2019-05-31 01:02:04 +02:00
|
|
|
#!/bin/bash
|
|
|
|
|
# FAIR License, Copyright (c) 2019 72Zn
|
|
|
|
|
# Usage of the works is permitted provided that this instrument is retained
|
|
|
|
|
# with the works, so that any entity that uses the works is notified of this
|
|
|
|
|
# instrument.
|
|
|
|
|
# DISCLAIMER: THE WORKS ARE WITHOUT WARRANTY.
|
|
|
|
|
|
|
|
|
|
# usage examples:
|
|
|
|
|
# ./pwned.mos [pw1] [pw2] ...
|
|
|
|
|
# ./pwned.mos < <file_with_passwords>
|
|
|
|
|
# echo pw | ./pwned.mos
|
|
|
|
|
|
|
|
|
|
PWNAPI="https://api.pwnedpasswords.com/range"
|
|
|
|
|
|
|
|
|
|
lookup_pwned_api() {
|
|
|
|
|
local pass="$1"
|
|
|
|
|
local pwhash=$(printf "%s" "$pass" | shasum -a 1 | cut -d" " -f1)
|
2019-10-07 12:05:06 +02:00
|
|
|
local curlrv=$(curl -s "$PWNAPI/${pwhash:0:5}")
|
2019-05-31 01:02:04 +02:00
|
|
|
[ -z "$curlrv" ] && echo "$pass could not be checked" && return
|
2019-10-07 12:05:06 +02:00
|
|
|
local result=$(echo "$curlrv" | grep -i "${pwhash:5:35}")
|
2019-05-31 01:02:04 +02:00
|
|
|
|
|
|
|
|
if [ -n "$result" ]; then
|
2019-10-07 12:05:06 +02:00
|
|
|
local occ=$(printf "%s" "${result}" | cut -d: -f2 | sed 's/[^0-9]*//g')
|
2019-05-31 01:02:04 +02:00
|
|
|
printf "%s was found with %s occurances (hash: %s)\n" "$pass" "$occ" "$pwhash"
|
|
|
|
|
else
|
|
|
|
|
printf "%s was not found\n" "$pass"
|
|
|
|
|
fi
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if [ "$#" -lt 1 ]; then
|
2019-10-07 12:05:06 +02:00
|
|
|
# read from file or stdin (one password per line)
|
|
|
|
|
while IFS=$'\r\n' read -r pw; do
|
|
|
|
|
lookup_pwned_api "$pw"
|
2019-05-31 01:02:04 +02:00
|
|
|
done
|
|
|
|
|
else
|
|
|
|
|
# read arguments
|
|
|
|
|
for pw in "$@"; do
|
2019-10-07 12:05:06 +02:00
|
|
|
lookup_pwned_api "$pw"
|
2019-05-31 01:02:04 +02:00
|
|
|
done
|
|
|
|
|
fi
|
|
|
|
|
|
