diff options
Diffstat (limited to 'pkgs/tools/security')
-rw-r--r-- | pkgs/tools/security/john/default.nix | 101 | ||||
-rw-r--r-- | pkgs/tools/security/john/opencl.patch | 18 | ||||
-rw-r--r-- | pkgs/tools/security/metasploit/Gemfile | 2 | ||||
-rw-r--r-- | pkgs/tools/security/metasploit/Gemfile.lock | 10 | ||||
-rw-r--r-- | pkgs/tools/security/metasploit/default.nix | 4 | ||||
-rw-r--r-- | pkgs/tools/security/metasploit/gemset.nix | 10 | ||||
-rw-r--r-- | pkgs/tools/security/pinentry-rofi/default.nix | 4 |
7 files changed, 117 insertions, 32 deletions
diff --git a/pkgs/tools/security/john/default.nix b/pkgs/tools/security/john/default.nix index b06e0f3ec64ff..aeefcaa0bbefd 100644 --- a/pkgs/tools/security/john/default.nix +++ b/pkgs/tools/security/john/default.nix @@ -1,5 +1,25 @@ -{ lib, stdenv, fetchFromGitHub, openssl, nss, nspr, libkrb5, gmp, zlib, libpcap, re2 -, gcc, python3Packages, perl, perlPackages, makeWrapper, }: +{ + lib, + stdenv, + fetchFromGitHub, + openssl, + nss, + nspr, + libkrb5, + gmp, + zlib, + libpcap, + re2, + gcc, + python3Packages, + perl, + perlPackages, + withOpenCL ? true, + opencl-headers, + ocl-icd, + substituteAll, + makeWrapper, +}: stdenv.mkDerivation rec { pname = "john"; @@ -12,6 +32,13 @@ stdenv.mkDerivation rec { hash = "sha256-zvoN+8Sx6qpVg2JeRLOIH1ehfl3tFTv7r5wQZ44Qsbc="; }; + patches = lib.optionals withOpenCL [ + (substituteAll { + src = ./opencl.patch; + ocl_icd = ocl-icd; + }) + ]; + postPatch = '' sed -ri -e ' s!^(#define\s+CFG_[A-Z]+_NAME\s+).*/!\1"'"$out"'/etc/john/! @@ -23,25 +50,61 @@ stdenv.mkDerivation rec { }' run/*.conf ''; - preConfigure = '' - cd src - # Makefile.in depends on AS and LD being set to CC, which is set by default in configure.ac. - # This ensures we override the environment variables set in cc-wrapper/setup-hook.sh - export AS=$CC - export LD=$CC - ''; + preConfigure = + '' + cd src + # Makefile.in depends on AS and LD being set to CC, which is set by default in configure.ac. + # This ensures we override the environment variables set in cc-wrapper/setup-hook.sh + export AS=$CC + export LD=$CC + '' + + lib.optionalString withOpenCL '' + python ./opencl_generate_dynamic_loader.py # Update opencl_dynamic_loader.c + ''; configureFlags = [ "--disable-native-tests" "--with-systemwide" ]; - buildInputs = [ openssl nss nspr libkrb5 gmp zlib libpcap re2 ]; - nativeBuildInputs = [ gcc python3Packages.wrapPython perl makeWrapper ]; - propagatedBuildInputs = (with python3Packages; [ dpkt scapy lxml ]) ++ # For pcap2john.py - (with perlPackages; [ DigestMD4 DigestSHA1 GetoptLong # For pass_gen.pl - CompressRawLzma # For 7z2john.pl - perlldap ]); # For sha-dump.pl - # TODO: Get dependencies for radius2john.pl and lion2john-alt.pl + buildInputs = + [ + openssl + nss + nspr + libkrb5 + gmp + zlib + libpcap + re2 + ] + ++ lib.optionals withOpenCL [ + opencl-headers + ocl-icd + ]; + nativeBuildInputs = [ + gcc + python3Packages.wrapPython + perl + makeWrapper + ]; + propagatedBuildInputs = + # For pcap2john.py + (with python3Packages; [ + dpkt + scapy + lxml + ]) + ++ (with perlPackages; [ + # For pass_gen.pl + DigestMD4 + DigestSHA1 + GetoptLong + # For 7z2john.pl + CompressRawLzma + # For sha-dump.pl + perlldap + ]); + # TODO: Get dependencies for radius2john.pl and lion2john-alt.pl # gcc -DAC_BUILT -Wall vncpcap2john.o memdbg.o -g -lpcap -fopenmp -o ../run/vncpcap2john # gcc: error: memdbg.o: No such file or directory @@ -70,7 +133,11 @@ stdenv.mkDerivation rec { description = "John the Ripper password cracker"; license = licenses.gpl2Plus; homepage = "https://github.com/openwall/john/"; - maintainers = with maintainers; [ offline matthewbauer cherrykitten ]; + maintainers = with maintainers; [ + offline + matthewbauer + cherrykitten + ]; platforms = platforms.unix; }; } diff --git a/pkgs/tools/security/john/opencl.patch b/pkgs/tools/security/john/opencl.patch new file mode 100644 index 0000000000000..575bfa82638ba --- /dev/null +++ b/pkgs/tools/security/john/opencl.patch @@ -0,0 +1,18 @@ +diff --git a/src/opencl_generate_dynamic_loader.py b/src/opencl_generate_dynamic_loader.py +index 790705330..2acedbc56 100755 +--- a/src/opencl_generate_dynamic_loader.py ++++ b/src/opencl_generate_dynamic_loader.py +@@ -134,12 +134,7 @@ static void load_opencl_dll(void) + + /* Names to try to load */ + const char * const opencl_names[] = { +- "libOpenCL.so", /* Linux/others, hack via "development" sub-package's symlink */ +- "OpenCL", /* _WIN */ +- "/System/Library/Frameworks/OpenCL.framework/OpenCL", /* __APPLE__ */ +- "opencl.dll", /* __CYGWIN__ */ +- "cygOpenCL-1.dll", /* __CYGWIN__ */ +- "libOpenCL.so.1" /* Linux/others, no "development" sub-package installed */ ++ "@ocl_icd@/lib/libOpenCL.so" /* NixOS */ + }; + + for (i = 0; i < sizeof(opencl_names)/sizeof(opencl_names[0]); i++) { diff --git a/pkgs/tools/security/metasploit/Gemfile b/pkgs/tools/security/metasploit/Gemfile index 55597617ab4d7..125546793296e 100644 --- a/pkgs/tools/security/metasploit/Gemfile +++ b/pkgs/tools/security/metasploit/Gemfile @@ -1,4 +1,4 @@ # frozen_string_literal: true source "https://rubygems.org" -gem "metasploit-framework", git: "https://github.com/rapid7/metasploit-framework", ref: "refs/tags/6.4.14" +gem "metasploit-framework", git: "https://github.com/rapid7/metasploit-framework", ref: "refs/tags/6.4.15" diff --git a/pkgs/tools/security/metasploit/Gemfile.lock b/pkgs/tools/security/metasploit/Gemfile.lock index 877afc8a4f9d0..f8839316b6a1c 100644 --- a/pkgs/tools/security/metasploit/Gemfile.lock +++ b/pkgs/tools/security/metasploit/Gemfile.lock @@ -1,9 +1,9 @@ GIT remote: https://github.com/rapid7/metasploit-framework - revision: 685168ecf3266361a8e7836b2a7889751b7d20b8 - ref: refs/tags/6.4.14 + revision: b4a408704631fd0a0a4587f1f1a0017bcec9fb45 + ref: refs/tags/6.4.15 specs: - metasploit-framework (6.4.14) + metasploit-framework (6.4.15) aarch64 abbrev actionpack (~> 7.0.0) @@ -44,7 +44,7 @@ GIT metasploit-model metasploit-payloads (= 2.0.166) metasploit_data_models - metasploit_payloads-mettle (= 1.0.26) + metasploit_payloads-mettle (= 1.0.28) mqtt msgpack (~> 1.6.0) mutex_m @@ -280,7 +280,7 @@ GEM railties (~> 7.0) recog webrick - metasploit_payloads-mettle (1.0.26) + metasploit_payloads-mettle (1.0.28) method_source (1.1.0) mini_portile2 (2.8.6) minitest (5.23.1) diff --git a/pkgs/tools/security/metasploit/default.nix b/pkgs/tools/security/metasploit/default.nix index e5844a655017f..6bd3bf152e58c 100644 --- a/pkgs/tools/security/metasploit/default.nix +++ b/pkgs/tools/security/metasploit/default.nix @@ -15,13 +15,13 @@ let }; in stdenv.mkDerivation rec { pname = "metasploit-framework"; - version = "6.4.14"; + version = "6.4.15"; src = fetchFromGitHub { owner = "rapid7"; repo = "metasploit-framework"; rev = "refs/tags/${version}"; - hash = "sha256-aUxHCeRBlE0CQuroxge9A/O1LA9DfQJwuwWZsPUKz1A="; + hash = "sha256-CJXti/pX2Q59fJgRbAodUDMlMHIJH0eh3kOZxrQEllY="; }; nativeBuildInputs = [ diff --git a/pkgs/tools/security/metasploit/gemset.nix b/pkgs/tools/security/metasploit/gemset.nix index ee76850346098..c1918985810b3 100644 --- a/pkgs/tools/security/metasploit/gemset.nix +++ b/pkgs/tools/security/metasploit/gemset.nix @@ -724,12 +724,12 @@ platforms = []; source = { fetchSubmodules = false; - rev = "685168ecf3266361a8e7836b2a7889751b7d20b8"; - sha256 = "0l6g1bsv1685pdq04za31wnbbwq3pl3wds7a8814v521wh4lfk39"; + rev = "b4a408704631fd0a0a4587f1f1a0017bcec9fb45"; + sha256 = "0mln0jscd6a3vshlf7q9f8q2acsh3l56q4cqgiyhxnapza5yv588"; type = "git"; url = "https://github.com/rapid7/metasploit-framework"; }; - version = "6.4.14"; + version = "6.4.15"; }; metasploit-model = { groups = ["default"]; @@ -766,10 +766,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1qprmbmpw4c8396m0whbp08xzdbjc0s2zd0jkxqnh3aswmx8pj3m"; + sha256 = "0649y1zc2pncfalsa5nkszmbiz1gfg4q3bhh4p2q6vwaac5g6sfj"; type = "gem"; }; - version = "1.0.26"; + version = "1.0.28"; }; method_source = { groups = ["default"]; diff --git a/pkgs/tools/security/pinentry-rofi/default.nix b/pkgs/tools/security/pinentry-rofi/default.nix index 45c817c697956..6d623f5816581 100644 --- a/pkgs/tools/security/pinentry-rofi/default.nix +++ b/pkgs/tools/security/pinentry-rofi/default.nix @@ -11,13 +11,13 @@ stdenv.mkDerivation rec { pname = "pinentry-rofi"; - version = "2.1.0"; + version = "2.1.1"; src = fetchFromGitHub { owner = "plattfot"; repo = pname; rev = version; - sha256 = "sha256-J6aQTIFHlg21M9niBYdVih11heIPCLsGv0HOPaeguew="; + sha256 = "sha256-e7dpMivZrTHmRuAzBzDVRoUgvBt6NpZ43FRQtX2omHA="; }; nativeBuildInputs = [ |