pwn 0.4.382 → 0.4.385

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +5 -5
  3. data/bin/pwn_autoinc_version +7 -5
  4. data/bin/pwn_domain_reversewhois +1 -1
  5. data/lib/pwn/plugins/transparent_browser.rb +70 -7
  6. data/lib/pwn/version.rb +1 -1
  7. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: a3d6102ac605e097e4223bef72a6897022bffeb5627dba7922689b6e145f0526
4
- data.tar.gz: 910b066fc9e59b49485a660e006bf379a86c02e028065d7cb05567e4123d1543
3
+ metadata.gz: 75736869902b7c6f459eba755d600c32701d7dbc7195aaf9d38219575fbf3f03
4
+ data.tar.gz: 47e399e9a118b2213dcc69273b8c21ecd9d57e2954c36cc90abb0dd9767ec1fb
5
5
  SHA512:
6
- metadata.gz: 9557331e44b1e1ea07c535ad4bb9ad05208b5ffa8b4edfe2cc50344050ef9d27a8fce5288ec8facd399780b13551b33c8c16b24bc4a1a0dc78eb338df5790deb
7
- data.tar.gz: 397dc2efd71676619de8b7626e35a343a1319e222d58160978fcf5ed919dd5d88802362ba19385f86eaa17ce7158fd40ffe41987ad8c458c918b7bad9b7aeb3d
6
+ metadata.gz: c24ab122a7f3973a06b53593e3da3fe2ff230afcfd379f0fcfd07150ef1a5abe7f16b7158d1ff26b19b6f0b9ca04241740d0a052f02a08ab2d49ddb65bebc863
7
+ data.tar.gz: e33a0711c81d27e1889038d8fbde16a564bd179d6f0f49a277f8a457c0ae57d05d37afd808b93dd4a7e715a009f59e36537ee71e41d87b79a958b0ab8cff19a2
data/README.md CHANGED
@@ -31,13 +31,13 @@ Leveraging various pre-built modules and the pwn prototyper, you can mix-and-mat
31
31
  Tested on Linux, & OSX leveraging Ruby via RVM.
32
32
 
33
33
  ```
34
- $ rvm use ruby-<VERSION>@global
34
+ $ rvm use ruby-3.1.1@global
35
35
  $ rvm gemset create pwn
36
- $ rvm use ruby-<VERSION>@pwn
36
+ $ rvm use ruby-3.1.1@pwn
37
37
  $ rvm list gemsets
38
38
  $ gem install --verbose pwn
39
39
  $ pwn
40
- pwn[v0.4.382]:001 >>> PWN.help
40
+ pwn[v0.4.385]:001 >>> PWN.help
41
41
  ```
42
42
 
43
43
  [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -48,11 +48,11 @@ pwn[v0.4.382]:001 >>> PWN.help
48
48
  It's wise to update pwn often as numerous versions are released/week:
49
49
  ```
50
50
  $ rvm list gemsets
51
- $ rvm use ruby-<VERSION>@pwn
51
+ $ rvm use ruby-3.1.1@pwn
52
52
  $ gem uninstall --all --executables pwn
53
53
  $ gem install --verbose pwn
54
54
  $ pwn
55
- pwn[v0.4.382]:001 >>> PWN.help
55
+ pwn[v0.4.385]:001 >>> PWN.help
56
56
  ```
57
57
 
58
58
 
data/bin/pwn_autoinc_version CHANGED
@@ -38,15 +38,17 @@ File.open('./lib/pwn/version.rb', 'w') do |f|
38
38
  end
39
39
 
40
40
  # Update README.md
41
- current_ruby_version = File.read(current_ruby).chomp
41
+ current_ruby_version = "ruby-#{File.read(current_ruby).chomp}"
42
42
  old_readme_md = File.read(readme_md_path, encoding: 'utf-8')
43
+ pwn_regex = 'pwn\[v.+\..+\..+\]'
44
+ rb_regex = 'ruby-.+'
43
45
  File.open(readme_md_path, 'w') do |file|
44
46
  old_readme_md.each_line do |line|
45
- if line.to_s.scrub.match?(/pwn\[v.+\..+\..+\]/) ||
46
- line.to_s.scrub.match?(/ruby-.+/)
47
+ if line.to_s.scrub.match?(/#{pwn_regex}/) ||
48
+ line.to_s.scrub.match?(/#{rb_regex}/)
47
49
 
