From bb98e14450bac6f4a86a8509cbc400c9cbd0ec67 Mon Sep 17 00:00:00 2001 From: moritz Date: Wed, 29 May 2019 11:41:04 +0200 Subject: [PATCH] Delete 'have_I_b33n_pwned.py' --- have_I_b33n_pwned.py | 93 -------------------------------------------- 1 file changed, 93 deletions(-) delete mode 100755 have_I_b33n_pwned.py diff --git a/have_I_b33n_pwned.py b/have_I_b33n_pwned.py deleted file mode 100755 index 5f598ad..0000000 --- a/have_I_b33n_pwned.py +++ /dev/null @@ -1,93 +0,0 @@ -#!/usr/bin/env python - -# have_I_b33n_pwned.py -# Check if your password (hash) appears in the leaked password database -# of haveibeenpwned.com -# -# Copyright (C) 2019 willipink.eu -# Author Moritz Münch moritzmuench@mailbox.org -# -# This program is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see . -# updater script for nextcloud -# -# TODO -# - add feature: also check for email breaches -# - add feature: keepass integration? isnt there something like this already? - - - -from sys import argv, stdout -from hashlib import sha1 -from getpass import getpass -from requests import get - -RED = "\033[1;31m" -GREEN = "\033[0;32m" -RESET = "\033[0;0m" -API = 'https://api.pwnedpasswords.com/range/' -ROW = '{:<30}{:<10}{:<45}' -HIDDEN = False - - -def header(): - print() - print(ROW.format('password', 'leaked', 'sha1')) - print('-' * 80) - - -def prompt_password(): - print() - password = getpass('Tell me your password: ') - global HIDDEN - HIDDEN = True - header() - query(password) - - -def query(password): - password_hash = sha1(password.encode('UTF-8')).hexdigest().upper() - request = password_hash[:5] - response = get(API + request).text - hash_searched = 'not yet' - for answer in response.splitlines(): - data = answer.split(':') - combined_hash = request + data[0] - if password_hash == combined_hash: - hash_searched = int(data[1]) - break - - if hash_searched == 'not yet': - stdout.write(GREEN) - else: - stdout.write(RED) - - if HIDDEN: - password = '*' * len(password) - - print(ROW.format(password, hash_searched, password_hash)) - stdout.write(RESET) - - if HIDDEN: - prompt_password() - - -if __name__ == '__main__': - if len(argv) < 2: - prompt_password() - else: - header() - for password in argv[1:]: - query(password) - print() - exit(0)