pwn 0.4.382 → 0.4.385

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a3d6102ac605e097e4223bef72a6897022bffeb5627dba7922689b6e145f0526
-  data.tar.gz: 910b066fc9e59b49485a660e006bf379a86c02e028065d7cb05567e4123d1543
+  metadata.gz: 75736869902b7c6f459eba755d600c32701d7dbc7195aaf9d38219575fbf3f03
+  data.tar.gz: 47e399e9a118b2213dcc69273b8c21ecd9d57e2954c36cc90abb0dd9767ec1fb
 SHA512:
-  metadata.gz: 9557331e44b1e1ea07c535ad4bb9ad05208b5ffa8b4edfe2cc50344050ef9d27a8fce5288ec8facd399780b13551b33c8c16b24bc4a1a0dc78eb338df5790deb
-  data.tar.gz: 397dc2efd71676619de8b7626e35a343a1319e222d58160978fcf5ed919dd5d88802362ba19385f86eaa17ce7158fd40ffe41987ad8c458c918b7bad9b7aeb3d
+  metadata.gz: c24ab122a7f3973a06b53593e3da3fe2ff230afcfd379f0fcfd07150ef1a5abe7f16b7158d1ff26b19b6f0b9ca04241740d0a052f02a08ab2d49ddb65bebc863
+  data.tar.gz: e33a0711c81d27e1889038d8fbde16a564bd179d6f0f49a277f8a457c0ae57d05d37afd808b93dd4a7e715a009f59e36537ee71e41d87b79a958b0ab8cff19a2

data/README.md

@@ -31,13 +31,13 @@ Leveraging various pre-built modules and the pwn prototyper, you can mix-and-mat
 Tested on Linux, & OSX leveraging Ruby via RVM.
 
 ```
-$ rvm use ruby-<VERSION>@global
+$ rvm use ruby-3.1.1@global
 $ rvm gemset create pwn
-$ rvm use ruby-<VERSION>@pwn
+$ rvm use ruby-3.1.1@pwn
 $ rvm list gemsets
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.382]:001 >>> PWN.help
+pwn[v0.4.385]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -48,11 +48,11 @@ pwn[v0.4.382]:001 >>> PWN.help
 It's wise to update pwn often as numerous versions are released/week:
 ```
 $ rvm list gemsets
-$ rvm use ruby-<VERSION>@pwn
+$ rvm use ruby-3.1.1@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.382]:001 >>> PWN.help
+pwn[v0.4.385]:001 >>> PWN.help
 ```
 
 

data/bin/pwn_autoinc_version

@@ -38,15 +38,17 @@ File.open('./lib/pwn/version.rb', 'w') do |f|
 end
 
 # Update README.md
-current_ruby_version = File.read(current_ruby).chomp
+current_ruby_version = "ruby-#{File.read(current_ruby).chomp}"
 old_readme_md = File.read(readme_md_path, encoding: 'utf-8')
+pwn_regex = 'pwn\[v.+\..+\..+\]'
+rb_regex = 'ruby-.+'
 File.open(readme_md_path, 'w') do |file|
   old_readme_md.each_line do |line|
-    if line.to_s.scrub.match?(/pwn\[v.+\..+\..+\]/) ||
-       line.to_s.scrub.match?(/ruby-.+/)
+    if line.to_s.scrub.match?(/#{pwn_regex}/) ||
+       line.to_s.scrub.match?(/#{rb_regex}/)
 
-      new_line = line.to_s.gsub(/pwn\[v#{old_rev}\]/, "pwn\[v#{new_rev}\]") if line.to_s.scrub.match?(/pwn\[v.+\..+\..+\]/)
-      new_line = line.to_s.gsub(/ruby-.+(?=(@))/, current_ruby_version) if line.to_s.scrub.match?(/ruby-.+/)
+      new_line = line.to_s.gsub(/pwn\[v#{old_rev}\]/, "pwn\[v#{new_rev}\]") if line.to_s.scrub.match?(/#{pwn_regex}/)
+      new_line = line.to_s.gsub(/ruby-.+(?=(@))/, current_ruby_version) if line.to_s.scrub.match?(/#{rb_regex}/)
 
       file.puts new_line
     else

data/bin/pwn_domain_reversewhois

@@ -66,7 +66,7 @@ begin
   browser_obj.goto('https://domainbigdata.com')
 
   # Type Registrant Filter in Char-by-Char to Ensure Everyone is Happy ;)
-  PWN::Plugins::TransparentBrowser.type_as_human(q: registrant_filter) do |char|
+  PWN::Plugins::TransparentBrowser.type_as_human(string: registrant_filter) do |char|
     browser_obj.text_field(id: 'txtSearchTopPage').wait_until(&:present?).send_keys(char)
   end
   browser_obj.button(id: 'btnTopSearch').wait_until(&:present?).click

data/lib/pwn/plugins/transparent_browser.rb

@@ -5,6 +5,7 @@ require 'selenium/webdriver'
 require 'selenium/devtools'
 require 'rest-client'
 require 'socksify'
+require 'openssl'
 require 'em/pure_ruby'
 require 'faye/websocket'
 
@@ -260,12 +261,12 @@ module PWN
 
       # Supported Method Parameters::
       # PWN::Plugins::TransparentBrowser.type_as_human(
-      #   q: 'required - query string to randomize',
+      #   string: 'required - string to type as human',
       #   rand_sleep_float: 'optional - float timing in between keypress (defaults to 0.09)'
       # )
 
       public_class_method def self.type_as_human(opts = {})
-        query_string = opts[:q].to_s
+        string = opts[:string].to_s
 
         rand_sleep_float = if opts[:rand_sleep_float]
                              opts[:rand_sleep_float].to_f
@@ -273,7 +274,7 @@ module PWN
                              0.09
                            end
 
-        query_string.each_char do |char|
+        string.each_char do |char|
           yield char
           sleep Random.rand(rand_sleep_float)
         end
@@ -317,30 +318,92 @@ module PWN
             with_devtools: 'optional - boolean (defaults to false)'
           )
           puts browser_obj1.public_methods
-          * Only works w/ Chrome
+
+          ********************************************************
+          * DevTools Interaction Only works w/ Chrome
           * All DevTools Commands can be found here:
           * https://chromedevtools.github.io/devtools-protocol/
+          * Examples
           devtools = browser_obj1.driver.devtools
           puts devtools.public_methods
           puts devtools.instance_variables
           puts devtools.instance_variable_get('@messages')
+
+          * Tracing
           devtools.send_cmd('Tracing.start')
           devtools.send_cmd('Tracing.requestMemoryDump')
           devtools.send_cmd('Tracing.end')
           puts devtools.instance_variable_get('@messages')
+
+          * Network
           devtools.send_cmd('Network.enable')
-          last_ws_resp = devtools.instance_variable_get('@messages').last if devtools.instance_variable_get('@messages')['method'] == 'Network.webSocketFrameReceived'
+          last_ws_resp = devtools.instance_variable_get('@messages').last if devtools.instance_variable_get('@messages').last['method'] == 'Network.webSocketFrameReceived'
           puts last_ws_resp
           devtools.send_cmd('Network.disable')
 
+          * Debugging DOM and Sending JavaScript to Console
+          devtools.send_cmd('Runtime.enable')
+          devtools.send_cmd('Console.enable')
+          devtools.send_cmd('DOM.enable')
+          devtools.send_cmd('Page.enable')
+          devtools.send_cmd('Network.enable')
+          devtools.send_cmd('Log.enable')
+          devtools.send_cmd('Debugger.enable')
+          devtools.send_cmd('Debugger.pause')
+          step = 1
+          next_step = 60
+          loop do
+            console_events = []
+            b.driver.on_log_event(:console) { |event| console_events.push(event) }
+
+            devtools.send_cmd('Debugger.stepInto')
+            puts \"Step: \#{step}\"
+
+            this_document = devtools.send_cmd('DOM.getDocument')
+            puts \"This #document:\\n\#{this_document}\\n\\n\\n\"
+
+            console_cmd = {
+              expression: 'for(var pop_var in window) { if (window.hasOwnProperty(pop_var) && window[pop_var] != null) console.log(pop_var + \" = \" + window[pop_var]); }'
+            }
+            puts devtools.send_cmd('Runtime.evaluate', **console_cmd)
+
+            print '-' * 180
+            print \"\\n\"
+            console_events.each do |event|
+              puts event.args
+            end
+            puts \"Console Response Length: \#{console_events.length}\"
+            console_events_digest = OpenSSL::Digest::SHA256.hexdigest(
+              console_events.inspect
+            )
+            puts \"Console Events Array SHA256 Digest: \#{console_events_digest}\"
+            print '-' * 180
+            puts \"\\n\\n\\n\"
+
+            print \"Next Step in \"
+            next_step.downto(1) {|n| print \"\#{n} \"; sleep 1 }
+            puts 'READY!'
+            step += 1
+          end
+
+          devtools.send_cmd('Debugger.disable')
+          devtools.send_cmd('Log.disable')
+          devtools.send_cmd('Network.disable')
+          devtools.send_cmd('Page.disable')
+          devtools.send_cmd('DOM.disable')
+          devtools.send_cmd('Console.disable')
+          devtools.send_cmd('Runtime.disable')
+          * End of DevTools Examples
+          ********************************************************
+
           browser_obj1 = #{self}.linkout(
             browser_obj: 'required - browser_obj returned from #open method)'
           )
 
           #{self}.type_as_human(
-            q: 'required - query string to randomize',
+            string: 'required - string to type as human',
             rand_sleep_float: 'optional - float timing in between keypress (defaults to 0.09)'
-          ) {|char| browser_obj1.text_field(name: \"q\").send_keys(char) }
+          ) {|char| browser_obj1.text_field(name: \"search\").send_keys(char) }
 
           browser_obj1 = #{self}.close(
             browser_obj: 'required - browser_obj returned from #open method)'

data/lib/pwn/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.4.382'
+  VERSION = '0.4.385'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.4.382
+  version: 0.4.385
 platform: ruby
 authors:
 - 0day Inc.
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-03-29 00:00:00.000000000 Z
+date: 2022-03-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport