pass-station 1.2.2 → 1.2.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (12) hide show
  1. checksums.yaml +4 -4
  2. data/LICENSE +2 -1
  3. data/bin/pass-station +29 -22
  4. data/data/DefaultCreds-Cheat-Sheet.csv +5 -8
  5. data/data/many-passwords.csv +2561 -0
  6. data/lib/pass_station/output.rb +6 -7
  7. data/lib/pass_station/parse.rb +5 -4
  8. data/lib/pass_station/search.rb +9 -7
  9. data/lib/pass_station/source.rb +48 -11
  10. data/lib/pass_station/version.rb +1 -1
  11. data/lib/pass_station.rb +6 -3
  12. metadata +26 -11
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 7ec0b0404526c7b3184c441897083e2024404e7f22b4ac2851292d81f69cda25
4
- data.tar.gz: b27776bfc51827851cc6ef60ce4c378f0fa9ec923f104109abb66733df5ba5d3
3
+ metadata.gz: ae09b43b764e460c230fd29723ef4293c7624808a7d4cd7511789b3a0a087a0c
4
+ data.tar.gz: 02b004b539741d6d678579b480cfedf314c7ede04886bf956c111ba1ab69a21c
5
5
  SHA512:
6
- metadata.gz: 26891a1b483d324034656b3921dc2684938972ce18f6f39d7746f6aaa3f387bcff6fb4964a45160c87c98f6bdaaf26eb93f0ccc935f8573867cc4fa63f345bad
7
- data.tar.gz: 6728d55a675019cd612162b1f5c10f142a0f14008429984681fa3c939422c8ebf0ebdab0afb08d85cb5e3678a2e2e4a743771b24a2645be24c591bf94b0f89f5
6
+ metadata.gz: ef336e447a6dbf9267f1aa3f249e6928b533b414833f925ca834fee7407369284e9ef94ad6c32347241af0e6dac31cae6ed6724a4dcdb3b83577574f99266a9b
7
+ data.tar.gz: a4d82db3a4db21bdbb29661a1ae4bbf44ad9586dd744548875d17ad528ff3ba4d4e7eb38cf1c9f294ae05af27ef1252c84f34d76d59c503619490642a35db704
data/LICENSE CHANGED
@@ -1,5 +1,6 @@
1
1
  MIT License
2
2
 
3
+ Copyright (c) 2021 Alexandre ZANNI
3
4
  Copyright (c) 2021 Alexandre ZANNI at SEC-IT
4
5
 
5
6
  Permission is hereby granted, free of charge, to any person obtaining a copy
@@ -18,4 +19,4 @@ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
19
  AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
20
  LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
21
  OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21
- SOFTWARE.
22
+ SOFTWARE.
data/bin/pass-station CHANGED
@@ -11,11 +11,11 @@ require 'docopt'
11
11
  require 'paint'
12
12
 
13
13
  doc = <<~DOCOPT
14
- Pass Station
14
+ Pass Station v#{PassStation::VERSION}
15
15
 
16
16
  Usage:
17
- pass-station list [--sort <col> --output <format>] [--debug]
18
- pass-station search <term> [--field <col> --sort <col> --sensitive --output <format>] [--no-color --debug]
17
+ pass-station list [--sort <col> --output <format>] [--source <id> --debug]
18
+ pass-station search <term> [--field <col> --sort <col> --sensitive --output <format>] [--source <id> --no-color --debug]
19
19
  pass-station update ([--force] <path> | --check) [--debug]
20
20
  pass-station -h | --help
21
21
  pass-station --version
@@ -24,10 +24,10 @@ doc = <<~DOCOPT
24
24
 
25
25
  Output options: can be used with list and search commands
26
26
  -o <format>, --output <format> Output format: JSON, CSV, YAML, table, pretty-table [default: pretty-table]
27
- -s <col>, --sort <col> Sort by column: productvendor | username | password [default: productvendor]
27
+ -s <col>, --sort <col> Sort by column (see documentation, columns depends on the database source)
28
28
 
