├── .document ├── .gitignore ├── .rspec ├── .rvmrc ├── Gemfile ├── LICENSE.txt ├── README.md ├── Rakefile ├── bin └── passdb ├── lib ├── passdb.rb └── passdb │ ├── cli.rb │ ├── entry.rb │ └── version.rb ├── passdb.gemspec └── spec ├── passdb_spec.rb └── spec_helper.rb /.document: -------------------------------------------------------------------------------- 1 | lib/**/*.rb 2 | bin/* 3 | - 4 | features/**/*.feature 5 | LICENSE.txt 6 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # rcov generated 2 | coverage 3 | 4 | # rdoc generated 5 | rdoc 6 | 7 | # yard generated 8 | doc 9 | .yardoc 10 | 11 | # bundler 12 | .bundle 13 | 14 | # jeweler generated 15 | pkg 16 | 17 | # Have editor/IDE/OS specific files you need to ignore? Consider using a global gitignore: 18 | # 19 | # * Create a file at ~/.gitignore 20 | # * Include files you want ignored 21 | # * Run: git config --global core.excludesfile ~/.gitignore 22 | # 23 | # After doing this, these files will be ignored in all your git projects, 24 | # saving you from having to 'pollute' every project you touch with them 25 | # 26 | # Not sure what to needs to be ignored for particular editors/OSes? Here's some ideas to get you started. (Remember, remove the leading # of the line) 27 | # 28 | # For MacOS: 29 | # 30 | #.DS_Store 31 | 32 | # For TextMate 33 | #*.tmproj 34 | #tmtags 35 | 36 | # For emacs: 37 | #*~ 38 | #\#* 39 | #.\#* 40 | 41 | # For vim: 42 | *.swp 43 | 44 | # For redcar: 45 | #.redcar 46 | 47 | # For rubinius: 48 | #*.rbc 49 | 50 | Gemfile.lock 51 | -------------------------------------------------------------------------------- /.rspec: -------------------------------------------------------------------------------- 1 | --color 2 | -------------------------------------------------------------------------------- /.rvmrc: -------------------------------------------------------------------------------- 1 | rvm ruby-1.9.2 2 | -------------------------------------------------------------------------------- /Gemfile: -------------------------------------------------------------------------------- 1 | source "http://rubygems.org" 2 | 3 | gem "nokogiri" 4 | gem "thor" 5 | 6 | group :development do 7 | gem "rspec" 8 | gem "bundler", "~> 1.0.0" 9 | gem "jeweler", "~> 1.6.0" 10 | end 11 | -------------------------------------------------------------------------------- /LICENSE.txt: -------------------------------------------------------------------------------- 1 | Copyright (c) 2011 Security Roots (@securityroots) 2 | 3 | Permission is hereby granted, free of charge, to any person obtaining 4 | a copy of this software and associated documentation files (the 5 | "Software"), to deal in the Software without restriction, including 6 | without limitation the rights to use, copy, modify, merge, publish, 7 | distribute, sublicense, and/or sell copies of the Software, and to 8 | permit persons to whom the Software is furnished to do so, subject to 9 | the following conditions: 10 | 11 | The above copyright notice and this permission notice shall be 12 | included in all copies or substantial portions of the Software. 