padbuster: initial commit, v0.3.3.94460ff
This commit is contained in:
Alexandr Savca
parent
03424fedc6
commit
cf3eaa1e0a
3
padbuster/.footprint
Normal file
3
padbuster/.footprint
Normal file
@ -0,0 +1,3 @@
|
||||
drwxr-xr-x root/root usr/
|
||||
drwxr-xr-x root/root usr/bin/
|
||||
-rwxr-xr-x root/root usr/bin/padbuster
|
||||
7
padbuster/.signature
Normal file
7
padbuster/.signature
Normal file
@ -0,0 +1,7 @@
|
||||
untrusted comment: verify with /etc/ports/contrib.pub
|
||||
RWSagIOpLGJF38wpRKV0zRH/tvdoNWqa2azugAABlHjC/DAgSoTIXflOoYIrjldfrfUjUJ/z8hdH1b42eubrTe2zIy7uyU7YSAA=
|
||||
SHA256 (Pkgfile) = 094c67517684ea5d817ef2b1306d59f02becd587a28bc9f1c31993a1953a4a0d
|
||||
SHA256 (.footprint) = 136f22206ecbeb2836ef0c6cd360ec4031656a06727f42149d1323657e89985f
|
||||
SHA256 (PadBuster-94460ff70218d39a858fb941e7936283f347cf52.zip) = 94799ae09589cb955836a74883d7a70870c3730c4d3dc5fa541f9bd4b1db8224
|
||||
SHA256 (0001-padBuster.pl-remove-unnecessary-Crypt-SSLeay.patch) = f54fceb8fee0a784860e0e107e4f3bddfb648e7037caef3618e00c570cfa9e7c
|
||||
SHA256 (0002-padBuster.pl-improve-help-message.patch) = f3f6bc3addf62442f215b0037b93a5006fa01a08bc7bed32c535a9ab8ec607d3
|
||||
@ -0,0 +1,30 @@
|
||||
From 1e1fd9b2c030f0fb9caaf585b013f70b599dc50f Mon Sep 17 00:00:00 2001
|
||||
From: Alexandr Savca <alexandrsavca89@gmail.com>
|
||||
Date: Sun, 4 Oct 2020 18:34:15 +0300
|
||||
Subject: [PATCH 1/2] padBuster.pl: remove unnecessary Crypt::SSLeay
|
||||
|
||||
Starting with version 6.02 of LWP, https support was unbundled into
|
||||
LWP::Protocol::https. This module specifies as one of its prerequisites
|
||||
IO::Socket::SSL which is automatically used by LWP::UserAgent unless this
|
||||
preference is overridden separately. IO::Socket::SSL is a more complete
|
||||
implementation, and, crucially, it allows hostname verification.
|
||||
Crypt::SSLeay does not support this.
|
||||
---
|
||||
padBuster.pl | 1 -
|
||||
1 file changed, 1 deletion(-)
|
||||
|
||||
diff --git a/padBuster.pl b/padBuster.pl
|
||||
index 95bd5bd..6ab6f25 100755
|
||||
--- a/padBuster.pl
|
||||
+++ b/padBuster.pl
|
||||
@@ -20,7 +20,6 @@ use URI::Escape;
|
||||
use Getopt::Long;
|
||||
use Time::HiRes qw( gettimeofday );
|
||||
use Compress::Zlib;
|
||||
-use Crypt::SSLeay;
|
||||
use File::Basename qw(dirname);
|
||||
use File::Path qw(make_path);
|
||||
|
||||
--
|
||||
2.28.0
|
||||
|
||||
57
padbuster/0002-padBuster.pl-improve-help-message.patch
Normal file
57
padbuster/0002-padBuster.pl-improve-help-message.patch
Normal file
@ -0,0 +1,57 @@
|
||||
From 5de8a7c03ca115c5f976cad8fba7428fadae7d78 Mon Sep 17 00:00:00 2001
|
||||
From: Alexandr Savca <alexandrsavca89@gmail.com>
|
||||
Date: Sun, 4 Oct 2020 19:03:31 +0300
|
||||
Subject: [PATCH 2/2] padBuster.pl: improve help message
|
||||
|
||||
---
|
||||
padBuster.pl | 20 +++++++++++++++++---
|
||||
