passwordstate-management

4.4.30

functions/Test-PasswordPwned.ps1

                                function Test-PasswordPwned {

    [CmdletBinding()]

    [Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSUseDeclaredVarsMoreThanAssignments', '', Justification = 'Used for output')]

    param (

        [parameter(ValueFromPipeline, Mandatory = $true, Position = 0)][Alias("Password")][String]$Value

    )

    begin {

        [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12

        class pwnpasswd {

            [string]$password

            [string]$hash

            [int32]$CompromisedCount

        }

    }

    process {

        $hash = (Get-StringHash -String $Value -HashName SHA1).toupper()

        $5charhash = $hash.substring(0, 5)

        $parms = @{

            uri             = "https://api.pwnedpasswords.com/range/$5charhash"

            method          = "GET"

            usebasicparsing = $true

        }

        $results = Invoke-RestMethod @parms

        $hashsuffix = $hash.replace("$5charhash", "")

        $results | where-object {$_ -like "$($hashsuffix)*"}

        # Create array of results

        $resultsarr = ($results | select-string -pattern "([A-Z0-9]+)(\:[0-9]+)" -AllMatches).Matches.Value

        $compromised = $resultsarr | Where-Object {$_ -like "$($hashsuffix):*"}

        # Create output

        $compromised | ForEach-Object {

            $output = [pwnpasswd]@{

                password         = $Value

                hash             = $hash

                CompromisedCount = ($compromised | Select-String -Pattern "(?<=\:)[0-9]+").Matches.Value

            }

        }

    }

    end {

        return $output

    }

}