Skip to content

Instantly share code, notes, and snippets.

@manasmbellani
Last active October 15, 2021 03:30
Show Gist options
  • Save manasmbellani/e90587f8edc5a4a1bd87a492977d4176 to your computer and use it in GitHub Desktop.
Save manasmbellani/e90587f8edc5a4a1bd87a492977d4176 to your computer and use it in GitHub Desktop.
Scripts get details of breaches and breached accounts using 'Have I Been Pwned' API
#!/bin/bash
DELIM="|"
OUT_FILE="out-hibp-breach-details.txt"
USER_AGENT="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36"
HIBP_ENDPOINT="https://haveibeenpwned.com/api/v3"
SLEEP_INTERVAL=3
CURL_TIMEOUT=6
USAGE="[-]
Syntax:
$0 <breaches_list/breaches_file> [hibp_api_key=$HIBP_KEY] [sleep_interval=$SLEEP_INTERVAL] [out_file=$OUT_FILE]
Description:
Get details of breaches using 'Have I Been Pwned' API
Args:
breaches_list/breaches_file: List of breaches separated by comma OR file with breaches list.
hibp_key: Have I Been Pwned key. Defaults to env var value of \$HIBP_KEY
sleep_interval: Number of secs to sleep between username checks. Defaults, $SLEEP_INTERVAL.
out_file: Output file where to write data. Default, $OUT_FILE
Examples:
To get details of each breachs, VK:
$0 VK \$HIBP_KEY
To get a list of breaches for breaches in file, breaches.txt:
$0 breaches.txt \$HIBP_KEY
To get a list of breaches in file, breaches.txt, and key abcdefghijklmnopqrstuvwxyz:
$0 breaches.txt abcdefghijklmnopqrstuvwxyz
"
if [ $# -lt 1 ]; then
echo "$USAGE"
exit 1
fi
breaches_list="$1"
hibp_api_key=${2:-"$HIBP_KEY"}
sleep_interval=${3:-"$SLEEP_INTERVAL"}
out_file=${4:-"$OUT_FILE"}
echo "[*] Checking if HIBP Key is specified..."
if [ -z "$hibp_api_key" ]; then
echo "[-] HIBP API Key not specified."
exit 1
fi
echo "[*] Reading breaches list..."
if [ -f "$breaches_list" ]; then
echo "[*] Reading breaches from file: $breaches_list..."
breaches=$(cat "$breaches_list")
else
echo "[*] Parsing breaches list as-is..."
breaches=$(echo "$breaches_list" | tr -s "," "\n")
fi
num_breaches=$(echo "$breaches" | wc -l)
echo "[*] Number of breaches found: $num_breaches"
echo "[*] Removing output file: $out_file if it exists..."
[ -f "$out_file" ] && rm "$out_file"
echo "[*] Running checks in HIBP for each breaches..."
IFS=$'\n'
for breach in $breaches; do
hibp_output=""
i=$(($i + 1))
echo "[*] $i/$num_breaches: Getting breach data for breach: $breach..."
hibp_output=$(curl -m "$CURL_TIMEOUT" --http1.1 -s -k -H "hibp-api-key: $HIBP_KEY" -A "$USER_AGENT" "$HIBP_ENDPOINT/breach/$breach")
echo "[*] $i/$num_breaches: Writing breach info for $breach to $out_file..."
echo "$breach$DELIM$hibp_output" >> "$out_file"
echo "[*] $i/$num_breaches: Sleeping for $sleep_interval seconds..."
sleep $sleep_interval
done
#!/bin/bash
DELIM="|"
OUT_FILE="out-hibp-username-details.txt"
USER_AGENT="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36"
HIBP_ENDPOINT="https://haveibeenpwned.com/api/v3"
SLEEP_INTERVAL=3
CURL_TIMEOUT=6
USAGE="[-]
Syntax:
$0 <usernames_list/usernames_file> [hibp_api_key=$HIBP_KEY] [sleep_interval=$SLEEP_INTERVAL] [out_file=$OUT_FILE]
Description:
Get list of breaches where the compromised account appears using 'Have I Been Pwned' API
Args:
usernames_list/usernames_file: List of usernames separated by comma OR file with usernames list.
hibp_key: Have I Been Pwned key. Defaults to env var value of \$HIBP_KEY
sleep_interval: Number of secs to sleep between username checks. Defaults, $SLEEP_INTERVAL.
out_file: Output file where to write data. Default, $OUT_FILE
Examples:
To get a list of breaches for username, tony:
$0 tony \$HIBP_KEY
To get a list of breaches for usernames in file, usernames.txt:
$0 usernames.txt \$HIBP_KEY
To get a list of breaches for usernames in file, usernames.txt, and key abcdefghijklmnopqrstuvwxyz:
$0 usernames.txt abcdefghijklmnopqrstuvwxyz
"
if [ $# -lt 1 ]; then
echo "$USAGE"
exit 1
fi
usernames_list="$1"
hibp_api_key=${2:-"$HIBP_KEY"}
sleep_interval=${3:-"$SLEEP_INTERVAL"}
out_file=${4:-"$OUT_FILE"}
echo "[*] Checking if HIBP Key is specified..."
if [ -z "$hibp_api_key" ]; then
echo "[-] HIBP API Key not specified."
exit 1
fi
echo "[*] Reading usernames list..."
if [ -f "$usernames_list" ]; then
echo "[*] Reading usernames from file: $usernames_list..."
usernames=$(cat "$usernames_list")
else
echo "[*] Parsing usernames list as-is..."
usernames=$(echo "$usernames_list" | tr -s "," "\n")
fi
num_usernames=$(echo "$usernames" | wc -l)
echo "[*] Number of usernames found: $num_usernames"
echo "[*] Removing output file: $out_file if it exists..."
[ -f "$out_file" ] && rm "$out_file"
echo "[*] Running checks in HIBP for each username..."
IFS=$'\n'
for username in $usernames; do
breach_info=""; hibp_output=""
i=$(($i + 1))
echo "[*] $i/$num_usernames: Getting breach data for username: $username..."
hibp_output=$(curl -m "$CURL_TIMEOUT" --http1.1 -s -k -H "hibp-api-key: $HIBP_KEY" -A "$USER_AGENT" "$HIBP_ENDPOINT/breachedaccount/$username")
echo "[*] $i/$num_usernames: Parsing breach names for username: $username..."
breach_info=$(echo "$hibp_output" | grep -ioE '"Name"\s*:\s*"[^"]+' | cut -d'"' -f4 | tr -s "\n" ";")
echo "[*] $i/$num_usernames: Writing breach info for $username to $out_file..."
echo "$username$DELIM$breach_info" >> "$out_file"
echo "[*] $i/$num_usernames: Sleeping for $sleep_interval s..."
sleep $sleep_interval
done
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment