Check your online security.
| #!/bin/bash | |
| account=$1 | |
| detail=$2 | |
| uea=$(python -c "import urllib;print urllib.quote(raw_input())" <<< "$account") | |
| json=$(curl -s https://haveibeenpwned.com/api/v2/breachedaccount/$uea) | |
| if [ "$detail" != "detail" ] | |
| then | |
| REDBOLD='\033[1;31m' | |
| NC='\033[0m' | |
| name_list=$(echo $json | grep -Po "Name.:.*?," | cut -c 8- | sed "s/\",//") | |
| printf "${REDBOLD}found $(echo "$name_list" | wc -l) breaches${NC}\n" | |
| echo "$name_list" | |
| else | |
| echo "$json" | jq . | |
| fi |
| #!/bin/bash | |
| sha1=$(echo -n $1 | sha1sum) | |
| sha1_f5=$(echo -n $sha1 | grep -Po "^.{5}") | |
| sha1_sf=$(echo -n $sha1 | cut -c 6-) | |
| out="$(curl -s https://api.pwnedpasswords.com/range/$sha1_f5)" | |
| echo "$out" | grep -i $sha1_sf |
| <1> | |
| Usage: breach_check.sh <account> [detail] | |
| e.g. | |
| > ./breach_check.sh tom@facebook.com | |
| found 6 breaches | |
| BinWeevils | |
| Edmodo | |
| Evony | |
| OnlinerSpambot | |
| RiverCityMedia | |
| YouveBeenScraped | |
| > ./breach_check.sh tom@facebook.com detail | |
| [ | |
| { | |
| "Name": "BinWeevils", | |
| "Title": "Bin Weevils", | |
| "Domain": "binweevils.com", | |
| "BreachDate": "2014-09-01", | |
| "AddedDate": "2017-08-18T07:10:57Z", | |
| "ModifiedDate": "2017-08-18T07:10:57Z", | |
| "PwnCount": 1287073, | |
| ...TRUNCATED | |
| -- | |
| <2> | |
| Usage: pwned_check.sh <password> | |
| e.g. | |
| > ./pwned_check.sh test123 | |
| DD0FC3FFCBE93A0CF06E3568E28521687BC:96105 | |
| The api only needs first 5 characters of the password hash, so, your plain text password or its full hash never leaves your system. | |
| Output is the suffix of the hash if full hash matches one of the entries returned by the api, followed by the count. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment