#!/usr/bin/env perl# from youtube user zvpunry# for a comment on https://www

1. #!/usr/bin/env perl
2. # from youtube user zvpunry
3. # for a comment on https://www.youtube.com/watch?v=hhUb5iknVJs
4. # public domain (do whatever you want with it)
5. use warnings;
6. use strict;
7. use autodie;
8.  
9. use HTTP::Request;
10. use LWP::UserAgent;
11. use Digest::SHA qw(sha1_hex);
12.  
13. if (scalar(@ARGV) < 1) {
14.     die("Usage: $0 password [password ...]");
15. }
16.  
17. for (my $i = 0; $i < scalar(@ARGV); $i++) {
18.     my $sha1 = sha1_hex($ARGV[$i]);
19.     $sha1 =~ m/^(.{5})(.*)$/;
20.     my $prefix = $1;
21.     my $suffix = $2;
22.     my $request = HTTP::Request->new(GET => "https://api.pwnedpasswords.com/range/$prefix");
23.     my $ua = LWP::UserAgent->new(agent => "not pwned.py");
24.     my $response = $ua->request($request);
25.  
26.     if (! $response->is_success()) {
27.         die "failed to check password number ". ($i+1). ": ". $response->status_line;
28.     }
29.  
30.     if ($response->decoded_content =~ m/\b$suffix:(\d+)\b/is) {
31.         print "password ".($i+1)." pwned $1 times\n";
32.     }
33.     else {
34.         print "password ".($i+1)." not in this list, but this doesn't mean it's not pwned\n";
35.     }
36.  
37. }