From 4a725f30728f6893f6c9cd56885cf36a28e67b0a Mon Sep 17 00:00:00 2001 From: Jack Biggs Date: Sun, 16 Apr 2023 15:41:31 +0100 Subject: [PATCH] new file: lib/resources/linelists/top_100_websites modified: modules/generators/content/password_file/secgen_local/local.rb modified: modules/generators/content/password_file/secgen_metadata.xml modified: modules/generators/content/password_file/templates/password_file.md.erb Added top_100_websites and set the program to take in 5 passwords from inputs --- lib/resources/linelists/top_100_websites | 100 ++++++++++++++++++ .../password_file/secgen_local/local.rb | 97 +++++++++++++++-- .../content/password_file/secgen_metadata.xml | 6 +- .../templates/password_file.md.erb | 2 +- 4 files changed, 192 insertions(+), 13 deletions(-) create mode 100644 lib/resources/linelists/top_100_websites diff --git a/lib/resources/linelists/top_100_websites b/lib/resources/linelists/top_100_websites new file mode 100644 index 000000000..2c94bcb9b --- /dev/null +++ b/lib/resources/linelists/top_100_websites @@ -0,0 +1,100 @@ +https://www.google.com +https://www.youtube.com +https://www.facebook.com +https://www.amazon.com +https://www.wikipedia.org +https://www.twitter.com +https://www.instagram.com +https://www.linkedin.com +https://www.yahoo.com +https://www.reddit.com +https://www.microsoft.com +https://www.netflix.com +https://www.sina.com +https://www.zoom.us +https://www.pinterest.com +https://www.teams.microsoft.com +https://www.apple.com +https://www.bing.com +https://www.github.com +https://www.imdb.com +https://www.aliexpress.com +https://www.bilibili.com +https://www.twitch.tv +https://www.stackoverflow.com +https://www.alibaba.com +https://www.adobe.com +https://www.espn.com +https://www.office365.com +https://www.nytimes.com +https://www.dropbox.com +https://www.salesforce.com +https://www.hulu.com +https://www.indeed.com +https://www.wikipedia.com +https://www.microsoftonline.com +https://www.walmart.com +https://www.paypal.com +https://www.zillow.com +https://www.ebay.com +https://www.cnn.com +https://www.spotify.com +https://www.weibo.com +https://www.roblox.com +https://www.oracle.com +https://www.booking.com +https://www.quora.com +https://www.foxnews.com +https://www.dropboxusercontent.com +https://www.nike.com +https://www.adp.com +https://www.craigslist.org +https://www.foxsports.com +https://www.cnbc.com +https://www.bbc.com +https://www.booking.com +https://www.ups.com +https://www.abcnews.go.com +https://www.naver.com +https://www.theguardian.com +https://www.boston.com +https://www.att.com +https://www.medicalnewstoday.com +https://www.ign.com +https://www.sony.com +https://www.stripe.com +https://www.groupon.com +https://www.nbcnews.com +https://www.theverge.com +https://www.cnet.com +https://www.macys.com +https://www.realtor.com +https://www.fidelity.com +https://www.glassdoor.com +https://www.weather.com +https://www.xfinity.com +https://www.merriam-webster.com +https://www.buzzfeed.com +https://www.legacy.com +https://www.usatoday.com +https://www.fandango.com +https://www.wellsfargo.com +https://www.homedepot.com +https://www.webex.com +https://www.allrecipes.com +https://www.weforum.org +https://www.ca.gov +https://www.npr.org +https://www.ikea.com +https://www.surveymonkey.com +https://www.nintendo.com +https://www.zdnet.com +https://www.speedtest.net +https://www.bloomberg.com +https://www.zillow.com +https://www.whitepages.com +https://www.quickenloans.com +https://www.washingtonpost.com +https://www.dailymail.co.uk +https://www.cbssports.com +https://www.buzzfeednews.com diff --git a/modules/generators/content/password_file/secgen_local/local.rb b/modules/generators/content/password_file/secgen_local/local.rb index 9c7da568c..37720cbd2 100644 --- a/modules/generators/content/password_file/secgen_local/local.rb +++ b/modules/generators/content/password_file/secgen_local/local.rb @@ -5,21 +5,96 @@ require 'fileutils' class PasswordFileGenerator < StringGenerator attr_accessor :website_sample attr_accessor :username_sample - attr_accessor :pass_sample + attr_accessor :pass_list + attr_accessor :password_1 + attr_accessor :password_2 + attr_accessor :password_3 + attr_accessor :password_4 + attr_accessor :password_5 LOCAL_DIR = File.expand_path('../../',__FILE__) TEMPLATE_PATH = "#{LOCAL_DIR}/templates/password_file.md.erb" - def generate - - website_array = File.readlines('../../../../../lib/resources/linelists/top-100-websites.txt') - self.website_sample = website_array.sample(10) - username_array = File.readlines('../../../../../lib/resources/wordlists/mythical_creatures') - self.username_sample = username_array.sample(5) - pass_array = File.readlines('../../../../../lib/resources/wordlists/10_million_password_list_top_100') - self.pass_sample = pass_array.sample(10) - template_out = ERB.new(File.read(TEMPLATE_PATH), 0, '<>-') - self.outputs << template_out.result(self.get_binding) + def initialize + super + self.password_1 = '' + self.password_2 = '' + self.password_3 = '' + self.password_4 = '' + self.password_5 = '' end + + def get_options_array + super + [['--password1', GetoptLong::OPTIONAL_ARGUMENT], + ['--password2', GetoptLong::OPTIONAL_ARGUMENT], + ['--password3', GetoptLong::OPTIONAL_ARGUMENT], + ['--password4', GetoptLong::OPTIONAL_ARGUMENT], + ['--password5', GetoptLong::OPTIONAL_ARGUMENT]] + end + + def process_options(opt, arg) + super + case opt + when '--password1' + self.password_1 << arg; + when '--password2' + self.password_2 << arg; + when '--password3' + self.password_3 << arg; + when '--password4' + self.password_4 << arg; + when '--password5' + self.password_5 << arg; + end + end + +def generate + pass_list = Array.new + passCount = 5 + + if self.password_1 != '' + passCount -= 1 + pass_list.append(self.password_1) + end + + if self.password_2 != '' + passCount -= 1 + pass_list.append(self.password_2) + end + + if self.password_3 != '' + passCount -= 1 + pass_list.append(self.password_3) + end + + if self.password_4 != '' + passCount -= 1 + pass_list.append(self.password_4) + end + + if self.password_5 != '' + passCount -= 1 + pass_list.append(self.password_5) + end + + pass_array = File.readlines('../../../../../lib/resources/wordlists/10_million_password_list_top_100') + website_array = File.readlines('../../../../../lib/resources/linelists/top_100_websites') + self.website_sample = website_array.sample(10) + username_array = File.readlines('../../../../../lib/resources/wordlists/mythical_creatures') + self.username_sample = username_array.sample(5) + + if passCount == 0 + self.pass_sample = pass_array.sample(5) + elsif passCount < 5 + self.pass_sample = pass_array.sample(5-passCount) + self.pass_list.append(self.pass_sample) + end + + pass_list.each { |pass| pass } + + template_out = ERB.new(File.read(TEMPLATE_PATH), 0, '<>-') + self.outputs << template_out.result(self.get_binding) +end + # Returns binding for erb files (access to variables in this classes scope) # @return binding diff --git a/modules/generators/content/password_file/secgen_metadata.xml b/modules/generators/content/password_file/secgen_metadata.xml index 310983ea5..e597393fa 100644 --- a/modules/generators/content/password_file/secgen_metadata.xml +++ b/modules/generators/content/password_file/secgen_metadata.xml @@ -13,7 +13,11 @@ local_calculation linux + password1 + passwrod2 + password3 + password4 + password5 - generated_strings diff --git a/modules/generators/content/password_file/templates/password_file.md.erb b/modules/generators/content/password_file/templates/password_file.md.erb index f25647864..366874a47 100644 --- a/modules/generators/content/password_file/templates/password_file.md.erb +++ b/modules/generators/content/password_file/templates/password_file.md.erb @@ -6,7 +6,7 @@ %> ## <%= wsite %> ### Username: <%= username_sample[website_count] %> -### Password: <%= pass_sample[website_count] %> +### Password: <%= pass_list[website_count] %> <% website_count += 1 %> <% }