-
Notifications
You must be signed in to change notification settings - Fork 0
/
checkmypass.py
71 lines (52 loc) · 2.21 KB
/
checkmypass.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
import requests
import hashlib
# take passowrds from the txt file, each passowrd should be in seperate line
with open('password_file_name.txt', mode="r", encoding='UTF-8') as my_password:
passwords = my_password.readlines()
# make request to pwned
def request_api_data(query_char):
url = 'https://api.pwnedpasswords.com/range/' + query_char
res = requests.get(url)
if res.status_code != 200:
raise RuntimeError(
f'Error fetching:{res.status_code}, check the api and try again.')
return res
'''check if there is any match for the tails from the data that is requested from pwned,
return the number of leaking if there is a match
hashes = all responses, hash_to_check = tail'''
def get_password_leak_count(hashes, hash_to_check):
hashes = (line.split(':') for line in hashes.text.splitlines())
for h, count in hashes:
if h == hash_to_check:
return count
return 0 # return 0 if no match
# check if part of the password exists in the API response
# convert password to sha1 form first
def pwned_api_check(password):
sha1password = hashlib.sha1(password.encode('utf-8')).hexdigest().upper()
first5_cha, tail = sha1password[:5], sha1password[5:]
# only return the rest of the shalpssword besides frist5_cha, aka tail
response = request_api_data(first5_cha)
return get_password_leak_count(response, tail)
def main(passwords):
for password in passwords:
count = pwned_api_check(password)
if count:
print(
f'{password} was found {count} times....you should change your password')
else:
print(f'{password} was Not found. Carry on!')
return "checked"
main(passwords)
'''code below is for taking arguments from terminal directly
import sys library if using the code below'''
# def main(args):
# for password in args:
# count = pwned_api_check(password)
# if count:
# print(f'{password} was found {count} times....you should change your password')
# else:
# print(f'{password} was Not found. Carry on!' )
# return "checked"
# main(sys.argv[1:])
# '''