aspisec 0.0.2 → 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (50) hide show
  1. checksums.yaml +4 -4
  2. data/bin-ruby/aspisec +5 -5
  3. data/lib-ruby/aspisec/clean.rb +31 -11
  4. data/lib-ruby/aspisec/config.rb +55 -146
  5. data/lib-ruby/aspisec/configs/amass.rb +22 -0
  6. data/lib-ruby/aspisec/configs/bloodhound.rb +27 -0
  7. data/lib-ruby/aspisec/configs/crackmapexec.rb +28 -0
  8. data/lib-ruby/aspisec/configs/dbgate.rb +25 -0
  9. data/lib-ruby/aspisec/configs/ffuf.rb +19 -0
  10. data/lib-ruby/aspisec/configs/hashcat.rb +33 -0
  11. data/lib-ruby/aspisec/configs/home_history_files.rb +59 -0
  12. data/lib-ruby/aspisec/configs/john.rb +26 -0
  13. data/lib-ruby/aspisec/configs/jwt_tool.rb +19 -0
  14. data/lib-ruby/aspisec/configs/lsassy.rb +22 -0
  15. data/lib-ruby/aspisec/configs/manspider.rb +25 -0
  16. data/lib-ruby/aspisec/configs/metasploit.rb +38 -0
  17. data/lib-ruby/aspisec/configs/mobsf.rb +30 -0
  18. data/lib-ruby/aspisec/configs/mongodb_compass.rb +19 -0
  19. data/lib-ruby/aspisec/configs/mongodb_mongosh.rb +24 -0
  20. data/lib-ruby/aspisec/configs/ncrack.rb +19 -0
  21. data/lib-ruby/aspisec/configs/netexec.rb +28 -0
  22. data/lib-ruby/aspisec/configs/recaf.rb +24 -0
  23. data/lib-ruby/aspisec/configs/remmina.rb +20 -0
  24. data/lib-ruby/aspisec/configs/semgrep.rb +22 -0
  25. data/lib-ruby/aspisec/configs/spiderfoot.rb +24 -0
  26. data/lib-ruby/aspisec/configs/sqlmap.rb +27 -0
  27. data/lib-ruby/aspisec/configs/theharvester.rb +19 -0
  28. data/lib-ruby/aspisec/configs/weevely.rb +31 -0
  29. data/lib-ruby/aspisec/configs/whatwaf.rb +18 -0
  30. data/lib-ruby/aspisec/module.rb +35 -0
  31. data/lib-ruby/aspisec/modules/amass.rb +38 -0
  32. data/lib-ruby/aspisec/modules/bloodhound.rb +38 -0
  33. data/lib-ruby/aspisec/modules/dbgate.rb +38 -0
  34. data/lib-ruby/aspisec/modules/ffuf.rb +33 -0
  35. data/lib-ruby/aspisec/modules/home_history_files.rb +67 -0
  36. data/lib-ruby/aspisec/modules/jwt_tool.rb +33 -0
  37. data/lib-ruby/aspisec/modules/lsassy.rb +38 -0
  38. data/lib-ruby/aspisec/modules/manspider.rb +38 -0
  39. data/lib-ruby/aspisec/modules/mobsf.rb +49 -0
  40. data/lib-ruby/aspisec/modules/mongodb_compass.rb +33 -0
  41. data/lib-ruby/aspisec/modules/mongodb_mongosh.rb +38 -0
  42. data/lib-ruby/aspisec/modules/ncrack.rb +33 -0
  43. data/lib-ruby/aspisec/modules/recaf.rb +38 -0
  44. data/lib-ruby/aspisec/modules/remmina.rb +34 -0
  45. data/lib-ruby/aspisec/modules/semgrep.rb +38 -0
  46. data/lib-ruby/aspisec/modules/spiderfoot.rb +38 -0
  47. data/lib-ruby/aspisec/modules/weevely.rb +43 -0
  48. data/lib-ruby/aspisec/modules/whatwaf.rb +33 -0
  49. data/lib-ruby/aspisec/version.rb +1 -1
  50. metadata +46 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 766e59f32c8d0661ea37cc677183ee3e0bc3e844fb8acfd12d3a2420a57b9d13
4
- data.tar.gz: 05c24dfb5599dc2c240bc361566deb21adf150827e5f85a75107899a9945a2ca
3
+ metadata.gz: dbe0a57b6f1c5229ff19e03f4ae88bcef292252d7d30e432bc7646827b494e8c
4
+ data.tar.gz: 421810a0cb7d8de592762f67d32111b5be04daf0fbb9f463621f6b128ff17043
5
5
  SHA512:
6
- metadata.gz: 4b62e8cba7fcf061dec4211525802797bd1c9ae534b7c6a4410363b50c8c8aa8cea589ca450e2b7b7fda16590d73454c1fd82b1c26d44978503ccfe01b4ca0e6
7
