passdb 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- data/LICENSE.txt +20 -0
- data/README.md +76 -0
- data/Rakefile +22 -0
- data/bin/passdb +18 -0
- data/lib/passdb.rb +43 -0
- data/lib/passdb/cli.rb +54 -0
- data/lib/passdb/entry.rb +9 -0
- data/lib/passdb/version.rb +9 -0
- data/spec/passdb_spec.rb +11 -0
- data/spec/spec_helper.rb +12 -0
- metadata +122 -0
data/LICENSE.txt
ADDED
@@ -0,0 +1,20 @@
|
|
1
|
+
Copyright (c) 2011 Security Roots (@securityroots)
|
2
|
+
|
3
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
4
|
+
a copy of this software and associated documentation files (the
|
5
|
+
"Software"), to deal in the Software without restriction, including
|
6
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
7
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
8
|
+
permit persons to whom the Software is furnished to do so, subject to
|
9
|
+
the following conditions:
|
10
|
+
|
11
|
+
The above copyright notice and this permission notice shall be
|
12
|
+
included in all copies or substantial portions of the Software.
|
13
|
+
|
14
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
15
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
16
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
17
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
18
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
19
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
20
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.md
ADDED
@@ -0,0 +1,76 @@
|
|
1
|
+
passdb
|
2
|
+
======
|
3
|
+
|
4
|
+
This library can be used to search the default password database from cirt.net: http://cirt.net/passwords
|
5
|
+
|
6
|
+
Usage
|
7
|
+
-----
|
8
|
+
|
9
|
+
You can use the provided binary to search the password database by vendor:
|
10
|
+
|
11
|
+
./bin/passdb search --vendor Apc
|
12
|
+
7 entries were found:
|
13
|
+
AP9606 SmartSlot Web/SNMP Management Card
|
14
|
+
Version => AOS 3.2.1 and AOS 3.0.3
|
15
|
+
Method => telnet
|
16
|
+
User ID => (any)
|
17
|
+
Password => TENmanUFactOryPOWER
|
18
|
+
Call-UPS
|
19
|
+
Version => AP9608
|
20
|
+
Method => Console
|
21
|
+
Password => serial number of the Call-UPS
|
22
|
+
Level => Admin
|
23
|
+
Notes => (Access menu Control+P)
|
24
|
+
[...]
|
25
|
+
|
26
|
+
or by a free-form criteria
|
27
|
+
|
28
|
+
./bin/passdb search --criteria FTP
|
29
|
+
17 entries were found:
|
30
|
+
Intuity Audix
|
31
|
+
User ID => Craft
|
32
|
+
Password => crftpw
|
33
|
+
Axis Network Camera
|
34
|
+
Version => 2120, 2110, 2100, 200+, 200
|
35
|
+
Method => ftp, telnet, http
|
36
|
+
User ID => root
|
37
|
+
Password => pass
|
38
|
+
Level => Admin
|
39
|
+
CADSLR4
|
40
|
+
Method => FTP
|
41
|
+
User ID => anonymous
|
42
|
+
Password => password
|
43
|
+
Level => Anonymous
|
44
|
+
Notes => Default IP 192.168.1.254
|
45
|
+
[...]
|
46
|
+
|
47
|
+
You can also use the library inside your tools:
|
48
|
+
|
49
|
+
irb > require 'passdb'
|
50
|
+
=> true
|
51
|
+
irb > Passdb::search(:vendor => 'Zyxel').each do |entry|
|
52
|
+
irb > puts entry.name
|
53
|
+
irb > end
|
54
|
+
Generic Routers
|
55
|
+
Prestige 652HW-31
|
56
|
+
Prestige
|
57
|
+
Prestige
|
58
|
+
|
59
|
+
|
60
|
+
Contributing to passdb
|
61
|
+
----------------------
|
62
|
+
|
63
|
+
* Check out the latest master to make sure the feature hasn't been implemented or the bug hasn't been fixed yet
|
64
|
+
* Check out the issue tracker to make sure someone already hasn't requested it and/or contributed it
|
65
|
+
* Fork the project
|
66
|
+
* Start a feature/bugfix branch
|
67
|
+
* Commit and push until you are happy with your contribution
|
68
|
+
* Make sure to add tests for it. This is important so I don't break it in a future version unintentionally.
