2023-07-29 10:34:04 +02:00
|
|
|
*check-password.ps1*
|
|
|
|
================
|
2023-05-26 12:20:18 +02:00
|
|
|
|
|
|
|
This PowerShell script checks the security status of the given password by haveibeenpwned.com
|
|
|
|
|
2023-07-29 10:04:38 +02:00
|
|
|
Parameters
|
|
|
|
----------
|
2023-05-26 12:20:18 +02:00
|
|
|
```powershell
|
2023-07-29 10:15:44 +02:00
|
|
|
PS> ./check-password.ps1 [[-password] <String>] [<CommonParameters>]
|
2023-05-26 12:20:18 +02:00
|
|
|
|
|
|
|
-password <String>
|
|
|
|
|
|
|
|
Required? false
|
|
|
|
Position? 1
|
|
|
|
Default value
|
|
|
|
Accept pipeline input? false
|
|
|
|
Accept wildcard characters? false
|
|
|
|
|
|
|
|
[<CommonParameters>]
|
|
|
|
This script supports the common parameters: Verbose, Debug, ErrorAction, ErrorVariable, WarningAction,
|
|
|
|
WarningVariable, OutBuffer, PipelineVariable, and OutVariable.
|
|
|
|
```
|
|
|
|
|
2023-07-29 10:04:38 +02:00
|
|
|
Example
|
|
|
|
-------
|
2023-05-26 12:20:18 +02:00
|
|
|
```powershell
|
|
|
|
PS> ./check-password qwerty
|
|
|
|
⚠️ Bad password, it's already listed in 10584568 known security breaches!
|
|
|
|
|
|
|
|
```
|
|
|
|
|
2023-07-29 10:04:38 +02:00
|
|
|
Notes
|
|
|
|
-----
|
2023-05-26 12:20:18 +02:00
|
|
|
Author: Markus Fleschutz | License: CC0
|
|
|
|
|
2023-07-29 10:04:38 +02:00
|
|
|
Related Links
|
|
|
|
-------------
|
2023-05-26 12:20:18 +02:00
|
|
|
https://github.com/fleschutz/PowerShell
|
|
|
|
|
2023-07-29 10:04:38 +02:00
|
|
|
Script Content
|
|
|
|
--------------
|
2023-05-26 12:20:18 +02:00
|
|
|
```powershell
|
|
|
|
<#
|
|
|
|
.SYNOPSIS
|
|
|
|
Checks a password
|
|
|
|
.DESCRIPTION
|
|
|
|
This PowerShell script checks the security status of the given password by haveibeenpwned.com
|
|
|
|
.EXAMPLE
|
|
|
|
PS> ./check-password qwerty
|
|
|
|
⚠️ Bad password, it's already listed in 10584568 known security breaches!
|
|
|
|
.LINK
|
|
|
|
https://github.com/fleschutz/PowerShell
|
|
|
|
.NOTES
|
|
|
|
Author: Markus Fleschutz | License: CC0
|
|
|
|
#>
|
|
|
|
|
|
|
|
param([string]$password = "")
|
|
|
|
|
|
|
|
function CalculateHashSHA1 ([string]$string) {
|
|
|
|
$sha1 = New-Object System.Security.Cryptography.SHA1CryptoServiceProvider
|
|
|
|
$encoder = New-Object System.Text.UTF8Encoding
|
|
|
|
$bytes = $encoder.GetBytes($string)
|
|
|
|
$hash = ($sha1.ComputeHash($bytes) | % { $_.ToString("X2") }) -join ''
|
|
|
|
return $hash
|
|
|
|
}
|
|
|
|
|
|
|
|
function Get-PasswordPwnCount { [CmdletBinding()] param([string]$pass)
|
|
|
|
$hash = CalculateHashSHA1 $pass
|
|
|
|
try {
|
|
|
|
$uri = "https://api.pwnedpasswords.com/range/$($hash.Substring(0,5))"
|
|
|
|
$list = -split (Invoke-RestMethod $uri -Verbose:($PSBoundParameters['Verbose'] -eq $true) -ErrorAction Stop) # split into separate strings
|
|
|
|
$pwn = $list | Select-String $hash.Substring(5,35) # grep
|
|
|
|
if ($pwn) { $count = [int] ($pwn.ToString().Split(':')[1]) } else { $count = 0 }
|
|
|
|
return $count
|
|
|
|
}
|
|
|
|
catch {
|
|
|
|
Write-Error "Error Calling HIBP API"
|
|
|
|
return $null
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
try {
|
|
|
|
if ($password -eq "") { $password = Read-Host "Enter the password" }
|
|
|
|
$NumBreaches = Get-PasswordPwnCount $password
|
|
|
|
if ($NumBreaches -eq 0) {
|
|
|
|
"👍 Password seems good, it's not listed in any known security breach (as of today)"
|
|
|
|
} else {
|
|
|
|
"⚠️ Bad password, it's listed already in $NumBreaches known security breaches!"
|
|
|
|
}
|
|
|
|
exit 0 # success
|
|
|
|
} catch {
|
|
|
|
"⚠️ Error in line $($_.InvocationInfo.ScriptLineNumber): $($Error[0])"
|
|
|
|
exit 1
|
|
|
|
}
|
|
|
|
```
|
|
|
|
|
2023-07-29 10:34:04 +02:00
|
|
|
*(generated by convert-ps2md.ps1 using the comment-based help of check-password.ps1 as of 07/29/2023 10:33:43)*
|