From 453d778452a600d45ed779e7931dd414203a2a36 Mon Sep 17 00:00:00 2001 From: R3ality Date: Mon, 22 Apr 2019 15:41:47 +0300 Subject: [PATCH] Adjustments for PowerShell variant (#21) * Include occurrence count in output * Rename PowerShell variant to match others * Remove redundant line, target already uppercase * Minor syntax fix for null comparison * Close StreamReader when done * Wrap in while loop to allow checking multiple passwords --- pwned-search.ps1 | 24 ------------------------ pwned.ps1 | 34 ++++++++++++++++++++++++++++++++++ 2 files changed, 34 insertions(+), 24 deletions(-) delete mode 100644 pwned-search.ps1 create mode 100644 pwned.ps1 diff --git a/pwned-search.ps1 b/pwned-search.ps1 deleted file mode 100644 index 914d163..0000000 --- a/pwned-search.ps1 +++ /dev/null @@ -1,24 +0,0 @@ -$string = Read-Host -Prompt 'Password to check' -$bytes = [System.Text.Encoding]::UTF8.GetBytes($string) -$sha1 = New-Object System.Security.Cryptography.SHA1CryptoServiceProvider -$data = $sha1.ComputeHash($bytes) -$result = ($data | ForEach-Object ToString X2) -join '' -$result = $result.ToUpper() -$head = $result.Substring(0,5) -$tail = $result.Substring(5) - -[Net.ServicePointManager]::SecurityProtocol = "TLS12, TLS11, TLS, SSL3" -$request = [System.Net.WebRequest]::Create("https://api.pwnedpasswords.com/range/" + $head) -$reader = New-Object System.IO.StreamReader(($request.GetResponse()).GetResponseStream()) - -$found = 0 -while (($line = $reader.ReadLine()) -ne $null) { - if ($line.Split(':')[0] -eq $tail) { - Write-Host "That password has been compromised." - $found = 1 - break - } -} -if ($found -eq 0) { Write-Host "That password was not found." } - -Read-Host -Prompt "Press Enter to exit" diff --git a/pwned.ps1 b/pwned.ps1 new file mode 100644 index 0000000..feca3af --- /dev/null +++ b/pwned.ps1 @@ -0,0 +1,34 @@ +Write-Host 'Checks first 5 characters of the SHA1 hash against haveibeenpwned.com API.' +Write-Host 'Enter an empty password or close the window to exit.' + +while ($true) { + $string = Read-Host -Prompt "`nPassword to check" + + if (-not $string) { + Write-Host 'No password entered. Exiting..' + exit + } + + $bytes = [System.Text.Encoding]::UTF8.GetBytes($string) + $sha1 = New-Object System.Security.Cryptography.SHA1CryptoServiceProvider + $data = $sha1.ComputeHash($bytes) + $result = ($data | ForEach-Object ToString X2) -join '' + $head = $result.Substring(0,5) + $tail = $result.Substring(5) + + [Net.ServicePointManager]::SecurityProtocol = "TLS12, TLS11, TLS, SSL3" + $request = [System.Net.WebRequest]::Create("https://api.pwnedpasswords.com/range/" + $head) + $reader = New-Object System.IO.StreamReader(($request.GetResponse()).GetResponseStream()) + + $found = 0 + while ($null -ne ($line = $reader.ReadLine())) { + if (($split = $line.Split(':'))[0] -eq $tail) { + Write-Host "That password has been compromised. Occurrences:" $split[1] + $found = 1 + break + } + } + if ($found -eq 0) { Write-Host "That password was not found." } + + $reader.Close() +}