1
0
Fork 0

Add script to dump passwordstore

and enable comments in the check script.
This commit is contained in:
J. Elfring 2023-11-19 21:16:32 +01:00
parent b2907f3bb1
commit 4c9798f1a1
3 changed files with 29 additions and 1 deletions

View file

@ -3,10 +3,13 @@
These are my scripts to the haveibeenpwned.com api.
... To be extended ...
> :fire: **Keep in mind that your passwordlist is highly confidential and you should be
able to delete it securely after finished.**
## checkPasswordList.sh
This script checks a list of passwords against the api and reports whether they hae been compromised.
Lines starting with <space># are considered comments.
The passwords themselfs will NOT be send to the web-api.
haveibeenpwned.com's k-anonymity model is used.
More info can be found here https://haveibeenpwned.com/API/v2#PwnedPasswords
@ -21,3 +24,8 @@ __: Password c60e6754-8abf-4c0f-a7a7-2225da28637f has not been pwned.
__: Password c60e6754-8a f-4c0f-a7a -2225da28637f has not been pwned.
==: 1 of 3 passwords have been pwned.
```
## dumpPasswordstore.sh
Dump the passwords from [passwordstore](https://www.passwordstore.org/) into
a list to be used with checkPasswordList.sh.
The filenames will be masked as comments (see above).

View file

@ -26,7 +26,7 @@ fi
echo "Checking passwords from list $1"
IFS=$'\n'
for p in $(cat < "$pfile"); do
for p in $(grep --invert-match '^ #' $pfile); do
((cPswds++))
## Hash the password, filter non-hashy things (" -" at the end),
## translate to upper for the beauty

20
dumpPasswordstore.sh Executable file
View file

@ -0,0 +1,20 @@
#!/bin/bash
## A script to decrypt and dump the passwords
## from passwordstore to a simple list.
prefix=${PASSWORD_STORE_DIR:=~/.password-store}
## Set the IFS to account for spaces in filenames
IFS=$(echo -en "\n\b")
for file in $(find $prefix -name '*.gpg')
do
nicename=$(echo $file \
| cut --characters ${#prefix}- \
| cut --characters 3- \
| rev | cut --characters 5- | rev
)
echo " # "$nicename
gpg --quiet --decrypt $file | head -n 1
done