kategray · October 5, 2020 03:26
diff --git a/pwcheck.php b/pwcheck.php
 <?php
 #!/usr/bin/env php

 $password = 'password';
 $hash = sha1($password);
 $truncated = substr ($hash, 0, 5); // First 5 characters
 $checkValue = substr ($hash, 5); // Rest of the characters

 $url = sprintf ('https://api.pwnedpasswords.com/range/%s', $truncated);
 echo (sprintf ("Getting hashes from URL %s.\n", $url));
 echo sprintf ("Looking for truncated value %s.\n", $checkValue);

 $contents = file_get_contents ($url);
 $lines = explode ("\n", $contents);
 $found = false;
 $count = 0;
 foreach ($lines as $line) {
        // Read the line and see if it matches the check value
        $hash_parts = explode (':', $line);
        if (strtolower (trim ($hash_parts[0])) == strtolower($checkValue)) {
                $found = true;
                $count = $hash_parts[1];
                break;
        }
 }

 echo sprintf ("Password %s been pwned.  Found %d times.\n", $found ? 'has' : 'has not', $count);
	<?php
	#!/usr/bin/env php

	$password = 'password';
	$hash = sha1($password);
	$truncated = substr ($hash, 0, 5); // First 5 characters
	$checkValue = substr ($hash, 5); // Rest of the characters

	$url = sprintf ('https://api.pwnedpasswords.com/range/%s', $truncated);
	echo (sprintf ("Getting hashes from URL %s.\n", $url));
	echo sprintf ("Looking for truncated value %s.\n", $checkValue);

	$contents = file_get_contents ($url);
	$lines = explode ("\n", $contents);
	$found = false;
	$count = 0;
	foreach ($lines as $line) {
	// Read the line and see if it matches the check value
	$hash_parts = explode (':', $line);
	if (strtolower (trim ($hash_parts[0])) == strtolower($checkValue)) {
	$found = true;
	$count = $hash_parts[1];
	break;
	}
	}

	echo sprintf ("Password %s been pwned. Found %d times.\n", $found ? 'has' : 'has not', $count);
No results found