Added a new feature to find all pwned passwords

mihaifm · Jul 31, 2021 · 8ff8db6 · 8ff8db6
1 parent 5f2bd7e
commit 8ff8db6
Show file tree

Hide file tree

Showing 5 changed files with 51 additions and 6 deletions.
diff --git a/HIBPOfflineCheck/HIBPOfflineCheckExt.cs b/HIBPOfflineCheck/HIBPOfflineCheckExt.cs
@@ -113,6 +113,19 @@ private void CreateMenuItems()
                 hibpExcludeMenuItem.Click += new EventHandler(prov.OnMenuHIBPExclude);
                 hibpMenuItem.DropDownItems.Add(hibpExcludeMenuItem);
             }
+
+            var m_menuFind = Host.MainWindow.MainMenu.Items.Find("m_menuFind", true);
+
+            if (m_menuFind.Length > 0)
+            {
+                var findMenu = m_menuFind[0] as ToolStripMenuItem;
+
+                findMenu.DropDownItems.Add(new ToolStripSeparator());
+
+                var findPwnedItem = new ToolStripMenuItem("Pwned Passwords");
+                findPwnedItem.Click += new EventHandler(prov.OnMenuFindPwned);
+                findMenu.DropDownItems.Add(findPwnedItem);
+            }
         }
 
         private static string GetDefaultFileName()

diff --git a/HIBPOfflineCheck/HIBPOfflineColumnProv.cs b/HIBPOfflineCheck/HIBPOfflineColumnProv.cs
@@ -13,6 +13,7 @@
 using KeePassLib.Security;
 using System.Net;
 using KeePassLib.Collections;
+using KeePassLib.Delegates;
 
 namespace HIBPOfflineCheck
 {
@@ -404,15 +405,13 @@ public void ClearAll()
                 return;
 
             DialogResult dialog = MessageBox.Show("This will remove the HIBP status for all entries in the database. Continue?",
-                String.Empty, MessageBoxButtons.OKCancel, MessageBoxIcon.Question);
+                string.Empty, MessageBoxButtons.OKCancel, MessageBoxIcon.Question);
 
             if (dialog == DialogResult.Cancel)
                 return;
 
             bulkCheck = true;
 
-            MainForm mainForm = Host.MainWindow;
-
             PwObjectList<PwEntry> allEntries = new PwObjectList<PwEntry>();
             Host.Database.RootGroup.SearchEntries(SearchParameters.None, allEntries);
 
@@ -429,6 +428,33 @@ public void ClearAll()
             UpdateUI();
         }
 
+        public void OnMenuFindPwned(object sender, EventArgs e)
+        {
+            PwGroup pgResults = new PwGroup(true, true, string.Empty, PwIcon.List)
+            {
+                IsVirtual = true
+            };
+
+            Host.Database.RootGroup.TraverseTree(TraversalMethod.PreOrder, null, delegate(PwEntry pe)
+            {
+                var status = GetCurrentStatus(pe);
+                if (status != null && status.StartsWith(PluginOptions.InsecureText))
+                {
+                    pgResults.AddEntry(pe, false, false);
+                }
+
+                return true;
+            });
+
+            var sp = new SearchParameters
+            {
+                RespectEntrySearchingDisabled = true
+            };
+
+            MainForm mainForm = HIBPOfflineCheckExt.Host.MainWindow;
+            mainForm.UpdateUI(false, null, false, null, true, pgResults, false);
+        }
+
         public async void OnMenuHIBP(object sender, EventArgs e)
         {
             bulkCheck = true;

diff --git a/HIBPOfflineCheck/Properties/AssemblyInfo.cs b/HIBPOfflineCheck/Properties/AssemblyInfo.cs
@@ -32,5 +32,5 @@
 // You can specify all the values or you can default the Build and Revision Numbers
 // by using the '*' as shown below:
 // [assembly: AssemblyVersion("1.0.*")]
-[assembly: AssemblyVersion("1.7.4.0")]
-[assembly: AssemblyFileVersion("1.7.4.0")]
+[assembly: AssemblyVersion("1.7.5.0")]
+[assembly: AssemblyFileVersion("1.7.5.0")]
diff --git a/readme.md b/readme.md
@@ -80,6 +80,12 @@ To check all the passwords in the database:
 
 Newly created and updated entries are automatically checked. There is also an option to display a warning after creating an insecure password. 
 
+### Find all pwned passwords
+
+To view all your insecure passwords, use the Find menu (it will only display passwords which have been checked, so make sure to check all first):
+
+`Find -> Pwned Passwords`
+
 ### Bloom filter
 
 A [Bloom filter](https://en.wikipedia.org/wiki/Bloom_filter) allows you to save disk space by not having to store the HIBP passwords file on your drive. Instead, a generated file (currently under 1GB in size) would be loaded, providing an accuracy of 99.9% for password checking. Only about 1/1000 Secure passwords would be false positives, showing up as Pwned. Pwned passwords will *never* show up as Secure.

diff --git a/version.txt b/version.txt
@@ -1,3 +1,3 @@
 :
-HIBPOfflineCheck:1.7.4.0
+HIBPOfflineCheck:1.7.5.0
 :