13 | 14 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 15 | EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 16 | MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 17 | NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE 18 | LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION 19 | OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION 20 | WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | passdb 2 | ====== 3 | 4 | This library can be used to search the default password database from cirt.net: http://cirt.net/passwords 5 | 6 | Usage 7 | ----- 8 | 9 | You can use the provided binary to search the password database by vendor: 10 | 11 | ./bin/passdb search --vendor Apc 12 | 7 entries were found: 13 | AP9606 SmartSlot Web/SNMP Management Card 14 | Version => AOS 3.2.1 and AOS 3.0.3 15 | Method => telnet 16 | User ID => (any) 17 | Password => TENmanUFactOryPOWER 18 | Call-UPS 19 | Version => AP9608 20 | Method => Console 21 | Password => serial number of the Call-UPS 22 | Level => Admin 23 | Notes => (Access menu Control+P) 24 | [...] 25 | 26 | or by a free-form criteria 27 | 28 | ./bin/passdb search --criteria FTP 29 | 17 entries were found: 30 | Intuity Audix 31 | User ID => Craft 32 | Password => crftpw 33 | Axis Network Camera 34 | Version => 2120, 2110, 2100, 200+, 200 35 | Method => ftp, telnet, http 36 | User ID => root 37 | Password => pass 38 | Level => Admin 39 | CADSLR4 40 | Method => FTP 41 | User ID => anonymous 42 | Password => password 43 | Level => Anonymous 44 | Notes => Default IP 192.168.1.254 45 | [...] 46 | 47 | You can also use the library inside your tools: 48 | 49 | irb > require 'passdb' 50 | => true 51 | irb > Passdb::search(:vendor => 'Zyxel').each do |entry| 52 | irb > puts entry.name 53 | irb > end 54 | Generic Routers 55 | Prestige 652HW-31 56 | Prestige 57 | Prestige 58 | 59 | 60 | Contributing to passdb 61 | ---------------------- 62 | 63 | * Check out the latest master to make sure the feature hasn't been implemented or the bug hasn't been fixed yet 64 | * Check out the issue tracker to make sure someone already hasn't requested it and/or contributed it 65 | * Fork the project 66 | * Start a feature/bugfix branch 67 | * Commit and push until you are happy with your contribution 68 | * Make sure to add tests for it. This is important so I don't break it in a future version unintentionally. 69 | * Please try not to mess with the Rakefile, version, or history. If you want to have your own version, or is otherwise necessary, that is fine, but please isolate to its own commit so I can cherry-pick around it. 70 | 71 | Copyright 72 | --------- 73 | 74 | Copyright (c) 2011 Security Roots. See LICENSE.txt for 75 | further details. 76 | 77 | -------------------------------------------------------------------------------- /Rakefile: -------------------------------------------------------------------------------- 1 | # encoding: utf-8 2 | 3 | require File.expand_path('../lib/passdb/version', __FILE__) 4 | 5 | require 'bundler' 6 | Bundler::GemHelper.install_tasks 7 | 8 | require 'rspec/core/rake_task' 9 | RSpec::Core::RakeTask.new(:spec) 10 | 11 | require 'rdoc/task' 12 | if defined?(RDoc) 13 | RDoc::Task.new do |rdoc| 14 | rdoc.main = 'README.md' 15 | rdoc.rdoc_dir = 'rdoc' 16 | rdoc.title = "passdb #{Passdb::VERSION::STRING}" 17 | rdoc.rdoc_files.include('README.md', 'LICENSE.txt') 18 | rdoc.rdoc_files.include('lib/**/*.rb') 19 | rdoc.options << '--line-numbers' << '--inline-source' 20 | end 21 | end 22 | 23 | -------------------------------------------------------------------------------- /bin/passdb: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env ruby 2 | 3 | source_root = File.expand_path(File.dirname(__FILE__) + "/..") 4 | $LOAD_PATH.unshift("#{source_root}/lib") 5 | 6 | require 'passdb/cli' 7 | 8 | begin 9 | Passdb::CLI.start 10 | #rescue Exception => e 11 | # puts e.message 12 | # puts e.backtrace.join("\n") 13 | # exit e.status_code 14 | #rescue Interrupt => e 15 | # puts "\nQuitting..." 