From 553079dc017a44164cd04d4c067c061003e1684f Mon Sep 17 00:00:00 2001 From: Andinus Date: Mon, 16 Mar 2020 14:32:03 +0530 Subject: Initial commit --- LICENSE | 13 +++++++++++++ README.org | 21 +++++++++++++++++++++ 2 files changed, 34 insertions(+) create mode 100644 LICENSE create mode 100644 README.org diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..a5893df --- /dev/null +++ b/LICENSE @@ -0,0 +1,13 @@ +Copyright (c) 2020, Andinus + +Permission to use, copy, modify, and/or distribute this software for any +purpose with or without fee is hereby granted, provided that the above +copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF +OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. diff --git a/README.org b/README.org new file mode 100644 index 0000000..3e3c931 --- /dev/null +++ b/README.org @@ -0,0 +1,21 @@ +#+HTML_HEAD: +#+HTML_HEAD: +#+EXPORT_FILE_NAME: index +#+TITLE: Orion + +Orion is a simple cli client to check for compromised passwords using Have I +Been Pwned API. + +*Note*: Your password is not sent anywhere, only the first 5 characters of the +SHA-1 hash of the input is sent to HIBP API. + +*Note*: Padding is currently not supported by Orion. + +* Working +- Orion takes input from the user +- Input is hashed & split (prefix: [:5], suffix: [5:]) +- Prefix is sent to the HIBP API +- HIBP API returns list of suffixes along with frequency +- Orion looks for suffix from the list of suffixes + +Match means the password is present in HIBP database & has been compromised. -- cgit 1.4.1-2-gfad0