Check a LastPass CSV export for potential CloudFlare vulnerabilities

check_cloudflare_lastpass.py

"""
This is the product of me spending a few minutes trying to
assess how much of my LastPass vault is potentially vulnerable
to the recent CloudFlare issue.

It's hacky, and probably broken in some way, but it's a start.

Gist comments with improvements very welcome.
"""

LASTPASS_CSV_PATH = 'INSERT_FULL_PATH_HERE'

import csv
import io
from urllib.parse import urlparse
import urllib.request
import zipfile

def reduce_to_minimal_domain(url):
    first_dot_idx = url.rfind('.')
    second_dot_idx = url[:first_dot_idx].rfind('.')
    
    if second_dot_idx == -1:
        return url
    else:
        return url[second_dot_idx+1:]

rows = []
with open(LASTPASS_CSV_PATH) as lpf:
    for row in csv.reader(lpf):
        rows.append(row)

with urllib.request.urlopen('https://github.com/pirate/sites-using-cloudflare/archive/master.zip') as response:
    z = zipfile.ZipFile(io.BytesIO(response.read()))

with z.open('sites-using-cloudflare-master/sorted_unique_cf.txt') as site_list:
    contents = site_list.read()
    contents = contents.decode('utf-8')

sites = {l.strip() for l in contents.split('\n')}

sites = {reduce_to_minimal_domain(s) for s in sites}
sites = {s for s in sites if len(s.strip()) > 0}

sites_with_passwords = [r[0] for r in rows[1:]]
sites_with_passwords = [urlparse(s).netloc for s in sites_with_passwords]
sites_with_passwords = [reduce_to_minimal_domain(s) for s in sites_with_passwords]

from pprint import pprint
pprint(sites.intersection(sites_with_passwords))

Nice one! Only thing, the function reduce_to_minimal_domain doesn't work very well for domains like co.uk or co.nz.
The only alternative I've found is to use the module 'tld', which you can install with pip. It provides this function:

print tld.get_tld('http://www.hsbc.co.uk')
hsbc.co.uk