diff options
| author | Marvin Borner | 2018-01-10 19:13:23 +0100 |
|---|---|---|
| committer | GitHub | 2018-01-10 19:13:23 +0100 |
| commit | 791d8ae80e4c844699cd64b5b4cd8cc060b7685a (patch) | |
| tree | 732e3306faee77069d9e6a79b141bb49e93ff31d | |
| parent | e198e091d46abe6297ed838f7e270532e7623b47 (diff) | |
Added 300million password list
| -rw-r--r-- | index.php | 41 |
1 files changed, 34 insertions, 7 deletions
@@ -9,6 +9,7 @@ <link rel="stylesheet" type="text/css" href="//maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css" />
<link rel="stylesheet" type="text/css" href="css/main.css" />
<link rel="stylesheet" type="text/css" href="css/form.css" />
+ <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css">
<script src="https://code.jquery.com/jquery-3.2.1.min.js"></script>
</head>
@@ -16,7 +17,7 @@ <body>
<div class="container">
- <div class="codrops-header" id="headerdiv">
+ <div class="codrops-header animated fadeInDown" id="headerdiv">
<div class="aligncenter">
<h1>Is my password on a list? <span>Check if your password has been leaked on a password list.</span></h1>
<nav class="codrops-demos">
@@ -26,9 +27,10 @@ </div>
</div>
- <div class="content bgcolor" id="contentdiv">
+ <div class="content bgcolor animated fadeInUp" id="contentdiv">
<div class="aligncenter">
<h2 id="task">Check your password</h2>
+ <p id="txtHint"></p>
<form method="post" action="" class="input input--kozakura">
<input class="input__field input__field--kozakura" type="password" id="input-8" name="password" autocomplete="off"/>
<label class="input__label input__label--kozakura" for="input-8">
@@ -45,32 +47,57 @@ <?php
$password = $_POST['password'];
$passlist1 = file("10million.txt");
-
+
if(empty($_POST['password'])) {
$found = "emptypass";
}
if(!empty($_POST['password'])) {
if(in_array($password."\n", $passlist1)){
+ $hashedpassword = sha1($password);
$found = "yep";
} else {
$found = "nope";
+ $hashedpassword = sha1($password);
}
}
?>
<!-- php end -->
<script>
-//php variable value
+//checking passwords
+var hashedpassword ="<?php echo $hashedpassword; ?>";
var found = "<?php echo $found; ?>";
+var request = new XMLHttpRequest();
+
+request.open('GET', 'https://haveibeenpwned.com/api/v2/pwnedpassword/' + hashedpassword + '?originalPasswordIsAHash=false');
+request.send();
+request.addEventListener('load', function(event) {
+ if (request.status == 200 || found == "yep") {
+ $("#contentdiv").addClass("passfoundbg");
+ $('#task').html('Your password is on a password list! <br />Change it immediately!');
+ } else if (request.status == 404) {
+ $("#contentdiv").addClass("passnotfoundbg");
+ $('#task').html('Your password isn\'t on a password list :)');
+ }
+
+ //console logging
+ if (request.status == 200) {
+ console.log("found on remote password list")
+ }
+ if (request.status == 200 && found == "yep") {
+ console.log("--> found on both password lists!")
+ }
+})
+
+//just for faster local results
if (found == "yep") {
+ console.log("found on local password list")
$("#contentdiv").addClass("passfoundbg");
$('#task').html('Your password is on a password list! <br />Change it immediately!');
-} else if (found == "nope") {
- $("#contentdiv").addClass("passnotfoundbg");
- $('#task').html('Your password isn\'t on a password list :)');
}
</script>
+
</div>
</body>
</html>
|