HaveIBeenPwned by Troy Hunt has been a great asset since its inception for many. With the possibility of the service being sold, now is the time to get a copy of the hashes before its too late!
Start by going to https://haveibeenpwned.com/Passwords and scroll to the bottom of the page to see the torrent files. I will be using the SHA1 list (either SHA1 or NTLM will give the same results).
Next, I extracted the contents of the zip (31 GB!); 7-Zip will do just fine.
I created a small script in Python to run through the file initially. In summary, the script will ask for the location of the extracted file and for a password to search. It will turn the password into a hash and run a search, notifying you whether a match was found or not.
#!/usr/bin/python
#SHA1 Hashing and Searching with Python
#Created by Irvin Lemus
import hashlib
import getpass
import re
print "Automatic Hashing and Searching Script"
print "See if your password is public knowledge!"
print "This script will check a repository of 500+ million passwords"
print " "
text = raw_input("What is the file location? ")
pwd_in = getpass.getpass("Please enter a password to search: ")
hash = hashlib.new("sha1", pwd_in).hexdigest()
hash = hash.upper()
print " "
print "Searching..."
with open (text, 'r') as searchfile:
for line in searchfile:
if re.search(hash, line):
print " "
print "PASSWORD KNOWN!"
print "Hashed Password and the Number of Uses: "
print line
print "You should not use that password."
quit()
else:
print "Hooray! Password is not on the list!"
print "Hash: ", hash
quit()
Revisions to the file will be made (add retry function, demo how to import hashes into a database for faster searching, etc).