Sync releases, use tokens, rearrange config.

2022-04-20 16:47:01 +02:00 · 2022-04-20 16:47:01 +02:00 · b1ba40d8c8
commit b1ba40d8c8
parent 2ad6c75ef8
4 changed files with 121 additions and 56 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,2 +1,4 @@
 files/*
 !files/.gitkeep
+
+credz.json
--- a/README.md
+++ b/README.md
@ -6,7 +6,7 @@ This too has several functions:

 ## To-Do

-* Keeping up-to-date from Github releases
+* Only update once per day, except if `-u` `--update`
 * Adding more services to listen to ?

 ## Dependencies
@ -16,6 +16,15 @@ This too has several functions:

 ## Usage

+[Create a Github personal access token](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token), and create the file `credz.json`:
+
+```json
+{
+    "username": "DwightSchrute",
+    "token": "ghp_XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
+}
+```
+
 `python pendora-box.py`

 ## Adding a file to track
--- a/config.json
+++ b/config.json
@ -1,31 +1,30 @@
 {
-    "githubfilesync": [
-        {
-            "samratashok/nishang": [
-                "Shells/Invoke-PowerShellTcp.ps1",
-                "Shells/Invoke-PowerShellTcpOneLine.ps1"
-            ]
-        },
-        {
-            "samratashok/nishang": [
-                "Shells/Invoke-PowerShellTcp.ps1",
-                "Shells/Invoke-PowerShellTcpOneLine.ps1"
-            ]
-        },
-        {
-            "antonioCoco/ConPtyShell": [
-                "Invoke-ConPtyShell.ps1"
-            ]
-        },
-        {
-            "ly4k/PwnKit": [
-                "PwnKit"
-            ]
-        },
-        {
-            "Re4son/Churrasco": [
-                "churrasco.exe"
+    "githubmastersync": {
+        "samratashok/nishang": [
+            "Shells/Invoke-PowerShellTcp.ps1",
+            "Shells/Invoke-PowerShellTcpOneLine.ps1"
+        ],
+        "antonioCoco/ConPtyShell": [
+            "Invoke-ConPtyShell.ps1"
+        ],
+        "ly4k/PwnKit": [
+            "PwnKit"
+        ],
+        "Re4son/Churrasco": [
+            "churrasco.exe"
+        ],
+        "SecWiki/windows-kernel-exploits": [
+            "MS11-046/ms11-046.exe"
+        ]
+    },
+    "githubreleasesync": {
+        "carlospolop/PEASS-ng": {
+            "local_version": "20220417",
+            "files": [
+                "linpeas.sh",
+                "winPEAS.bat",
+                "winPEASany.exe"
            ]
        }
-    ]
+    }
 }
--- a/pendora-box.py
+++ b/pendora-box.py
@ -16,43 +16,94 @@ def compute_file_hash(filepath):
    return hashlib.sha1(b"blob " + bytes(str(filesize), 'utf-8') + b"\0" + data).hexdigest()


-def get_info(repo, filepath):
+def get_master_info(repo, filepath, credz):
    url = f"https://api.github.com/repos/{repo}/contents/{filepath}"
-    r = requests.get(url)
+    r = requests.get(url, auth=credz)
    sha = r.json()['sha']
    content = r.json()['content']
    return sha, content


-def update():
-    with open("config.json", "r") as jsonfile:
-        config = json.load(jsonfile)
+def get_last_release_info(repo, credz):
+    url = f"https://api.github.com/repos/{repo}/releases"
+    r = requests.get(url, auth=credz)
+    for release in r.json():
+        if not release['draft'] and not release['prerelease']:
+            return release['tag_name']

+
+def githubmastersync(reponame, filepaths, credz):
+    for filepath in filepaths:
+        localfile = pathlib.Path('files').joinpath(pathlib.Path(filepath).name)
+        print(f"  * {localfile} ", end='')
+        lastsha, content = get_master_info(reponame, filepath, credz)
+
+        if not localfile.exists():
+            content = base64.b64decode(content)
+            with open(localfile, 'wb') as f:
+                f.write(content)
+            print('-> Installed! ;)')
+
+        else:
+            sha = compute_file_hash(localfile)
+
+            if sha == lastsha:
+                print('-> Up-to-date.')
+            else:
+                content = base64.b64decode(content)
+                with open(localfile, 'wb') as f:
+                    f.write(content)
+                print('-> Updated!')
+
+
+def githubreleasesync(reponame, repoinfo, credz):
+    local_version = repoinfo['local_version']
+    last_version = get_last_release_info(reponame, credz)
+
+    filenames = repoinfo['files']
+
+    for filename in filenames:
+        localfile = pathlib.Path('files').joinpath(pathlib.Path(filename).name)
+        urldl = f'https://github.com/{reponame}/releases/download/{last_version}/{filename}'
+        print(f"  * {localfile} ", end='')
+
+        if not localfile.exists():
+            content = requests.get(urldl, auth=credz).content
+            with open(localfile, 'wb') as f:
+                f.write(content)
+
+            print('-> Installed! ;)')
+        else:
+            if local_version == last_version:
+                print('-> Up-to-date.')
+
+            else:
+                content = requests.get(urldl, auth=credz).content
+                with open(localfile, 'wb') as f:
+                    f.write(content)
+
+                with open("config.json", "r") as jsonfile:
+                    data = json.load(jsonfile)
+
+                data['githubreleasesync'][reponame]['local_version'] = last_version
+
+                with open("config.json", "w") as jsonfile:
+                    json.dump(data, jsonfile, indent=4)
+
+                print('-> Updated!')
+
+
+def update(config):
    print("Updating...")
+    with open("credz.json", "r") as jsonfile:
+        credz = json.load(jsonfile)
+    credz = (credz['username'], credz['token'])

-    for repo in config['githubfilesync']:
-        for reponame, value in repo.items():
-            for filepath in value:
-                localfile = pathlib.Path('files').joinpath(pathlib.Path(filepath).name)
-                print(f"  * {localfile} ", end='')
-                lastsha, content = get_info(reponame, filepath)
+    for reponame, filepaths in config['githubmastersync'].items():
+        githubmastersync(reponame, filepaths, credz)

-                if not localfile.exists():
-                    content = base64.b64decode(content)
-                    with open(localfile, 'wb') as f:
-                        f.write(content)
-                    print('-> Installed! ;)')
-
-                else:
-                    sha = compute_file_hash(localfile)
-
-                    if sha == lastsha:
-                        print('-> Up-to-date.')
-                    else:
-                        content = base64.b64decode(content)
-                        with open(localfile, 'wb') as f:
-                            f.write(content)
-                        print('-> Updated!')
+    for reponame, repoinfo in config['githubreleasesync'].items():
+        githubreleasesync(reponame, repoinfo, credz)


 def print_menu(menu_options):
@ -166,10 +217,14 @@ def menu_choice(menu_options):


 if __name__ == '__main__':
+    with open("config.json", "r") as jsonfile:
+        config = json.load(jsonfile)
+
+    update(config)
+
    menu_options = {
        1: 'HTTP',
        2: 'SMB',
        0: 'Exit',
    }
-    update()
    menu_choice(menu_options)