Last active
June 12, 2021 20:13
-
-
Save riscie/4115f6a00cf1e03395778e8ec1119425 to your computer and use it in GitHub Desktop.
script to locally check if your password has been breached using haveibeenpwned.com hashes #bash
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# description script to locally check if your password has been breached using haveibeenpwned.com hashes | |
# usage bash mkscript.sh | |
# dependencies bash, 7z, grep, wget | |
#============================================================================== | |
# checking prerequirements | |
sha1HashFile="pwned-passwords-sha1-ordered-by-hash-v5" | |
if ! test -f "$sha1HashFile.txt"; then | |
read -p "Password hashes not found. Download the file now? (y/n)" -n 1 -r | |
echo | |
if [[ $REPLY =~ ^[Yy]$ ]]; then | |
echo Downloading sha1 hashes ... | |
wget https://downloads.pwnedpasswords.com/passwords/pwned-passwords-sha1-ordered-by-hash-v5.7z | |
if ! test -f "$sha1HashFile.7z"; then | |
echo Could not find the downloaded file \("$sha1HashFile".7z\). Aborting. | |
exit 1 | |
fi | |
echo Extracting sha1 hashes from 7z ... | |
7z x "$sha1HashFile".7z | |
if ! test -f "$sha1HashFile.txt"; then | |
echo Unable to find the extracted txt file \("$sha1HashFile".txt\). Aborting. | |
exit 1 | |
fi | |
fi | |
fi | |
# reading Password and checking if the hash exists within the breaches | |
echo -n "Enter the password you would like to check: " | |
read -s -r password | |
echo | |
sha1=$(echo -n "$password" | sha1sum | awk '{print $1}' | tr '[:lower:]' '[:upper:]') | |
echo "Checking if the password hash is in the list..." | |
if grep -q "$sha1" "$sha1HashFile".txt | |
then | |
echo !! THIS PASSWORD WAS PART OF A BREACH. CHANGE IT EVERYWHERE YOU USE IT AND DON\'T USE IT AGAIN. | |
else | |
echo Password NOT found | |
fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment