DEPRECATED - NO LONGER SUPPORTED - v2 pwndb site is gone.
Script to utilize the v2 pwndb onion site to find leaked passwords.
Problem: Many want to continue using the pwndb database to find leaked passwords. However, Tor is no longer supporting v2 addresses after version 11 and no one seems to have found a v3 onion for pwndb (if you have let me know :) ).
Solution:
- Download the version 10.5.10 of Tor browser from one of these locations:
- Archive.org https://web.archive.org/web/20211104213819if_/https://dist.torproject.org/torbrowser/10.5.10/tor-browser-linux64-10.5.10_en-US.tar.xz
- If Tor hasn't taken it down yet, here: https://dist.torproject.org/torbrowser/10.5.10/
- Download the version 10.5.10 of Tor browser from my Google Drive (yikes, I know I wouldn't trust me either. See issues where 3rd party has validate my hash values) https://drive.google.com/file/d/1_IkwqPBhk03Hy4E1BO0w1r_UYprb7mNz/view,
- Un-zip that son of a gun somewhere on your device.
- Start the browser the first time, turn off automatic updates and check the box to automatically connect to Tor.
- Within the pwndb.sh script, replace the location of your start-browser launcher with the location of your browser launcher.
- Make your script executable (chmod +x) and profit.
Troubleshooting:
- My browser won't start - you probably didn't put the file path in correctly. Check there.
- Not getting any results or connection errors - your Tor browser might be running on a different SOCKS port than mine. Run the curl command by itself with the browser running to make sure its successfully connecting. If it isn't run a netstat to figure out what port your Tor browser is running on.
Hope this helps and you enjoy.
I might make the script more robust to auto detect ports and such but let's see if anyone uses this at all first.