|
69
|
+
* Please try not to mess with the Rakefile, version, or history. If you want to have your own version, or is otherwise necessary, that is fine, but please isolate to its own commit so I can cherry-pick around it.
|
70
|
+
|
71
|
+
Copyright
|
72
|
+
---------
|
73
|
+
|
74
|
+
Copyright (c) 2011 Security Roots. See LICENSE.txt for
|
75
|
+
further details.
|
76
|
+
|
data/Rakefile
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
# encoding: utf-8
|
2
|
+
|
3
|
+
require File.expand_path('../lib/passdb/version', __FILE__)
|
4
|
+
|
5
|
+
require 'bundler'
|
6
|
+
Bundler::GemHelper.install_tasks
|
7
|
+
|
8
|
+
require 'rspec/core/rake_task'
|
9
|
+
RSpec::Core::RakeTask.new(:spec)
|
10
|
+
|
11
|
+
require 'rdoc/task'
|
12
|
+
if defined?(RDoc)
|
13
|
+
RDoc::Task.new do |rdoc|
|
14
|
+
rdoc.main = 'README.md'
|
15
|
+
rdoc.rdoc_dir = 'rdoc'
|
16
|
+
rdoc.title = "passdb #{Passdb::VERSION::STRING}"
|
17
|
+
rdoc.rdoc_files.include('README.md', 'LICENSE.txt')
|
18
|
+
rdoc.rdoc_files.include('lib/**/*.rb')
|
19
|
+
rdoc.options << '--line-numbers' << '--inline-source'
|
20
|
+
end
|
21
|
+
end
|
22
|
+
|
data/bin/passdb
ADDED
@@ -0,0 +1,18 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
|
3
|
+
source_root = File.expand_path(File.dirname(__FILE__) + "/..")
|
4
|
+
$LOAD_PATH.unshift("#{source_root}/lib")
|
5
|
+
|
6
|
+
require 'passdb/cli'
|
7
|
+
|
8
|
+
begin
|
9
|
+
Passdb::CLI.start
|
10
|
+
#rescue Exception => e
|
11
|
+
# puts e.message
|
12
|
+
# puts e.backtrace.join("\n")
|
13
|
+
# exit e.status_code
|
14
|
+
#rescue Interrupt => e
|
15
|
+
# puts "\nQuitting..."
|
16
|
+
# exit 1
|
17
|
+
end
|
18
|
+
|
data/lib/passdb.rb
ADDED
@@ -0,0 +1,43 @@
|
|
1
|
+
require 'open-uri'
|
2
|
+
require 'nokogiri'
|
3
|
+
|
4
|
+
require 'passdb/entry'
|
5
|
+
require 'passdb/version'
|
6
|
+
|
7
|
+
module Passdb
|
8
|
+
URL = 'http://cirt.net/passwords'
|
9
|
+
|
10
|
+
def self.search(args={})
|
11
|
+
type, query = args.first
|
12
|
+
|
13
|
+
if ![:vendor, :criteria].include?(type) || query.nil?
|
14
|
+
raise ArgumentError, "Either :vendor or :criteria are required!"
|
15
|
+
end
|
16
|
+
|
17
|
+
results = []
|
18
|
+
entry = nil
|
19
|
+
url = "#{URL}?#{type}=#{query}"
|
20
|
+
doc = Nokogiri::HTML(open(url))
|
21
|
+
|
22
|
+
doc.xpath('/html/body/div/div[2]/div[3]/div/center/table/tr').each do |tr|
|
23
|
+
next if tr.search('script').any?
