From a55ee552e0ffc71051f6219da2c65ef63e0f5fb9 Mon Sep 17 00:00:00 2001 From: Jack Biggs Date: Thu, 20 Apr 2023 17:46:05 +0100 Subject: [PATCH] modified: modules/generators/content/password_file/secgen_local/local.rb modified: modules/generators/content/password_file/templates/password_file.md.erb Password List now takes in an input of passwords separated by ',' and then appends to an array and then outputs a random one from the array of 10 passwords into the password list allowing for repeats. --- .../password_file/secgen_local/local.rb | 71 ++++--------------- .../templates/password_file.md.erb | 2 +- 2 files changed, 14 insertions(+), 59 deletions(-) diff --git a/modules/generators/content/password_file/secgen_local/local.rb b/modules/generators/content/password_file/secgen_local/local.rb index 37720cbd2..deea733a6 100644 --- a/modules/generators/content/password_file/secgen_local/local.rb +++ b/modules/generators/content/password_file/secgen_local/local.rb @@ -6,91 +6,46 @@ class PasswordFileGenerator < StringGenerator attr_accessor :website_sample attr_accessor :username_sample attr_accessor :pass_list - attr_accessor :password_1 - attr_accessor :password_2 - attr_accessor :password_3 - attr_accessor :password_4 - attr_accessor :password_5 LOCAL_DIR = File.expand_path('../../',__FILE__) TEMPLATE_PATH = "#{LOCAL_DIR}/templates/password_file.md.erb" def initialize super - self.password_1 = '' - self.password_2 = '' - self.password_3 = '' - self.password_4 = '' - self.password_5 = '' + self.pass_list = Array.new end def get_options_array - super + [['--password1', GetoptLong::OPTIONAL_ARGUMENT], - ['--password2', GetoptLong::OPTIONAL_ARGUMENT], - ['--password3', GetoptLong::OPTIONAL_ARGUMENT], - ['--password4', GetoptLong::OPTIONAL_ARGUMENT], - ['--password5', GetoptLong::OPTIONAL_ARGUMENT]] + super + [['--password1', GetoptLong::OPTIONAL_ARGUMENT]] end def process_options(opt, arg) super case opt when '--password1' - self.password_1 << arg; - when '--password2' - self.password_2 << arg; - when '--password3' - self.password_3 << arg; - when '--password4' - self.password_4 << arg; - when '--password5' - self.password_5 << arg; + arr = arg.split(',', -1) + arr.each{ |pass| + self.pass_list << pass.strip! + } end end def generate - pass_list = Array.new - passCount = 5 - - if self.password_1 != '' - passCount -= 1 - pass_list.append(self.password_1) - end - - if self.password_2 != '' - passCount -= 1 - pass_list.append(self.password_2) - end - - if self.password_3 != '' - passCount -= 1 - pass_list.append(self.password_3) - end - - if self.password_4 != '' - passCount -= 1 - pass_list.append(self.password_4) - end - - if self.password_5 != '' - passCount -= 1 - pass_list.append(self.password_5) - end + arrayLength = self.pass_list.length() pass_array = File.readlines('../../../../../lib/resources/wordlists/10_million_password_list_top_100') website_array = File.readlines('../../../../../lib/resources/linelists/top_100_websites') self.website_sample = website_array.sample(10) username_array = File.readlines('../../../../../lib/resources/wordlists/mythical_creatures') self.username_sample = username_array.sample(5) - if passCount == 0 - self.pass_sample = pass_array.sample(5) - elsif passCount < 5 - self.pass_sample = pass_array.sample(5-passCount) - self.pass_list.append(self.pass_sample) + if arrayLength == 0 + self.pass_list = pass_array.sample(10) + elsif arrayLength < 10 + while self.pass_list.length() < 10 + self.pass_list << pass_array.sample(1) + end end - pass_list.each { |pass| pass } - template_out = ERB.new(File.read(TEMPLATE_PATH), 0, '<>-') self.outputs << template_out.result(self.get_binding) end diff --git a/modules/generators/content/password_file/templates/password_file.md.erb b/modules/generators/content/password_file/templates/password_file.md.erb index 366874a47..d9756d30d 100644 --- a/modules/generators/content/password_file/templates/password_file.md.erb +++ b/modules/generators/content/password_file/templates/password_file.md.erb @@ -6,7 +6,7 @@ %> ## <%= wsite %> ### Username: <%= username_sample[website_count] %> -### Password: <%= pass_list[website_count] %> +### Password: <%= pass_list[rand(1..10)] %> <% website_count += 1 %> <% }