我发现了一个名为pwnedpasswords的网站,您显然可以在其中检查密码的sha1哈希是否已泄漏到某处。因此,我制作了一个脚本来自动执行该过程,这是我的脚本:
#!/bin/bash
read -s -p "Input your password: " your_pw
echo
your_hash=$(printf "$your_pw"|sha1sum|tr '[:lower:]' '[:upper:]'|head -c40)
hash_head=$(printf "$your_hash"|head -c5)
hash_tail=$(printf "$your_hash"|tail -c35)
pwned_count=$(curl https://api.pwnedpasswords.com/range/${hash_head} 2> /dev/null|grep "${hash_tail}"|awk -F ':' '{print $2}')
echo "Your password has been pwned ${your_pw} times"
echo "Your password has been pwned ${pwned_count} times"
我将其用作测试密码1,这是输出:
[me@my_compuuter aaa8]$ ./was_your_password_pwned.sh
Input your password:
Your password has been pwned 1 times
timesassword has been pwned 197972
请注意,当我echo "Your password has been pwned ${your_pw} times" 给我正确的格式时($ your_pw只是密码本身),但是当我echo "Your password has been pwned ${pwned_count} times"给我这种奇怪的格式时,它会times从末尾开始,并以某种方式在开始时与之重叠...我不知道这是怎么回事...
有人能弄清楚吗?
该站点返回的列表的行以终止CR/LF。A CR(\r)将插入号/光标移动到行的开头:
printf 'good \r times'
times
本文收集自互联网,转载请注明来源。
如有侵权,请联系[email protected] 删除。
我来说两句