Land #14419, Update external dev scripts and wordpress wordlists
This commit is contained in:
commit
1151d3dcc7
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
|
@ -102,13 +102,16 @@ end
|
|||
#
|
||||
#
|
||||
|
||||
scripts = []
|
||||
|
||||
###
|
||||
# Bloodhound/Sharphound files
|
||||
###
|
||||
scripts = []
|
||||
|
||||
# https://github.com/BloodHoundAD/BloodHound/commit/b6ab5cd369c70219c6376d9f5c4fcd63f34fb4a0
|
||||
scripts << {
|
||||
name: 'Sharphound (Bloodhound) ps1',
|
||||
addr: 'https://raw.githubusercontent.com/BloodHoundAD/BloodHound/master/Ingestors/SharpHound.ps1',
|
||||
addr: 'https://raw.githubusercontent.com/BloodHoundAD/BloodHound/master/Collectors/SharpHound.ps1',
|
||||
dest: '/data/post/powershell/SharpHound.ps1',
|
||||
subs: [
|
||||
["\t", ' '], # tabs to spaces
|
||||
|
@ -117,7 +120,7 @@ scripts << {
|
|||
}
|
||||
scripts << {
|
||||
name: 'Sharphound (Bloodhound) exe',
|
||||
addr: 'https://raw.githubusercontent.com/BloodHoundAD/BloodHound/master/Ingestors/SharpHound.exe',
|
||||
addr: 'https://raw.githubusercontent.com/BloodHoundAD/BloodHound/master/Collectors/SharpHound.exe',
|
||||
dest: '/data/post/SharpHound.exe',
|
||||
subs: []
|
||||
}
|
||||
|
@ -303,6 +306,41 @@ scripts << {
|
|||
subs: []
|
||||
}
|
||||
|
||||
###
|
||||
# CMS Files
|
||||
###
|
||||
|
||||
# https://github.com/rapid7/metasploit-framework/pull/11862#issuecomment-496578367
|
||||
scripts << {
|
||||
name: 'WordPress - Plugins List',
|
||||
addr: 'https://plugins.svn.wordpress.org',
|
||||
dest: '/data/wordlists/wp-plugins.txt',
|
||||
subs: [
|
||||
[/^((?! <li>).)*/, ''], # remove all non-plugin lines
|
||||
[/ <li><a href="[^"]+">/, ''], # remove beginning
|
||||
[/\/<\/a><\/li>/,''], # remove end
|
||||
[/^\s*/,''] # remove empty lines
|
||||
]
|
||||
}
|
||||
|
||||
scripts << {
|
||||
name: 'WordPress - Themes List',
|
||||
addr: 'https://themes.svn.wordpress.org',
|
||||
dest: '/data/wordlists/wp-themes.txt',
|
||||
subs: [
|
||||
[/^((?! <li>).)*/, ''], # remove all non-plugin lines
|
||||
[/ <li><a href="[^"]+">/, ''], # remove beginning
|
||||
[/\/<\/a><\/li>/,''], # remove end
|
||||
[/^\s*/,''] # remove empty lines
|
||||
]
|
||||
}
|
||||
|
||||
# Joomla's is more complicated. It looks for more than
|
||||
# just components. Because of that, if you want the
|
||||
# file updated, see:
|
||||
# https://github.com/rapid7/metasploit-framework/pull/11199#issue-242415518
|
||||
# python3 tools/dev/update_joomla_components.py
|
||||
|
||||
path = File.expand_path('../../', File.dirname(__FILE__))
|
||||
|
||||
clone_sqlmap_decloak
|
||||
|
|
|
@ -0,0 +1,16 @@
|
|||
#!/usr/bin/python3
|
||||
import requests
|
||||
|
||||
new_com = requests.get("https://raw.githubusercontent.com/rezasp/joomscan/master/exploit/db/componentslist.txt").text
|
||||
with open('data/wordlists/joomla.txt', 'r') as j:
|
||||
old = j.read().splitlines()
|
||||
|
||||
for com in new_com.splitlines():
|
||||
if not 'components/%s/'%(com) in old:
|
||||
old.append('components/%s/'%(com))
|
||||
print('[+] Adding: components/%s/'%(com))
|
||||
|
||||
old.sort()
|
||||
with open('data/wordlists/joomla.txt', 'w') as j:
|
||||
j.write('\n'.join(old))
|
||||
j.write('\n')
|
Loading…
Reference in New Issue