Merge pull request #260240 from Janik-Haag/wordlists

wordlists: init
2024-11-24 16:03:23 +00:00 · 2023-11-11 00:15:08 +01:00 · 2023-11-11 00:15:08 +01:00 · bcd38fd8b4
commit bcd38fd8b4
parent 3536221702 42ba9eb214
6 changed files with 135 additions and 2 deletions
--- a/pkgs/by-name/ro/rockyou/package.nix
+++ b/pkgs/by-name/ro/rockyou/package.nix
@ -0,0 +1,20 @@
+{ seclists
+, stdenvNoCC
+}:
+stdenvNoCC.mkDerivation {
+  pname = "rockyou";
+  inherit (seclists) version src;
+
+  installPhase = ''
+    runHook preInstall
+
+    mkdir -p $out/share/wordlists/
+    tar -xvzf ${seclists}/share/wordlists/seclists/Passwords/Leaked-Databases/rockyou.txt.tar.gz -C $out/share/wordlists/
+
+    runHook postInstall
+  '';
+
+  meta = seclists.meta // {
+    description = "A famous wordlist often used for brute force attacks";
+  };
+}
--- a/pkgs/by-name/se/seclists/package.nix
+++ b/pkgs/by-name/se/seclists/package.nix
@ -0,0 +1,34 @@
+{ lib
+, fetchFromGitHub
+, stdenvNoCC
+}:
+
+stdenvNoCC.mkDerivation {
+  pname = "seclists";
+  version = "2023.2";
+
+  src = fetchFromGitHub {
+    owner = "danielmiessler";
+    repo = "SecLists";
+    rev = "2023.2";
+    hash = "sha256-yVxb5GaQDuCsyjIV+oZzNUEFoq6gMPeaIeQviwGdAgY=";
+  };
+
+  installPhase = ''
+    runHook preInstall
+
+    mkdir -p $out/share/wordlists/seclists
+    find . -maxdepth 1 -type d -regextype posix-extended -regex '^./[A-Z].*' -exec cp -R {} $out/share/wordlists/seclists \;
+    find $out/share/wordlists/seclists -name "*.md" -delete
+
+    runHook postInstall
+  '';
+
+  meta = with lib; {
+    description = "A collection of multiple types of lists used during security assessments, collected in one place";
+    homepage = "https://github.com/danielmiessler/seclists";
+    license = licenses.mit;
+    maintainers = with maintainers; [ tochiaha janik pamplemousse ];
+  };
+}
+
--- a/pkgs/by-name/wo/wordlists/package.nix
+++ b/pkgs/by-name/wo/wordlists/package.nix
@ -0,0 +1,70 @@
+{ lib
+, callPackage
+, nmap
+, rockyou
+, runtimeShell
+, seclists
+, symlinkJoin
+, tree
+, wfuzz
+, lists ? [
+    nmap
+    rockyou
+    seclists
+    wfuzz
+  ]
+}:
+
+symlinkJoin rec {
+  pname = "wordlists";
+  version = "unstable-2023-10-10";
+
+  name = "${pname}-${version}";
+  paths = lists;
+
+  postBuild = ''
+    mkdir -p $out/bin
+
+    # Create a command to show the location of the links.
+    cat >> $out/bin/wordlists << __EOF__
+    #!${runtimeShell}
+    ${tree}/bin/tree ${placeholder "out"}/share/wordlists
+    __EOF__
+    chmod +x $out/bin/wordlists
+
+    # Create a handy command for easy access to the wordlists.
+    # e.g.: `cat "$(wordlists_path)/rockyou.txt"`, or `ls "$(wordlists_path)/dirbuster"`
+    cat >> $out/bin/wordlists_path << __EOF__
+    #!${runtimeShell}
+    printf "${placeholder "out"}/share/wordlists\n"
+    __EOF__
+    chmod +x $out/bin/wordlists_path
+  '';
+
+  meta = with lib; {
+    description = "A collection of wordlists useful for security testing";
+    longDescription = ''
+      The `wordlists` package provides two scripts. One is called {command}`wordlists`,
+      and it will list a tree of all the wordlists installed. The other one is
+      called {command}`wordlists_path` which will print the path to the nix store
+      location of the lists. You can for example do
+      {command}`$(wordlists_path)/rockyou.txt` to get the location of the
+      [rockyou](https://en.wikipedia.org/wiki/RockYou#Data_breach)
+      wordlist. If you want to modify the available wordlists you can override
+      the `lists` attribute`. In your nixos configuration this would look
+      similiar to this:
+
+      ```nix
+      environment.systemPackages = [
+        (pkgs.wordlists.override { lists = with pkgs; [ rockyou ] })
+      ]
+      ```
+
+      you can use this with nix-shell by doing:
+      {command}`nix-shell -p 'wordlists.override { lists = with (import <nixpkgs> {}); [ nmap ]; }'
+      If you want to add a new package that provides wordlist/s the convention
+      is to copy it to {file}`$out/share/wordlists/myNewWordlist`.
+    '';
+    maintainers = with maintainers; [ janik pamplemousse ];
+  };
+}
--- a/pkgs/development/libraries/cracklib/default.nix
+++ b/pkgs/development/libraries/cracklib/default.nix
@ -1,6 +1,6 @@
 let version = "2.9.11"; in
 { stdenv, lib, buildPackages, fetchurl, zlib, gettext
-, wordlists ? [ (fetchurl {
+, lists ? [ (fetchurl {
  url = "https://github.com/cracklib/cracklib/releases/download/v${version}/cracklib-words-${version}.gz";
  hash = "sha256-popxGjE1c517Z+nzYLM/DU7M+b1/rE0XwNXkVqkcUXo=";
 }) ]
@ -23,7 +23,7 @@ stdenv.mkDerivation rec {
    patchShebangs util

  '' + ''
-    ln -vs ${toString wordlists} dicts/
+    ln -vs ${toString lists} dicts/
  '';

  postInstall = ''
--- a/pkgs/development/python-modules/wfuzz/default.nix
+++ b/pkgs/development/python-modules/wfuzz/default.nix
@ -63,6 +63,11 @@ buildPythonPackage rec {
    "wfuzz"
  ];

+  postInstall = ''
+    mkdir -p $out/share/wordlists/wfuzz
+    cp -R -T "wordlist" "$out/share/wordlists/wfuzz"
+  '';
+
  meta = with lib; {
    description = "Web content fuzzer to facilitate web applications assessments";
    longDescription = ''
--- a/pkgs/tools/security/nmap/default.nix
+++ b/pkgs/tools/security/nmap/default.nix
@ -26,6 +26,10 @@ stdenv.mkDerivation rec {
    "--without-zenmap"
  ];

+  postInstall = ''
+    install -m 444 -D nselib/data/passwords.lst $out/share/wordlists/nmap.lst
+  '';
+
  makeFlags = lib.optionals (stdenv.buildPlatform != stdenv.hostPlatform) [
    "AR=${stdenv.cc.bintools.targetPrefix}ar"
    "RANLIB=${stdenv.cc.bintools.targetPrefix}ranlib"