1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495 |
- #include <ctype.h>
- #include "curl.h"
- #include "sha.h"
- // https://haveibeenpwned.com/API/v2#SearchingPwnedPasswordsByRange
- #define HASH_PREFIX_LENGTH 5
- #define HASH_SUFFIX_LENGTH 35
- #define BASEURL "https://api.pwnedpasswords.com/range/"
- #define BASEURL_SIZE (sizeof BASEURL)
- #define URL_SIZE (BASEURL_SIZE + HASH_PREFIX_LENGTH)
- #define NUMBER_SIZE 20
- char *getURL(const char* hash) {
- char *url = malloc(URL_SIZE);
- if (url == NULL) return NULL;
- snprintf(url, URL_SIZE, "%s%s", BASEURL, hash);
- return url;
- }
- char *getNumber(char *text) {
- char *part = strchr(text, ':');
- if (part == NULL) return NULL;
- char *number = malloc(NUMBER_SIZE);
- snprintf(number, NUMBER_SIZE, "%s", part+1);
- return number;
- }
- char *findSuffix(const char *suffix, char *data) {
- char *token = strtok(data, "\n");
- while (token != NULL) {
- if (strncmp(token, suffix, HASH_SUFFIX_LENGTH) == 0) {
- return token;
- }
- token = strtok(NULL, "\n");
- }
- return NULL;
- }
- void usage(const char *app) {
- printf("Usage:\n%s <password>\n", app);
- }
- int main(int argc, char **argv) {
- if (argc < 2) {
- usage(argv[0]);
- return 1;
- }
- char *hash = getHash(argv[1]);
- if (hash == NULL) {
- puts("Couldn't get hash!");
- return 1;
- }
- char *url = getURL(hash);
- if (url == NULL) {
- puts("Couldn't get URL!");
- return 1;
- }
- char *data = getData(url);
- if (data == NULL) {
- puts("Couldn't get data from the API!");
- return 1;
- }
- free(url);
- char *suffix = findSuffix(hash+HASH_PREFIX_LENGTH, data);
- if (suffix == NULL) {
- puts("Password not pwned!");
- return 1;
- }
- char *number = getNumber(suffix);
- if (number == NULL) {
- puts("Hash found, but can't obtain the number!");
- return 1;
- }
- printf("This is how many times your password was pwned: %s\n", number);
- free(hash);
- free(data);
- free(number);
- }
|