diff options
Diffstat (limited to 'pkgs/tools/security')
-rw-r--r-- | pkgs/tools/security/exploitdb/default.nix | 4 | ||||
-rw-r--r-- | pkgs/tools/security/ghidra/0001-Use-protobuf-gradle-plugin.patch | 227 | ||||
-rw-r--r-- | pkgs/tools/security/ghidra/build.nix | 39 | ||||
-rw-r--r-- | pkgs/tools/security/gitleaks/default.nix | 6 | ||||
-rw-r--r-- | pkgs/tools/security/metasploit/Gemfile | 2 | ||||
-rw-r--r-- | pkgs/tools/security/metasploit/Gemfile.lock | 6 | ||||
-rw-r--r-- | pkgs/tools/security/metasploit/default.nix | 4 | ||||
-rw-r--r-- | pkgs/tools/security/metasploit/gemset.nix | 6 | ||||
-rw-r--r-- | pkgs/tools/security/nitrokey-app2/default.nix | 6 |
9 files changed, 141 insertions, 159 deletions
diff --git a/pkgs/tools/security/exploitdb/default.nix b/pkgs/tools/security/exploitdb/default.nix index 509501d52cd..6bb2a5a0e6b 100644 --- a/pkgs/tools/security/exploitdb/default.nix +++ b/pkgs/tools/security/exploitdb/default.nix @@ -6,13 +6,13 @@ stdenv.mkDerivation rec { pname = "exploitdb"; - version = "2023-11-11"; + version = "2023-11-18"; src = fetchFromGitLab { owner = "exploit-database"; repo = pname; rev = "refs/tags/${version}"; - hash = "sha256-oB28qKIvGHh/h726Wsy8C/zt3rFLBHcP5iRZe3U76U0="; + hash = "sha256-7W7HwHvRfm+nRms4H4TgB1la5OhGHv5lRHwbvjwRTMw="; }; nativeBuildInputs = [ diff --git a/pkgs/tools/security/ghidra/0001-Use-protobuf-gradle-plugin.patch b/pkgs/tools/security/ghidra/0001-Use-protobuf-gradle-plugin.patch index 03ddf76e8ff..7fb7d53e352 100644 --- a/pkgs/tools/security/ghidra/0001-Use-protobuf-gradle-plugin.patch +++ b/pkgs/tools/security/ghidra/0001-Use-protobuf-gradle-plugin.patch @@ -1,112 +1,129 @@ diff --git a/Ghidra/Debug/Debugger-gadp/build.gradle b/Ghidra/Debug/Debugger-gadp/build.gradle -index f4dbd3cd0..6108e8534 100644 +index 9e1c57faf..3a3242eb5 100644 --- a/Ghidra/Debug/Debugger-gadp/build.gradle +++ b/Ghidra/Debug/Debugger-gadp/build.gradle -@@ -23,42 +23,18 @@ apply from: "${rootProject.projectDir}/gradle/javaTestProject.gradle" +@@ -18,11 +18,16 @@ apply from: "${rootProject.projectDir}/gradle/javaProject.gradle" + apply from: "${rootProject.projectDir}/gradle/jacocoProject.gradle" + apply from: "${rootProject.projectDir}/gradle/javaTestProject.gradle" apply from: "${rootProject.projectDir}/gradle/distributableGhidraModule.gradle" +-apply from: "${rootProject.projectDir}/gradle/debugger/hasProtobuf.gradle" ++apply plugin: 'com.google.protobuf' apply plugin: 'eclipse' -+apply plugin: 'com.google.protobuf' eclipse.project.name = 'Debug Debugger-gadp' --configurations { -- allProtocArtifacts -- protocArtifact --} -- - def platform = getCurrentPlatformName() - --dependencies { -- allProtocArtifacts 'com.google.protobuf:protoc:3.21.8:windows-x86_64@exe' -- allProtocArtifacts 'com.google.protobuf:protoc:3.21.8:linux-x86_64@exe' -- allProtocArtifacts 'com.google.protobuf:protoc:3.21.8:linux-aarch_64@exe' -- allProtocArtifacts 'com.google.protobuf:protoc:3.21.8:osx-x86_64@exe' -- allProtocArtifacts 'com.google.protobuf:protoc:3.21.8:osx-aarch_64@exe' -- -- if (isCurrentWindows()) { -- protocArtifact 'com.google.protobuf:protoc:3.21.8:windows-x86_64@exe' -- } -- if (isCurrentLinux()) { -- if (platform.endsWith("x86_64")) { -- protocArtifact 