forked from ihebski/DefaultCreds-cheat-sheet
-
Notifications
You must be signed in to change notification settings - Fork 0
/
creds
executable file
·79 lines (67 loc) · 2.26 KB
/
creds
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
'''
Search for a default credentials using the DefaultCreds-cheat-sheet dataset.
inspired by @ncrocfer whatportis project.
'''
__author__ = "ihebski"
__version__ = "0.1"
__status__ = "Development"
__codename__ = 'creds'
__source__ ="https://github.com/ihebski/DefaultCreds-cheat-sheet"
from tinydb import TinyDB,Query,where
from tinydb.storages import JSONStorage
from tinydb.middlewares import CachingMiddleware
import csv
from prettytable import PrettyTable
import requests
import fire
import pathlib
path = pathlib.Path(__file__).parent
db = TinyDB(f"{path}/DefaultCreds_db.json",storage=CachingMiddleware(JSONStorage))
DefaultCreds_CSV_FILE = "https://raw.githubusercontent.com/ihebski/DefaultCreds-cheat-sheet/main/DefaultCreds-Cheat-Sheet.csv"
def get_db():
"""
This function downloads the DefaultCreds-Cheat-Sheet.csv file and converted into a json database.
https://tinydb.readthedocs.io/en/latest/usage.html
"""
vendor = []
r = requests.get(DefaultCreds_CSV_FILE).content.decode("utf-8")
print("[+] Download database...")
data = csv.reader(r.splitlines())
for row in data:
vendor.append(
{
"product" : row[0].lower().strip() if row[0] else "-",
"username" : row[1].strip() if row[0] else "-",
"password" : row[2].strip() if row[0] else "-"
}
)
db.truncate()
db.insert_multiple(vendor)
db.close()
def print_table(product):
"""
This function returns a pretty table used to display the results.
:param list of searched products
https://pypi.org/project/prettytable/
"""
table = PrettyTable(["Product", "username", "password"])
table.align["Product"] = "l"
table.padding_width = 1
for row in product:
table.add_row([row.get("product"),row.get("username"),row.get("password")])
print(table)
def search(keyword):
"""
This function search for a product using like statement
:param keyword
:return table
"""
if len(db.all()) == 0:
get_db()
print_table(db.search(where("product").search(keyword.lower())))
else:
print_table(db.search(where("product").search(keyword.lower())))
if __name__ == "__main__":
fire.Fire()