More style and comments

h00die · Dec 30, 2024 · 1d97e7e · 1d97e7e
1 parent a426b41
commit 1d97e7e
Show file tree

Hide file tree

Showing 5 changed files with 83 additions and 49 deletions.
diff --git a/.github/workflows/weekly-data-and-external-tool-updater.yml b/.github/workflows/weekly-data-and-external-tool-updater.yml
@@ -56,15 +56,6 @@ jobs:
           ruby tools/dev/update_user_agent_strings.rb
           ruby tools/dev/check_external_scripts.rb -u
 
-      #- name: Commit changes
-      #  run: |
-      #    git config --global user.name "github-actions[bot]"
-      #    git config --global user.email "github-actions[bot]@users.noreply.github.com"
-      #    git add .
-      #    git commit -m "Weekly Data update" || echo "No changes to commit"
-      #    git branch weekly-updates
-      #    git checkout weekly-updates
-      #    git push origin weekly-updates
 
       - name: Remove vendor folder # prevent git from adding it
         run: rm -rf vendor
@@ -79,6 +70,7 @@ jobs:
           committer: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
           author: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
           title: "Weekly Data Update"
+          draft: false
           body: |
             This pull request was created automatically by a GitHub Action to update data files and external scripts.
             The following tools were run:
@@ -87,4 +79,25 @@ jobs:
             - ruby tools/dev/update_joomla_components.rb
             - ruby tools/dev/update_user_agent_strings.rb
             - ruby tools/dev/check_external_scripts.rb -u
-          draft: false
+
+            ## Verification
+
+            ### Wordpress/Joomla Files
+            - [ ] Do a sanity check, do the additions look legit?
+            - [ ] Start `msfconsole`
+            - [ ] `use modules/auxiliary/scanner/http/wordpress_scanner`
+            - [ ] **Verify** it runs
+
+            ### JTR Files
+            - [ ] Do a sanity check, do the additions look legit?
+            - [ ] See https://docs.metasploit.com/docs/using-metasploit/intermediate/hashes-and-password-cracking.html#example-hashes for hashes and cracking
+
+            ### SharpHound
+            - [ ] Start `msfconsole`
+            - [ ] get a shell on a DC or box connected to a dc
+            - [ ] `use post/windows/gather/bloodhound`
+            - [ ] `set session`
+            - [ ] `run`
+            - [ ] **Verify** it runs w/o erroring
+            - [ ] `set method disk`
+            - [ ] **Verify** it runs w/o erroring
diff --git a/lib/rex/user_agent.rb b/lib/rex/user_agent.rb
@@ -9,16 +9,16 @@ module Rex::UserAgent
   # Taken from https://www.whatismybrowser.com/guides/the-latest-user-agent/
   #
   COMMON_AGENTS = [
-    'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36', # Chrome Windows
-    'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36', # Chrome MacOS
+    'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36', # Chrome Windows
+    'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36', # Chrome MacOS
 
-    'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Edg/129.0.2792.79', # Edge Windows
+    'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Edg/131.0.2903.86', # Edge Windows
 
-    'Mozilla/5.0 (iPad; CPU OS 17_7 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.0 Mobile/15E148 Safari/604.1', # Safari iPad
-    'Mozilla/5.0 (Macintosh; Intel Mac OS X 14_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.0 Safari/605.1.15', # Safari MacOS
+    'Mozilla/5.0 (iPad; CPU OS 17_7_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Mobile/15E148 Safari/604.1', # Safari iPad
+    'Mozilla/5.0 (Macintosh; Intel Mac OS X 14_7_2) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.15', # Safari MacOS
 
-    'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0', # Firefox Windows
-    'Mozilla/5.0 (Macintosh; Intel Mac OS X 14.7; rv:131.0) Gecko/20100101 Firefox/131.0' # Firefox MacOS
+    'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:133.0) Gecko/20100101 Firefox/133.0', # Firefox Windows
+    'Mozilla/5.0 (Macintosh; Intel Mac OS X 14.7; rv:133.0) Gecko/20100101 Firefox/133.0' # Firefox MacOS
   ]
 
   #

diff --git a/tools/dev/update_joomla_components.rb b/tools/dev/update_joomla_components.rb
@@ -1,9 +1,6 @@
 #!/usr/bin/env ruby
 # -*- coding: binary -*-
 
-#
-# Update modules/auxiliary/scanner/http/wordpress_scanner.rb to have the most
-# up to date list of vuln components based on exploits/scanners in the framework
 #
 # by h00die
 #
@@ -12,7 +9,9 @@
 require 'net/http'
 require 'uri'
 optparse = OptionParser.new do |opts|
-  opts.banner = 'Usage: update_joomla_components.rb [options]'
+  opts.banner = 'Usage: ruby tools/dev/update_joomla_components.rb [options]'
+  opts.separator "This program updates data/wordlists/joomla.txt which is used by modules/auxiliary/scanner/http/joomla_scanner.rb to have the most up-to-date list of vuln components"
+  opts.separator ""
   opts.on('-h', '--help', 'Display this screen.') do
     puts opts
     exit

diff --git a/tools/dev/update_user_agent_strings.rb b/tools/dev/update_user_agent_strings.rb
@@ -1,23 +1,48 @@
+#!/usr/bin/env ruby
+# -*- coding: binary -*-
+
+require 'optparse'
 require 'net/http'
 require 'uri'
-
-def fetch_user_agent(url, regex)
-  uri = URI.parse(url)
-  response = Net::HTTP.get(uri)
-  match = response.match(Regexp.new(regex))
-  match ? match[1] : nil
+optparse = OptionParser.new do |opts|
+  opts.banner = 'Usage: ruby tools/dev/update_user_agent_strings.rb [options]'
+  opts.separator "This program updates lib/rex/user_agent.rb so Metasploit uses the most up-to-date User Agent strings across the framework."
+  opts.separator ""
+  opts.on('-h', '--help', 'Display this screen.') do
+    puts opts
+    exit
+  end
 end
+optparse.parse!
+
+
+def replace_agent_string(lines, replace_marker, url, regex)
+  valid_chars = 'a-zA-Z0-9\(\);:\.,/_ '
+  regex = regex.gsub('{VALID_CHARS}', valid_chars)
+  puts "Updating #{replace_marker}"
 
-def replace_agent_string(lines, agent_name, url, regex)
-  user_agent = fetch_user_agent(url, regex)
-  return unless user_agent
+  index = lines.index { |line| line.include?(replace_marker) }
+  raise "Couldn't find marker #{replace_marker}" if index.nil?
 
-  lines.map! do |line|
-    if line.include?(agent_name)
-      line.gsub(/".*"/, "\"#{user_agent}\"")
-    else
-      line
+  uri = URI(url)
+  response = Net::HTTP.get_response(uri)
+  raise "Can't retrieve #{url}" unless response.is_a?(Net::HTTPSuccess)
+
+  match = response.body.match(/#{regex}/)
+  raise "Couldn't match regex #{regex}" if match.nil?
+
+  new_string = match[1]
+  puts "  New value is: #{new_string}"
+  old_line = lines[index]
+  if old_line.include?("'#{new_string}'")
+    puts '(This is unchanged from the previous value)'
+  else
+    new_line = old_line.gsub(/'(.*)'/, "'#{new_string}'")
+    if old_line == new_line
+      raise "Line didn't change: #{old_line}"
     end
+
+    lines[index] = new_line
   end
 end
 
@@ -29,16 +54,14 @@ def replace_agent_string(lines, agent_name, url, regex)
 user_agent_filename = 'lib/rex/user_agent.rb'
 lines = File.read(user_agent_filename).split("\n")
 
