thieve 0.2.0 → 0.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/thieve/key_info.rb +20 -58
- data/lib/thieve.rb +26 -14
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 511125d4e5f3e0e7c7eba6d5c230bcccb56ff5ee
|
|
4
|
+
data.tar.gz: 187842c83f24c7028a58879a695d008b736c8f89
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 5236f38898f9a7ae1485c369f58bd7f55896e840383b9f3dfcc434e17057d43d7918f06ae7d861f6b4564869396fd823b48eb112d64423bdd56f958c6dbd38d1
|
|
7
|
+
data.tar.gz: c501c33a33a591b172909e217f5de7e0f0fcbe2c8f765aeab967930652eb885b3d48373ffebf788a2c54b159b6da9d9410891fd308bd5956f49ceda5ba1b0d02
|
data/lib/thieve/key_info.rb
CHANGED
|
@@ -57,87 +57,49 @@ class Thieve::KeyInfo
|
|
|
57
57
|
@file = file
|
|
58
58
|
@key = key
|
|
59
59
|
@match = nil
|
|
60
|
+
@openssl = nil
|
|
60
61
|
@type = type
|
|
61
62
|
|
|
62
63
|
case @type
|
|
63
64
|
when "CERTIFICATE"
|
|
64
65
|
@openssl = OpenSSL::X509::Certificate.new(@key)
|
|
65
|
-
|
|
66
|
-
@openssl.to_der
|
|
67
|
-
).to_s
|
|
68
|
-
when "CERTIFICATE REQUEST"
|
|
66
|
+
when /^(NEW )?CERTIFICATE REQUEST$/
|
|
69
67
|
@openssl = OpenSSL::X509::Request.new(@key)
|
|
70
|
-
|
|
71
|
-
@openssl.to_der
|
|
72
|
-
).to_s
|
|
73
|
-
when "DH PARAMETERS"
|
|
68
|
+
when "DH PARAMETERS", "DH PRIVATE KEY"
|
|
74
69
|
@openssl = OpenSSL::PKey::DH.new(@key)
|
|
75
|
-
@fingerprint = OpenSSL::Digest::SHA1.hexdigest(
|
|
76
|
-
@openssl.public_key.to_der
|
|
77
|
-
).to_s
|
|
78
|
-
when "DH PRIVATE KEY"
|
|
79
|
-
@openssl = OpenSSL::PKey::DH.new(@key)
|
|
80
|
-
@fingerprint = OpenSSL::Digest::SHA1.hexdigest(
|
|
81
|
-
@openssl.public_key.to_der
|
|
82
|
-
).to_s
|
|
83
70
|
when "DSA PRIVATE KEY"
|
|
84
71
|
@openssl = OpenSSL::PKey::DSA.new(@key)
|
|
85
|
-
|
|
86
|
-
@openssl.public_key.to_der
|
|
87
|
-
).to_s
|
|
88
|
-
when "EC PARAMETERS"
|
|
72
|
+
when "EC PARAMETERS", "EC PRIVATE KEY"
|
|
89
73
|
@openssl = OpenSSL::PKey::EC.new(@key)
|
|
90
|
-
|
|
91
|
-
@openssl.public_key.to_der
|
|
92
|
-
).to_s
|
|
93
|
-
when "EC PRIVATE KEY"
|
|
94
|
-
@openssl = OpenSSL::PKey::EC.new(@key)
|
|
95
|
-
@fingerprint = OpenSSL::Digest::SHA1.hexdigest(
|
|
96
|
-
@openssl.public_key.to_der
|
|
97
|
-
).to_s
|
|
98
|
-
when "PGP PRIVATE KEY BLOCK"
|
|
74
|
+
when /^PGP (PRIVATE|PUBLIC) KEY BLOCK$/
|
|
99
75
|
command = "gpg --with-fingerprint << EOF\n#{@key}\nEOF"
|
|
100
76
|
%x(#{command}).each_line do |line|
|
|
101
77
|
line.match(/Key fingerprint = (.*)/) do |m|
|
|
102
78
|
@fingerprint = m[1].gsub(" ", "").downcase
|
|
103
79
|
end
|
|
104
80
|
end
|
|
105
|
-
|
|
106
|
-
when "PGP PUBLIC KEY BLOCK"
|
|
107
|
-
command = "gpg --with-fingerprint << EOF\n#{@key}\nEOF"
|
|
108
|
-
%x(#{command}).each_line do |line|
|
|
109
|
-
line.match(/Key fingerprint = (.*)/) do |m|
|
|
110
|
-
@fingerprint = m[1].gsub(" ", "").downcase
|
|
111
|
-
end
|
|
112
|
-
end
|
|
113
|
-
@openssl = nil
|
|
114
|
-
when "PGP SIGNATURE"
|
|
81
|
+
#when "PGP SIGNATURE"
|
|
115
82
|
# Not really sure what to do with this
|
|
116
|
-
|
|
117
|
-
|
|
118
|
-
when "
|
|
119
|
-
@openssl = OpenSSL::
|
|
120
|
-
|
|
121
|
-
|
|
122
|
-
|
|
123
|
-
|
|
124
|
-
|
|
125
|
-
@fingerprint = OpenSSL::Digest::SHA1.hexdigest(
|
|
126
|
-
@openssl.public_key.to_der
|
|
127
|
-
).to_s
|
|
128
|
-
when "RSA PRIVATE KEY"
|
|
83
|
+
# TODO
|
|
84
|
+
#@fingerprint = Digest::SHA256.hexdigest(@file.to_s + @key)
|
|
85
|
+
when "PKCS5"
|
|
86
|
+
@openssl = OpenSSL::PKCS5.new(@key)
|
|
87
|
+
when "PKCS7"
|
|
88
|
+
@openssl = OpenSSL::PKCS7.new(@key)
|
|
89
|
+
when "PKCS12"
|
|
90
|
+
