PageRenderTime 39ms CodeModel.GetById 9ms RepoModel.GetById 0ms app.codeStats 0ms

/linkedfs/usr/share/nmap/nselib/unpwdb.lua

https://bitbucket.org/harakiri/trk
Lua | 161 lines | 84 code | 30 blank | 47 comment | 18 complexity | 3dedf8d7a2689bda1bafb3629f0e3075 MD5 | raw file
Possible License(s): GPL-2.0, MIT, LGPL-3.0 
    

  1. --- Username/password database library.
    2. 

  2. --
    3. 

  3. -- The <code>usernames</code> and <code>passwords</code> functions return
    4. 

  4. -- multiple values for use with exception handling via
    5. 

  5. -- <code>nmap.new_try</code>. The first value is the Boolean success
    6. 

  6. -- indicator, the second value is the closure.
    7. 

  7. --
    8. 

  8. -- The closures can take an argument of <code>"reset"</code> to rewind the list
    9. 

  9. -- to the beginning.
    10. 

  10. --
    11. 

  11. -- You can select your own username and/or password database to read from with
    12. 

  12. -- the script arguments <code>userdb</code> and <code>passdb</code>,
    13. 

  13. -- respectively.  Comments are allowed in these files, prefixed with
    14. 

  14. -- <code>"#!comment:"</code>.  Comments cannot be on the same line as a
    15. 

  15. -- username or password because this leaves too much ambiguity, e.g. does the
    16. 

  16. -- password in <code>"mypass  #!comment: blah"</code> contain a space, two
    17. 

  17. -- spaces, or do they just separate the password from the comment?
    18. 

  18. --
    19. 

  19. -- @args userdb The filename of an alternate username database.
    20. 

  20. -- @args passdb The filename of an alternate password database.
    21. 

  21. -- @author Kris Katterjohn 06/2008
    22. 

  22. -- @copyright Same as Nmap--See http://nmap.org/book/man-legal.html
    23. 

  23. 

  24. module(... or "unpwdb", package.seeall)
    25. 

  25. 

  26. local usertable = {}
    27. 

  27. local passtable = {}
    28. 

  28. 

  29. local customdata = false
    30. 

  30. 

  31. -- So I don't have to type as much :)
    32. 

  32. local args = nmap.registry.args
    33. 

  33. 

  34. local userfile = function()
    35. 

  35. 	if args.userdb then
    36. 

  36. 		customdata = true
    37. 

  37. 		return args.userdb
    38. 

  38. 	end
    39. 

  39. 

  40. 	return nmap.fetchfile("nselib/data/usernames.lst")
    41. 

  41. end
    42. 

  42. 

  43. local passfile = function()
    44. 

  44. 	if args.passdb then
    45. 

  45. 		customdata = true
    46. 

  46. 		return args.passdb
    47. 

  47. 	end
    48. 

  48. 

  49. 	return nmap.fetchfile("nselib/data/passwords.lst")
    50. 

  50. end
    51. 

  51. 

  52. local filltable = function(filename, table)
    53. 

  53. 	if #table ~= 0 then
    54. 

  54. 		return true
    55. 

  55. 	end
    56. 

  56. 

  57. 	local file = io.open(filename, "r")
    58. 

  58. 

  59. 	if not file then
    60. 

  60. 		return false
    61. 

  61. 	end
    62. 

  62. 

  63. 	while true do
    64. 

  64. 		local l = file:read()
    65. 

  65. 

  66. 		if not l then
    67. 

  67. 			break
    68. 

  68. 		end
    69. 

  69. 

  70. 		-- Comments takes up a whole line
    71. 

  71. 		if not l:match("#!comment:") then
    72. 

  72. 			table[#table + 1] = l
    73. 

  73. 		end
    74. 

  74. 	end
    75. 

  75. 

  76. 	file:close()
    77. 

  77. 

  78. 	return true
    79. 

  79. end
    80. 

  80. 

  81. local closure = function(table)
    82. 

  82. 	local i = 1
    83. 

  83. 

  84. 	return function(cmd)
    85. 

  85. 		if cmd == "reset" then
    86. 

  86. 			i = 1
    87. 

  87. 			return
    88. 

  88. 		end
    89. 

  89. 		local elem = table[i]
    90. 

  90. 		if elem then i = i + 1 end
    91. 

  91. 		return elem
    92. 

  92. 	end
    93. 

  93. end
    94. 

  94. 

  95. --- Returns the suggested number of seconds to attempt a brute force attack,
    96. 

  96. -- based on Nmap's timing values (<code>-T4</code> etc.) and whether or not a
    97. 

  97. -- user-defined list is used.
    98. 

  98. --
    99. 

  99. -- You can use the script argument <code>notimelimit</code> to make this
    100. 

  100. -- function return <code>nil</code>, which means the brute-force should run
    101. 

  101. -- until the list is empty. If <code>notimelimit</code> is not used, be sure to
    102. 

  102. -- still check for <code>nil</code> return values on the above two functions in
    103. 

  103. -- case you finish before the time limit is up.
    104. 

  104. timelimit = function()
    105. 

  105.    -- If we're reading from a user-defined username or password list,
    106. 

  106.    -- we'll give them a timeout 1.5x the default.  If the "notimelimit"
    107. 

  107.    -- script argument is used, we return nil.
    108. 

  108. 	local t = nmap.timing_level()
    109. 

  109. 

  110. 	-- Easy enough
    111. 

  111. 	if args.notimelimit then
    112. 

  112. 		return nil
    113. 

  113. 	end
    114. 

  114. 

  115. 	if t <= 3 then
    116. 

  116. 		return (customdata and 900) or 600
    117. 

  117. 	elseif t == 4 then
    118. 

  118. 		return (customdata and 450) or 300
    119. 

  119. 	elseif t == 5 then
    120. 

  120. 		return (customdata and 270) or 180
    121. 

  121. 	end
    122. 

  122. end
    123. 

  123. 

  124. --- Returns a function closure which returns a new username with every call
    125. 

  125. -- until the username list is exhausted (in which case it returns
    126. 

  126. -- <code>nil</code>).
    127. 

  127. -- @return boolean Status.
    128. 

  128. -- @return function The usernames iterator.
    129. 

  129. usernames = function()
    130. 

  130. 	local path = userfile()
    131. 

  131. 

  132. 	if not path then
    133. 

  133. 		return false, "Cannot find username list"
    134. 

  134. 	end
    135. 

  135. 

  136. 	if not filltable(path, usertable) then
    137. 

  137. 		return false, "Error parsing username list"
    138. 

  138. 	end
    139. 

  139. 

  140. 	return true, closure(usertable)
    141. 

  141. end
    142. 

  142. 

  143. --- Returns a function closure which returns a new password with every call
    144. 

  144. -- until the password list is exhausted (in which case it returns
    145. 

  145. -- <code>nil</code>).
    146. 

  146. -- @return boolean Status.
    147. 

  147. -- @return function The passwords iterator.
    148. 

  148. passwords = function()
    149. 

  149. 	local path = passfile()
    150. 

  150. 

  151. 	if not path then
    152. 

  152. 		return false, "Cannot find password list"
    153. 

  153. 	end
    154. 

  154. 

  155. 	if not filltable(path, passtable) then
    156. 

  156. 		return false, "Error parsing password list"
    157. 

  157. 	end
    158. 

  158. 

  159. 	return true, closure(passtable)
    160. 

  160. end
    161. 

  161. 

  162.