Skip to content

Commit

Permalink
merge
Browse files Browse the repository at this point in the history
  • Loading branch information
evilsocket committed Aug 21, 2024
2 parents aaa8207 + 50f7da6 commit 0aa0a48
Show file tree
Hide file tree
Showing 12 changed files with 76 additions and 75 deletions.
25 changes: 24 additions & 1 deletion Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,6 @@ clap = { version = "4.4.4", features = ["derive"] }
clap_complete = "4.4.6"
ctrlc = "3.4.1"
indexmap = { version = "2.0.1", features = ["serde"] }
lazy_static = "1.4.0"
log = "0.4.20"
num_cpus = "1.16.0"
rlimit = "0.10.1"
Expand Down Expand Up @@ -92,6 +91,7 @@ nix = { version = "0.29.0", features = ["signal"] }
strip-ansi-escapes = "0.2.0"
actix-cors = "0.7.0"
x509-parser = "0.16.0"
lazy-regex = "3.2.0"

[dev-dependencies]
tempfile = "3.8.0"
Expand Down
26 changes: 9 additions & 17 deletions src/api/handlers.rs
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
use std::collections::HashMap;
use std::sync::LazyLock;

use actix_web::get;
use actix_web::post;
Expand All @@ -7,20 +8,17 @@ use actix_web::HttpRequest;
use actix_web::HttpResponse;
use clap::CommandFactory;
use clap::Parser;
use lazy_static::lazy_static;
use serde::Serialize;

use crate::api::SharedState;
use crate::plugins;
use crate::Options;

lazy_static! {
// nasty hack to check for plugin specific options
static ref OPTIONS_MAP: HashMap<String, serde_json::Value> = {
let opts = serde_json::to_string(&Options::parse()).unwrap();
serde_json::from_str(&opts).unwrap()
};
}
// nasty hack to check for plugin specific options
static OPTIONS_MAP: LazyLock<HashMap<String, serde_json::Value>> = LazyLock::new(|| {
let opts = serde_json::to_string(&Options::parse()).unwrap();
serde_json::from_str(&opts).unwrap()
});

#[derive(Serialize)]
struct PluginOption {
Expand Down Expand Up @@ -68,10 +66,7 @@ fn get_plugin_options(plugin_name: &str) -> HashMap<String, PluginOption> {
};

let opts = match OPTIONS_MAP.get(&opt_name) {
None => match OPTIONS_MAP.get(opt_root) {
None => None,
Some(v) => Some(v.clone()),
},
None => OPTIONS_MAP.get(opt_root).cloned(),
Some(v) => Some(v.clone()),
};

Expand All @@ -81,7 +76,7 @@ fn get_plugin_options(plugin_name: &str) -> HashMap<String, PluginOption> {
opt_name.to_owned(),
PluginOption {
name: opt_name.to_owned(),
description: get_plugin_option_help(&opt_name),
description: get_plugin_option_help(opt_name),
value: opt_val.clone(),
},
);
Expand All @@ -106,10 +101,7 @@ pub async fn plugins_list(_: web::Data<SharedState>) -> HttpResponse {
name: name.to_string(),
description: plug.description().to_string(),
strategy: plug.payload_strategy().to_string(),
override_payload: match plug.override_payload() {
Some(over) => Some(over.as_string()),
None => None,
},
override_payload: plug.override_payload().map(|s| s.as_string()),
options,
})
}
Expand Down
10 changes: 5 additions & 5 deletions src/api/sessions.rs
Original file line number Diff line number Diff line change
Expand Up @@ -8,15 +8,15 @@ use std::{

use actix_web::Result;
use clap::Parser;
use lazy_static::lazy_static;
use lazy_regex::{lazy_regex, Lazy};
use regex::Regex;
use serde::Serialize;
use tokio::{io::AsyncBufReadExt, sync::RwLock};

lazy_static! {
static ref STATS_PARSER: Regex = Regex::new(r"(?m)^.+tasks=(\d+)\s+mem=(.+)\stargets=(\d+)\sattempts=(\d+)\sdone=(\d+)\s\((.+)%\)(\serrors=(\d+))?\sspeed=(.+) reqs/s").unwrap();
static ref LOOT_PARSER: Regex = Regex::new(r"(?m)^.+\[(.+)\]\s\(([^)]+)\)(\s<(.+)>)?\s(.+)").unwrap();
}
static STATS_PARSER: Lazy<Regex> = lazy_regex!(
r"(?m)^.+tasks=(\d+)\s+mem=(.+)\stargets=(\d+)\sattempts=(\d+)\sdone=(\d+)\s\((.+)%\)(\serrors=(\d+))?\sspeed=(.+) reqs/s"
);
static LOOT_PARSER: Lazy<Regex> = lazy_regex!(r"(?m)^.+\[(.+)\]\s\(([^)]+)\)(\s<(.+)>)?\s(.+)");

use crate::{session::Error, utils::parse_multiple_targets, Options};

