violent_ruby 1.0.4 → 1.0.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: b1dafdff77f5875eee8bd1629af9b805a0a8c24d
-  data.tar.gz: c04e039813841ff1856a7cdc8d83db41794bfe6f
+  metadata.gz: 33a58cf1850ba7c2fe34a78184003df715f38d6e
+  data.tar.gz: '09cdc0184b90dd093962ce68fe70ee7dd25fdb11'
 SHA512:
-  metadata.gz: cd49eeea77a3493608bf8ee9ad61d87c39f4c81406e411d5403f1506776d3c6474490df36731913c32b00adba9aa1f3b70ecd2d3e723c5b57391a7ef9029e0fd
-  data.tar.gz: c170107b1ba0be86d23dedad1e16086711610d0382bdd59f6c020252479ddfc63032c7ad1ffd6dc7917e15872f7a3869958c1b60b198cfb1563a1dd63cd81a1b
+  metadata.gz: 96e247c8c71dab2d7db255fd1c33c4f3e15c1e8059c1ea5d18d6b40a55d2667d2cf37aa3e489d0774af4c3f01742f8dc948b223cea650c42b65dff6b86d8464c
+  data.tar.gz: df39fec11d77efe459c475cfb85552c2808c6055933a64ce448cdc67f187896067e7c23d102c7ecf8b4fc7f56336465c4fa933c4cd76278d95657e4a356f9e0e

data/lib/violent_ruby/unix_password_cracker/unix_password_cracker.rb

@@ -3,55 +3,77 @@ module ViolentRuby
   # crack unix passwords. Because all hackers totes do this.
   # @author Kent 'picat' Gruber
   #
-  # == Create a new Unix Password Cracker
-  # In order for the password cracker to work, we're going to need a +dictionary+,
-  # and an /etc/passwd +file+ we want to crack.
-  #
   # @example Basic Usage
-  #   config = { file: "/etc/passwd", dictionry: "dictionary.txt" }
+  #   config = { file: "/etc/passwd", dictionary: "dictionary.txt" }
+  #
   #   upc = ViolentRuby::UnixPasswordCracker.new(config)
-  #   upc.crack! 
+  #
+  #   upc.crack do |result|
+  #     next unless result[:cracked]
+  #     puts "Cracked #{result[:username]}'s password: #{result[:plaintext_password]}"
+  #   end
+  #  
   class UnixPasswordCracker
-    # @attr [String] file Path to /etc/passwd file.
+    # @!attribute file 
+    #   @return [String] Path to the /etc/passwd file. 
     attr_accessor :file
-    # @attr [String] dictionary Path to dictionary file.
+    
+    # @!attribute dictionary 
+    #   @return [String] Path to dictionary file.
     attr_accessor :dictionary
 
+    alias etc file
+
     # Create a new Unix Password Cracker.
+    # 
+    # @param  args [Hash]   The options to create a new Unix Password Cracker.
+    # @option args [String] :file       The path to an /etc/passwd file.
+    # @option args [String] :dictionary The path to a dictionry of passwords.
     #
-    # @param [Hash] args The options to create a new Unix Password Cracker.
-    # @param args [String] :file The path to an /etc/passwd file.
-    # @param args [String] :dictionary The path to a dictionry of passwords.
+    # @return [UnixPasswordCracker]
     def initialize(args = {})
-      @file       = false
-      @dictionary = false
-      if args[:file] && File.readable?(args[:file])
-        @file        = args[:file]
-        @credentials = parse_etc_file(file: args[:file])
-      end
-      return unless args[:dictionary]
-      return unless File.readable?(args[:dictionary])
-      @dictionary = args[:dictionary]
+      @file       = args[:file]       if args[:file]
+      @dictionary = args[:dictionary] if args[:dictionary]
     end
 
     # Parse a unix /etc/passwd file into a more mangeable form.
     #
-    # @param [Hash] args The options when parsing the file.
-    # @param args [String] :file The path to an /etc/passwd file.
-    # @param args [Boolean] :users Specify that only users should be returned ( default: +false+ ).
-    # @param args [Boolean] :passwords Specify that only passwords should be returned ( default: +false+ ).
+    # @example Basic Usage
+    #   upc = ViolentRuby::UnixPasswordCracker.new
+    #   upc.parse_etc_file(file: 'passwords.txt')
+    #   # {"victim" => "HX9LLTdc/jiDE", "root" => "DFNFxgW7C05fo"}
+    #
+    # @example Super Advanced Usage
+    #   ViolentRuby::UnixPasswordCracker.new.parse_etc_file(file: 'passwords.txt') do |user, pass|
+    #     puts user + ' ' + pass
+    #   end
+    #   # victim HX9LLTdc/jiDE
+    #   # root DFNFxgW7C05fo
+    #
+    # @param  args [Hash]    The options when parsing the file.
+    # @option args [String]  :file      The path to an /etc/passwd file.
+    # @option args [Boolean] :users     Specify that only users should be returned ( default: +false+ ).
+    # @option args [Boolean] :passwords Specify that only passwords should be returned ( default: +false+ ).
+    #
     # @return [Hash]
     def parse_etc_file(args = {})
-      raise 'No /etc/passwd file given.' unless args[:file]
-      raise "File #{args[:file]} not readable!" unless File.readable?(args[:file])
+      # Readlines from /etc/passwd file.
       lines = File.readlines(args[:file]).collect do |line|
         line unless line.split(':').first.chars.first.include?('#')
       end
-      users = lines.collect { |x| x.split(':')[0] }.map(&:strip)
-      return users if args[:users]
+      
+      # Collect the users and passwords from the lines.
+      users     = lines.collect { |x| x.split(':')[0] }.map(&:strip)
       passwords = lines.collect { |x| x.split(':')[1] }.map(&:strip)
+      
+      # Friendly behavior to return just users or passwords.
+      return users     if args[:users]
       return passwords if args[:passwords]
+      
+      # Zip'm together into a hash.
       users_passwords = Hash[users.zip(passwords)]
+      
+      # Yield each pair when a block is given, or return all at once.
       if block_given?
         users_passwords.each do |user, password|
           yield user, password
@@ -62,22 +84,35 @@ module ViolentRuby
     end
 
