Repository files navigation

Automatically update passwords from common Password Managers. Supported Password Managers are:

• pass
• KeePass (kdbx)
• KeePassX (kdbx)
• KeePassXC (kdbx)
• PasswordSafe (psafe3)
• Chrome (sqlite)

1. Install Node.js and Node package manager. Please refer tohttps://nodejs.org/en/download/ for more information.

   sudo apt install nodejs npm

2. InstallNightwatch:

   npm install -g nightwatch

3. Install Browser and WebDriver:

   Either install Firefox or Chrome.

   • Firefox
     • Geckodriver

     npm install geckodriver --save-dev

   • Chrome
     • Chromedriver

     npm install chromedriver --save-dev

4. InstallRust:

   curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh

5. Optional for Chrome password manager

   Install Openssl and Sqlite

   sudo apt install libssl-dev pkg-config libsqlite3-dev

The following commands can be run on Ubuntu to install required packages:

sudo apt install nodejs nodejs-legacy npm libssl-dev pkg-config libsqlite3-devnpm install -g nightwatchnpm install geckodriver --save-devnpm install chromedriver --save-devcurl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh

Compile the package and all the dependencies:

cargo build

Run the program:

cargo run -- [Program arguments]

Whether or not the browser is executed in headless mode, can be changed innightwatch.conf.js. To disable headless mode comment the'-headless' argument out for the desired browser, see SectionNightwatch Configuration for additional information.

Allows you to choose between the browser to be used and the password manager variant.

active_profile ="my-private-keepassx"browser_type ="firefox"#browser_type = "chrome"nr_threads =10#optional default: 1[profile.my-private-keepassx]type ="kdbx"sources = ["private-kdbx" ][profile.work-pass]type ="pass"sources = ["work-pass" ]#optional[[sources]]name ="private-kdbx"file ="tests/resources/test_db.kdbx"blocklist = ["google.com","yahoo.com" ]#optional[[sources]]name ="work-pass"blocklist = ["google.com" ]#optional[[scripts]]dir ="./scripts"blocklist = ["live.com.js" ]#optional[urls]#optional"([^/]{1,30}://)?[^/]+gmail.com(/$|/.*)" ="myaccount.google.com.js""skype.com/" ="live.com.js""(https://)?lichess.org(/([a-z]|[A-Z]|[0-9])*)*" ="lichess.org""non-domain-name-in-DB-file" =""[[scripts]]dir ="development/my-custom-PassUp-scripts"

The configuration file has to be written and saved in theTOML format.

Allowed configuration parameters:

• browser_type:["firefox", "chrome"]
• profile.type:["kdbx", "pass", "pwsafe", "chrome-gnome", "chrome-kde"]

The[urls] section is used to match the correct script to any URL that is provided through the password database.

An example configuration can be found innightwatch.conf.js. It provides two test settings which arefirefox andchrome.

In the Nightwatch configuration file we can add arguments which are passed to the executed browser.

Here is an example for arguments which are passed to Firefox:

'moz:firefoxOptions': {    args: [       '-headless',       //'-verbose'    ],}

and for Chrome:

chromeOptions : {    args: [        '--headless'    ]}

For debugging purpuses it can be very beneficial to remove/comment out the'-headless' argument.

While writing Nightwatch scripts it can be helpful to test them seperatly.

You can test a single script by executing:

nightwatch --env test_setting --test url username old_password new_password

Settest_setting according to the Nightwatch Configuration. For the example configuration it has to be eitherfirefox orchrome.Seturl,username,old_password andnew_password to the according values.

Anti-bot measures are a problem since they block us from accessing the account. An example would be theGoogle Account. The server blocks our request since it detects bot activity.

We support the cloning of entries for kdbx-based databases. A clone only contains references to the origin and not the values. The references are dereferenced and the values are copied to the clone, seeresolve_references.

You can change the password generation parameters inget_pw. Please refer to thepasswords crate for additional information.