- data.tar.gz: 005a8aa1c8e48186923f1bb842ee5a521f73c2c902df08663c22b9f55a8e548132ef390d415fd9eaa3de87371a418d8923e207a3ab59a8ce8f6f0f124be7023c
6
+ metadata.gz: eb46440a53118318216e8f7bfde559ef8a0e4c40bbfa521dcd55cf02f9669d70aad647500d8faf0316f7d9dfb501cae163321526da9b6d6c39eac9c3d91a5583
7
+ data.tar.gz: 2835003e81c3a953b2e000ae2551407aae665cf9802d26b02ef37f14a5b9ed17053df8ffbf3bc59be971d73f32bea04e24c3074576c56995104fef093da7f3fd
data/bin-ruby/aspisec CHANGED
@@ -50,12 +50,12 @@ begin
50
50
  elsif args['list']
51
51
  Aspisec::Modules.modules.each do |mod|
52
52
  enabled = mod.enabled? ? '✅' : '❌'
53
- print "#{enabled} "
54
- puts paint.decorate(mod.name, :red, :on_black)
55
- mod.locations.each do |loc|
53
+ print "#{enabled} : #{paint.decorate(mod.name, :red, :on_black)}".ljust(42)
54
+ last_index = mod.locations.size - 1
55
+ mod.locations.each_with_index do |loc, i|
56
56
  enabled = loc.enabled? ? '✅' : '❌'
57
- print " #{enabled} "
58
- puts paint.decorate(loc.name, :white, :on_black)
57
+ print " #{enabled} #{paint.decorate(loc.name, :white, :on_black)}".ljust(27)
58
+ puts if i == last_index
59
59
  end
60
60
  end
61
61
  end
@@ -33,7 +33,7 @@ module Aspisec
33
33
  puts "——— #{@painter.decorate(location.name, :cyan, :bold)} ———"
34
34
  puts_decorated('Path', location.path.to_s)
35
35
  puts_decorated('Type', file_type(location.path))
36
- puts_decorated('Size', type_size(location.path))
36
+ puts_decorated('Size', type_size_human(location.path))
37
37
  puts_decorated('Description', location.description) if @describe
38
38
  @prompt.yes?("Do you want to remove #{location.name}?")
39
39
  end
@@ -77,26 +77,46 @@ module Aspisec
77
77
  Dir[File.join(path, '**', '*')].select { |f| File.file?(f) }.sum { |f| File.size(f) }
78
78
  end
79
79
 
80
- # Displays the size (in human-friendly format with {human_size}) regardless of whether it is a file or a directory.
80
+ # Displays the size regardless of whether it is a file or a directory or path containing globbing.
81
81
  # @param path [Pathname]
82
- # @return [String] human-friendly size with the most suitable unit, or `empty` is the size is zero
82
+ # @return [Integer] size in bytes or -1 if it's a path with globbing
83
83
  def type_size(path)
84
- size = if path.directory?
85
- directory_size(path)
86
- else
87
- path.size
88
- end
89
- size.zero? ? 'empty' : human_size(size)
84
+ if path.directory?
85
+ directory_size(path)
86
+ elsif path.file?
87
+ path.size
88
+ else # for example when the location contains glogging representing multiple files
89
+ -1
90
+ end
91
+ end
92
+
93
+ # Displays the size (in human-friendly format with {human_size}) regardless of whether it is a file or a directory.
94
+ # @param path [Pathname]
95
+ # @return [String] human-friendly size with the most suitable unit, `empty` is the size is zero or `unknown`
96
+ # for any other cases
97
+ def type_size_human(path)
98
+ size = type_size(path)
99
+ case size
100
+ when 0
101
+ 'empty'
102
+ when -1
103
+ 'unknown'
104
+ else
105
+ human_size(size)
106
+ end
90
107
  end
91
108
 
92
109
  # Delete the location regardless of whether it is a file or a directory.
93
110
  # @param path [Pathname]
94
111
  # @return [nil]
95
112
  def type_delete(path)
113
+ @logger.warn("The current user doesn't have permission to remove #{path}") unless path.writable?