48
- new_line = line.to_s.gsub(/pwn\[v#{old_rev}\]/, "pwn\[v#{new_rev}\]") if line.to_s.scrub.match?(/pwn\[v.+\..+\..+\]/)
49
- new_line = line.to_s.gsub(/ruby-.+(?=(@))/, current_ruby_version) if line.to_s.scrub.match?(/ruby-.+/)
50
+ new_line = line.to_s.gsub(/pwn\[v#{old_rev}\]/, "pwn\[v#{new_rev}\]") if line.to_s.scrub.match?(/#{pwn_regex}/)
51
+ new_line = line.to_s.gsub(/ruby-.+(?=(@))/, current_ruby_version) if line.to_s.scrub.match?(/#{rb_regex}/)
50
52
 
51
53
  file.puts new_line
52
54
  else
data/bin/pwn_domain_reversewhois CHANGED
@@ -66,7 +66,7 @@ begin
66
66
  browser_obj.goto('https://domainbigdata.com')
67
67
 
68
68
  # Type Registrant Filter in Char-by-Char to Ensure Everyone is Happy ;)
69
- PWN::Plugins::TransparentBrowser.type_as_human(q: registrant_filter) do |char|
69
+ PWN::Plugins::TransparentBrowser.type_as_human(string: registrant_filter) do |char|
70
70
  browser_obj.text_field(id: 'txtSearchTopPage').wait_until(&:present?).send_keys(char)
71
71
  end
72
72
  browser_obj.button(id: 'btnTopSearch').wait_until(&:present?).click
data/lib/pwn/plugins/transparent_browser.rb CHANGED
@@ -5,6 +5,7 @@ require 'selenium/webdriver'
5
5
  require 'selenium/devtools'
6
6
  require 'rest-client'
7
7
  require 'socksify'
8
+ require 'openssl'
8
9
  require 'em/pure_ruby'
9
10
  require 'faye/websocket'
10
11
 
@@ -260,12 +261,12 @@ module PWN
260
261
 
261
262
  # Supported Method Parameters::
262
263
  # PWN::Plugins::TransparentBrowser.type_as_human(
263
- # q: 'required - query string to randomize',
264
+ # string: 'required - string to type as human',
264
265
  # rand_sleep_float: 'optional - float timing in between keypress (defaults to 0.09)'
265
266
  # )
266
267
 
267
268
  public_class_method def self.type_as_human(opts = {})
268
- query_string = opts[:q].to_s
269
+ string = opts[:string].to_s
269
270
 
270
271
  rand_sleep_float = if opts[:rand_sleep_float]
271
272
  opts[:rand_sleep_float].to_f
@@ -273,7 +274,7 @@ module PWN
273
274
  0.09
274
275
  end
275
276
 
276
- query_string.each_char do |char|
277
+ string.each_char do |char|
277
278
  yield char
278
279
  sleep Random.rand(rand_sleep_float)
279
280
  end
@@ -317,30 +318,92 @@ module PWN
317
318
  with_devtools: 'optional - boolean (defaults to false)'
318
319
  )
319
320
  puts browser_obj1.public_methods
320
- * Only works w/ Chrome
321
+
322
+ ********************************************************
323
+ * DevTools Interaction Only works w/ Chrome
321
324
  * All DevTools Commands can be found here:
322
325
  * https://chromedevtools.github.io/devtools-protocol/
326
+ * Examples
323
327
  devtools = browser_obj1.driver.devtools
324
328
  puts devtools.public_methods
325
329
  puts devtools.instance_variables
326
330
  puts devtools.instance_variable_get('@messages')
331
+
332
+ * Tracing
327
333
  devtools.send_cmd('Tracing.start')
328
334
  devtools.send_cmd('Tracing.requestMemoryDump')
329
335
  devtools.send_cmd('Tracing.end')
330
336
  puts devtools.instance_variable_get('@messages')
337
+
338
+ * Network
331
339
  devtools.send_cmd('Network.enable')
332
- last_ws_resp = devtools.instance_variable_get('@messages').last if devtools.instance_variable_get('@messages')['method'] == 'Network.webSocketFrameReceived'
340
+ last_ws_resp = devtools.instance_variable_get('@messages').last if devtools.instance_variable_get('@messages').last['method'] == 'Network.webSocketFrameReceived'
333
341
  puts last_ws_resp
334
342
  devtools.send_cmd('Network.disable')
335
343
 
