thieve 0.2.2 → 0.2.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/bin/thieve +22 -4
- data/lib/thieve/key_info.rb +3 -1
- data/lib/thieve.rb +53 -8
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c3ce17721ffd5395450d38f1aaa0bdf0859c0a23
|
|
4
|
+
data.tar.gz: 77079a0a8f8dad30201d31016b4eb9f0e3a1f35d
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d6e6f0ff52ff6b598d951448492f66e9570ff3d9e412c6c6d5bf6fe88250f6c77a23a074c2c0ac51da640c26d546c2dce35f48bc0155454b440908bf84f4c5ac
|
|
7
|
+
data.tar.gz: 977c35f9138c99eb9bf8704dfef8f9f0f695549f4e327423f0dac5efb1520d2546b603056c734ba792c9311eb2d68c69ee27b2107b91f2ae373e3acb88e93018
|
data/bin/thieve
CHANGED
|
@@ -19,6 +19,7 @@ def parse(args)
|
|
|
19
19
|
options = Hash.new
|
|
20
20
|
options["export"] = nil
|
|
21
21
|
options["ignore"] = Array.new
|
|
22
|
+
options["private"] = false
|
|
22
23
|
options["verbose"] = false
|
|
23
24
|
|
|
24
25
|
info = "Searches through provided directories, looking for " \
|
|
@@ -53,16 +54,31 @@ def parse(args)
|
|
|
53
54
|
|
|
54
55
|
opts.on(
|
|
55
56
|
"-i",
|
|
56
|
-
"--ignore=
|
|
57
|
-
"Ignore dirs/files matching
|
|
58
|
-
) do |
|
|
59
|
-
options["ignore"].push(
|
|
57
|
+
"--ignore=REGEX",
|
|
58
|
+
"Ignore dirs/files matching REGEX"
|
|
59
|
+
) do |regex|
|
|
60
|
+
options["ignore"].push(regex)
|
|
60
61
|
end
|
|
61
62
|
|
|
62
63
|
opts.on("--nocolor", "Disable colorized output") do
|
|
63
64
|
Hilighter.disable
|
|
64
65
|
end
|
|
65
66
|
|
|
67
|
+
opts.on(
|
|
68
|
+
"-p",
|
|
69
|
+
"--private-only",
|
|
70
|
+
"Only export/show private keys and matching certificates"
|
|
71
|
+
) do
|
|
72
|
+
options["private"] = true
|
|
73
|
+
end
|
|
74
|
+
|
|
75
|
+
opts.on("--version", "Show version") do
|
|
76
|
+
__FILE__.match(/thieve-(\d+\.\d+\.\d+)/) do |m|
|
|
77
|
+
puts m[1]
|
|
78
|
+
end
|
|
79
|
+
exit ThieveExit::GOOD
|
|
80
|
+
end
|
|
81
|
+
|
|
66
82
|
opts.on(
|
|
67
83
|
"-v",
|
|
68
84
|
"--verbose",
|
|
@@ -111,6 +127,8 @@ begin
|
|
|
111
127
|
end
|
|
112
128
|
thieve.find_matches
|
|
113
129
|
|
|
130
|
+
thieve.only_private(options["private"])
|
|
131
|
+
|
|
114
132
|
export_thread = nil
|
|
115
133
|
if (options["export"])
|
|
116
134
|
export_thread = Thread.new do
|
data/lib/thieve/key_info.rb
CHANGED
|
@@ -89,7 +89,9 @@ class Thieve::KeyInfo
|
|
|
89
89
|
when "PKCS12"
|
|
90
90
|
@openssl = OpenSSL::PKCS12.new(@key)
|
|
91
91
|
when "PRIVATE KEY", "PUBLIC KEY", "RSA PRIVATE KEY"
|
|
92
|
-
|
|
92
|
+
if (!@key.match(/ENCRYPTED/))
|
|
93
|
+
@openssl = OpenSSL::PKey::RSA.new(@key)
|
|
94
|
+
end
|
|
93
95
|
when "X509 CRL"
|
|
94
96
|
@openssl = OpenSSL::X509::CRL.new(@key)
|
|
95
97
|
else
|
data/lib/thieve.rb
CHANGED
|
@@ -25,13 +25,19 @@ class Thieve
|
|
|
25
25
|
end
|
|
26
26
|
private :display_exception
|
|
27
27
|
|
|
28
|
-
def export_loot(dir)
|
|
28
|
+
def export_loot(dir, priv_only = @private)
|
|
29
29
|
exported = Hash.new
|
|
30
30
|
@loot.each do |type, keys|
|
|
31
|
+
next if (priv_only && !type.match(/CERTIFICATE|PRIVATE/))
|
|
32
|
+
|
|
31
33
|
keys.each do |key|
|
|
34
|
+
if (priv_only && type.match(/CERTIFICATE/))
|
|
35
|
+
next if (key.match.nil?)
