~nighthawk/pkg2wordlist

51788c5853f77997f4a22b21955d6a7eb33a8c0c — Frank Brodbeck 4 months ago 018ed32 master
CentOS Support
2 files changed, 48 insertions(+), 12 deletions(-)

M README.md
M pkg2wordlist.py
M README.md => README.md +16 -6
@@ 11,24 11,34 @@ If you know the target it's better to use specific wordlists instead of you gene
* Ubuntu
* Debian
* Arch
* CentOS

## How

### Usage

```console
user@attacker:~$ python3 pkg2wordlist.py  -h
usage: pkg2wordlist.py [-h] -o {ubuntu,debian,arch} -r RELEASE -p PKG [-a ARCH]
user@attacker:~$ python3 pkg2wordlist.py
usage: pkg2wordlist.py [-h] [-a ARCH] -o {ubuntu,debian,arch,centos} -r
                       RELEASE -p PKG

Felch package contents

optional arguments:
  -h, --help            show this help message and exit
  -o {ubuntu,debian,arch}
  -h                    show this help message
  -a ARCH               arch (default: all)
  -o {ubuntu,debian,arch,centos}
                        distribution/os name
  -r RELEASE            release / repository (e.g. arch)
  -p PKG                packagename
  -a ARCH               arch

CAVEATS:
The following OS / distris are provided by pkgs.org:

CentOS

for these you need to provide detailed packagenames, e.g. tomcat-7.0.104-1.el6.noarch.rpm

CentOS currently only supports epel
```

### Retrieve the filelist

M pkg2wordlist.py => pkg2wordlist.py +32 -6
@@ 18,6 18,7 @@ from bs4 import BeautifulSoup
import requests
import argparse
import json
import sys


class _os:


@@ 25,6 26,7 @@ class _os:
            'ubuntu': 'https://packages.ubuntu.com',
            'debian': 'https://packages.debian.org',
            'arch': 'https://www.archlinux.org',
            'centos': 'https://centos.pkgs.org',
    }

    def __init__(self, name, release, arch, pkg):


@@ 38,25 40,40 @@ class _os:
            self.url = self.url+"/"+self.release+"/"+self.arch+"/"+self.pkg+"/filelist"
        elif self.name == 'arch':
            self.url = self.url+"/packages/"+self.release+"/"+self.arch+"/"+self.pkg+"/files/json"
        elif self.name == 'centos':
            self.url = self.url+"/"+self.release+"/epel-"+self.arch+"/"+self.pkg+".html"

    def fetchPkgList(self, page):
        name = self.name
        soup = BeautifulSoup(page.text, 'html.parser')
        content = []

        if name == 'ubuntu' or name == 'debian':
            soup = BeautifulSoup(page.text, 'html.parser')
            content = soup.find('div', id='pfilelist').find('pre').text.splitlines(True)
        if name == 'arch':
            soup = BeautifulSoup(page.text, 'html.parser')
        elif name == 'arch':
            content = json.loads(soup.text)
            content = content['files']
        elif name == 'centos':
            print("[!] Be sure to provide a package name like: tomcat-7.0.104-1.el6.noarch.rpm", file = sys.stderr)
            #content = soup.find('table').find('th', string = "Path").find("tbody").find_all("tr").text.splitlines(True)
            files = soup.find('h2', string = 'Files')
            files = files.find_next('tbody').find_all("td")

            for _item in files:
                content.append(_item.text)

        return content

def main(args):
    os = _os(args.osname, args.release, args.arch, args.pkg)

    # pkgs.org needs this, otherwise you will be prompted with a 403
    headers = {
        'User-Agent': 'Mozilla/5.0 (X11; OpenBSD amd64; rv:78.0) Gecko/20100101 Firefox/78.0',
    }

    session = requests.Session()
    page = session.get(os.url)
    page = session.get(os.url, headers = headers)

    content = os.fetchPkgList(page)



@@ 64,14 81,23 @@ def main(args):
        print(line.rstrip())

if __name__ == '__main__':
    parser = argparse.ArgumentParser(description = 'Felch package contents', add_help = False)
    caveat_pkgs = "The following OS / distris are provided by pkgs.org:\n\n{distris}".format(distris = "CentOS")
    caveat_pkgs = "{e}\n\nfor these you need to provide detailed packagenames, e.g. tomcat-7.0.104-1.el6.noarch.rpm\n".format(e = caveat_pkgs)
    caveat_centos = "CentOS currently only supports epel"
    caveat = "CAVEATS:\n{pkgs}\n{centos}".format(pkgs = caveat_pkgs, centos = caveat_centos)
    epilog = "{c}".format(c = caveat)

    parser = argparse.ArgumentParser(description = 'Felch package contents', 
      formatter_class=argparse.RawDescriptionHelpFormatter,
      add_help = False,
      epilog = epilog)

    # just give me one anonymous argument group
    myargs = parser.add_argument_group()

    # optional args
    myargs.add_argument('-h', help = "show this help message", action = "help")
    myargs.add_argument('-a', help = "arch", required = False, dest = 'arch', default = 'all')
    myargs.add_argument('-a', help = "arch (default: all)", required = False, dest = 'arch', default = 'all')

    # required args
    myargs.add_argument('-o', help = "distribution/os name", required = True,