|
24
|
+
|
25
|
+
if tr.search('td').size == 1
|
26
|
+
if entry
|
27
|
+
results << entry
|
28
|
+
end
|
29
|
+
entry = Entry.new
|
30
|
+
entry.name = tr.search('td').search('i').text
|
31
|
+
else
|
32
|
+
name, value = tr.search('td')
|
33
|
+
entry.attributes[ name.search('b').text ] = value.text
|
34
|
+
end
|
35
|
+
end
|
36
|
+
|
37
|
+
if entry
|
38
|
+
results << entry
|
39
|
+
end
|
40
|
+
|
41
|
+
return results
|
42
|
+
end
|
43
|
+
end
|
data/lib/passdb/cli.rb
ADDED
@@ -0,0 +1,54 @@
|
|
1
|
+
require 'thor'
|
2
|
+
require 'thor/actions'
|
3
|
+
|
4
|
+
require 'passdb'
|
5
|
+
|
6
|
+
module Passdb
|
7
|
+
class CLI < Thor
|
8
|
+
include Thor::Actions
|
9
|
+
map "-v" => :version
|
10
|
+
|
11
|
+
def initialize(*)
|
12
|
+
super
|
13
|
+
Thor::Shell::Basic.new
|
14
|
+
end
|
15
|
+
|
16
|
+
method_option "vendor", :type => :string, :banner =>
|
17
|
+
"Name of the vendor as especified in http://cirt.net/passwords"
|
18
|
+
method_option "criteria", :type => :string, :banner =>
|
19
|
+
"Free-form criteria to submit to cirt.net's password database"
|
20
|
+
desc "search", "Search cirt.net's database for default passwords by vendor or in free from"
|
21
|
+
def search
|
22
|
+
opts = options.dup
|
23
|
+
if opts["vendor"] && opts["criteria"]
|
24
|
+
puts "You can't specify both a vendor and a free-form criteria"
|
25
|
+
exit 1
|
26
|
+
end
|
27
|
+
|
28
|
+
if !(opts["vendor"] || opts["criteria"])
|
29
|
+
puts "You need to specify either --vendor or --criteria"
|
30
|
+
exit 1
|
31
|
+
end
|
32
|
+
|
33
|
+
results = nil
|
34
|
+
if opts["vendor"]
|
35
|
+
results = Passdb.search(:vendor => opts["vendor"])
|
36
|
+
else
|
37
|
+
results = Passdb.search(:criteria => opts["criteria"])
|
38
|
+
end
|
39
|
+
|
40
|
+
puts "#{results.size} entries were found:"
|
41
|
+
results.each do |entry|
|
42
|
+
puts " #{entry.name}"
|
43
|
+
entry.attributes.each do |name, value|
|
44
|
+
puts " #{name} => #{value}"
|
45
|
+
end
|
46
|
+
end
|
47
|
+
end
|
48
|
+
|
49
|
+
desc "version", "Show Passdb version"
|
50
|
+
def version
|
51
|
+
say "Passdb #{Passdb::VERSION::STRING}"
|
52
|
+
end
|
53
|
+
end
|
54
|
+
end
|
data/lib/passdb/entry.rb
ADDED
data/spec/passdb_spec.rb
ADDED
@@ -0,0 +1,11 @@
|
|
1
|
+
require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
|
2
|
+
|
3
|
+
describe "Passdb: vendor search" do
|
4
|
+
it "should fail if the vendor is empty" do
|
5
|
+
lambda{ Passdb::search(:vendor => nil) }.should raise_error(ArgumentError)
|
6
|
+
end
|
7
|
+
|
8
|
+
it "should fail if criteria is empty" do
|
9
|
+
lambda{ Passdb::search(:criteria => nil) }.should raise_error(ArgumentError)
|
10
|
+
end
|
11
|
+
end
|
data/spec/spec_helper.rb
ADDED
@@ -0,0 +1,12 @@
|
|
1
|
+
$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
|
2
|
+
$LOAD_PATH.unshift(File.dirname(__FILE__))
|
3
|
+
require 'rspec'
|
4
|
+
require 'passdb'
