980C825691 FAILS
http://pool.sks-keyservers.net:11371/pks/lookup?op=vindex&search=0xBFD626E9E7E33BEFAAE1773AAF65AE980C825691 WORKS
posted by James Scott-Brown at 12:40 PM on January 13


If you save the keyIDs to a file called keys.txt (without manually adding '0x'), you can then extract the email addresses with this:

while read line; do curl -s "http://pool.sks-keyservers.net:11371/pks/lookup?op=vindex&search=0x$line" | perl -nle 'print "$1" if (/<(.*?)>/)'; done < keys.txt
posted by James Scott-Brown at 1:00 PM on January 13


Thanks James, the curl loop was what I needed.
All the best greppers seem to use perl. I had to switch to grep:

while read line; do curl -s "http://pool.sks-keyservers.net:11371/pks/lookup?op=vindex&search=0x$line" |grep -Eio '([[:alnum:]_.-]+@[[:alnum:]_.-]+?\.[[:alpha:].]{2,6})' ; done < keys1-processed1.txt.csv

This was strangley rewarding.

This could be abused. There should be some way of protecting PGP users from spam harvesting this way
posted by jago25_98 at 5:37 AM on January 16


« Older Almost a month ago, my BF and ...   |  I know this question is a litt... Newer »

You are not logged in, either login or create an account to post comments