Sync releases, use tokens, rearrange config.

This commit is contained in:
Jordan ERNST 2022-04-20 16:47:01 +02:00
parent 2ad6c75ef8
commit b1ba40d8c8
4 changed files with 121 additions and 56 deletions

2
.gitignore vendored
View File

@ -1,2 +1,4 @@
files/* files/*
!files/.gitkeep !files/.gitkeep
credz.json

View File

@ -6,7 +6,7 @@ This too has several functions:
## To-Do ## To-Do
* Keeping up-to-date from Github releases * Only update once per day, except if `-u` `--update`
* Adding more services to listen to ? * Adding more services to listen to ?
## Dependencies ## Dependencies
@ -16,6 +16,15 @@ This too has several functions:
## Usage ## Usage
[Create a Github personal access token](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token), and create the file `credz.json`:
```json
{
"username": "DwightSchrute",
"token": "ghp_XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
}
```
`python pendora-box.py` `python pendora-box.py`
## Adding a file to track ## Adding a file to track

View File

@ -1,31 +1,30 @@
{ {
"githubfilesync": [ "githubmastersync": {
{
"samratashok/nishang": [ "samratashok/nishang": [
"Shells/Invoke-PowerShellTcp.ps1", "Shells/Invoke-PowerShellTcp.ps1",
"Shells/Invoke-PowerShellTcpOneLine.ps1" "Shells/Invoke-PowerShellTcpOneLine.ps1"
] ],
},
{
"samratashok/nishang": [
"Shells/Invoke-PowerShellTcp.ps1",
"Shells/Invoke-PowerShellTcpOneLine.ps1"
]
},
{
"antonioCoco/ConPtyShell": [ "antonioCoco/ConPtyShell": [
"Invoke-ConPtyShell.ps1" "Invoke-ConPtyShell.ps1"
] ],
},
{
"ly4k/PwnKit": [ "ly4k/PwnKit": [
"PwnKit" "PwnKit"
] ],
},
{
"Re4son/Churrasco": [ "Re4son/Churrasco": [
"churrasco.exe" "churrasco.exe"
],
"SecWiki/windows-kernel-exploits": [
"MS11-046/ms11-046.exe"
]
},
"githubreleasesync": {
"carlospolop/PEASS-ng": {
"local_version": "20220417",
"files": [
"linpeas.sh",
"winPEAS.bat",
"winPEASany.exe"
] ]
} }
] }
} }

View File

@ -16,26 +16,27 @@ def compute_file_hash(filepath):
return hashlib.sha1(b"blob " + bytes(str(filesize), 'utf-8') + b"\0" + data).hexdigest() return hashlib.sha1(b"blob " + bytes(str(filesize), 'utf-8') + b"\0" + data).hexdigest()
def get_info(repo, filepath): def get_master_info(repo, filepath, credz):
url = f"https://api.github.com/repos/{repo}/contents/{filepath}" url = f"https://api.github.com/repos/{repo}/contents/{filepath}"
r = requests.get(url) r = requests.get(url, auth=credz)
sha = r.json()['sha'] sha = r.json()['sha']
content = r.json()['content'] content = r.json()['content']
return sha, content return sha, content
def update(): def get_last_release_info(repo, credz):
with open("config.json", "r") as jsonfile: url = f"https://api.github.com/repos/{repo}/releases"
config = json.load(jsonfile) r = requests.get(url, auth=credz)
for release in r.json():
if not release['draft'] and not release['prerelease']:
return release['tag_name']
print("Updating...")
for repo in config['githubfilesync']: def githubmastersync(reponame, filepaths, credz):
for reponame, value in repo.items(): for filepath in filepaths:
for filepath in value:
localfile = pathlib.Path('files').joinpath(pathlib.Path(filepath).name) localfile = pathlib.Path('files').joinpath(pathlib.Path(filepath).name)
print(f" * {localfile} ", end='') print(f" * {localfile} ", end='')
lastsha, content = get_info(reponame, filepath) lastsha, content = get_master_info(reponame, filepath, credz)
if not localfile.exists(): if not localfile.exists():
content = base64.b64decode(content) content = base64.b64decode(content)
@ -55,6 +56,56 @@ def update():
print('-> Updated!') print('-> Updated!')
def githubreleasesync(reponame, repoinfo, credz):
local_version = repoinfo['local_version']
last_version = get_last_release_info(reponame, credz)
filenames = repoinfo['files']
for filename in filenames:
localfile = pathlib.Path('files').joinpath(pathlib.Path(filename).name)
urldl = f'https://github.com/{reponame}/releases/download/{last_version}/{filename}'
print(f" * {localfile} ", end='')
if not localfile.exists():
content = requests.get(urldl, auth=credz).content
with open(localfile, 'wb') as f:
f.write(content)
print('-> Installed! ;)')
else:
if local_version == last_version:
print('-> Up-to-date.')
else:
content = requests.get(urldl, auth=credz).content
with open(localfile, 'wb') as f:
f.write(content)
with open("config.json", "r") as jsonfile:
data = json.load(jsonfile)
data['githubreleasesync'][reponame]['local_version'] = last_version
with open("config.json", "w") as jsonfile:
json.dump(data, jsonfile, indent=4)
print('-> Updated!')
def update(config):
print("Updating...")
with open("credz.json", "r") as jsonfile:
credz = json.load(jsonfile)
credz = (credz['username'], credz['token'])
for reponame, filepaths in config['githubmastersync'].items():
githubmastersync(reponame, filepaths, credz)
for reponame, repoinfo in config['githubreleasesync'].items():
githubreleasesync(reponame, repoinfo, credz)
def print_menu(menu_options): def print_menu(menu_options):
for key in menu_options.keys(): for key in menu_options.keys():
print(key, '->', menu_options[key]) print(key, '->', menu_options[key])
@ -166,10 +217,14 @@ def menu_choice(menu_options):
if __name__ == '__main__': if __name__ == '__main__':
with open("config.json", "r") as jsonfile:
config = json.load(jsonfile)
update(config)
menu_options = { menu_options = {
1: 'HTTP', 1: 'HTTP',
2: 'SMB', 2: 'SMB',
0: 'Exit', 0: 'Exit',
} }
update()
menu_choice(menu_options) menu_choice(menu_options)