16 | # exit 1 17 | end 18 | 19 | -------------------------------------------------------------------------------- /lib/passdb.rb: -------------------------------------------------------------------------------- 1 | require 'open-uri' 2 | require 'nokogiri' 3 | 4 | require 'passdb/entry' 5 | require 'passdb/version' 6 | 7 | module Passdb 8 | URL = 'http://cirt.net/passwords' 9 | 10 | def self.search(args={}) 11 | type, query = args.first 12 | 13 | if ![:vendor, :criteria].include?(type) || query.nil? 14 | raise ArgumentError, "Either :vendor or :criteria are required!" 15 | end 16 | 17 | results = [] 18 | entry = nil 19 | url = "#{URL}?#{type}=#{query}" 20 | doc = Nokogiri::HTML(open(url)) 21 | 22 | doc.xpath('/html/body/div/div[2]/div[3]/div/center/table/tr').each do |tr| 23 | next if tr.search('script').any? 24 | 25 | if tr.search('td').size == 1 26 | if entry 27 | results << entry 28 | end 29 | entry = Entry.new 30 | entry.name = tr.search('td').search('i').text 31 | else 32 | name, value = tr.search('td') 33 | entry.attributes[ name.search('b').text ] = value.text 34 | end 35 | end 36 | 37 | if entry 38 | results << entry 39 | end 40 | 41 | return results 42 | end 43 | end 44 | -------------------------------------------------------------------------------- /lib/passdb/cli.rb: -------------------------------------------------------------------------------- 1 | require 'thor' 2 | require 'thor/actions' 3 | 4 | require 'passdb' 5 | 6 | module Passdb 7 | class CLI < Thor 8 | include Thor::Actions 9 | map "-v" => :version 10 | 11 | def initialize(*) 12 | super 13 | Thor::Shell::Basic.new 14 | end 15 | 16 | method_option "vendor", :type => :string, :banner => 17 | "Name of the vendor as especified in http://cirt.net/passwords" 18 | method_option "criteria", :type => :string, :banner => 19 | "Free-form criteria to submit to cirt.net's password database" 20 | desc "search", "Search cirt.net's database for default passwords by vendor or in free from" 21 | def search 22 | opts = options.dup 23 | if opts["vendor"] && opts["criteria"] 24 | puts "You can't specify both a vendor and a free-form criteria" 25 | exit 1 26 | end 27 | 28 | if !(opts["vendor"] || opts["criteria"]) 29 | puts "You need to specify either --vendor or --criteria" 30 | exit 1 31 | end 32 | 33 | results = nil 34 | if opts["vendor"] 35 | results = Passdb.search(:vendor => opts["vendor"]) 36 | else 37 | results = Passdb.search(:criteria => opts["criteria"]) 38 | end 39 | 40 | puts "#{results.size} entries were found:" 41 | results.each do |entry| 42 | puts " #{entry.name}" 43 | entry.attributes.each do |name, value| 44 | puts " #{name} => #{value}" 45 | end 46 | end 47 | end 48 | 49 | desc "version", "Show Passdb version" 50 | def version 51 | say "Passdb #{Passdb::VERSION::STRING}" 52 | end 53 | end 54 | end 55 | -------------------------------------------------------------------------------- /lib/passdb/entry.rb: -------------------------------------------------------------------------------- 1 | 2 | module Passdb 3 | class Entry 4 | attr_accessor :vendor, :name, :attributes 5 | def initialize() 6 | self.attributes = {} 7 | end 8 | end 9 | end 10 | -------------------------------------------------------------------------------- /lib/passdb/version.rb: -------------------------------------------------------------------------------- 1 | module Passdb 2 | module VERSION #:nodoc: 3 | MAJOR = 0 4 | MINOR = 1 5 | TINY = 0 6 | 7 | STRING = [MAJOR, MINOR, TINY].join('.') 