@openssl = OpenSSL::PKCS12.new(@key)
|
|
91
|
+
when "PRIVATE KEY", "PUBLIC KEY", "RSA PRIVATE KEY"
|
|
129
92
|
@openssl = OpenSSL::PKey::RSA.new(@key)
|
|
130
|
-
@fingerprint = OpenSSL::Digest::SHA1.hexdigest(
|
|
131
|
-
@openssl.public_key.to_der
|
|
132
|
-
).to_s
|
|
133
93
|
when "X509 CRL"
|
|
134
94
|
@openssl = OpenSSL::X509::CRL.new(@key)
|
|
95
|
+
else
|
|
96
|
+
@fingerprint = Digest::SHA256.hexdigest(@file.to_s + @key)
|
|
97
|
+
end
|
|
98
|
+
|
|
99
|
+
if (@openssl)
|
|
135
100
|
@fingerprint = OpenSSL::Digest::SHA1.new(
|
|
136
101
|
@openssl.to_der
|
|
137
102
|
).to_s
|
|
138
|
-
else
|
|
139
|
-
@fingerprint = Digest::SHA256.hexdigest(@file.to_s + @key)
|
|
140
|
-
@openssl = nil
|
|
141
103
|
end
|
|
142
104
|
end
|
|
143
105
|
|
data/lib/thieve.rb
CHANGED
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
require "base64"
|
|
1
2
|
require "fileutils"
|
|
2
3
|
require "hilighter"
|
|
3
4
|
require "io/wait"
|
|
@@ -8,6 +9,22 @@ require "scoobydoo"
|
|
|
8
9
|
class Thieve
|
|
9
10
|
attr_accessor :loot
|
|
10
11
|
|
|
12
|
+
def display_exception(e, file, keydata)
|
|
13
|
+
if (@@hilight)
|
|
14
|
+
$stderr.puts file.to_s.light_blue
|
|
15
|
+
keydata.each do |l|
|
|
16
|
+
$stderr.puts l.light_yellow
|
|
17
|
+
end
|
|
18
|
+
$stderr.puts e.message.white.on_red
|
|
19
|
+
else
|
|
20
|
+
$stderr.puts file
|
|
21
|
+
$stderr.puts keydata.join("\n")
|
|
22
|
+
$stderr.puts e.message
|
|
23
|
+
end
|
|
24
|
+
$stderr.puts
|
|
25
|
+
end
|
|
26
|
+
private :display_exception
|
|
27
|
+
|
|
11
28
|
def export_loot(dir)
|
|
12
29
|
exported = Hash.new
|
|
13
30
|
@loot.each do |type, keys|
|
|
@@ -37,7 +54,7 @@ class Thieve
|
|
|
37
54
|
|
|
38
55
|
if (line.include?("END"))
|
|
39
56
|
# Remove " + " or ' + '
|
|
40
|
-
key.gsub!(%r{["'] *\+ *["']}, "")
|
|
57
|
+
key.gsub!(%r{["'] *\+ *["']?|["']? *\+ *["']}, "")
|
|
41
58
|
|
|
42
59
|
# Remove bad characters
|
|
43
60
|
key.gsub!(%r{[^-A-Za-z0-9+/= ]+}, "")
|
|
@@ -54,6 +71,9 @@ class Thieve
|
|
|
54
71
|
|
|
55
72
|
# Scan for valid key
|
|
56
73
|
key.scan(%r{#{key_regex}}) do |m, type, k|
|
|
74
|
+
# Ignore breakpad microdumps
|
|
75
|
+
next if (type.match(/BREAKPAD MICRODUMP/))
|
|
76
|
+
|
|
57
77
|
# Remove spaces from key
|
|
58
78
|
k.gsub!(/ +/, "")
|
|
59
79
|
|
|
@@ -64,8 +84,11 @@ class Thieve
|
|
|
64
84
|
keydata.insert(0, "-----BEGIN #{type}-----")
|
|
65
85
|
keydata.push("-----END #{type}-----")
|
|
66
86
|
|
|
67
|
-
@loot[type] ||= Array.new
|
|
68
87
|
begin
|
|
88
|
+
# Ensure key is base64 data
|
|
89
|
+
Base64.strict_decode64(k)
|
|
90
|
+
|
|
91
|
+
@loot[type] ||= Array.new
|
|
69
92
|
@loot[type].push(
|
|
70
93
|
Thieve::KeyInfo.new(
|
|
71
94
|
file,
|
|
@@ -74,18 +97,7 @@ class Thieve
|
|
|
74
97
|
)
|
|
75
98
|
)
|
|
76
99
|
rescue Exception => e
|
|
77
|
-
|
|
78
|
-
$stderr.puts file.to_s.light_blue
|
|
79
|
-
keydata.each do |l|
|
|
80
|
-
$stderr.puts l.light_yellow
|
|
81
|
-
end
|
|
82
|
-
$stderr.puts e.message.white.on_red
|
|
83
|
-
else
|
|
84
|
-
$stderr.puts file
|
|
85
|
-
$stderr.puts keydata.join("\n")
|
|
86
|
-
$stderr.puts e.message
|
|
87
|
-
end
|
|
88
|
-
$stderr.puts
|
|
100
|
+
display_exception(e, file, keydata)
|
|
89
101
|
end
|
|
90
102
|
end
|
|
91
103
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: thieve
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.2.
|
|
4
|
+
version: 0.2.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Miles Whittaker
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-04-
|
|
11
|
+
date: 2017-04-14 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rake
|