routersploit: Avoid hardcoded paths to make several modules working again

[Leonardo Taccari <leot%NetBSD.org@localhost>]

Module Name:	pkgsrc-wip
Committed By:	Leonardo Taccari <leot%NetBSD.org@localhost>
Pushed By:	leot
Date:		Fri Apr 5 16:39:26 2019 +0200
Changeset:	604fad68069bd5177c44b129f31417685b843577

Modified Files:
	routersploit/distinfo
Added Files:
	routersploit/patches/patch-routersploit_core_exploit_utils.py
	routersploit/patches/patch-routersploit_modules_exploits_generic_ssh__auth__keys.py
	routersploit/patches/patch-routersploit_modules_scanners_autopwn.py
Removed Files:
	routersploit/TODO

Log Message:
routersploit: Avoid hardcoded paths to make several modules working again

scanners/autopwn and other modules accidentally assumed hardcoded
paths relative to $PWD making running an installed rsf.py most
likely unworkable.

Address all hardcoded uses triggered by scanners/autopwn (and
according a quick grep hopefully no other significant hardcoded
$PWD assumptions shouldn't be around).

Remove TODO, probably it can be considered ready to be imported!

XXX: Share all these patches upstream!

To see a diff of this commit:
https://wip.pkgsrc.org/cgi-bin/gitweb.cgi?p=pkgsrc-wip.git;a=commitdiff;h=604fad68069bd5177c44b129f31417685b843577

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

diffstat:
 routersploit/TODO                                  | 36 ------------------
 routersploit/distinfo                              |  4 +-
 .../patch-routersploit_core_exploit_utils.py       | 44 ++++++++++++++++++++++
 ...oit_modules_exploits_generic_ssh__auth__keys.py | 16 ++++++++
 .../patch-routersploit_modules_scanners_autopwn.py | 18 +++++++++
 5 files changed, 81 insertions(+), 37 deletions(-)

diffs:
diff --git a/routersploit/TODO b/routersploit/TODO
deleted file mode 100644
index a3974632a6..0000000000
--- a/routersploit/TODO
+++ /dev/null
@@ -1,36 +0,0 @@
-By using e.g. scanners/autopwn and setting a target, several threads
-are started but they quickly terminate, e.g.:
-
- [...]
- [*] Running module...
- 
- [*] Starting vulnerablity check...
- [*] thread-0 thread is starting...
- [*] thread-1 thread is starting...
- [...]
- [*] thread-0 thread is terminated.
- [*] thread-1 thread is terminated.
- [...]
- 
- [*] Elapsed time: 0.0001952648162841797 seconds
- 
- [*] Starting default credentials check...
- [*] thread-0 thread is starting...
- [*] thread-1 thread is starting...
- [...]
- [*] thread-0 thread is terminated.
- [*] thread-1 thread is terminated.
- [...]
- 
- [*] Elapsed time: 0.00017380714416503906 seconds
- [...]
-
-At least ktruss-ing it reveals that several open("routersploit/...")
-fails due ENOENT.  If the $PWD is ${PYSITELIB} and then directly
-invoking routersploit in the python interpreter via:
-
- >>> from routersploit.interpreter import RoutersploitInterpreter
- >>> rsf = RoutersploitInterpreter()
- >>> rsf.start()
-
-routersploit works as usual!
diff --git a/routersploit/distinfo b/routersploit/distinfo
index 4fdf8fa099..8d79e96761 100644
--- a/routersploit/distinfo
+++ b/routersploit/distinfo
@@ -4,4 +4,6 @@ SHA1 (routersploit-3.4.0.tar.gz) = a614706c1367fa576e55642d4696faec205d66d8
 RMD160 (routersploit-3.4.0.tar.gz) = a568e886b85896d574065c9b04b96471253606b0
 SHA512 (routersploit-3.4.0.tar.gz) = 9182598105c4d1c971dc63ac24059469dd1862af204f59994cfc85012091663a85faee4c7c04cce573eef1fa91525b44a3963b8c24460d3b31595c4ef6a6c4e5
 Size (routersploit-3.4.0.tar.gz) = 465082 bytes
-SHA1 (patch-setup.py) = b58c5b6a56036cfd27a7ae3fc2262fcebe767893
+SHA1 (patch-routersploit_core_exploit_utils.py) = c6f7c8dde2d18ccda93d30e0acdb8072dc93e258
+SHA1 (patch-routersploit_modules_exploits_generic_ssh__auth__keys.py) = d05ada3fea97cf65bb3ed5888fdc3dd6b4e53105
+SHA1 (patch-routersploit_modules_scanners_autopwn.py) = 230ec87a9e8de95069e511815d746768192928ce
diff --git a/routersploit/patches/patch-routersploit_core_exploit_utils.py b/routersploit/patches/patch-routersploit_core_exploit_utils.py
new file mode 100644
index 0000000000..dad476e1c5
--- /dev/null
+++ b/routersploit/patches/patch-routersploit_core_exploit_utils.py
@@ -0,0 +1,44 @@
+$NetBSD$
+
+- Introduce a RESOURCES_DIR similar to other *_DIR
+- Add a resources_directory parameter to lookup_vendor() to avoid possible
+  hardcoded directory and - if not provided - pick up the default
+  RESOURCES_DIR.
+
+--- routersploit/core/exploit/utils.py.orig	2018-10-17 17:30:53.000000000 +0000
++++ routersploit/core/exploit/utils.py
+@@ -6,12 +6,14 @@ import random
+ from functools import wraps
+ 
+ import routersploit.modules as rsf_modules
++import routersploit.resources as resources
+ import routersploit.resources.wordlists as wordlists
+ 
+ from routersploit.core.exploit.printer import print_error, print_info
+ from routersploit.core.exploit.exceptions import RoutersploitException
+ 
+ MODULES_DIR = rsf_modules.__path__[0]
++RESOURCES_DIR = resources.__path__[0]
+ WORDLISTS_DIR = wordlists.__path__[0]
+ 
+ 
+@@ -211,16 +213,17 @@ def stop_after(space_number):
+     return _outer_wrapper
+ 
+ 
+-def lookup_vendor(addr: str) -> str:
++def lookup_vendor(addr: str, resources_directory: str=RESOURCES_DIR) -> str:
+     """ Lookups vendor (manufacturer) based on MAC address
+ 
+     :param str addr: MAC address to lookup
++    :param str resources_directory: path to resources directory
+     :return str: vendor name from oui.dat database
+     """
+ 
+     addr = addr.upper().replace(":", "")
+ 
+-    path = "./routersploit/resources/vendors/oui.dat"
++    path = os.path.join(resources_directory, "vendors/oui.dat")
+     with open(path, "r") as f:
+         for line in f.readlines():
+             line = line.strip()
diff --git a/routersploit/patches/patch-routersploit_modules_exploits_generic_ssh__auth__keys.py b/routersploit/patches/patch-routersploit_modules_exploits_generic_ssh__auth__keys.py
new file mode 100644
index 0000000000..fde111c7c3
--- /dev/null
+++ b/routersploit/patches/patch-routersploit_modules_exploits_generic_ssh__auth__keys.py
@@ -0,0 +1,16 @@
+$NetBSD$
+
+- Use RESOURCES_DIR instead of picking up ssh_keys in ${PWD} (and mostly likely
+  failing)
+
+--- routersploit/modules/exploits/generic/ssh_auth_keys.py.orig	2018-10-17 17:30:53.000000000 +0000
++++ routersploit/modules/exploits/generic/ssh_auth_keys.py
+@@ -51,7 +51,7 @@ class Exploit(SSHClient):
+         self.valid = None
+         self.private_keys = []
+ 
+-        ssh_keys_path = "./routersploit/resources/ssh_keys"
++        ssh_keys_path = os.path.join(utils.RESOURCES_DIR, "ssh_keys")
+         ssh_keys = [".".join(filename.split(".")[:-1]) for filename in os.listdir(ssh_keys_path) if filename.endswith(".json")]
+ 
+         for ssh_key in ssh_keys:
diff --git a/routersploit/patches/patch-routersploit_modules_scanners_autopwn.py b/routersploit/patches/patch-routersploit_modules_scanners_autopwn.py
new file mode 100644
index 0000000000..c58878ddcb
--- /dev/null
+++ b/routersploit/patches/patch-routersploit_modules_scanners_autopwn.py
@@ -0,0 +1,18 @@
+$NetBSD$
+
+- Use MODULES_DIR instead of picking up modules in ${PWD} (and mostly likely
+  failing)
+
+--- routersploit/modules/scanners/autopwn.py.orig	2018-10-17 17:30:53.000000000 +0000
++++ routersploit/modules/scanners/autopwn.py
+@@ -34,8 +34,8 @@ class Exploit(Exploit):
+         self.vulnerabilities = []
+         self.creds = []
+         self.not_verified = []
+-        self._exploits_directories = [path.join("routersploit/modules/exploits/", module) for module in self.modules]
+-        self._creds_directories = [path.join("routersploit/modules/creds/", module) for module in self.modules]
++        self._exploits_directories = [path.join(utils.MODULES_DIR, "exploits", module) for module in self.modules]
++        self._creds_directories = [path.join(utils.MODULES_DIR, "creds", module) for module in self.modules]
+ 
+     def run(self):
+         self.vulnerabilities = []