Expand Down
10 changes: 4 additions & 6 deletions src/creds/expression.rs
Original file line number Diff line number Diff line change
@@ -1,19 +1,17 @@
use std::fmt;
use std::path::Path;

use lazy_static::lazy_static;
use lazy_regex::{lazy_regex, Lazy};
use regex::Regex;
use serde::Serialize;

const DEFAULT_PERMUTATIONS_MIN_LEN: usize = 4;
const DEFAULT_PERMUTATIONS_MAX_LEN: usize = 8;
const DEFAULT_PERMUTATIONS_CHARSET: &str = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_ !\"#$%&\'()*+,-./:;<=>?@[\\]^`{|}~";

lazy_static! {
static ref PERMUTATIONS_PARSER: Regex = Regex::new(r"^#(\d+)-(\d+)(:.+)?$").unwrap();
static ref RANGE_MIN_MAX_PARSER: Regex = Regex::new(r"^\[(\d+)-(\d+)\]$").unwrap();
static ref RANGE_SET_PARSER: Regex = Regex::new(r"^\[(\d+(,\s*\d+)*)?\]$").unwrap();
}
static PERMUTATIONS_PARSER: Lazy<Regex> = lazy_regex!(r"^#(\d+)-(\d+)(:.+)?$");
static RANGE_MIN_MAX_PARSER: Lazy<Regex> = lazy_regex!(r"^\[(\d+)-(\d+)\]$");
static RANGE_SET_PARSER: Lazy<Regex> = lazy_regex!(r"^\[(\d+(,\s*\d+)*)?\]$");

#[derive(Clone, Debug, PartialEq, Serialize)]
pub(crate) enum Expression {
Expand Down
7 changes: 2 additions & 5 deletions src/plugins/port_scanner/grabbers/http.rs
Original file line number Diff line number Diff line change
Expand Up @@ -4,16 +4,13 @@ use crate::{
plugins::port_scanner::options,
utils::net::{upgrade_tcp_stream_to_tls, StreamLike},
};
use lazy_static::lazy_static;
use lazy_regex::{lazy_regex, Lazy};
use regex::Regex;
use x509_parser::prelude::{FromDer, GeneralName, X509Certificate};

use super::Banner;

lazy_static! {
static ref HTML_TITLE_PARSER: Regex =
Regex::new(r"(?i)<\s*title\s*>([^<]+)<\s*/\s*title\s*>").unwrap();
}
static HTML_TITLE_PARSER: Lazy<Regex> = lazy_regex!(r"(?i)<\s*title\s*>([^<]+)<\s*/\s*title\s*>");

pub(crate) fn is_http_port(opts: &options::Options, port: u16) -> (bool, bool) {
if opts.port_scanner_http == "*" {
Expand Down
8 changes: 3 additions & 5 deletions src/plugins/port_scanner/grabbers/mysql.rs
Original file line number Diff line number Diff line change
@@ -1,15 +1,13 @@
use std::time::Duration;

use lazy_static::lazy_static;
use lazy_regex::{bytes_lazy_regex, Lazy};
use tokio::io::AsyncReadExt;

use super::Banner;
use crate::utils::net::StreamLike;

lazy_static! {
static ref BANNER_PARSER: regex::bytes::Regex =
regex::bytes::Regex::new(r"(?-u).{4}\x0a([^\x00]+)\x00.+").unwrap();
}
static BANNER_PARSER: Lazy<regex::bytes::Regex> =
bytes_lazy_regex!(r"(?-u).{4}\x0a([^\x00]+)\x00.+");

pub(crate) fn is_mysql_port(port: u16) -> bool {
port == 3306
Expand Down
10 changes: 4 additions & 6 deletions src/plugins/samba/mod.rs
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
use std::collections::HashMap;
use std::sync::LazyLock;
use std::time::Duration;

use async_trait::async_trait;
Expand All @@ -10,14 +11,11 @@ use crate::session::{Error, Loot};
use crate::Plugin;
use crate::{utils, Options};

use lazy_static::lazy_static;

pub(crate) mod options;

lazy_static! {
static ref SHARE_CACHE: Mutex<HashMap<String, String>> = Mutex::new(HashMap::new());
static ref PAVAO_LOCK: Mutex<bool> = tokio::sync::Mutex::new(true);
}
static SHARE_CACHE: LazyLock<Mutex<HashMap<String, String>>> =
LazyLock::new(|| Mutex::new(HashMap::new()));
static PAVAO_LOCK: Mutex<()> = Mutex::const_new(());

super::manager::register_plugin! {
"smb" => SMB::new()
Expand Down
33 changes: 18 additions & 15 deletions src/plugins/sql/mod.rs
Original file line number Diff line number Diff line change
@@ -1,8 +1,6 @@
use std::collections::HashMap;
use std::time::Duration;

use async_trait::async_trait;
use lazy_static::lazy_static;
use sqlx::pool::PoolOptions;
use sqlx::{MySql, Postgres};

