Skip to content

Instantly share code, notes, and snippets.

@IcyApril
Last active May 7, 2023 04:55
Show Gist options
  • Save IcyApril/56c3fdacb3a640f37c245e5813b98b99 to your computer and use it in GitHub Desktop.
Save IcyApril/56c3fdacb3a640f37c245e5813b98b99 to your computer and use it in GitHub Desktop.
#!/bin/bash
echo -n Password:
read -s password
echo
hash="$(echo -n $password | openssl sha1)"
upperCase="$(echo $hash | tr '[a-z]' '[A-Z]')"
prefix="${upperCase:0:5}"
response=$(curl -s https://api.pwnedpasswords.com/range/$prefix)
while read -r line; do
lineOriginal="$prefix$line"
if [ "${lineOriginal:0:40}" == "$upperCase" ]; then
echo "Password breached."
exit 1
fi
done <<< "$response"
echo "Password not found in breached database."
exit 0
@croose
Copy link

croose commented May 31, 2018

For fun, a two-line version (after input checking) that uses AWK for the dirty work:

#!/bin/sh

if [ -z "$1" ]
then
    echo "Usage: ${0##*/} <password>"
    exit 1
fi

HASH="$(printf "$1" | openssl sha1)"
curl -s "https://api.pwnedpasswords.com/range/${HASH:0:5}" | 
    awk -F":" -v SUFFIX="${HASH:5}" '$1 == toupper(SUFFIX) { print $2 }'

@wavesailor
Copy link

@croose using your version I get the following error Bad substitution

@stephane-chazelas yours worked perfectly - thanks

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment