Кстати, хэшики утёкших паролей за прошлый год можно скачать целиком локально:
https://haveibeenpwned.com/Passwords
Вот так проверяем, есть ли там ваш пароль:
grep -i ^`echo -n "password" | sha1sum | awk '{ print $1 }'` /mnt/d/pwned-passwords-sha1-ordered-by-h ash-v5.txt
Upd.: наваял двоичный поиск по текстовому файлу на петончеге (
python3 CheckPwned.py passwords.txt database.txt
):--- 8< ---
import argparse import hashlib parser = argparse.ArgumentParser(description='Searches passwords in https://haveibeenpwned.com/Passwords database.') parser.add_argument('passwords', metavar='TEST', type=str, help='text file with passwords to test, one per line, utf-8') parser.add_argument('database', metavar='DATABASE', type=str, help='the downloaded text file with sha-1:count') args = parser.parse_args() def search(f: object, pattern: str) -> str: def search(left, right: int) -> str: if left >= right: return None middle = (left + right) // 2 if middle == 0: f.seek(0, 0) test = f.readline() else: f.seek(middle - 1, 0) _ = f.readline() test = f.readline() if test.upper().startswith(pattern): return test elif left == middle: return None elif pattern < test: return search(left, middle) else: return search(middle, right) f.seek(0, 2) return search(0, f.tell()) fsource = open(args.passwords) fdatabase = open(args.database) source_lines = fsource.readlines() for l in source_lines: line = l.strip() hash_object = hashlib.sha1(line.encode("utf-8")) pattern = hash_object.hexdigest().upper() print("%s:%s" % (line, str(search(fdatabase, pattern)).strip())) fsource.close() fdatabase.close()
--- 8< ---