|
|
36
|
+
end
|
|
37
|
+
|
|
32
38
|
key.export(dir)
|
|
33
|
-
exported[
|
|
34
|
-
exported[
|
|
39
|
+
exported[type] ||= Hash.new
|
|
40
|
+
exported[type]["#{key.fingerprint}.#{key.ext}"] =
|
|
35
41
|
key.to_json
|
|
36
42
|
end
|
|
37
43
|
end
|
|
@@ -43,17 +49,32 @@ class Thieve
|
|
|
43
49
|
end
|
|
44
50
|
|
|
45
51
|
def extract_from(file)
|
|
46
|
-
|
|
52
|
+
footer = ""
|
|
53
|
+
headers = Array.new
|
|
47
54
|
key = ""
|
|
55
|
+
start = false
|
|
48
56
|
|
|
49
57
|
File.open(file).each do |line|
|
|
50
58
|
if (line.include?("-----BEGIN"))
|
|
51
|
-
|
|
59
|
+
footer = ""
|
|
60
|
+
headers.clear
|
|
52
61
|
key = ""
|
|
62
|
+
start = true
|
|
53
63
|
end
|
|
54
64
|
|
|
55
|
-
|
|
56
|
-
|
|
65
|
+
if (start)
|
|
66
|
+
# Don't include newlines for now
|
|
67
|
+
line = line.unpack("C*").pack("U*").strip
|
|
68
|
+
|
|
69
|
+
case line
|
|
70
|
+
when /^=[^=]+$/
|
|
71
|
+
footer = line
|
|
72
|
+
when /^.+:.+$/
|
|
73
|
+
headers.push(line)
|
|
74
|
+
else
|
|
75
|
+
key += line
|
|
76
|
+
end
|
|
77
|
+
end
|
|
57
78
|
|
|
58
79
|
if (line.include?("-----END"))
|
|
59
80
|
# Remove " + " or ' + '
|
|
@@ -84,7 +105,20 @@ class Thieve
|
|
|
84
105
|
keydata = k.scan(/.{,64}/).keep_if do |l|
|
|
85
106
|
!l.empty?
|
|
86
107
|
end
|
|
108
|
+
|
|
109
|
+
# Prepend headers
|
|
110
|
+
if (headers.any?)
|
|
111
|
+
keydata.insert(0, "")
|
|
112
|
+
keydata.insert(0, headers.join("\n"))
|
|
113
|
+
end
|
|
114
|
+
|
|
115
|
+
# Append footer
|
|
116
|
+
keydata.push(footer) if (!footer.empty?)
|
|
117
|
+
|
|
118
|
+
# Prepend BEGIN
|
|
87
119
|
keydata.insert(0, "-----BEGIN #{type}-----")
|
|
120
|
+
|
|
121
|
+
# Append END
|
|
88
122
|
keydata.push("-----END #{type}-----")
|
|
89
123
|
|
|
90
124
|
begin
|
|
@@ -149,6 +183,11 @@ class Thieve
|
|
|
149
183
|
|
|
150
184
|
@@hilight = hilight
|
|
151
185
|
@loot = Hash.new
|
|
186
|
+
@private = false
|
|
187
|
+
end
|
|
188
|
+
|
|
189
|
+
def only_private(priv)
|
|
190
|
+
@private = priv
|
|
152
191
|
end
|
|
153
192
|
|
|
154
193
|
def steal_from(filename, ignores = Array.new)
|
|
@@ -179,11 +218,17 @@ class Thieve
|
|
|
179
218
|
return @loot
|
|
180
219
|
end
|
|
181
220
|
|
|
182
|
-
def summarize_loot
|
|
221
|
+
def summarize_loot(priv_only = @private)
|
|
183
222
|
ret = Array.new
|
|
184
223
|
@loot.each do |type, keys|
|
|
224
|
+
next if (priv_only && !type.match(/CERTIFICATE|PRIVATE/))
|
|
225
|
+
|
|
185
226
|
ret.push(hilight_type(type))
|
|
186
227
|
keys.each do |key|
|
|
228
|
+
if (priv_only && type.match(/CERTIFICATE/))
|
|
229
|
+
next if (key.match.nil?)
|
|
230
|
+
end
|
|
231
|
+
|
|
187
232
|
ret.push("#{key.to_s}\n")
|
|
188
233
|
end
|
|
189
234
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: thieve
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.2.
|
|
4
|
+
version: 0.2.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Miles Whittaker
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-
|
|
11
|
+
date: 2017-08-29 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rake
|
|
@@ -103,7 +103,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
103
103
|
version: '0'
|
|
104
104
|
requirements: []
|
|
105
105
|
rubyforge_project:
|
|
106
|
-
rubygems_version: 2.6.
|
|
106
|
+
rubygems_version: 2.6.11
|
|
107
107
|
signing_key:
|
|
108
108
|
specification_version: 4
|
|
109
109
|
summary: Steal keys/certs
|