LeakHunter/CommonPasswordChecker.java at main · Und3rTakerOPS/LeakHunter · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32

import java.util.*;

public class CommonPasswordChecker implements PasswordPatternChecker {
    private final Set<String> commonPasswords;

    public CommonPasswordChecker(Set<String> commonPasswords) {
        this.commonPasswords = commonPasswords;
    }

    @Override
    public List<Finding> check(String password) {
        List<Finding> findings = new ArrayList<>();
        String pwLow = password.toLowerCase();
        for (String cp : commonPasswords) {
            if (pwLow.equals(cp) || pwLow.startsWith(cp) || pwLow.endsWith(cp)) {
                findings.add(new Finding(
                    Finding.Severity.CRITICAL,
                    "Password in dizionario comune",
                    "La password o una variante è presente in wordlist pubbliche (RockYou, SecLists)."
                ));
                break;
            }
        }
        return findings;
    }

    @Override
    public String getName() {
        return "Parola comune/dizionario";
    }
}