Expand All @@ -12,17 +10,6 @@ use crate::utils;
use crate::Options;
use crate::Plugin;

lazy_static! {
static ref DESCRIPTIONS: HashMap<Flavour, &'static str> = {
HashMap::from([
(Flavour::My, "MySQL password authentication."),
(Flavour::PG, "PostgreSQL password authentication."),
])
};
static ref DEFAULT_PORTS: HashMap<Flavour, u16> =
HashMap::from([(Flavour::My, 3306), (Flavour::PG, 5432),]);
}

super::manager::register_plugin! {
"mysql" => SQL::new(Flavour::My),
"pgsql" => SQL::new(Flavour::PG)
Expand All @@ -34,6 +21,22 @@ pub(crate) enum Flavour {
PG,
}

impl Flavour {
fn description(&self) -> &'static str {
match self {
Self::My => "MySQL password authentication.",
Self::PG => "PostgreSQL password authentication.",
}
}

fn default_port(&self) -> u16 {
match self {
Self::My => 3306,
Self::PG => 5432,
}
}
}

#[derive(Clone)]
pub(crate) struct SQL {
flavour: Flavour,
Expand All @@ -42,7 +45,7 @@ pub(crate) struct SQL {

impl SQL {
pub fn new(flavour: Flavour) -> Self {
let port = *DEFAULT_PORTS.get(&flavour).unwrap();
let port = flavour.default_port();
SQL { flavour, port }
}

Expand Down Expand Up @@ -82,7 +85,7 @@ impl SQL {
#[async_trait]
impl Plugin for SQL {
fn description(&self) -> &'static str {
DESCRIPTIONS.get(&self.flavour).unwrap()
self.flavour.description()
}

fn setup(&mut self, _opts: &Options) -> Result<(), Error> {
Expand Down
6 changes: 2 additions & 4 deletions src/recipe/context.rs
Original file line number Diff line number Diff line change
@@ -1,16 +1,14 @@
use std::collections::HashMap;

use lazy_static::lazy_static;
use lazy_regex::{lazy_regex, Lazy};
use regex::Regex;

use crate::session::Error;

const CONTEXT_EXPRESSION_ERROR: &str =
"context expression must be in the form of KEY1=VALUE1&KEY2=VALUE2&...";

lazy_static! {
static ref USER_CONTEXT_PARSER: Regex = Regex::new(r"(?m)&?([^&]+)=([^&]+)").unwrap();
}
static USER_CONTEXT_PARSER: Lazy<Regex> = lazy_regex!(r"(?m)&?([^&]+)=([^&]+)");

#[derive(Default)]
pub(crate) struct Context {
Expand Down
7 changes: 2 additions & 5 deletions src/recipe/mod.rs
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
use std::{collections::HashMap, path::PathBuf};

use lazy_static::lazy_static;
use lazy_regex::{lazy_regex, Lazy};
use regex::Regex;
use serde::{Deserialize, Serialize};

Expand All @@ -16,10 +16,7 @@ const ARG_EXPRESSION_ERROR: &str =

const RESERVED_VAR_MAMES: [&str; 3] = ["username", "password", "payload"];

lazy_static! {
static ref ARG_VALUE_PARSER: Regex =
Regex::new(r"(?m)\{\s*\$([\w\.]+)(\s+or\s+([^}]+))?\}").unwrap();
}
static ARG_VALUE_PARSER: Lazy<Regex> = lazy_regex!(r"(?m)\{\s*\$([\w\.]+)(\s+or\s+([^}]+))?\}");

#[derive(Serialize, Deserialize, Default, PartialEq, Debug)]
pub(crate) struct Recipe {
Expand Down
7 changes: 2 additions & 5 deletions src/utils/target/multi.rs
Original file line number Diff line number Diff line change
Expand Up @@ -6,13 +6,10 @@ use std::{
use crate::session::Error;

use cidr_utils::cidr::IpCidr;
use lazy_static::lazy_static;
use lazy_regex::{lazy_regex, Lazy};
use regex::Regex;

lazy_static! {
static ref IPV4_RANGE_PARSER: Regex =
Regex::new(r"^(\d+)\.(\d+)\.(\d+)\.(\d+)-(\d+):?(\d+)?$").unwrap();
}
static IPV4_RANGE_PARSER: Lazy<Regex> = lazy_regex!(r"^(\d+)\.(\d+)\.(\d+)\.(\d+)-(\d+):?(\d+)?$");

fn parse_multiple_targets_atom(expression: &str) -> Result<Vec<String>, Error> {
if let Some(path) = expression.strip_prefix('@') {
Expand Down

0 comments on commit 0aa0a48

Please sign in to comment.