blob: 6c28d09060d503b56d7af1387099ffebcfbcc110 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
|
#!/usr/bin/env python3
import hashlib
import sys
try:
import requests
except ModuleNotFoundError:
print("### pip install requests ###")
raise
def lookup_pwned_api(pwd):
"""Returns hash and number of times password was seen in pwned database.
Args:
pwd: password to check
Returns:
A (sha1, count) tuple where sha1 is SHA-1 hash of pwd and count is number
of times the password was seen in the pwned database. count equal zero
indicates that password has not been found.
Raises:
RuntimeError: if there was an error trying to fetch data from pwned
database.
UnicodeError: if there was an error UTF_encoding the password.
"""
sha1pwd = hashlib.sha1(pwd.encode('utf-8')).hexdigest().upper()
head, tail = sha1pwd[:5], sha1pwd[5:]
url = 'https://api.pwnedpasswords.com/range/' + head
res = requests.get(url)
if not res.ok:
raise RuntimeError('Error fetching "{}": {}'.format(
url, res.status_code))
hashes = (line.split(':') for line in res.text.splitlines())
count = next((int(count) for t, count in hashes if t == tail), 0)
return sha1pwd, count
def main(args):
ec = 0
for pwd in args or sys.stdin:
pwd = pwd.strip()
try:
sha1pwd, count = lookup_pwned_api(pwd)
except UnicodeError:
errormsg = sys.exc_info()[1]
print("{0} could not be checked: {1}".format(pwd, errormsg))
ec = 1
continue
if count:
foundmsg = "{0} was found with {1} occurrences (hash: {2})"
print(foundmsg.format(pwd, count, sha1pwd))
ec = 1
else:
print("{} was not found".format(pwd))
return ec
if __name__ == '__main__':
sys.exit(main(sys.argv[1:]))
|
