Last active
March 20, 2019 19:32
-
-
Save mrekucci/e8e65d9c33c25f6b8ec08bb9771e0554 to your computer and use it in GitHub Desktop.
Check if password was pwned
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # Copyright (c) 2019, Peter Mrekaj. All rights reserved. | |
| # Use of this source code is governed by a ISC-style license. | |
| # Dirty one-liner: read -s passwd; hash=$(printf "%s" "${passwd}" | openssl sha1 -binary | xxd -p -u); curl -s "https://api.pwnedpasswords.com/range/${hash:0:5}" | grep -i "${hash:5}" | |
| set -e | |
| function usage() { | |
| cat 1>&2 <<EOF | |
| Checks if the password was seen in the pwned database: https://haveibeenpwned.com/Passwords. | |
| ARGS: | |
| A password to check. | |
| RETURNS: | |
| The number of times the password was seen in the pwned database. | |
| EOF | |
| } | |
| [[ "${#}" != 1 ]] && usage && exit 1 | |
| readonly PASSWORD_HASH="$(printf "%s" "${1}" | openssl sha1 -binary | xxd -p -u)" | |
| while IFS=$':' read -r hash count; do | |
| if [[ "${hash}" = "${PASSWORD_HASH:5}" ]]; then | |
| printf "%s\n" "${count}" | |
| exit 0 | |
| fi | |
| done <<< "$(curl --fail-early --show-error --silent --request GET "https://api.pwnedpasswords.com/range/${PASSWORD_HASH:0:5}")" | |
| printf "0\n" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment