amol9 · February 21, 2019 10:07
diff --git a/breach_check.sh b/breach_check.sh
 #!/bin/bash

 account=$1
 detail=$2

 uea=$(python -c "import urllib;print urllib.quote(raw_input())" <<< "$account")
 json=$(curl -s https://haveibeenpwned.com/api/v2/breachedaccount/$uea)

 if [ "$detail" != "detail" ]
 then
 	REDBOLD='\033[1;31m'
 	NC='\033[0m'

 	name_list=$(echo $json | grep -Po "Name.:.*?," | cut -c 8- | sed "s/\",//")
 	printf "${REDBOLD}found $(echo "$name_list" | wc -l) breaches${NC}\n"
 	echo "$name_list"
 else
 	echo "$json" | jq .
 fi
diff --git a/pwned_check.sh b/pwned_check.sh
 #!/bin/bash

 sha1=$(echo -n $1 | sha1sum)
 sha1_f5=$(echo -n $sha1 | grep -Po "^.{5}")
 sha1_sf=$(echo -n $sha1 | cut -c 6-)

 out="$(curl -s https://api.pwnedpasswords.com/range/$sha1_f5)"
 echo "$out" | grep -i $sha1_sf
diff --git a/Security checks b/Security checks
 <1>
 Usage: breach_check.sh <account> [detail]

 e.g.
 > ./breach_check.sh [email protected]
 found 6 breaches
 BinWeevils
 Edmodo
 Evony
 OnlinerSpambot
 RiverCityMedia
 YouveBeenScraped

 > ./breach_check.sh [email protected] detail
 [
  {
    "Name": "BinWeevils",
    "Title": "Bin Weevils",
    "Domain": "binweevils.com",
    "BreachDate": "2014-09-01",
    "AddedDate": "2017-08-18T07:10:57Z",
    "ModifiedDate": "2017-08-18T07:10:57Z",
    "PwnCount": 1287073,
 ...TRUNCATED

 --

 <2>
 Usage: pwned_check.sh <password>

 e.g.
 > ./pwned_check.sh test123
 DD0FC3FFCBE93A0CF06E3568E28521687BC:96105

 The api only needs first 5 characters of the password hash, so, your plain text password or its full hash never leaves your system.
 Output is the suffix of the hash if full hash matches one of the entries returned by the api, followed by the count.
	#!/bin/bash

	account=$1
	detail=$2

	uea=$(python -c "import urllib;print urllib.quote(raw_input())" <<< "$account")
	json=$(curl -s https://haveibeenpwned.com/api/v2/breachedaccount/$uea)

	if [ "$detail" != "detail" ]
	then
	REDBOLD='\033[1;31m'
	NC='\033[0m'

	name_list=$(echo $json \| grep -Po "Name.:.*?," \| cut -c 8- \| sed "s/\",//")
	printf "${REDBOLD}found $(echo "$name_list" \| wc -l) breaches${NC}\n"
	echo "$name_list"
	else
	echo "$json" \| jq .
	fi
	#!/bin/bash

	sha1=$(echo -n $1 \| sha1sum)
	sha1_f5=$(echo -n $sha1 \| grep -Po "^.{5}")
	sha1_sf=$(echo -n $sha1 \| cut -c 6-)

	out="$(curl -s https://api.pwnedpasswords.com/range/$sha1_f5)"
	echo "$out" \| grep -i $sha1_sf
	<1>
	Usage: breach_check.sh <account> [detail]

	e.g.
	> ./breach_check.sh [email protected]
	found 6 breaches
	BinWeevils
	Edmodo
	Evony
	OnlinerSpambot
	RiverCityMedia
	YouveBeenScraped

	> ./breach_check.sh [email protected] detail
	[
	{
	"Name": "BinWeevils",
	"Title": "Bin Weevils",
	"Domain": "binweevils.com",
	"BreachDate": "2014-09-01",
	"AddedDate": "2017-08-18T07:10:57Z",
	"ModifiedDate": "2017-08-18T07:10:57Z",
	"PwnCount": 1287073,
	...TRUNCATED

	--

	<2>
	Usage: pwned_check.sh <password>

	e.g.
	> ./pwned_check.sh test123
	DD0FC3FFCBE93A0CF06E3568E28521687BC:96105

	The api only needs first 5 characters of the password hash, so, your plain text password or its full hash never leaves your system.
	Output is the suffix of the hash if full hash matches one of the entries returned by the api, followed by the count.