     # Crack unix passwords.
+    # 
+    # @example Basic Usage
+    #   ViolentRuby::UnixPasswordCracker.new(file: "passwords.txt", dictionary: "dictionary.txt").crack_passwords do |result|
+    #     next unless result[:cracked]
+    #     puts "Cracked #{result[:username]}'s password: #{result[:plaintext_password]}"
+    #   end
     #
-    # @param [Hash] args The options when crack'n some passwords.
-    # @param args [String] :file The path to an /etc/passwd file.
-    # @param args [String] :dictionary The path to a dictionry of passwords.
-    # @return [Array<Hash>]
+    # @param  args [Hash]   The options when crack'n some passwords.
+    # @option args [String] :file       The path to an /etc/passwd file.
+    # @option args [String] :dictionary The path to a dictionry of passwords.
+    #
+    # @yield [Hash]
     def crack_passwords(args = {})
+      # Use the file and dictionry instance variables or the arguments.
       file = args[:file]       || @file
       dict = args[:dictionary] || @dictionary
-      results = []
+      # Parse the given /etc/passwd file and compare with the dictionary.
       parse_etc_file(file: file) do |user, password|
         File.readlines(dict).map(&:strip).each do |word|
-          results << format_result(user, password, word) if cracked?(password, word)
+          if cracked?(password, word)
+            yield format_result(user, password, word)
+          else
+            yield format_result(user, password)
+          end
         end
       end
-      results
     end
+    
+    alias crack crack_passwords
 
     alias crack! crack_passwords
 
@@ -88,11 +123,25 @@ module ViolentRuby
     # Check if a given encrypted password matches a given plaintext
     # word when the same crytographic operation is performed on it.
     #
-    # @param [String] encrypted_password The encrypted password to check against.
-    # @param [String] word The plaintext password to check against.
+    # @example Basic Usage
+    #   ViolentRuby::UnixPasswordCracker.new.check_password('HX9LLTdc/jiDE', 'egg')
+    #   # true
+    #
+    # @example Advanced Usage
+    #   ViolentRuby::UnixPasswordCracker.new.check_password('HXA82SzTqypHA', 'egg ')
+    #   # false
+    #   
+    #   ViolentRuby::UnixPasswordCracker.new.check_password('HXA82SzTqypHA', 'egg ', false)
+    #   # true 
+    #
+    # @param encrypted_password [String] The encrypted password to check against.
+    # @param plaintext_password [String] The plaintext password to check against.
+    # @param strip              [Boolean] Strip trailing spaces and newlines from word ( default: +true+ )
+    #
     # @return [Boolean]
-    def check_password(encrypted_password, word)
-      if word.strip.crypt(encrypted_password[0, 2]) == encrypted_password
+    def check_password(encrypted_password, plaintext_password, strip = true)
+      plaintext_password.strip! if strip # sometimes passwords have trailing spaces
+      if plaintext_password.crypt(encrypted_password[0, 2]) == encrypted_password
         true
       else
         false
@@ -106,12 +155,22 @@ module ViolentRuby
     # @api private
     # Format the results for the password crack'n.
     #
-    # @param [String] user
-    # @param [String] encrypted_pass
-    # @param [String] plaintext_pass 
+    # @param user           [String] 
+    # @param encrypted_pass [String] 
+    # @param plaintext_pass [String] 
+    #
     # @return [Hash] 
-    def format_result(user, encrypted_pass, plaintext_pass)
-      { username: user, encrypted_password: encrypted_pass, plaintext_password: plaintext_pass } 
+    def format_result(user, encrypted_pass, plaintext_pass = false)
+      result = {}
+      if plaintext_pass
+        result[:cracked] = true
+      else
+        result[:cracked] = false
+      end
+      result[:username]           = user
+      result[:encrypted_password] = encrypted_pass 
+      result[:plaintext_password] = plaintext_pass if plaintext_pass
+      result
     end
   end
 end

data/lib/violent_ruby/version.rb

@@ -1,3 +1,3 @@
 module ViolentRuby
-  VERSION = "1.0.4"
+  VERSION = "1.0.5"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: violent_ruby
 version: !ruby/object:Gem::Version
-  version: 1.0.4
+  version: 1.0.5
 platform: ruby
 authors:
 - Kent Gruber
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-04-14 00:00:00.000000000 Z
+date: 2017-04-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: net-ssh