96
114
  if path.directory?
97
115
  path.rmtree
98
- else
116
+ elsif path.file?
99
117
  path.delete
118
+ else # for example when the location contains glogging representing multiple files
119
+ Dir[path].map { |path| Pathname.new(path).delete }
100
120
  end
101
121
  nil
102
122
  end
@@ -113,7 +133,7 @@ module Aspisec
113
133
  # Handles the deletion mode. It could be automatic or manual cleaning.
114
134
  # @param loc [Aspisec::Module::Location]
115
135
  def delete_mode(loc)
116
- return unless loc.enabled? && loc.path.exist?
136
+ return unless loc.enabled? && loc.exist?
117
137
 
118
138
  if @autoclean
119
139
  delete_location(loc.path)
@@ -1,5 +1,7 @@
1
1
  # frozen_string_literal: true
2
2
 
3
+ # internal require all configs
4
+ Dir[File.join(__dir__, 'configs', '*.rb')].each { |f| require(f) }
3
5
  # stdlib
4
6
  require 'yaml'
5
7
  # third-party
@@ -12,6 +14,7 @@ module Aspisec
12
14
  CONFIG_FILENAME = 'aspisec.config.yaml'
13
15
  DEFAULT_CONFIG = {
14
16
  'aspisec' => {
17
+ 'version' => Aspisec::VERSION,
15
18
  # Auto clean, remove files without asking confirmation
16
19
  'autoclean' => {
17
20
  'enabled' => false
@@ -44,152 +47,31 @@ module Aspisec
44
47
  }
45
48
  }
46
49
  },
47
- 'sqlmap' => {
48
- 'enabled' => true,
49
- 'location' => {
50
- 'base' => '$XDG_DATA_HOME/sqlmap', # ~/.local/share/sqlmap
51
- 'history' => {
52
- 'path' => '<base>/history',
53
- 'description' => "Directory containing history files.\n" \
54
- "os.hst stores system commands entered when using --os-pwn option.\n" \
55
- 'sql.hst stores SQL quries entered when using --os-shell option.'
56
- },
57
- 'logs' => {
58
- 'path' => '<base>/output',
59
- 'description' => "Directory containing a folder per target.\n" \
60
- "<target>/log contains all successful injection vectors.\n" \
61
- "<target>/session.sqlite contains retrieved data.\n" \
62
- '<target>/target.txt contains target URL + command used.'
63
- }
64
- }
65
- },
66
- 'crackmapexec' => {
67
- 'enabled' => true,
68
- 'location' => {
69
- 'base' => '$HOME/.cme', # ~/.cme
70
- 'logs' => {
71
- 'path' => '<base>/logs',
72
- 'description' => 'Directory containing log files, secrets, hashes, cleartext passwords etc.'
73
- },
74
- 'screenshots' => {
75
- 'path' => '<base>/screenshots',
76
- 'description' => 'Directory where are stored all screenshots taken with the --screenshot option.'
77
- },
78
- 'workspaces' => {
79
- 'path' => '<base>/workspaces',
80
- 'description' => "Directory containing workspaces.\n" \
81
- 'Workspaces contain SQLite databases including users (domain, usernames, password), ' \
82
- 'shares, hosts, dpapi secrets, etc.'
83
- }
84
- }
85
- },
86
- 'netexec' => {
87
- 'enabled' => true,
88
- 'location' => {
89
- 'base' => '$HOME/.nxc', # ~/.nxc
90
- 'logs' => {
91
- 'path' => '<base>/logs',
92
- 'description' => 'Directory containing log files, secrets, hashes, cleartext password etc.'
93
- },
94
- 'screenshots' => {
95
- 'path' => '<base>/screenshots',
96
- 'description' => 'Directory where are stored all screenshots taken with the --screenshot option.'
97
- },
98
- 'workspaces' => {
99
- 'path' => '<base>/workspaces',
100
- 'description' => "Directory containing workspaces.\n" \
101
- 'Workspaces contain SQLite databases including users (domain, usernames, password), ' \
102
- 'shares, hosts, dpapi secrets, etc.'
103
- }
104
- }
105
- },
106
- 'hashcat' => {
107
- 'enabled' => true,
108
- 'location' => {
109
- 'base' => '$XDG_DATA_HOME/hashcat', # ~/.local/share/hashcat
110
- #
111
- #
112
- #
113
- 'sessions' => {
114
- 'path' => '<base>/sessions',
115
- 'enaled' => false,
116
- 'description' => "Directory containing session related data.\n" \
117
- 'hashcat.log should not contain any sensible data unless the file name ' \
118
- "of a target file is sensible.\n" \
119
- 'show.log should not contain any sensible data unless the folder name is sensible.'
120
- },
121
- 'potfile' => {
122
- 'path' => '<base>/hashcat.potfile',
123
- 'description' => "File containing all cracked hashes.\n" \
124
- 'Passwords may include enterprize related content or may be easily recognizable.'
125
- },
126
- 'dict_cache' => {
127
- 'path' => '<base>/hashcat.dictstat2',
128
- 'enabled' => false,
129
- 'description' => "File is a cache for dictionaries.\n" \
130
- 'It should not be sensible unless dict. contain confidential data.'
131
- }
132
- }
133
- },
134
- 'theharvester' => {
135
- 'enabled' => true,
136
- 'location' => {
137
- 'base' => '$XDG_DATA_HOME/theHarvester', # ~/.local/share/theHarvester
138
- #
139
- 'stash' => {
140
- 'path' => '<base>/stash.sqlite',
141
- 'description' => 'File (SQLite DB) containing all the harvested addresses.'
142
- }
143
- }
144
- },
145
- 'john' => {
146
- 'enabled' => true,
147
- 'location' => {
148
- 'base' => '$HOME/.john', # ~/.john
149
- #
150
- #
151
- 'logs' => {
152
- 'path' => '<base>/john.log',
153
- 'description' => "File containing the logs of the commands launched.\n" \
154
- 'Does not contain hashes or passwords but usernames and whole command lines.'
155
- },
156
- 'potfile' => {
157
- 'path' => '<base>/john.pot',
158
- 'description' => "File containing all cracked hashes.\n" \
159
- 'Passwords may include enterprize related content or may be easily recognizable.'
160
- }
161
- }
162
- },
163
- 'metasploit' => {
164
- 'enabled' => true,
165
- 'location' => {
166
- 'base' => '$HOME/.msf4', # ~/.msf4
167
- #
168
- #
169
- 'history' => {
170
- 'path' => '<base>/history',
171
- 'description' => "File containing the history of commands used in msf shell.\n" \
172
- 'It certainly contains username, passwords, hostnames, etc.'
173
- },
174
- 'logs' => {
175
- 'path' => '<base>/logs',
176
- 'description' => "Directory containing log files.\n" \
177
- "framework.log may contain stacktraces that contain payloads.\n" \
178
- "production.log and sessions/ ? (I don't know, empty for me)"
179
- },
180
- 'loot' => {
181
- 'path' => '<base>/loot',
182
- 'description' => "Directory containing looted files.\n" \
183
- 'Those are retrieved clients files.'
184
- },
185
- 'meterpreter' => {
186
- 'path' => '<base>/meterpreter_history',
187
- 'description' => "File containing the history of commands used in meterpreter sessions.\n" \
188
- "Less sensible than msf shell history but could still contains some file paths, \n" \
189
- 'for example.'
190
- }
191
- }
192
- }
50
+ 'sqlmap' => Configs::SQLMAP,
51
+ 'crackmapexec' => Configs::CRACKMAPEXEC,
52
+ 'netexec' => Configs::NETEXEC,
53
+ 'hashcat' => Configs::HASHCAT,
54
+ 'theharvester' => Configs::THEHARVESTER,
55
+ 'john' => Configs::JOHN,
56
+ 'metasploit' => Configs::METASPLOIT,
57
+ 'jwt_tool' => Configs::JWT_TOOL,
58
+ 'manspider' => Configs::MANSPIDER,
59
+ 'ncrack' => Configs::NCRACK,
60
+ 'weevely' => Configs::WEEVELY,
61
+ 'spiderfoot' => Configs::SPIDERFOOT,
62
+ 'remmina' => Configs::REMMINA,
63
+ 'mobsf' => Configs::MOBSF,
64
+ 'mongodb-compass' => Configs::MONGODB_COMPASS,
65
+ 'mongodb-mongosh' => Configs::MONGODB_MONGOSH,
66
+ 'lsassy' => Configs::LSASSY,
67
+ 'semgrep' => Configs::SEMGREP,
68
+ 'whatwaf' => Configs::WHATWAF,
69
+ 'amass' => Configs::AMASS,
70
+ 'bloodhound' => Configs::BLOODHOUND,
71
+ 'ffuf' => Configs::FFUF,
72
+ 'recaf' => Configs::RECAF,
73
+ 'dbgate' => Configs::DBGATE,
74
+ 'home-history-files' => Configs::HOME_HISTORY_FILES
193
75
  },
194
76
  'audit' => {
195
77
  'enabled' => false,
@@ -223,10 +105,37 @@ module Aspisec
223
105
  create_config unless config_exist?
224
106
  # Else load it
225
107
  @conf = load_config
108
+ # Check the version of the configuration
109
+ check_version
226
110
  # Replace the path variables / plaholders with real values
227
111
  expand_path_conf!
228
112
  end
229
113
 
114
+ # Comparison between Aspisec tool version and Aspisec configuration version
115
+ # @return [true|false] true when the tool and configuration version match
116
+ def check_version
117
+ version = @conf.dig('aspisec', 'version')
118
+ matching = true
119
+ if version.nil?
120
+ @logger.warn('No version found in the configuration (old version).')
121
+ matching = false
122
+ elsif Gem::Version.new(Aspisec::VERSION) > Gem::Version.new(version)
123
+ message = "The configuration is older (#{version}) than the tool (#{Aspisec::VERSION})." \
124
+ 'Some module or features may be missing.'
125
+ @logger.warn(message)
126
+ matching = false
127
+ elsif Gem::Version.new(Aspisec::VERSION) < Gem::Version.new(version)
128
+ message = "The configuration is newer (#{version}) than the tool (#{Aspisec::VERSION})." \
129
+ 'You may experience issues.'
130
+ @logger.warn(message)
131
+ matching = false
132
+ end
133
+ unless matching
134
+ @logger.warn("\"rm #{config_filepath}\" if you want Aspisec to recreate a default configuration file")
135
+ end
136
+ matching
137
+ end
138
+
230
139
  # Read and parse (YAML ➡️ Ruby Hash) the config. file
231
140
  # @return [Hash|nil] the corresponding Ruby object parsed from the YAML file
232
141
  # or `nil` if the configuration file doesn't exist
@@ -0,0 +1,22 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Aspisec
4
+ class Config
5
+ module Configs
6
+ AMASS = {
7
+ 'enabled' => true,
8
+ 'location' => {
9
+ 'base' => '$XDG_CONFIG_HOME/amass', # ~/.config/amass
10
+ 'logs' => {
11
+ 'path' => '<base>/amass.log',
12
+ 'description' => 'Log file containing the searched domain.'
13
+ },
14
+ 'database' => {
15
+ 'path' => '<base>/amass.sqlite',
16
+ 'description' => "Database file.\nContains search results."
17
+ }
18
+ }
19
+ }.freeze
20
+ end
21
+ end
22
+ end
@@ -0,0 +1,27 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Aspisec
4
+ class Config
5
+ module Configs
6
+ BLOODHOUND = {
7
+ 'enabled' => false,
8
+ 'location' => {
9
+ 'base' => '/var/lib/neo4j',
10
+ 'database' => {
11
+ 'path' => '<base>/data/databases/neo4j',
12
+ 'description' => "Folder containing the database data.\n" \
13
+ "Data contains all dumped AD objects.\n" \
14
+ "Bloodhound use default neo4j database.\n" \
15
+ '⚠ Requires neo4j or root permissions to remove.'
16
+ },
17
+ 'transactions' => {
18
+ 'path' => '<base>/data/transactions/neo4j',
19
+ 'description' => "Folder containing database transactions.\n" \
20
+ "Bloodhound use default neo4j database.\n" \
21
+ '⚠ Requires neo4j or root permissions to remove.'
22
+ }
23
+ }
24
+ }.freeze
25
+ end
26
+ end
27
+ end
@@ -0,0 +1,28 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Aspisec
4
+ class Config
5
+ module Configs
6
+ CRACKMAPEXEC = {
7
+ 'enabled' => true,
8
+ 'location' => {
9
+ 'base' => '$HOME/.cme', # ~/.cme
10
+ 'logs' => {
11
+ 'path' => '<base>/logs',
12
+ 'description' => 'Directory containing log files, secrets, hashes, cleartext passwords etc.'
13
+ },
14
+ 'screenshots' => {
15
+ 'path' => '<base>/screenshots',
16
+ 'description' => 'Directory where are stored all screenshots taken with the --screenshot option.'
17
+ },
18
+ 'workspaces' => {
19
+ 'path' => '<base>/workspaces',
20
+ 'description' => "Directory containing workspaces.\n" \
21
+ 'Workspaces contain SQLite databases including users (domain, usernames, password), ' \
22
+ 'shares, hosts, dpapi secrets, etc.'
23
+ }
24
+ }
25
+ }.freeze
26
+ end
27
+ end
28
+ end
@@ -0,0 +1,25 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Aspisec
4
+ class Config
5
+ module Configs
6
+ DBGATE = {
7
+ 'enabled' => true,
8
+ 'location' => {
9
+ 'base' => '$HOME/.dbgate', # ~/.dbgate
10
+ 'connections' => {
11
+ 'enabled' => false,
12
+ 'path' => '<base>/connections.jsonl',
13
+ 'description' => "File containing connection shortchuts.\n" \
14
+ 'Connection objects contain target domain or IP address.'
15
+ },
16
+ 'logs' => {
17
+ 'path' => '<base>/logs',
18
+ 'description' => "Logs folder.\n" \
19
+ "Those log events shouldn't contain customer information but who knows."
20
+ }
21
+ }
22
+ }.freeze
23
+ end
24
+ end
25
+ end
@@ -0,0 +1,19 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Aspisec
4
+ class Config
5
+ module Configs
6
+ FFUF = {
7
+ 'enabled' => true,
8
+ 'location' => {
9
+ 'base' => '$XDG_CONFIG_HOME/ffuf', # ~/.config/ffuf
10
+ 'history' => {
11
+ 'path' => '<base>/history',
12
+ 'description' => "Folder containing the history of command options used.\n" \
13
+ 'Those files contain target URL but may also contains secrets in headers.'
14
+ }
15
+ }
16
+ }.freeze
17
+ end
18
+ end
19
+ end
@@ -0,0 +1,33 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Aspisec
4
+ class Config
5
+ module Configs
6
+ HASHCAT = {
7
+ 'enabled' => true,
8
+ 'location' => {
9
+ 'base' => '$XDG_DATA_HOME/hashcat', # ~/.local/share/hashcat
10
+ 'sessions' => {
11
+ 'path' => '<base>/sessions',
12
+ 'enaled' => false,
13
+ 'description' => "Directory containing session related data.\n" \
14
+ 'hashcat.log should not contain any sensible data unless the file name ' \
15
+ "of a target file is sensible.\n" \
16
+ 'show.log should not contain any sensible data unless the folder name is sensible.'
17
+ },
18
+ 'potfile' => {
19
+ 'path' => '<base>/hashcat.potfile',
20
+ 'description' => "File containing all cracked hashes.\n" \
21
+ 'Passwords may include enterprize related content or may be easily recognizable.'
22
+ },
23
+ 'dict_cache' => {
24
+ 'path' => '<base>/hashcat.dictstat2',
25
+ 'enabled' => false,
26
+ 'description' => "File is a cache for dictionaries.\n" \
27
+ 'It should not be sensible unless dict. contain confidential data.'
28
+ }
29
+ }
30
+ }.freeze
31
+ end
32
+ end
33
+ end
@@ -0,0 +1,59 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Aspisec
4
+ class Config
5
+ module Configs
6
+ HOME_HISTORY_FILES = {
7
+ 'enabled' => true,
8
+ 'location' => {
9
+ 'base' => '$HOME', # ~/
10
+ 'python' => {
11
+ 'path' => '<base>/.python_history',
12
+ 'description' => "Python history file.\n" \
13
+ 'Contains all commands entered in the Python REPL.'
14
+ },
15
+ 'postgresql' => {
16
+ 'path' => '<base>/.psql_history',
17
+ 'description' => "PostgreSQL history file.\n" \
18
+ 'Contains all commands entered in the PostegreSQL shell.'
19
+ },
20
+ 'ruby-irb' => {
21
+ 'path' => '<base>/.irb_history',
22
+ 'description' => "Ruby (IRB) hitory file.\n" \
23
+ 'Contains all commands entered in the Ruby REPL.'
24
+ },
25
+ 'ruby-rdbg' => {
26
+ 'path' => '<base>/.rdbg_history',
27
+ 'description' => "Ruby (rdbg) hitory file.\n" \
28
+ 'Contains all commands entered in the Ruby debugger.'
29
+ },
30
+ 'redis-cli' => {
31
+ 'path' => '<base>/.rediscli_history',
32
+ 'description' => "Redis CLI history file.\n" \
33
+ 'Contains all commands entered in the redis-cli shell.'
34
+ },
35
+ 'bash' => {
36
+ 'enabled' => false,
37
+ 'path' => '<base>/.bash_history',
38
+ 'description' => "Bash history file.\n" \
39
+ 'Contains all commands entered in the Bash shell.'
40
+ },
41
+ 'zsh' => {
42
+ 'enabled' => false,
43
+ 'path' => '<base>/.zsh_history',
44
+ 'description' => "Zsh history file.\n" \
45
+ 'Contains all commands entered in the Zsh shell.'
46
+ },
47
+ 'zsh-alt' => {
48
+ 'enabled' => false,
49
+ 'path' => '<base>/.histfile',
50
+ 'description' => "Zsh history file.\n" \
51
+ "Contains all commands entered in the Zsh shell.\n" \
52
+ 'Alternative Zsh history file location set by zsh-newuser-install in HISTFILE ' \
53
+ 'environment variable.'
54
+ }
55
+ }
56
+ }.freeze
57
+ end
58
+ end
59
+ end
@@ -0,0 +1,26 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Aspisec
4
+ class Config
5
+ module Configs
6
+ JOHN = {
7
+ 'enabled' => true,
8
+ 'location' => {
9
+ 'base' => '$HOME/.john', # ~/.john
10
+ #
11
+ #
12
+ 'logs' => {
13
+ 'path' => '<base>/john.log',
14
+ 'description' => "File containing the logs of the commands launched.\n" \
15
+ 'Does not contain hashes or passwords but usernames and whole command lines.'
16
+ },
17
+ 'potfile' => {
18
+ 'path' => '<base>/john.pot',
19
+ 'description' => "File containing all cracked hashes.\n" \
20
+ 'Passwords may include enterprize related content or may be easily recognizable.'
21
+ }
22
+ }
23
+ }.freeze
24
+ end
25
+ end
26
+ end
@@ -0,0 +1,19 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Aspisec
4
+ class Config
5
+ module Configs
6
+ JWT_TOOL = {
7
+ 'enabled' => true,
8
+ 'location' => {
9
+ 'base' => '$HOME/.jwt_tool', # ~/.jwt_tool
10
+ 'logs' => {
11
+ 'path' => '<base>/logs.txt',
12
+ 'description' => "File containing the logs of the commands launched.\n" \
13
+ 'Contains the JWT for all injections and tamper attemps.'
14
+ }
15
+ }
16
+ }.freeze
17
+ end
18
+ end
19
+ end
@@ -0,0 +1,22 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Aspisec
4
+ class Config
5
+ module Configs
6
+ LSASSY = {
7
+ 'enabled' => true,
8
+ 'location' => {
9
+ 'base' => '$XDG_CONFIG_HOME/lsassy', # ~/.config/lsassy
10
+ 'masterkeys' => {
11
+ 'path' => '<base>/masterkeys.txt',
12
+ 'description' => 'File containing master keys retreived from targets.'
13
+ },
14
+ 'tickets' => {
15
+ 'path' => '<base>/tickets',
16
+ 'description' => 'Folder containing dumped tickets (TGT, TGS) from targets.'
17
+ }
18
+ }
19
+ }.freeze
20
+ end
21
+ end
22
+ end
@@ -0,0 +1,25 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Aspisec
4
+ class Config
5
+ module Configs
6
+ MANSPIDER = {
7
+ 'enabled' => true,
8
+ 'location' => {
9
+ 'base' => '$HOME/.manspider', # ~/.manspider
10
+ 'logs' => {
11
+ 'path' => '<base>/logs',
12
+ 'description' => "Directory containing log files.\n" \
13
+ 'Log files contains commands with the password not redacted and the path of all ' \
14
+ 'extracted files.'
15
+ },
16
+ 'loot' => {
17
+ 'path' => '<base>/loot',
18
+ 'description' => "Directory containing looted files.\n" \
19
+ 'Those are retrieved clients files.'
20
+ }
21
+ }
22
+ }.freeze
23
+ end
24
+ end
25
+ end