Module: PWN::Plugins::AnsibleVault
- Defined in:
- lib/pwn/plugins/ansible_vault.rb
Overview
Used to encrypt/decrypt configuration files leveraging AES256 (ansible-vault utility wrapper)
Constant Summary collapse
- @@logger =
PWN::Plugins::PWNLogger.create
Class Method Summary collapse
-
.authors ⇒ Object
- Author(s)
-
0day Inc.
-
.decrypt(opts = {}) ⇒ Object
- Supported Method Parameters
-
PWN::Plugins::AnsibleVault.decrypt( yaml_config: ‘required - yaml config to decrypt’, vpassfile: ‘required - path to anisble-vault pass file’ ).
-
.encrypt(opts = {}) ⇒ Object
- Supported Method Parameters
-
PWN::Plugins::AnsibleVault.encrypt( yaml_config: ‘required - yaml config to encrypt’, vpassfile: ‘required - path to anisble-vault pass file’ ).
-
.help ⇒ Object
Display Usage for this Module.
Class Method Details
.authors ⇒ Object
- Author(s)
-
0day Inc. <[email protected]>
49 50 51 52 53 |
# File 'lib/pwn/plugins/ansible_vault.rb', line 49 public_class_method def self. "AUTHOR(S): 0day Inc. <[email protected]> " end |
.decrypt(opts = {}) ⇒ Object
- Supported Method Parameters
-
PWN::Plugins::AnsibleVault.decrypt(
yaml_config: 'required - yaml config to decrypt', vpassfile: 'required - path to anisble-vault pass file')
32 33 34 35 36 37 38 39 40 41 42 43 44 45 |
# File 'lib/pwn/plugins/ansible_vault.rb', line 32 public_class_method def self.decrypt(opts = {}) yaml_config = opts[:yaml_config].to_s.scrub if File.exist?(opts[:yaml_config].to_s.scrub) vpassfile = opts[:vpassfile].to_s.scrub if File.exist?(opts[:vpassfile].to_s.scrub) if File.extname(yaml_config) == '.yaml' config_resp = YAML.safe_load(`sudo ansible-vault view #{yaml_config} --vault-password-file #{vpassfile}`) else config_resp = `sudo ansible-vault view #{yaml_config} --vault-password-file #{vpassfile}` end config_resp rescue StandardError => e raise e end |
.encrypt(opts = {}) ⇒ Object
- Supported Method Parameters
-
PWN::Plugins::AnsibleVault.encrypt(
yaml_config: 'required - yaml config to encrypt', vpassfile: 'required - path to anisble-vault pass file')
17 18 19 20 21 22 23 24 |
# File 'lib/pwn/plugins/ansible_vault.rb', line 17 public_class_method def self.encrypt(opts = {}) yaml_config = opts[:yaml_config].to_s.scrub if File.exist?(opts[:yaml_config].to_s.scrub) vpassfile = opts[:vpassfile].to_s.scrub if File.exist?(opts[:vpassfile].to_s.scrub) `sudo ansible-vault encrypt #{yaml_config} --vault-password-file #{vpassfile}` rescue StandardError => e raise e end |
.help ⇒ Object
Display Usage for this Module
57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 |
# File 'lib/pwn/plugins/ansible_vault.rb', line 57 public_class_method def self.help puts "USAGE: #{self}.encrypt( yaml_config: 'required - yaml config to encrypt', vpassfile: 'required - path to anisble-vault pass file' ) #{self}.decrypt( yaml_config: 'required - yaml config to decrypt', vpassfile: 'required - path to anisble-vault pass file' ) #{self}.authors " end |