-
Notifications
You must be signed in to change notification settings - Fork 1
/
haveibeenpwned
executable file
·132 lines (92 loc) · 3.14 KB
/
haveibeenpwned
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
#!/usr/bin/env bash
# bash-scripts/haveibeenpwnd
# haveibeenpwnd
# Check if your email or password has been involved in a breach indexed by haveibeenpwned.com
set -euo pipefail
# -e exit if any command returns non-zero status code
# -u prevent using undefined variables
# -o pipefail force pipelines to fail on first non-zero status code
### Define Colours ###
tput sgr0;
# reset colors
readonly RESET=$(tput sgr0)
readonly BOLD=$(tput bold)
readonly RED=$(tput setaf 1)
readonly GREEN=$(tput setaf 64)
### END Colours ###
function usage {
echo -e "\\nCheck if your email or password has been involved in a breach indexed by haveibeenpwned.com\\n"
echo "Usage:"
echo "./haveibeenpwned example@example.com"
echo -e "./haveibeenpwned P@ssw0rd1\\n"
exit 1
}
function check_pwned {
local is_pwned
email=$1
is_pwned="$(curl -s -o /dev/null -w "%{http_code}" https://haveibeenpwned.com/api/v2/breachedaccount/"${email}")"
if [[ "${is_pwned}" == "200" ]]; then
return 0
elif [[ "${is_pwned}" == "404" ]]; then
return 1
else
echo "UNKNOWN ERROR"
return 1
fi
}
function get_pwned_info {
local json
local num_breaches
local -i count=0
local breach_title
local breach_date
json="$(curl -s https://haveibeenpwned.com/api/v2/breachedaccount/"${email}")"
num_breaches="$(echo "${json}" | python -c 'import json,sys; obj=json.load(sys.stdin); print len(obj);')"
if [[ "${num_breaches}" -gt 1 ]]; then
echo "${RED}You've been pwned ${BOLD}${num_breaches}${RESET} ${RED}times!${RESET}"
else
echo "${RED}You've been pwned ${num_breaches} time!${RESET}"
fi
# shellcheck disable=SC2086
while [ $count -lt $num_breaches ]; do
breach_title="$(echo "${json}" | python -c "import json,sys; obj=json.load(sys.stdin); print obj[${count}]['Title'];")"
breach_date="$(echo "${json}" | python -c "import json,sys; obj=json.load(sys.stdin); print obj[${count}]['BreachDate'];" | awk -F '-' '{print $1}')"
(( count=count+1 ))
echo " ${BOLD}${breach_title} (${breach_date})${RESET}"
done
}
function check_password {
local password=$1
local hash_prefix
local local_hash_suffix
local -a password_list
local remote_hash_suffix
hash_prefix="$(echo -n "${password}" | shasum | cut -b -5 | awk '{print $1}')"
local_hash_suffix="$(echo -n "${password}" | shasum | cut -b 6-| awk '{print $1}' | awk '{print toupper($0)}')"
mapfile -t password_list < <(curl -s "https://api.pwnedpasswords.com/range/${hash_prefix}" | awk -F ':' '{print $1}')
for remote_hash_suffix in "${password_list[@]}"; do
if [[ "${remote_hash_suffix}" == "${local_hash_suffix}" ]]; then
return 0
fi
done
return 1
}
function main {
input=${1:-"usage"}
if [[ "${input}" == "usage" ]]; then
usage
elif [[ "${input}" =~ "@" ]]; then
if check_pwned "${input}"; then
get_pwned_info "${input}"
else
echo "${GREEN}${BOLD}You've not been pwned!${RESET}"
fi
else
if check_password "${input}"; then
echo "${RED}This password has been pwned!${RESET}"
else
echo "${GREEN}This password has ${BOLD}not${RESET}${GREEN} been pwned!${RESET}"
fi
fi
}
main "$@"