Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- API Documentation
- Current API Version: 2.0
- Last Updated: 10/04/2017
- General
- The We Leak Info API is written entirely in PHP without using any framework. The API will always respond in JSON and will always format the JSON for the end user. There is only one API key generated per user. To receive a API key, you will need to make a purchase for the API. After the purchase is complete, a API key will be generated to your account.
- The API system logs all API requests. The API system uses a IP address based rate limiting system, so it is recommended that you use a dedicated IP address instead of a shared IP address. The API may not be used on any public facing website or service. The same Terms of Service for the website applies to the API.
- Version Control
- The We Leak Info API, like many other APIs, use version control. At the top of the page, you can see the current API version being used. Our API documentation will also change based on the API version and we will close older versions of the API as we move on in the future.
- Cloudflare
- We Leak Info uses Cloudflare to protect the site against DDoS attacks and hacking attempts. However, the Cloudflare protection system has been lowered on the API. There will be no captchas or browser check for the API through the Cloudflare network. However, the API will remain behind the Cloudflare network to stop DDoS attacks and hacking attempts.
- Any IP Address ban or ASN ban that is put on Cloudflare will be shared on the entire "weleakinfo.com" domain. Any IP address from the Tor network will be served a captcha when accessing the API through Cloudflare, and the API system will also block the request afterwards.
- Bans
- The We Leak Info API system will automatically block all requests from the Tor network. This is done by using Tor's own tool to check if the incoming IP address is from the Tor network. All publicly known IP addresses from the Tor network have been banned from accessing the API.
- We Leak Info bans IP addresses that are causing harm to the system, potential to do harm, or violate our Terms of Service. Any IP address banned by the system will not be lifted automatically. You can appeal through our ticket support system by reaching out to our technical department.
- Any IP address ban place through the API system will not carry over to the site.
- Rate Limiting
- The We Leak Info API is currently only accepting 3 requests per second. If you exceed this limit, your IP address will be given a 190 second cooldown.
- If you do receive a cooldown, you will see the response down below.
- Rate limiting response example:
- HTTP Response Code: 429
- {
- "Error 429": "You are being rate limited",
- "Cooldown": "190 Seconds"
- }
- Rate limiting is done to protect We Leak Info's API from abuse and DDoS attacks. Any bans on IP addresses through the rate limiting system will not be lifted by staff.
- Session
- The We Leak Info API is written entirely in PHP. Therefore, we utilize PHP sessions to keep track of users. Each session is valid for 1 hour. When users start using the API, they will need to request a new session from the API using the POST method to https://api.weleakinfo.com/v2/session/new with the POST body authentication_key => "API Key".
- Session request example:
- URL: https://api.weleakinfo.com/v2/session/new
- POST Data: authentication_key => 5d7d7054a8ca229654658358aa8711fd
- HTTP Request Method: POST
- HTTP Response Code: 200
- {
- "Token": "33acc7464a1e62456ba619693787e1e8"
- }
- This token is valid for 1 hour and will automatically expire afterwards. You will need this token to access any other feature on the API. After receiving this token, you will not need your API key to make any further calls on the API.
- You can only have 1 session activated per API key. You cannot share this token with anyone else or with another program as the system will detect this and revoke the token and rate limit your IP address for 190 seconds. You can also revoke tokens in the API master panel.
- Statistics
- The statistics feature allows users to see the site's record count and their account credit in more detail. As with all features on the API, you need a token to access this. This feature can be reached at https://api.weleakinfo.com/v2/stats with the POST body token => "Token".
- Statistics request example:
- URL: https://api.weleakinfo.com/v2/stats
- POST Data: token => 33acc7464a1e62456ba619693787e1e8
- HTTP Request Method: POST
- HTTP Response Code: 200
- {
- "Record Count": "4,545,955,572",
- "Total Search Queries": "24",
- "Search Query Limit": "100",
- "Total Hash Queries": "50",
- "Hash Query Limit": "100"
- }
- Search
- The search feature allows you to use our search engine. You can only search the following types of data: username, email, hash, IP address, first and last name. When you use this feature, you must have a token and a session started.
- This feature can be reached at https://api.weleakinfo.com/v2/search/<type>/<query>. The search feature also utilizes pagination through the API. Each callback will only give back a maximum of 100 results. This is to prevent your browser or application from crashing. Pagination can be used as such https://api.weleakinfo.com/v2/search/<type>/<query>/page/1. By default the API will show the first page of results if there is no page specified.