'com.google.protobuf:protoc:3.21.8:linux-x86_64@exe' -- } -- else { -- protocArtifact 'com.google.protobuf:protoc:3.21.8:linux-aarch_64@exe' -- } -- } -- if (isCurrentMac()) { -- if (platform.endsWith("x86_64")) { -- protocArtifact 'com.google.protobuf:protoc:3.21.8:osx-x86_64@exe' -- } -- else { -- protocArtifact 'com.google.protobuf:protoc:3.21.8:osx-aarch_64@exe' -- } +buildscript { + dependencies { + classpath 'com.google.protobuf:protobuf-gradle-plugin:0.8.18' - } ++ } +} - -+dependencies { + dependencies { api project(':Framework-AsyncComm') api project(':Framework-Debugging') - api project(':ProposedUtils') -@@ -73,37 +49,3 @@ dependencies { - } - }*/ - --task generateProto { -- ext.srcdir = file("src/main/proto") -- ext.src = fileTree(srcdir) { -- include "**/*.proto" -- } -- ext.outdir = file("build/generated/source/proto/main/java") -- outputs.dir(outdir) -- inputs.files(src) -- dependsOn(configurations.protocArtifact) -- doLast { -- def exe = configurations.protocArtifact.first() -- if (!isCurrentWindows()) { -- exe.setExecutable(true) -- } -- exec { -- commandLine exe, "--java_out=$outdir", "-I$srcdir" -- args src -- } -- } --} -- --tasks.compileJava.dependsOn(tasks.generateProto) --tasks.eclipse.dependsOn(tasks.generateProto) --rootProject.tasks.prepDev.dependsOn(tasks.generateProto) -- --sourceSets { -- main { -- java { -- srcDir tasks.generateProto.outdir -- } -- } --} --zipSourceSubproject.dependsOn generateProto -- diff --git a/Ghidra/Debug/Debugger-isf/build.gradle b/Ghidra/Debug/Debugger-isf/build.gradle -index 6bf945c2e..3225d095d 100644 +index d135294a0..785681ca2 100644 --- a/Ghidra/Debug/Debugger-isf/build.gradle +++ b/Ghidra/Debug/Debugger-isf/build.gradle -@@ -20,42 +20,18 @@ apply from: "${rootProject.projectDir}/gradle/javaTestProject.gradle" +@@ -18,11 +18,15 @@ apply from: "${rootProject.projectDir}/gradle/javaProject.gradle" + apply from: "${rootProject.projectDir}/gradle/jacocoProject.gradle" + apply from: "${rootProject.projectDir}/gradle/javaTestProject.gradle" apply from: "${rootProject.projectDir}/gradle/distributableGhidraModule.gradle" - - apply plugin: 'eclipse' +-apply from: "${rootProject.projectDir}/gradle/debugger/hasProtobuf.gradle" +- +apply plugin: 'com.google.protobuf' + apply plugin: 'eclipse' eclipse.project.name = 'Debug Debugger-isf' ++buildscript { ++ dependencies { ++ classpath 'com.google.protobuf:protobuf-gradle-plugin:0.8.18' ++ } ++} + dependencies { + api project(':Framework-AsyncComm') + api project(':Framework-Debugging') +diff --git a/Ghidra/Debug/Debugger-rmi-trace/build.gradle b/Ghidra/Debug/Debugger-rmi-trace/build.gradle +index eec00786e..666cccafc 100644 +--- a/Ghidra/Debug/Debugger-rmi-trace/build.gradle ++++ b/Ghidra/Debug/Debugger-rmi-trace/build.gradle +@@ -18,12 +18,17 @@ apply from: "${rootProject.projectDir}/gradle/javaProject.gradle" + apply from: "${rootProject.projectDir}/gradle/jacocoProject.gradle" + apply from: "${rootProject.projectDir}/gradle/javaTestProject.gradle" + apply from: "${rootProject.projectDir}/gradle/distributableGhidraModule.gradle" +-apply from: "${rootProject.projectDir}/gradle/debugger/hasProtobuf.gradle" ++apply plugin: 'com.google.protobuf' + apply from: "${rootProject.projectDir}/gradle/debugger/hasPythonPackage.gradle" + + apply plugin: 'eclipse' + eclipse.project.name = 'Debug Debugger-rmi-trace' + ++buildscript { ++ dependencies { ++ classpath 'com.google.protobuf:protobuf-gradle-plugin:0.8.18' ++ } ++} + dependencies { + api project(':Debugger') + } +@@ -36,7 +41,7 @@ task generateProtoPy { + ext.outdir = file("build/generated/source/proto/main/py") + outputs.dir(outdir) + inputs.files(src) +- dependsOn(configurations.protocArtifact) ++ dependsOn(protobuf.generateProtoTasks.all()) + doLast { + def exe = configurations.protocArtifact.first() + if (!isCurrentWindows()) { +diff --git a/build.gradle b/build.gradle +index b0c717fb1..5f56506a5 100644 +--- a/build.gradle ++++ b/build.gradle +@@ -74,6 +74,12 @@ if (flatRepo.isDirectory()) { + jcenter() + flatDir name: "flat", dirs:["$flatRepo"] + } ++ buildscript { ++ repositories { ++ mavenLocal() ++ mavenCentral() ++ } ++ } + } + } + else { +diff --git a/gradle/debugger/hasProtobuf.gradle b/gradle/debugger/hasProtobuf.gradle +deleted file mode 100644 +index 23b4ce74b..000000000 +--- a/gradle/debugger/hasProtobuf.gradle ++++ /dev/null +@@ -1,94 +0,0 @@ +-/* ### +- * IP: GHIDRA +- * +- * Licensed under the Apache License, Version 2.0 (the "License"); +- * you may not use this file except in compliance with the License. +- * You may obtain a copy of the License at +- * +- * http://www.apache.org/licenses/LICENSE-2.0 +- * +- * Unless required by applicable law or agreed to in writing, software +- * distributed under the License is distributed on an "AS IS" BASIS, +- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +- * See the License for the specific language governing permissions and +- * limitations under the License. +- */ +-/*plugins { +- id 'com.google.protobuf' version '0.8.10' +-}*/ +- -configurations { - allProtocArtifacts - protocArtifact -} - - def platform = getCurrentPlatformName() - +-def platform = getCurrentPlatformName() +- +- -dependencies { - allProtocArtifacts 'com.google.protobuf:protoc:3.21.8:windows-x86_64@exe' - allProtocArtifacts 'com.google.protobuf:protoc:3.21.8:linux-x86_64@exe' @@ -132,20 +149,15 @@ index 6bf945c2e..3225d095d 100644 - else { - protocArtifact 'com.google.protobuf:protoc:3.21.8:osx-aarch_64@exe' - } -+buildscript { -+ dependencies { -+ classpath 'com.google.protobuf:protobuf-gradle-plugin:0.8.18' - } -+} - -+dependencies { - api project(':Framework-AsyncComm') - api project(':Framework-Debugging') - api project(':ProposedUtils') -@@ -64,40 +40,6 @@ dependencies { - testImplementation project(path: ':Framework-Debugging', configuration: 'testArtifacts') - } - +- } +-} +- +-/*protobuf { +- protoc { +- artifact = 'com.google.protobuf:protoc:3.21.8' +- } +-}*/ +- -task generateProto { - ext.srcdir = file("src/main/proto") - ext.src = fileTree(srcdir) { @@ -179,24 +191,3 @@ index 6bf945c2e..3225d095d 100644 - } -} -zipSourceSubproject.dependsOn generateProto -- - // Include buildable native source in distribution - rootProject.assembleDistribution { - from (this.project.projectDir.toString()) { -diff --git a/build.gradle b/build.gradle -index b0c717fb1..5f56506a5 100644 ---- a/build.gradle -+++ b/build.gradle -@@ -74,6 +74,12 @@ if (flatRepo.isDirectory()) { - jcenter() - flatDir name: "flat", dirs:["$flatRepo"] - } -+ buildscript { -+ repositories { -+ mavenLocal() -+ mavenCentral() -+ } -+ } - } - } - else { diff --git a/pkgs/tools/security/ghidra/build.nix b/pkgs/tools/security/ghidra/build.nix index 16bc1dbe5cd..50fd64656f4 100644 --- a/pkgs/tools/security/ghidra/build.nix +++ b/pkgs/tools/security/ghidra/build.nix @@ -10,18 +10,19 @@ , icoutils , xcbuild , protobuf +, fetchurl }: let pkg_path = "$out/lib/ghidra"; pname = "ghidra"; - version = "10.3.3"; + version = "10.4"; src = fetchFromGitHub { owner = "NationalSecurityAgency"; repo = "Ghidra"; rev = "Ghidra_${version}_build"; - hash = "sha256-KDSiZ/JwAqX6Obg9UD8ZQut01l/eMXbioJy//GluXn0="; + hash = "sha256-g0JM6pm1vkCh9yBB5mfrOiNrImqoyWdQcEe2g+AO6LQ="; }; gradle = gradle_7; @@ -36,24 +37,6 @@ let }; # postPatch scripts. - # Tells ghidra to use our own protoc binary instead of the prebuilt one. - fixProtoc = '' - cat >>Ghidra/Debug/Debugger-gadp/build.gradle <<HERE -protobuf { - protoc { - path = '${protobuf}/bin/protoc' - } -} -HERE - cat >>Ghidra/Debug/Debugger-isf/build.gradle <<HERE -protobuf { - protoc { - path = '${protobuf}/bin/protoc' - } -} -HERE - ''; - # Adds a gradle step that downloads all the dependencies to the gradle cache. addResolveStep = '' cat >>build.gradle <<HERE @@ -85,7 +68,7 @@ HERE inherit version src; patches = [ ./0001-Use-protobuf-gradle-plugin.patch ]; - postPatch = fixProtoc + addResolveStep; + postPatch = addResolveStep; nativeBuildInputs = [ gradle perl ] ++ lib.optional stdenv.isDarwin xcbuild; buildPhase = '' @@ -116,13 +99,21 @@ in stdenv.mkDerivation { inherit pname version src; nativeBuildInputs = [ - gradle unzip makeWrapper icoutils + gradle unzip makeWrapper icoutils protobuf ] ++ lib.optional stdenv.isDarwin xcbuild; dontStrip = true; - patches = [ ./0001-Use-protobuf-gradle-plugin.patch ]; - postPatch = fixProtoc; + patches = [ + ./0001-Use-protobuf-gradle-plugin.patch + # we use fetchurl since the fetchpatch normalization strips the whole diff + # https://github.com/NixOS/nixpkgs/issues/266556 + (fetchurl { + name = "0002-remove-executable-bit.patch"; + url = "https://github.com/NationalSecurityAgency/ghidra/commit/e2a945624b74e5d42dc85e9c1f992315dd154db1.diff"; + sha256 = "07mjfl7hvag2akk65g4cknp330qlk07dgbmh20dyg9qxzmk91fyq"; + }) + ]; buildPhase = '' export HOME="$NIX_BUILD_TOP/home" diff --git a/pkgs/tools/security/gitleaks/default.nix b/pkgs/tools/security/gitleaks/default.nix index 96c4b0f4e15..7fc15a3fb2b 100644 --- a/pkgs/tools/security/gitleaks/default.nix +++ b/pkgs/tools/security/gitleaks/default.nix @@ -8,16 +8,16 @@ buildGoModule rec { pname = "gitleaks"; - version = "8.18.0"; + version = "8.18.1"; src = fetchFromGitHub { owner = "zricethezav"; repo = pname; rev = "v${version}"; - hash = "sha256-659wQBv8DuYB4vI+qnBLS9u22kGlg4ne4DyKFoomlOw="; + hash = "sha256-v0d/ulxYJRkyyhVctnQjKW2ODWtu+gSwp/qSkVLQ1Jo="; }; - vendorHash = "sha256-PPEEQ2Bt20UK+mQL59jVnX8HtzCsqW4uRwR3mOdhDis="; + vendorHash = "sha256-lPfvoeHPYWSnFPuAR9CxG6+pQ++cZEw/jYuGgDrm57E="; ldflags = [ "-s" diff --git a/pkgs/tools/security/metasploit/Gemfile b/pkgs/tools/security/metasploit/Gemfile index 4d7b793a84b..539e6b8bc8d 100644 --- a/pkgs/tools/security/metasploit/Gemfile +++ b/pkgs/tools/security/metasploit/Gemfile @@ -1,4 +1,4 @@ # frozen_string_literal: true source "https://rubygems.org" -gem "metasploit-framework", git: "https://github.com/rapid7/metasploit-framework", ref: "refs/tags/6.3.42" +gem "metasploit-framework", git: "https://github.com/rapid7/metasploit-framework", ref: "refs/tags/6.3.43" diff --git a/pkgs/tools/security/metasploit/Gemfile.lock b/pkgs/tools/security/metasploit/Gemfile.lock index 58929753c59..adc032baf21 100644 --- a/pkgs/tools/security/metasploit/Gemfile.lock +++ b/pkgs/tools/security/metasploit/Gemfile.lock @@ -1,9 +1,9 @@ GIT remote: https://github.com/rapid7/metasploit-framework - revision: adf413fba45b298c4e16f7f1043dc69f99d2fbdb - ref: refs/tags/6.3.42 + revision: 58dcabe21524d8b2c4d05618ca8509dc42cc6515 + ref: refs/tags/6.3.43 specs: - metasploit-framework (6.3.42) + metasploit-framework (6.3.43) actionpack (~> 7.0.0) activerecord (~> 7.0.0) activesupport (~> 7.0.0) diff --git a/pkgs/tools/security/metasploit/default.nix b/pkgs/tools/security/metasploit/default.nix index 44b672cd6e4..6f88b96cd6a 100644 --- a/pkgs/tools/security/metasploit/default.nix +++ b/pkgs/tools/security/metasploit/default.nix @@ -15,13 +15,13 @@ let }; in stdenv.mkDerivation rec { pname = "metasploit-framework"; - version = "6.3.42"; + version = "6.3.43"; src = fetchFromGitHub { owner = "rapid7"; repo = "metasploit-framework"; rev = version; - sha256 = "sha256-6ddW6VlbWV71BERJISF67UPRcwLQY8Hpw4kf80lCNBE="; + sha256 = "sha256-IWdSxXhJFGbNTo9xqEjBJNEWB6imzdwzgnXoUbfao/g="; }; nativeBuildInputs = [ makeWrapper ]; diff --git a/pkgs/tools/security/metasploit/gemset.nix b/pkgs/tools/security/metasploit/gemset.nix index 8ba7f0e698a..cf24944c403 100644 --- a/pkgs/tools/security/metasploit/gemset.nix +++ b/pkgs/tools/security/metasploit/gemset.nix @@ -654,12 +654,12 @@ platforms = []; source = { fetchSubmodules = false; - rev = "adf413fba45b298c4e16f7f1043dc69f99d2fbdb"; - sha256 = "049l894z67w9qglw2qyh09rx2hzdg8hj2ja40ksmwnavb7lmdmz9"; + rev = "58dcabe21524d8b2c4d05618ca8509dc42cc6515"; + sha256 = "1y53vavm3s3mh8rxrkd6m03idl94q54ahwcg9v6nc529g32m4rr1"; type = "git"; url = "https://github.com/rapid7/metasploit-framework"; }; - version = "6.3.42"; + version = "6.3.43"; }; metasploit-model = { groups = ["default"]; diff --git a/pkgs/tools/security/nitrokey-app2/default.nix b/pkgs/tools/security/nitrokey-app2/default.nix index 3d35b4d0775..a3e3a82ec23 100644 --- a/pkgs/tools/security/nitrokey-app2/default.nix +++ b/pkgs/tools/security/nitrokey-app2/default.nix @@ -7,7 +7,7 @@ python3.pkgs.buildPythonApplication rec { pname = "nitrokey-app2"; - version = "2.1.2"; + version = "2.1.4"; pyproject = true; disabled = python3.pythonOlder "3.9"; @@ -16,7 +16,7 @@ python3.pkgs.buildPythonApplication rec { owner = "Nitrokey"; repo = "nitrokey-app2"; rev = "v${version}"; - hash = "sha256-VyhIFNXxH/FohgjhBeZXoQYppP7PEz+ei0qzsWz1xhk="; + hash = "sha256-loOCa6XlLx1YEfqR0SUUalVIEPCoYsNEHFo2MIKexeA="; }; # https://github.com/Nitrokey/nitrokey-app2/issues/152 @@ -63,7 +63,7 @@ python3.pkgs.buildPythonApplication rec { homepage = "https://github.com/Nitrokey/nitrokey-app2"; changelog = "https://github.com/Nitrokey/nitrokey-app2/releases/tag/v${version}"; license = licenses.asl20; - maintainers = with maintainers; [ _999eagle ]; + maintainers = with maintainers; [ _999eagle panicgh ]; mainProgram = "nitrokeyapp"; }; } |