|
5
|
+
|
6
|
+
# Requires supporting files with custom matchers and macros, etc,
|
7
|
+
# in ./support/ and its subdirectories.
|
8
|
+
Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each {|f| require f}
|
9
|
+
|
10
|
+
RSpec.configure do |config|
|
11
|
+
|
12
|
+
end
|
metadata
ADDED
@@ -0,0 +1,122 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: passdb
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
prerelease:
|
5
|
+
version: 0.1.0
|
6
|
+
platform: ruby
|
7
|
+
authors:
|
8
|
+
- Daniel Martin
|
9
|
+
autorequire:
|
10
|
+
bindir: bin
|
11
|
+
cert_chain: []
|
12
|
+
|
13
|
+
date: 2011-05-04 00:00:00 +01:00
|
14
|
+
default_executable: passdb
|
15
|
+
dependencies:
|
16
|
+
- !ruby/object:Gem::Dependency
|
17
|
+
name: nokogiri
|
18
|
+
prerelease: false
|
19
|
+
requirement: &id001 !ruby/object:Gem::Requirement
|
20
|
+
none: false
|
21
|
+
requirements:
|
22
|
+
- - ">="
|
23
|
+
- !ruby/object:Gem::Version
|
24
|
+
version: "0"
|
25
|
+
type: :runtime
|
26
|
+
version_requirements: *id001
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: thor
|
29
|
+
prerelease: false
|
30
|
+
requirement: &id002 !ruby/object:Gem::Requirement
|
31
|
+
none: false
|
32
|
+
requirements:
|
33
|
+
- - ">="
|
34
|
+
- !ruby/object:Gem::Version
|
35
|
+
version: "0"
|
36
|
+
type: :runtime
|
37
|
+
version_requirements: *id002
|
38
|
+
- !ruby/object:Gem::Dependency
|
39
|
+
name: rspec
|
40
|
+
prerelease: false
|
41
|
+
requirement: &id003 !ruby/object:Gem::Requirement
|
42
|
+
none: false
|
43
|
+
requirements:
|
44
|
+
- - ">="
|
45
|
+
- !ruby/object:Gem::Version
|
46
|
+
version: "0"
|
47
|
+
type: :development
|
48
|
+
version_requirements: *id003
|
49
|
+
- !ruby/object:Gem::Dependency
|
50
|
+
name: bundler
|
51
|
+
prerelease: false
|
52
|
+
requirement: &id004 !ruby/object:Gem::Requirement
|
53
|
+
none: false
|
54
|
+
requirements:
|
55
|
+
- - ~>
|
56
|
+
- !ruby/object:Gem::Version
|
57
|
+
version: 1.0.0
|
58
|
+
type: :development
|
59
|
+
version_requirements: *id004
|
60
|
+
- !ruby/object:Gem::Dependency
|
61
|
+
name: jeweler
|
62
|
+
prerelease: false
|
63
|
+
requirement: &id005 !ruby/object:Gem::Requirement
|
64
|
+
none: false
|
65
|
+
requirements:
|
66
|
+
- - ~>
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
version: 1.6.0
|
69
|
+
type: :development
|
70
|
+
version_requirements: *id005
|
71
|
+
description: Ruby library and command line tool to search and contribute to cirt.net's default password database at http://cirt.net/passwords
|
72
|
+
email: <daniel-at securityroots.com>
|
73
|
+
executables:
|
74
|
+
- passdb
|
75
|
+
extensions: []
|
76
|
+
|
77
|
+
extra_rdoc_files:
|
78
|
+
- LICENSE.txt
|
79
|
+
- README.md
|
80
|
+
- Rakefile
|
81
|
+
files:
|
82
|
+
- bin/passdb
|
83
|
+
- lib/passdb.rb
|
84
|
+
- lib/passdb/cli.rb
|
85
|
+
- lib/passdb/entry.rb
|
86
|
+
- lib/passdb/version.rb
|
87
|
+
- spec/passdb_spec.rb
|
88
|
+
- spec/spec_helper.rb
|
89
|
+
- LICENSE.txt
|
90
|
+
- README.md
|
91
|
+
- Rakefile
|
92
|
+
has_rdoc: true
|
93
|
+
homepage: http://github.com/securityroots/passdb
|
94
|
+
licenses:
|
95
|
+
- MIT
|
96
|
+
post_install_message:
|
97
|
+
rdoc_options:
|
98
|
+
- --charset=UTF-8
|
99
|
+
require_paths:
|
100
|
+
- lib
|
101
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
102
|
+
none: false
|
103
|
+
requirements:
|
104
|
+
- - ">="
|
105
|
+
- !ruby/object:Gem::Version
|
106
|
+
version: "0"
|
107
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
108
|
+
none: false
|
109
|
+
requirements:
|
110
|
+
- - ">="
|
111
|
+
- !ruby/object:Gem::Version
|
112
|
+
version: "0"
|
113
|
+
requirements: []
|
114
|
+
|
115
|
+
rubyforge_project:
|
116
|
+
rubygems_version: 1.6.1
|
117
|
+
signing_key:
|
118
|
+
specification_version: 3
|
119
|
+
summary: Ruby interface to cirt.net's default password database
|
120
|
+
test_files:
|
121
|
+
- spec/passdb_spec.rb
|
122
|
+
- spec/spec_helper.rb
|