29
29
  Search options:
30
- --field <col> Search in column: productvendor | username | password | all [default: productvendor]
30
+ --field <col> Search in column: column name (see documentation, columns depends on the database source) or all
31
31
  --sensitive Search is case sensitive (case insensitive by default)
32
32
 
33
33
  Update options: update the password database (replace Pass Station DB with upstream DB, use with care)
@@ -35,10 +35,11 @@ doc = <<~DOCOPT
35
35
  -c, --check Check for possible update
36
36
 
37
37
  Other options:
38
- --no-color Disable colorized output
39
- --debug Display arguments
40
- -h, --help Show this screen
41
- --version Show version
38
+ --source <id> Credentials source database: 1 (Default Credentials Cheat Sheet), 2 (Many passwords) [default: 1]
39
+ --no-color Disable colorized output
40
+ --debug Display arguments
41
+ -h, --help Show this screen
42
+ --version Show version
42
43
  DOCOPT
43
44
 
44
45
  begin
@@ -47,14 +48,17 @@ begin
47
48
  pp args if args['--debug']
48
49
  if args['update']
49
50
  if args['<path>']
50
- opts = {}
51
- opts[:sha256] = args['--force'] ? nil : PassStation::DB::UPSTREAM_DATABASE[:HASH]
52
- puts '[+] Updating database'
53
- path = PassStation::DB.download_upstream(args['<path>'], opts)
54
- if path
55
- puts "[+] Database updated #{path}"
56
- else
57
- puts '[+] Database already up to date'
51
+ PassStation::DB::UPSTREAM_DATABASE[:MAPPING].each do |k, v|
52
+ opts = {}
53
+ opts[:sha256] = args['--force'] ? nil : PassStation::DB::UPSTREAM_DATABASE[v][:HASH]
54
+ puts "[+] Updating database: #{v}"
55
+ opts[:source_db] = k
56
+ path = PassStation::DB.download_upstream(args['<path>'], opts)
57
+ if path
58
+ puts "[+] Database updated: #{v} (#{path})"
59
+ else
60
+ puts "[+] Database #{v} already up to date"
61
+ end
58
62
  end
59
63
  elsif args['--check']
60
64
  if PassStation::DB.check_for_update
@@ -64,13 +68,16 @@ begin
64
68
  end
65
69
  end
66
70
  elsif args['list']
67
- ps = PassStation::DB.new
68
- ps.parse(args['--sort'].to_sym)
71
+ db = args['--source'].nil? ? nil : args['--source'].to_i
72
+ ps = PassStation::DB.new(db)
73
+ args['--sort'].nil? ? ps.parse : ps.parse(args['--sort'].to_sym)
69
74
  puts ps.output_list(args['--output'])
70
75
  elsif args['search']
71
- ps = PassStation::DB.new
72
- ps.parse(args['--sort'].to_sym)
73
- ps.search(args['<term>'], args['--field'].to_sym, sensitive: args['--sensitive'])
76
+ db = args['--source'].nil? ? nil : args['--source'].to_i
77
+ ps = PassStation::DB.new(db)
78
+ args['--sort'].nil? ? ps.parse : ps.parse(args['--sort'].to_sym)
79
+ field = args['--field'].nil? ? nil : args['--field'].to_sym
80
+ ps.search(args['<term>'], field, sensitive: args['--sensitive'])
74
81
  output = ps.output_search(args['--output'])
75
82
  puts '[-] No result' if output.empty?
76
83
  puts ps.highlight_found(args['<term>'], output, args['--sensitive'])
data/data/DefaultCreds-Cheat-Sheet.csv CHANGED
@@ -1503,8 +1503,6 @@ Lanier,supervisor,<blank>
1503
1503
  LANSA,admin,admin
1504
1504
  LANSA,dev,dev
1505
1505
  LANSA,WEBADM,password
1506
- Lantronics,<blank>,access
1507
- Lantronics,<blank>,system
1508
1506
  Lantronix,<blank>,access
1509
1507
  Lantronix,<blank>,admin
1510
1508
  Lantronix,<blank>,<blank>
@@ -1516,6 +1514,7 @@ Lasa AIMS (mssql),ADMIN,AIMS
1516
1514
  Lasa AIMS (mssql),FB,AIMS
1517
1515
  latis network,<blank>,<blank>
1518
1516
  LAXO,admin,admin
1517
+ ldap account manager(lam),lam,lam
1519
1518
  Leading Edge,<blank>,MASTER
1520
1519
  Lenel,admin,admin
1521
1520
  Lenel OnGuard (mssql),LENEL,MULTIMEDIA
@@ -1734,9 +1733,6 @@ Netcomm,user,password
1734
1733
  Netcordia,admin,admin
1735
1734
  netcore (ssh),admin,admin
1736
1735
  netcore (ssh),guest,guest
1737
- netgar (ssh),admin,1234
1738
- netgar (ssh),admin,admin
1739
- netgar (ssh),admin,<blank>
1740
1736
  Netgear,admin,1234
1741
1737
  Netgear,admin,admin
1742
1738
  Netgear,admin,<blank>
@@ -1931,6 +1927,7 @@ Nullsoft,admin,changeme
1931
1927
  Nurit,$system,<blank>
1932
1928
  Nuxeo Server (general),Administrator,Administrator
1933
1929
  OCE,<blank>,0 and the number of OCE printer
1930
+ OCS Inventory,admin,admin
1934
1931
  Odoo (general),admin,admin
1935
1932
  Odoo (general),demo,demo
1936
1933
  ODS,ods,ods
@@ -2212,7 +2209,6 @@ Oracle,WWWUSER,WWWUSER
2212
2209
  Oracle,WWW,WWW
2213
2210
  Oracle,XPRT,XPRT
2214
2211
  Orange,admin,admin
2215
- orange livebox4 (web),admin,(blank)
2216
2212
  orange livebox4 (web),admin,<blank>
2217
2213
  Orange,root,1234
2218
2214
  Osicom,debug,d.e.b.u.g
@@ -2236,6 +2232,7 @@ ovislink,root,<blank>
2236
2232
  Pacific Micro Data,pmd,<blank>
2237
2233
  Packard Bell,<blank>,bell9
2238
2234
  Packeteer,<blank>,touchpwd=
2235
+ Palo Alto GlobalProtect Gateway,admin,admin
2239
2236
  Panasonic,admin,1234
2240
2237
  Panasonic,admin,12345
2241
2238
  Panasonic,<blank>,1234
@@ -2341,6 +2338,7 @@ publicprivate (snmp),<blank>,private
2341
2338
  publicprivate (snmp),<blank>,public
2342
2339
  Pyramid Computer,admin,admin
2343
2340
  Pyramid Computer,admin,gnumpf
2341
+ qBittorrent Web UI,admin,adminadmin
2344
2342
  QDI,<blank>,lesarotl
2345
2343
  QDI,<blank>,password
2346
2344
  QDI,<blank>,QDI
@@ -2355,6 +2353,7 @@ Questra Corporation,guest,guest
2355
2353
  Questra Corporation,questra,questra
2356
2354
  Quest Software,TOAD,TOAD
2357
2355
  Quintum Technologies Inc.,admin,admin
2356
+ RabbitMQ,guest,guest
2358
2357
  Radio Shack,<blank>,744
2359
2358
  Radio Shack,[MULTIPLE],744
2360
2359
  Radvision,admin,<blank>
@@ -2397,7 +2396,6 @@ Research,<blank>,Col2ogro2
2397
2396
  Research Machines,manager,changeme
2398
2397
  Resumix,root,resumix
2399
2398
  Ricoh,admin,<blank>
2400
- Ricoh,admin,no password
2401
2399
  Ricoh,admin,password
2402
2400
  Ricoh,<blank>,password
2403
2401
  Ricoh,<blank>,sysadm
@@ -2749,7 +2747,6 @@ SolarWinds,whd,whd
2749
2747
  Solution 6,aaa,often blank
2750
2748
  Solwise,root,same as webui pwd
2751
2749
  SonarQube (web),admin,admin
2752
- Sonicwall,admin,password
2753
2750
  SonicWALL,admin,password
2754
2751
  Sonic-X,root,admin
2755
2752
  Sonus,admin,Sonus12345