ispwned

Query pwnedpasswords.com API from CLI

Warning:

Command line input or potentially thrown errors 
are likely to be saved in log files.

Calculates the SHA1 hash of a string (password) and queries pwnedpassword.com using the first five characters of the hash.

The script will then check whether the string of remaining 35 chracters of the password hash are within the server response.

Usage:

Code below will ask you for a password to test. The input will be collected using getpass

$ python ispwnd.py

Example:

$ python ispwned.py
Password: jenniferlopez

Output:

first_5  next_35                                is_in_database
535b3    babd831ddf0fc043d4e69bf614dfcaed792    True

Response:

True - compromised (potentially vulnerable to dict attack - change pw)
False - not in database (save from dict attack)
None - script or server side error

Author: Erkan Demiralay

License: MIT

comes with taco flavored kisses

References:

https://www.troyhunt.com/ive-just-launched-pwned-passwords-version-2/

https://docs.python.org/3.7/library/getpass.html

Also Interesting:

lionheart/pwnedpasswords

DanielVeldkamp/PwnedPasswordsChecker

Name		Name	Last commit message	Last commit date
Latest commit History 11 Commits
LICENSE		LICENSE
README.md		README.md
ispwned.py		ispwned.py

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

ispwned

Usage:

References:

Also Interesting:

About

Releases

Packages

Languages

License

erkandem/ispwned

Folders and files

Latest commit

History

Repository files navigation

ispwned

Usage:

References:

Also Interesting:

About

Topics

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages