Skip to content

A Discord bot implementation of Troy Hunt's haveibeenpwned.com service.

Notifications You must be signed in to change notification settings

plasticuproject/pwnedBot

Repository files navigation

build Python 3.11 CodeQL Quality Gate Status Security Rating

pwnedBot

pwnedBot is a Discord bot implementation of Troy Hunt's haveibeenpwned.com service, a free resource for anyone to quickly assess if they may have been put at risk due to an online account of theirs having been compromised or "pwned" in a data breach. This document outlines the steps required to build, run, and manage the bot using Docker.

Prerequisites

Before proceeding, ensure you have Docker installed and running on your machine. You will also need Python installed if you plan to initialize the database manually before running the bot in a Docker container.

Building the Bot

To build the Docker image for PwnedBot, navigate to the directory containing the Dockerfile and run the following command:

docker build -t pwnedbot .

This command builds a Docker image named pwnedbot based on the instructions in the Dockerfile located in the current directory.

Configuring Environment Variables

Head over to DiscordApp and create a new app. Record your Client_ID. On the left, click Bot, and then Add Bot. Once you are done setting up your bot, save your Client_ID, Token, and Client Secret in a safe place.

Making calls to the haveibeenpwned API requires a key. You can purchase a HIBP-API-KEY here.

Create an .env file in the project root directory and add the required information:

HIBP_API_KEY="test-key"
APP_NAME="test-app"
DISCORD_TOKEN=TOKEN
DISCORD_CLIENT_ID=ID
BOT_PREFIX="!"
DEFAULT_ACCOUNT="test@example.com"

Make sure to replace the default information with your actual values.

Running the Bot

To start the bot, use the following command to run the Docker container. This command also mounts the necessary directories and files into the container and redirects all output to output.log:

docker run -it --rm -v $(pwd)/.env:/home/bot/.env pwnedbot > output.log 2>&1

This will log all output from the bot to output.log, allowing you to review it later for debugging and monitoring purposes.

Running the bot in detached mode

If you wish to run the bot container in detached mode and still record its output to a log file, you may do so with the folloing commands:

Run the Docker container in detached mode:

PWNEDBOT_ID=$(docker run -d -it --rm -v $(pwd)/.env:/home/bot/.env pwnedbot)

Start logging to a file:

docker logs -f $PWNEDBOT_ID > output.log 2>&1 & PWNEDBOT_LOG_PID=$!

Stop the bot container:

docker stop $PWNEDBOT_ID

Kill the logging process if needed:

kill $PWNEDBOT_LOG_PID

Usage

To add bot to server add your Client_ID to this URL and visit in browser:
https://discordapp.com/oauth2/authorize?client_id= <Client_ID> &scope=bot
When bot is active in server type "(prefix)help" for a list of commands.

HELP BREACH_NAME PASSWORD SEARCH PASTES PASTE_ID

License

All data sourced from https://haveibeenpwned.com
Visit https://haveibeenpwned.com/API/v3 to read the Acceptable Use Policy
for rules regarding acceptable usage of this API.

This work is licensed under a Creative Commons Attribution 4.0 International License.
CCv4
plasticuproject