1 file changed, 17 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/padBuster.pl b/padBuster.pl
|
||||
index 6ab6f25..33aa5da 100755
|
||||
--- a/padBuster.pl
|
||||
+++ b/padBuster.pl
|
||||
@@ -20,7 +20,7 @@ use URI::Escape;
|
||||
use Getopt::Long;
|
||||
use Time::HiRes qw( gettimeofday );
|
||||
use Compress::Zlib;
|
||||
-use File::Basename qw(dirname);
|
||||
+use File::Basename qw(basename dirname);
|
||||
use File::Path qw(make_path);
|
||||
|
||||
# Set defaults with $variable = value
|
||||
@@ -92,7 +92,7 @@ print "+-------------------------------------------+\n";
|
||||
|
||||
if ($#ARGV < 2) {
|
||||
die "
|
||||
- Use: padBuster.pl URL EncryptedSample BlockSize [options]
|
||||
+ Use: @{[basename $0]} URL EncryptedSample BlockSize [options]
|
||||
|
||||
Where: URL = The target URL (and query string if applicable)
|
||||
EncryptedSample = The encrypted value you want to test. Must
|
||||
@@ -130,7 +130,21 @@ Options:
|
||||
-runafter [cmd]: Command to run after finished encryption (replaces #ENC, #DIR)
|
||||
-verbose: Be Verbose
|
||||
-veryverbose: Be Very Verbose (Debug Only)
|
||||
-
|
||||
+
|
||||
+Environment variables:
|
||||
+
|
||||
+ PERL_LWP_SSL_VERIFY_HOSTNAME
|
||||
+ When 1 padBuster.pl will for secure protocol schemes ensure it connects to
|
||||
+ servers that have a valid certificate matching the expected hostname.
|
||||
+ If 0 no checks are made and you can't be sure that you communicate with the
|
||||
+ expected peer. By default - 1.
|
||||
+
|
||||
+ PERL_LWP_SSL_CA_FILE, HTTPS_CA_FILE
|
||||
+ The path to a file containing Certificate Authority certificates.
|
||||
+
|
||||
+ PERL_LWP_SSL_CA_PATH, HTTPS_CA_DIR
|
||||
+ The path to a directory containing files containing Certificate Authority
|
||||
+ certificates.
|
||||
";}
|
||||
|
||||
# Ok, if we've made it this far we are ready to begin..
|
||||
--
|
||||
2.28.0
|
||||
|
||||
22
padbuster/Pkgfile
Normal file
22
padbuster/Pkgfile
Normal file
@ -0,0 +1,22 @@
|
||||
# Description: Performing Padding Oracle attacks (GW Fork)
|
||||
# URL: https://github.com/gw0/PadBuster.git
|
||||
# Maintainer: Alexandr Savca, alexandrsavca89 at gmail dot com
|
||||
# Depends on: p5-libwww p5-lwp-protocol-https
|
||||
|
||||
name=padbuster
|
||||
version=0.3.3.94460ff
|
||||
_commit=94460ff70218d39a858fb941e7936283f347cf52
|
||||
release=1
|
||||
source=(https://github.com/gw0/PadBuster/archive/$_commit/PadBuster-$_commit.zip
|
||||
0001-padBuster.pl-remove-unnecessary-Crypt-SSLeay.patch
|
||||
0002-padBuster.pl-improve-help-message.patch)
|
||||
|
||||
build() {
|
||||
cd PadBuster-$_commit
|
||||
|
||||
patch -p1 < $SRC/0001-padBuster.pl-remove-unnecessary-Crypt-SSLeay.patch
|
||||
patch -p1 < $SRC/0002-padBuster.pl-improve-help-message.patch
|
||||
|
||||
#install -dm755 autoBuster.sh $PKG/usr/bin/autobuster
|
||||
install -Dm755 padBuster.pl $PKG/usr/bin/padbuster
|
||||
}
|
||||
Loading…
Reference in New Issue
Block a user