Skip to content

Instantly share code, notes, and snippets.

@qoomon
Last active October 5, 2024 15:39
Show Gist options
  • Save qoomon/17ac72a2c90bb85b89c883ce7dac5724 to your computer and use it in GitHub Desktop.
Save qoomon/17ac72a2c90bb85b89c883ce7dac5724 to your computer and use it in GitHub Desktop.
Have I been pwned! Script to check your password against https://haveibeenpwned.com/
#!/usr/bin/env sh
set -e
color_red=$'\e[1;31m'
color_green=$'\e[1;32m'
color_reset=$'\e[0m'
########################### Usage ##############################################
#
# password prompt 'hibp'
# or
# pipe password 'echo $PASSWORD | hibp'
#
################################################################################
if [[ -t 0 ]]; then
echo -n 'Password:'
read -s password
echo -en "\r\033[K"
else
read -s password
fi
password_sha1="$(echo -n $password | shasum | cut -d' ' -f1 | tr a-z A-Z)"
if (curl -Ns "https://api.pwnedpasswords.com/range/${password_sha1:0:5}" \
| grep -q "${password_sha1:5}"); then
echo "${color_red}Oh no — pwned!${color_reset}"
return 0
else
echo "${color_green}Good news — no pwnage found!${color_reset}"
return 1
fi
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment