{"id":28323790,"url":"https://github.com/dotslash/miscgo","last_synced_at":"2025-06-24T01:32:20.329Z","repository":{"id":152112608,"uuid":"245729678","full_name":"dotslash/miscgo","owner":"dotslash","description":"Misc stuff in go","archived":false,"fork":false,"pushed_at":"2020-06-22T07:06:11.000Z","size":33,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-06-02T01:08:03.188Z","etag":null,"topics":["golang","hibp","hibpwned","totp-generator"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/dotslash.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-03-08T00:53:28.000Z","updated_at":"2020-07-15T06:24:20.000Z","dependencies_parsed_at":"2023-05-24T14:15:11.998Z","dependency_job_id":null,"html_url":"https://github.com/dotslash/miscgo","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/dotslash/miscgo","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dotslash%2Fmiscgo","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dotslash%2Fmiscgo/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dotslash%2Fmiscgo/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dotslash%2Fmiscgo/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/dotslash","download_url":"https://codeload.github.com/dotslash/miscgo/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dotslash%2Fmiscgo/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":261586581,"owners_count":23181138,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["golang","hibp","hibpwned","totp-generator"],"created_at":"2025-05-25T16:15:00.167Z","updated_at":"2025-06-24T01:32:20.315Z","avatar_url":"https://github.com/dotslash.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Miscellaneous utils written in go\n\n## Have I been pwned\n\nI built the following utils based on the data shared by hibp.com.\n\n### Using `pw/cli/main.go`\n\nI stored the dump of hashed pwned passwords in google big query. This cli util takes a password as input and prints the number of times the password has been pwned. This can be run in 2 modes 1) query from big table 2) query from my website. The former requires gcp credentials.\n\nExample usage:\n\n1. Querying big table (needs gcp credentials)\n\n``` sh\n$ export GOOGLE_APPLICATION_CREDENTIALS=\u003ccredentials_json\u003e\n$ export GOOGLE_CLOUD_PROJECT=\u003cproject-name\u003e\n$ go run pw/cli/main.go -debug=true\nUsing bigquery as backend\nEnter password:\nEntered password: wow\nPassword hash is 8A79FF89C7DBD4655D22C2CE58970514\nPassword is pwned 6990 times.\nOperation took 1.704022925s\n```\n\nTo not see the entered password, skip the debug flag\n\n1. Making http calls to my website (which queries gcp)\n\n``` sh\n$ go run pw/cli/main.go -debug=true -serverAddress=bm.suram.in\nUsing bm.suram.in for backend.\nEnter password:\nEntered password: wow\nPassword hash is 8A79FF89C7DBD4655D22C2CE58970514\n====================================\n\u003e\u003e\u003e\u003e\u003eRequest\u003c\u003c\u003c\u003c\nGET /pw/hashed/8A79FF89C7DBD4655D22C2CE58970514 HTTP/1.1\nHost: bm.suram.in\n\u003c\u003c\u003c\u003cRequest\u003e\u003e\u003e\u003e\u003e\n\u003e\u003e\u003e\u003e\u003eResponse\u003c\u003c\u003c\u003c\nHTTP/2.0 200 OK\nContent-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'\nContent-Type: application/json\nDate: Sun, 03 May 2020 02:42:41 GMT\nReferrer-Policy: no-referrer-when-downgrade\nServer: nginx\nStrict-Transport-Security: max-age=31536000; includeSubDomains; preload\nVary: Accept-Encoding\nX-Content-Type-Options: nosniff\nX-Frame-Options: SAMEORIGIN\nX-Xss-Protection: 1; mode=block\n\n{\"pw_hash\":\"8A79FF89C7DBD4655D22C2CE58970514\",\"pwn_count\":6990,\"meta\":{\"op_time\":\"619.592825ms\"}}\n\u003c\u003c\u003c\u003cResponse\u003e\u003e\u003e\u003e\u003e\n====================================\nPassword is pwned 6990 times.\nOperation took 1.296939138s\n```\n\nIn debug mode, I pring the http request and response made to the server (my server). To skip this dont specify set debug to false.\n\n### `server.go`\n\nThis is the webserver that runs at [bm.suram.in/pw](http://bm.suram.in/pw). This needs gcp credentials.\n\n## TOTP\n\nImplementation of TOTP (used by Authenticator apps; RFC 6238).\n\nThe totp.go file has 3 tasks\n\n1. `test` : Tests the implementation. This does the following 1) creates a TOTP secret 2) Serializes it in QR code in /tmp 3) Loads the QR code as another TOTP object 4) Compares the otps from the original TOTP and the one loaded from QR code.\n\nIt compares the OTP generated by this code with the one generated by github.com/gokyle/hotp\n\n``` sh\n$ go run totp/totp.go\nWill save the qr to /tmp/totp_DALOV54DZFI6DRMT.png\ntotp1: main.TOTP{issuer:\"test_totp.com\", digits:6, secret:\"KFZPBW6UQDU2NAQ7UKZHFCJTUFPKBNIK\", note:\"user_DALOV54DZFI6DRMT\"}\ntotp2: main.TOTP{issuer:\"test_totp.com\", digits:6, secret:\"KFZPBW6UQDU2NAQ7UKZHFCJTUFPKBNIK\", note:\"user_DALOV54DZFI6DRMT\"}\nOTP       : 898992 898992\nGokyleOTP : 898992 898992\n```\n\n1. `create` : Creates a TOTP secret, stores it as a qr image in the given path.\n\n``` sh\n$ go run totp/totp.go --task=create -create_qr_path=/tmp/flowerpot.png -create_user=flower -create_digits=7 -create_issuer=dotslash\nStored totp qr at /tmp/flowerpot.png\nCurrent totp: 7777079\n```\n\n1. `otp` : Gets the otp from a TOTP url/qr image path.\n\n``` sh\n$ go run totp/totp.go -debug=true --task=otp -otp_qr_path /tmp/flowerpot.png\nURL: otpauth://totp/flower?issuer=dotslash\u0026digits=7\u0026secret=NKEDE5UCHJ3FZWWA42FZ2CTLMEQUW4RY\ntime Seq: 52949166\nOTP took 19.622µs\n$ go run totp/totp.go -debug=true --task=otp -otp_url 'otpauth://totp/flower?issuer=dotslash\u0026digits=7\u0026secret=NKEDE5UCHJ3FZWWA42FZ2CTLMEQUW4RY'\nURL: otpauth://totp/flower?issuer=dotslash\u0026digits=7\u0026secret=NKEDE5UCHJ3FZWWA42FZ2CTLMEQUW4RY\ntime Seq: 52949170\nOTP took 13.784µs\n3637532\n```\n\nUsing the smart argument ( `-s` ) will do what you will expect.\n\n``` sh\n$ go run totp/totp.go -s /tmp/flowerpot.png\n....\n$ go run totp/totp.go -s 'otpauth://totp/flower?issuer=dotslash\u0026digits=7\u0026secret=NKEDE5UCHJ3FZWWA42FZ2CTLMEQUW4RY'\n....\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdotslash%2Fmiscgo","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdotslash%2Fmiscgo","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdotslash%2Fmiscgo/lists"}