-replace_agent_string(lines, 'Chrome Windows', chrome_url, '<td>Chrome \\(Standard\\)</td>\\s*<td>\\s*<ul>\\s*<li><span class="code">([{VALID_CHARS}]*Windows NT[{VALID_CHARS}]*)</span>')
-replace_agent_string(lines, 'Chrome MacOS', chrome_url, '<td>Chrome \\(Standard\\)</td>\\s*<td>\\s*<ul>\\s*<li><span class="code">([{VALID_CHARS}]*Macintosh[{VALID_CHARS}]*)</span>')
-replace_agent_string(lines, 'Edge Windows', edge_url, '<td>Edge \\(Standard\\)</td>\\s*<td>\\s*<ul>\\s*<li><span class="code">([{VALID_CHARS}]*Windows NT[{VALID_CHARS}]*)</span>')
-replace_agent_string(lines, 'Safari iPad', safari_url, '<td>\\s*Safari on <b>Ipad</b>\\s*</td>\\s*<td>\\s*<ul>\\s*<li><span class="code">([{VALID_CHARS}]*iPad[{VALID_CHARS}]*)</span>')
-replace_agent_string(lines, 'Safari MacOS', safari_url, '<td>Safari \\(Standard\\)</td>\\s*<td>\\s*<ul>\\s*<li><span class="code">([{VALID_CHARS}]*Macintosh[{VALID_CHARS}]*)</span>')
-replace_agent_string(lines, 'Firefox Windows', firefox_url, '<td>\\s*Firefox on <b>Windows</b>\\s*</td>\\s*<td>\\s*<ul>\\s*<li><span class="code">([{VALID_CHARS}]*Windows NT[{VALID_CHARS}]*)</span>')
-replace_agent_string(lines, 'Firefox MacOS', firefox_url, '<td>\\s*Firefox on <b>Macos</b>\\s*</td>\\s*<td>\\s*<ul>\\s*<li><span class="code">([{VALID_CHARS}]*Macintosh[{VALID_CHARS}]*)</span>')
+replace_agent_string(lines, 'Chrome Windows', chrome_url, '<td>Chrome \\(Standard\\)</td>\s*<td>\s*<ul>\s*<li><span class="code">([{VALID_CHARS}]*Windows NT[{VALID_CHARS}]*)</span>')
+replace_agent_string(lines, 'Chrome MacOS', chrome_url, '<td>Chrome \\(Standard\\)</td>\s*<td>\s*<ul>\s*<li><span class="code">([{VALID_CHARS}]*Macintosh[{VALID_CHARS}]*)</span>')
+replace_agent_string(lines, 'Edge Windows', edge_url, '<td>Edge \\(Standard\\)</td>\s*<td>\s*<ul>\s*<li><span class="code">([{VALID_CHARS}]*Windows NT[{VALID_CHARS}]*)</span>')
+replace_agent_string(lines, 'Safari iPad', safari_url, '<td>\s*Safari on <b>Ipad</b>\s*</td>\s*<td>\s*<ul>\s*<li><span class="code">([{VALID_CHARS}]*iPad[{VALID_CHARS}]*)</span>')
+replace_agent_string(lines, 'Safari MacOS', safari_url, '<td>Safari \\(Standard\\)</td>\s*<td>\s*<ul>\s*<li><span class="code">([{VALID_CHARS}]*Macintosh[{VALID_CHARS}]*)</span>')
+replace_agent_string(lines, 'Firefox Windows', firefox_url, '<td>\s*Firefox on <b>Windows</b>\s*</td>\s*<td>\s*<ul>\s*<li><span class="code">([{VALID_CHARS}]*Windows NT[{VALID_CHARS}]*)</span>')
+replace_agent_string(lines, 'Firefox MacOS', firefox_url, '<td>\s*Firefox on <b>Macos</b>\s*</td>\s*<td>\s*<ul>\s*<li><span class="code">([{VALID_CHARS}]*Macintosh[{VALID_CHARS}]*)</span>')
 
-File.open(user_agent_filename, 'w') do |file|
-  file.puts lines
-end
+File.write(user_agent_filename, lines.join("\n") + "\n")
 
 puts 'Done'
diff --git a/tools/dev/update_wordpress_vulnerabilities.rb b/tools/dev/update_wordpress_vulnerabilities.rb
@@ -1,9 +1,6 @@
 #!/usr/bin/env ruby
 # -*- coding: binary -*-
 
-#
-# Update modules/auxiliary/scanner/http/wordpress_scanner.rb to have the most
-# up to date list of vuln components based on exploits/scanners in the framework
 #
 # by h00die
 #
@@ -12,7 +9,9 @@
 
 options = {}
 optparse = OptionParser.new do |opts|
-  opts.banner = 'Usage: update_wordpress_vulnerabilities.rb [options]'
+  opts.banner = 'Usage: ruby tools/dev/update_wordpress_vulnerabilities.rb [options]'
+  opts.separator "This program updates data/wordlists/wp-exploitable-themes.txt and wp-exploitable-plugins.txt which are used by modules/auxiliary/scanner/http/wordpress_scanner.rb to have the most up-to-date list of vuln components"
+  opts.separator ""
   opts.on('-h', '--help', 'Display this screen.') do
     puts opts
     exit