8 | end 9 | end 10 | -------------------------------------------------------------------------------- /passdb.gemspec: -------------------------------------------------------------------------------- 1 | # -*- encoding: utf-8 -*- 2 | require File.expand_path('../lib/passdb/version', __FILE__) 3 | 4 | extra_rdoc_files = ['LICENSE.txt', 'README.md', 'Rakefile'] 5 | 6 | Gem::Specification.new do |s| 7 | s.name = %q{passdb} 8 | s.version = Passdb::VERSION::STRING.dup 9 | 10 | s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version= 11 | s.authors = ["Daniel Martin"] 12 | s.date = %q{2011-05-04} 13 | s.default_executable = %q{passdb} 14 | s.description = %q{Ruby library and command line tool to search and contribute to cirt.net's default password database at http://cirt.net/passwords} 15 | s.email = %q{} 16 | s.extra_rdoc_files = extra_rdoc_files 17 | s.rdoc_options = ['--charset=UTF-8'] 18 | s.homepage = %q{http://github.com/securityroots/passdb} 19 | s.licenses = ["MIT"] 20 | s.require_paths = ["lib"] 21 | s.rubygems_version = %q{1.6.1} 22 | s.summary = %q{Ruby interface to cirt.net's default password database} 23 | 24 | # Not sure why this doesn't work 25 | # s.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) } 26 | # s.files = `git ls-files -- {bin,lib,spec}/*`.split("\n") + extra_rdoc_files 27 | # s.test_files = `git ls-files -- {spec}/*`.split("\n") 28 | s.executables = 'passdb' 29 | s.files = [ 30 | 'bin/passdb', 31 | 'lib/passdb.rb', 32 | 'lib/passdb/cli.rb', 33 | 'lib/passdb/entry.rb', 34 | 'lib/passdb/version.rb', 35 | 'spec/passdb_spec.rb', 36 | 'spec/spec_helper.rb' 37 | ] + extra_rdoc_files 38 | s.test_files = [ 39 | 'spec/passdb_spec.rb', 40 | 'spec/spec_helper.rb' 41 | ] 42 | 43 | if s.respond_to? :specification_version then 44 | s.specification_version = 3 45 | 46 | if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then 47 | s.add_runtime_dependency(%q, [">= 0"]) 48 | s.add_runtime_dependency(%q, [">= 0"]) 49 | s.add_development_dependency(%q, [">= 0"]) 50 | s.add_development_dependency(%q, ["~> 1.0.0"]) 51 | s.add_development_dependency(%q, ["~> 1.6.0"]) 52 | else 53 | s.add_dependency(%q, [">= 0"]) 54 | s.add_dependency(%q, [">= 0"]) 55 | s.add_dependency(%q, [">= 0"]) 56 | s.add_dependency(%q, ["~> 1.0.0"]) 57 | s.add_dependency(%q, ["~> 1.6.0"]) 58 | end 59 | else 60 | s.add_dependency(%q, [">= 0"]) 61 | s.add_dependency(%q, [">= 0"]) 62 | s.add_dependency(%q, [">= 0"]) 63 | s.add_dependency(%q, ["~> 1.0.0"]) 64 | s.add_dependency(%q, ["~> 1.6.0"]) 65 | end 66 | end 67 | 68 | -------------------------------------------------------------------------------- /spec/passdb_spec.rb: -------------------------------------------------------------------------------- 1 | require File.expand_path(File.dirname(__FILE__) + '/spec_helper') 2 | 3 | describe "Passdb: vendor search" do 4 | it "should fail if the vendor is empty" do 5 | lambda{ Passdb::search(:vendor => nil) }.should raise_error(ArgumentError) 6 | end 7 | 8 | it "should fail if criteria is empty" do 9 | lambda{ Passdb::search(:criteria => nil) }.should raise_error(ArgumentError) 10 | end 11 | end 12 | -------------------------------------------------------------------------------- /spec/spec_helper.rb: -------------------------------------------------------------------------------- 1 | $LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib')) 2 | $LOAD_PATH.unshift(File.dirname(__FILE__)) 3 | require 'rspec' 4 | require 'passdb' 5 | 6 | # Requires supporting files with custom matchers and macros, etc, 7 | # in ./support/ and its subdirectories. 8 | Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each {|f| require f} 9 | 10 | RSpec.configure do |config| 11 | 12 | end 13 | --------------------------------------------------------------------------------