|
|
|
|
|
|
by Yetanfou
2197 days ago
|
|
|
This works, it doesn't send the password or hash to the server: #!/bin/bash
baseurl="https://api.pwnedpasswords.com/range/"
read -s pass
hash=$(echo -n "$pass"|sha1sum)
hashhead=${hash:0:5}
hashtail=${hash:5:35}
curl -s ${baseurl}/${hashhead}|grep ${hashtail^^}
It'll dump the hash and the number of times the given password was found. If the password is not found it won't return anything. |
|
|