Search through Pwned Passwords with PowerShell

Troy Hunt recently released over 300 million SHA1 hashes of passwords that his Have I Been Pwned website has been collecting. The site allows you to search the database to see if your passwords are included in those from many data dumps and breaches. However, putting a valid password into a third party website, even one that’s claiming to do good things (and I’m sure it is) is a bad idea. The roughly 6GB of downloads allow you to search the cache of passwords yourself, on your own machine, which is much safer.

Loading these files into an editor to use the search function is not going to be easy though, so I wrote a script to search the file piece by piece.

AT the moment there are three files, and I concatenated them using the Windows copy command and the /b switch:

copy file1.txt+file2.txt+file3.txt output.txt

How it works

This PowerShell script takes two parameters: The path to the password file, and the password to search for. It converts the password into a SHA1 hash, and then searches the file looking for that hash. It’s not fast, but does give you a very rough progress bar. Use an SSD, a fast processor (with turbo capability) and if you’re going to do multiple searches, more RAM than the size of the hashes text file plus plenty of room for your OS (Windows will cache the entire file in RAM if it can). The script reports if it’s found the hash of your password or not – you can test it with a password like qwerty or 123456 just to check as these are both in there.

Usage

Save the file, and specify the parameters on the command line:
.\SearchPwned.ps1 -PassFile = C:\users\me\documents\pwned-passwords.txt -Password “MySecretPassword”

Script

param([Parameter(Mandatory=$true)][string]$PassFile,[Parameter(Mandatory=$true)][string]$Password)

$StringBuilder = New-Object System.Text.StringBuilder 
[System.Security.Cryptography.HashAlgorithm]::Create("SHA1").ComputeHash([System.Text.Encoding]::UTF8.GetBytes($Password)) | foreach{
    [Void]$StringBuilder.Append($_.ToString("x2")) 
} 
$Hash = $StringBuilder.ToString() 
Write-Host "Searching for $Hash" -ForegroundColor Gray

# Do some rough maths to give an idea of progress
$FileSize = (Get-ChildItem -Path $PassFile).Length
$HashSize = $Hash.Length
$ChunkSize = 2000
$ChunkLength = $HashSize * $ChunkSize

$Found = $false
Get-Content -Path $PassFile -ReadCount $ChunkSize | foreach{
    $ChunkLengthRead = $ChunkLengthRead + $ChunkLength
    Write-Progress -Activity "Searching" -PercentComplete ($ChunkLengthRead/$FileSize*100)
    if($_ -match $Hash){
        $Found = $true
        return
    }
}
Write-Progress -Activity "Searching" -Completed

if($Found){
    Write-Host "Found" -ForegroundColor Red
}else{
    Write-Host "Not Found" -ForegroundColor Green
}
Advertisements
This entry was posted in PowerShell, Security and tagged , , , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s