diff --git a/capabilities/network-ops/capability.yaml b/capabilities/network-ops/capability.yaml index a3904cc..d50cf2a 100644 --- a/capabilities/network-ops/capability.yaml +++ b/capabilities/network-ops/capability.yaml @@ -1,6 +1,6 @@ schema: 1 name: network-ops -version: "2.1.6" +version: "2.1.7" description: > Network operations and Active Directory exploitation. Multi-agent pipeline for autonomous red teaming with Nmap scanning, Netexec @@ -43,6 +43,8 @@ checks: command: "test -f /opt/DFSCoerce/dfscoerce.py" - name: shadowcoerce command: "test -f /opt/ShadowCoerce/shadowcoerce.py" + - name: rockyou-wordlist + command: "test -s /usr/share/wordlists/rockyou.txt" keywords: - network-ops diff --git a/capabilities/network-ops/scripts/install_coercion_tools.sh b/capabilities/network-ops/scripts/install_coercion_tools.sh index 5e65ab0..f0d6fc8 100755 --- a/capabilities/network-ops/scripts/install_coercion_tools.sh +++ b/capabilities/network-ops/scripts/install_coercion_tools.sh @@ -14,6 +14,53 @@ else echo "[*] impacket already importable, skipping" fi +# -- Wordlists for password cracking ----------------------------------------- +WORDLIST_DIR="/usr/share/wordlists" +mkdir -p "$WORDLIST_DIR" + +# rockyou — the standard wordlist for cracking (14M passwords) +if [ -s "$WORDLIST_DIR/rockyou.txt" ]; then + echo "[*] rockyou.txt already exists, skipping" +elif [ -f "$WORDLIST_DIR/rockyou.txt.gz" ]; then + echo "[+] Decompressing rockyou.txt.gz" + rm -f "$WORDLIST_DIR/rockyou.txt" + gunzip -k "$WORDLIST_DIR/rockyou.txt.gz" \ + || echo "[!] Failed to decompress rockyou.txt.gz (non-fatal)" +else + echo "[+] Downloading rockyou.txt" + curl -fsSL --retry 3 --connect-timeout 10 "https://github.com/brannondorsey/naive-hashcat/releases/download/data/rockyou.txt" \ + -o "$WORDLIST_DIR/rockyou.txt" \ + || echo "[!] Failed to download rockyou.txt (non-fatal)" +fi + +# Top 10k most common passwords — fast first-pass for spraying +# Non-fatal: wordlist download failures shouldn't block coercion script setup +if [ -s "$WORDLIST_DIR/10k-most-common.txt" ]; then + echo "[*] 10k-most-common.txt already exists, skipping" +else + echo "[+] Downloading SecLists 10k most common passwords" + curl -fsSL --retry 3 --connect-timeout 10 "https://raw.githubusercontent.com/danielmiessler/SecLists/master/Passwords/Common-Credentials/10k-most-common.txt" \ + -o "$WORDLIST_DIR/10k-most-common.txt" \ + || echo "[!] Failed to download 10k-most-common.txt (non-fatal)" +fi + +# OneRuleToRuleThemAll — hashcat rules that multiply wordlist effectiveness +# Combines rules from Hob0Rules, KoreLogic, NSA, and hashcat generated rules +# Non-fatal: rules dir may not be writable and that's OK +RULES_DIR="/usr/share/hashcat/rules" +if mkdir -p "$RULES_DIR" 2>&1; then + if [ -s "$RULES_DIR/OneRuleToRuleThemAll.rule" ]; then + echo "[*] OneRuleToRuleThemAll.rule already exists, skipping" + else + echo "[+] Downloading OneRuleToRuleThemAll hashcat rules" + curl -fsSL --retry 3 --connect-timeout 10 "https://raw.githubusercontent.com/NotSoSecure/password_cracking_rules/master/OneRuleToRuleThemAll.rule" \ + -o "$RULES_DIR/OneRuleToRuleThemAll.rule" \ + || echo "[!] Failed to download OneRuleToRuleThemAll.rule (non-fatal)" + fi +else + echo "[!] Cannot create $RULES_DIR (non-fatal, skipping hashcat rules)" +fi + # -- Coercion scripts ------------------------------------------------------- REPOS=( "https://github.com/topotam/PetitPotam /opt/PetitPotam"