Created
May 2, 2019 17:54
-
-
Save basilgello/d63e308c167aecd3ff6c54380e3a24a7 to your computer and use it in GitHub Desktop.
HaveIBeenPwned password-checker script function for bash / zsh / Termux
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # Checks passwords in HIBP range | |
| # | |
| # $1 - (optional) quoted password | |
| # | |
| check_pwned_password() | |
| { | |
| PWNCANDIDATE="$1" | |
| if [ -z "$PWNCANDIDATE" ]; then | |
| read -p "Enter password: " -s PWNCANDIDATE | |
| echo "" | |
| fi | |
| PWNHASH=$(echo -n "$PWNCANDIDATE" | \ | |
| sha1sum - | \ | |
| awk '{print $1}' | \ | |
| tr '[:lower:]' '[:upper:]') | |
| PWNCANDIDATE="HEHEHEHEHEHEHEHEHEHAHAHAHAHAHAHAHAHAHAHAHAHAHUHUHUHIHIHIHIHI" | |
| unset PWNCANDIDATE | |
| HIBP_RESPONSE=$(curl \ | |
| "https://api.pwnedpasswords.com/range/${PWNHASH:0:5}" \ | |
| 2>/dev/null) | |
| _RET=$? | |
| if [ $_RET -ne 0 ]; then | |
| PWNHASH="HEHEHEHEHEHEHEHEHEHAHAHAHEHEHEHEHE" | |
| unset PWNHASH | |
| echo -e "\033[0;33mCannot connect haveibeenpwned.com!\033[0m" | |
| return 1 | |
| fi | |
| echo "$HIBP_RESPONSE" | grep "^${PWNHASH:5:32}" 1>/dev/null 2>/dev/null | |
| _RET=$? | |
| if [ $_RET -eq 0 ]; then | |
| echo -e "\033[0;31mPassword is pwned!\033[0m" | |
| else | |
| echo -e "\033[0;32mPassword is OK!\033[0m" | |
| fi | |
| PWNHASH="HEHEHEHEHEHEHEHEHEHAHAHAHEHEHEHEHE" | |
| unset PWNHASH | |
| return 0 | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment