maintenance/createCommonPasswordCdb.php

   1 <?php
   2 /**
   3  * Create serialized/commonpasswords.cdb
   4  *
   5  * This program is free software; you can redistribute it and/or modify
   6  * it under the terms of the GNU General Public License as published by
   7  * the Free Software Foundation; either version 2 of the License, or
   8  * (at your option) any later version.
   9  *
  10  * This program is distributed in the hope that it will be useful,
  11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  13  * GNU General Public License for more details.
  14  *
  15  * You should have received a copy of the GNU General Public License along
  16  * with this program; if not, write to the Free Software Foundation, Inc.,
  17  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
  18  * http://www.gnu.org/copyleft/gpl.html
  19  *
  20  * @file
  21  * @ingroup Maintenance
  22  */
  23
  24 require_once __DIR__ . '/Maintenance.php';
  25
  26 /**
  27  * Maintenance script to create common password cdb database.
  28  *
  29  * Meant to take a file like those from
  30  * https://github.com/danielmiessler/SecLists
  31  * For example:
  32  * https://github.com/danielmiessler/SecLists/blob/fe2b40dd84/Passwords/rockyou.txt?raw=true
  33  *
  34  * @see serialized/commonpasswords.cdb and PasswordPolicyChecks::checkPopularPasswordBlacklist
  35  * @since 1.27
  36  * @ingroup Maintenance
  37  */
  38 class GenerateCommonPassword extends Maintenance {
  39         public function __construct() {
  40                 global $IP;
  41                 parent::__construct();
  42                 $this->addDescription( 'Generate CDB file of common passwords' );
  43                 $this->addOption( 'limit', "Max number of passwords to write", false, true, 'l' );
  44                 $this->addArg( 'inputfile', 'List of passwords (one per line) to use or - for stdin', true );
  45                 $this->addArg(
  46                         'output',
  47                         "Location to write CDB file to (Try $IP/serialized/commonpasswords.cdb)",
  48                         true
  49                 );
  50         }
  51
  52         public function execute() {
  53                 $limit = (int)$this->getOption( 'limit', PHP_INT_MAX );
  54                 $langEn = Language::factory( 'en' );
  55
  56                 $infile = $this->getArg( 0 );
  57                 if ( $infile === '-' ) {
  58                         $infile = 'php://stdin';
  59                 }
  60                 $outfile = $this->getArg( 1 );
  61
  62                 if ( !is_readable( $infile ) && $infile !== 'php://stdin' ) {
  63                         $this->error( "Cannot open input file $infile for reading", 1 );
  64                 }
  65
  66                 $file = fopen( $infile, 'r' );
  67                 if ( $file === false ) {
  68                         $this->error( "Cannot read input file $infile", 1 );
  69                 }
  70
  71                 try {
  72                         $db = \Cdb\Writer::open( $outfile );
  73
  74                         $alreadyWritten = [];
  75                         $skipped = 0;
  76                         for ( $i = 0; ( $i - $skipped ) < $limit; $i++ ) {
  77                                 if ( feof( $file ) ) {
  78                                         break;
  79                                 }
  80                                 $rawLine = fgets( $file );
  81
  82                                 if ( $rawLine === false ) {
  83                                         $this->error( "Error reading input file" );
  84                                         break;
  85                                 }
  86                                 if ( substr( $rawLine, -1 ) !== "\n" && !feof( $file ) ) {
  87                                         // We're assuming that this just won't happen.
  88                                         $this->error( "fgets did not return whole line at $i??" );
  89                                 }
  90                                 $line = $langEn->lc( trim( $rawLine ) );
  91                                 if ( $line === '' ) {
  92                                         $this->error( "Line number " . ( $i + 1 ) . " is blank?" );
  93                                         $skipped++;
  94                                         continue;
  95                                 }
  96                                 if ( isset( $alreadyWritten[$line] ) ) {
  97                                         $this->output( "Password '$line' already written (line " . ( $i + 1 ) .")\n" );
  98                                         $skipped++;
  99                                         continue;
 100                                 }
 101                                 $alreadyWritten[$line] = true;
 102                                 $db->set( $line, $i + 1 - $skipped );
 103                         }
 104                         // All caps, so cannot conflict with potential password
 105                         $db->set( '_TOTALENTRIES', $i - $skipped );
 106                         $db->close();
 107
 108                         $this->output( "Successfully wrote " . ( $i - $skipped ) .
 109                                 " (out of $i) passwords to $outfile\n"
 110                         );
 111                 } catch ( \Cdb\Exception $e ) {
 112                         $this->error( "Error writing cdb file: " . $e->getMessage(), 2 );
 113                 }
 114         }
 115 }
 116
 117 $maintClass = "GenerateCommonPassword";
 118 require_once RUN_MAINTENANCE_IF_MAIN;