- Username search example:
- URL: https://api.weleakinfo.com/v2/search/username/weleakinfo
- POST Data: token => 33acc7464a1e62456ba619693787e1e8
- HTTP Request Method: POST
- HTTP Response Code: 200
- {
- "Total": 1,
- "Search Time": 0.00034,
- "Current Page": 1,
- "Total Pages": 1,
- "Results": [
- {
- "Database": "Weleakinfo.com",
- "Username": "weleakinfo",
- "Email": "admin@weleakinfo.com",
- "Hash": "0192023a7bbd73250516f069df18b500"
- },
- ]
- }
- First and last name search example:
- URL: https://api.weleakinfo.com/v2/search/name/brian_krebs
- POST Data: token => 33acc7464a1e62456ba619693787e1e8
- HTTP Request Method: POST
- HTTP Response Code: 200
- {
- "Total": 1,
- "Search Time": 0.00048,
- "Current Page": 1,
- "Total Pages": 1,
- "Results": [
- {
- "Database": "Weleakinfo.com",
- "Username": "brainkrebs",
- "Email": "admin@krebsonsecurity.com",
- "Hash": "d033e22ae348aeb5660fc2140aec35850c4da997",
- "First": "Brian",
- "Last": "Krebs"
- },
- ]
- }
- If you account has at least 100 hash queries available, you will be able to request cracking while searching. However, this will slow down the search since all the hashes found are being cracked. It will add around 5-10 seconds to your request. You can use this feature by adding crack after the query but before the pagination as such: https://api.weleakinfo.com/v2/search/<type>/<query>/crack/page/1. When a hash has been cracked, it will add a additional cracked field to the result set.
- Every hash that is passed on to our hash API will count towards your hash queries, even if they fail to crack. If a hash it no crackable, it will simply not return a Cracked field.
- Username search with hash cracking example:
- URL: https://api.weleakinfo.com/v2/search/username/weleakinfo/crack
- POST Data: token => 33acc7464a1e62456ba619693787e1e8
- HTTP Request Method: POST
- HTTP Response Code: 200
- {
- "Total": 1,
- "Search Time": 0.00047,
- "Current Page": 1,
- "Total Pages": 1,
- "Results": [
- {
- "Database": "Weleakinfo.com",
- "Username": "weleakinfo",
- "Email": "admin@weleakinfo.com",
- "Hash": "0192023a7bbd73250516f069df18b500",
- "Cracked": "admin123"
- },
- ]
- }
- To state the obvious, the hash API can also crack hash and salt combos.
- Currently there is no wildcard function for the search API as we didn't see a need for it.
- Hash
- The hash feature allows you to query our hash API used at We Leak Info. When you use this feature, you must have a token and a session started. You can only request one hash or one hash and salt combo at a time.
- This feature can be reached at https://api.weleakinfo.com/v2/hash/<query>.
- Hash only request example
- URL: https://api.weleakinfo.com/v2/hash/0192023a7bbd73250516f069df18b500
- POST Data: token => 33acc7464a1e62456ba619693787e1e8
- HTTP Request Method: POST
- HTTP Response Code: 200
- {
- "Query Time": 0.0834,
- "Query": "0192023a7bbd73250516f069df18b500",
- "Result": "admin123"
- }
- Hash and salt combo request example
- URL: https://api.weleakinfo.com/v2/hash/0343c88c4e3560b99e7209504a1e3074:FaS9gm{;V<T5
- POST Data: token => 33acc7464a1e62456ba619693787e1e8
- HTTP Request Method: POST
- HTTP Response Code: 200
- {
- "Query Time": 0.0933,
- "Query": "0343c88c4e3560b99e7209504a1e3074:FaS9gm{;V<T5",
- "Result": "gay2"
- }
- Common Responses
- Account credit response example:
- HTTP Response Code: 400
- {
- "Error 400": "Not enough credit on account"
- }
- Server error response example:
- HTTP Response Code: 400
- {
- "Error 400": "Server error, please contact support"
- }
- Unauthorized access response example:
- HTTP Response Code: 401
- {
- "Error 401": "Unauthorized access denied"
- }
- Forbidden response example:
- HTTP Response Code: 403
- {
- "Error 403": "Forbidden"
- }
- Banned IP address example:
- HTTP Response Code: 403
- {
- "Error 403": "This IP address has been banned"
- }
- Method not allowed response example:
- HTTP Response Code: 405
- {
- "Error 405": "Method not allowed"
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement