#!/usr/bin/env python # have_I_b33n_pwned.py # Check if your password (hash) appears in the leaked password database # of haveibeenpwned.com # # Copyright (C) 2019 willipink.eu # Author Moritz Münch moritzmuench@mailbox.org # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . # updater script for nextcloud # # TODO # - add feature: also check for email breaches # - add feature: keepass integration? isnt there something like this already? from sys import argv, stdout from hashlib import sha1 from getpass import getpass from requests import get RED = "\033[1;31m" GREEN = "\033[0;32m" RESET = "\033[0;0m" API = 'https://api.pwnedpasswords.com/range/' ROW = '{:<30}{:<10}{:<45}' HIDDEN = False def header(): print() print(ROW.format('password', 'leaked', 'sha1')) print('-' * 80) def prompt_password(): print() password = getpass('Tell me your password: ') global HIDDEN HIDDEN = True header() query(password) def query(password): password_hash = sha1(password.encode('UTF-8')).hexdigest().upper() request = password_hash[:5] response = get(API + request).text hash_searched = 'not yet' for answer in response.splitlines(): data = answer.split(':') combined_hash = request + data[0] if password_hash == combined_hash: hash_searched = int(data[1]) break if hash_searched == 'not yet': stdout.write(GREEN) else: stdout.write(RED) if HIDDEN: password = '*' * len(password) print(ROW.format(password, hash_searched, password_hash)) stdout.write(RESET) if HIDDEN: prompt_password() if __name__ == '__main__': if len(argv) < 2: prompt_password() else: header() for password in argv[1:]: query(password) print() exit(0)