344
+ * Debugging DOM and Sending JavaScript to Console
345
+ devtools.send_cmd('Runtime.enable')
346
+ devtools.send_cmd('Console.enable')
347
+ devtools.send_cmd('DOM.enable')
348
+ devtools.send_cmd('Page.enable')
349
+ devtools.send_cmd('Network.enable')
350
+ devtools.send_cmd('Log.enable')
351
+ devtools.send_cmd('Debugger.enable')
352
+ devtools.send_cmd('Debugger.pause')
353
+ step = 1
354
+ next_step = 60
355
+ loop do
356
+ console_events = []
357
+ b.driver.on_log_event(:console) { |event| console_events.push(event) }
358
+
359
+ devtools.send_cmd('Debugger.stepInto')
360
+ puts \"Step: \#{step}\"
361
+
362
+ this_document = devtools.send_cmd('DOM.getDocument')
363
+ puts \"This #document:\\n\#{this_document}\\n\\n\\n\"
364
+
365
+ console_cmd = {
366
+ expression: 'for(var pop_var in window) { if (window.hasOwnProperty(pop_var) && window[pop_var] != null) console.log(pop_var + \" = \" + window[pop_var]); }'
367
+ }
368
+ puts devtools.send_cmd('Runtime.evaluate', **console_cmd)
369
+
370
+ print '-' * 180
371
+ print \"\\n\"
372
+ console_events.each do |event|
373
+ puts event.args
374
+ end
375
+ puts \"Console Response Length: \#{console_events.length}\"
376
+ console_events_digest = OpenSSL::Digest::SHA256.hexdigest(
377
+ console_events.inspect
378
+ )
379
+ puts \"Console Events Array SHA256 Digest: \#{console_events_digest}\"
380
+ print '-' * 180
381
+ puts \"\\n\\n\\n\"
382
+
383
+ print \"Next Step in \"
384
+ next_step.downto(1) {|n| print \"\#{n} \"; sleep 1 }
385
+ puts 'READY!'
386
+ step += 1
387
+ end
388
+
389
+ devtools.send_cmd('Debugger.disable')
390
+ devtools.send_cmd('Log.disable')
391
+ devtools.send_cmd('Network.disable')
392
+ devtools.send_cmd('Page.disable')
393
+ devtools.send_cmd('DOM.disable')
394
+ devtools.send_cmd('Console.disable')
395
+ devtools.send_cmd('Runtime.disable')
396
+ * End of DevTools Examples
397
+ ********************************************************
398
+
336
399
  browser_obj1 = #{self}.linkout(
337
400
  browser_obj: 'required - browser_obj returned from #open method)'
338
401
  )
339
402
 
340
403
  #{self}.type_as_human(
341
- q: 'required - query string to randomize',
404
+ string: 'required - string to type as human',
342
405
  rand_sleep_float: 'optional - float timing in between keypress (defaults to 0.09)'
343
- ) {|char| browser_obj1.text_field(name: \"q\").send_keys(char) }
406
+ ) {|char| browser_obj1.text_field(name: \"search\").send_keys(char) }
344
407
 
345
408
  browser_obj1 = #{self}.close(
346
409
  browser_obj: 'required - browser_obj returned from #open method)'
data/lib/pwn/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module PWN
4
- VERSION = '0.4.382'
4
+ VERSION = '0.4.385'
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pwn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.382
4
+ version: 0.4.385
5
5
  platform: ruby
6
6
  authors:
7
7
  - 0day Inc.
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-03-29 00:00:00.000000000 Z
11
+ date: 2022-03-30 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport