Check a LastPass CSV export for potential CloudFlare vulnerabilities

check_cloudflare_lastpass.py

"""
This is the product of me spending a few minutes trying to
assess how much of my LastPass vault is potentially vulnerable
to the recent CloudFlare issue.

It's hacky, and probably broken in some way, but it's a start.

Gist comments with improvements very welcome.
"""

LASTPASS_CSV_PATH = 'INSERT_FULL_PATH_HERE'

import csv
import io
from urllib.parse import urlparse
import urllib.request
import zipfile
import sys

try:
    import publicsuffix
except ImportError:
    print("ERROR: missing publicsuffix.")
    print("PLEASE, INSTALL IT: pip install --user publicsuffix")
    sys.exit(0)

try:
    psl_reader = publicsuffix.fetch()
except AttributeError:
    psl_reader = codecs.getreader('utf-8')(urlopen('http://publicsuffix.org/list/public_suffix_list.dat'))
psl = publicsuffix.PublicSuffixList(psl_reader)

rows = []
with open(LASTPASS_CSV_PATH) as lpf:
    for row in csv.reader(lpf):
        rows.append(row)

with urllib.request.urlopen('https://github.com/pirate/sites-using-cloudflare/archive/master.zip') as response:
    z = zipfile.ZipFile(io.BytesIO(response.read()))

with z.open('sites-using-cloudflare-master/sorted_unique_cf.txt') as site_list:
    contents = site_list.read()
    contents = contents.decode('utf-8')

sites = {l.strip() for l in contents.split('\n')}
sites = {psl.get_public_suffix(s) for s in sites}

sites_with_passwords = [r[0] for r in rows[1:]]
sites_with_passwords = [psl.get_public_suffix(urlparse(s).netloc) for s in sites_with_passwords]

from pprint import pprint
pprint(sites.intersection(sites_with_passwords))