This repository was archived by the owner on Nov 1, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 6
Expand file tree
/
Copy pathkdbxpasswordpwned.py
More file actions
executable file
·51 lines (41 loc) · 1.55 KB
/
kdbxpasswordpwned.py
File metadata and controls
executable file
·51 lines (41 loc) · 1.55 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
#!/usr/bin/env python
import pykeepass
import requests
import hashlib
import argparse
import getpass
def build_parser():
parser = argparse.ArgumentParser(description='')
parser.add_argument('kdbx',
help='keepass file')
parser.add_argument('-k', '--keyfile', help='Keyfile if needed')
parser.add_argument('-u', '--show-user', action='store_true',
help='show username for found entries')
parser.add_argument('-p', '--show-password', action='store_true',
help='show password for found entries (high shoulders?)')
return parser
def check_hash(password):
password = password.encode('utf-8')
h = hashlib.sha1(password).hexdigest().upper()
hh = h[5:]
for l in requests.get('https://api.pwnedpasswords.com/range/' + h[:5]).content.decode().splitlines():
ll = l.split(':')
if hh == ll[0]:
return int(ll[1])
return 0
def main(args=None):
opt = build_parser().parse_args(args)
with pykeepass.PyKeePass(opt.kdbx, password=getpass.getpass(), keyfile=opt.keyfile) as kdb:
for entry in kdb.entries:
if not entry.password:
continue
r = check_hash(entry.password)
if r > 0:
m = 'Password for %s seen %d times before' % (entry.title, r)
if opt.show_user:
m += ' - %s' % entry.username
if opt.show_password:
m += ' - %s' % entry.password
print(m)
if __name__ == '__main__':
main()