pwn 0.4.407 → 0.4.409
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.ruby-version +1 -1
- data/Gemfile +4 -4
- data/README.md +5 -5
- data/Vagrantfile +3 -3
- data/bin/pwn_fuzz_net_app_proto +1 -1
- data/bin/pwn_sast +1 -1
- data/lib/pwn/plugins/metasploit.rb +2 -2
- data/lib/pwn/version.rb +1 -1
- data/packer/daemons/msfrpcd.rb +3 -3
- data/packer/provisioners/metasploit.rb +3 -3
- data/vagrant/provisioners/burpsuite_pro.rb +3 -3
- data/vagrant/provisioners/jenkins_ssh-keygen.rb +3 -3
- data/vagrant/provisioners/kali_customize.rb +2 -2
- data/vagrant/provisioners/letsencrypt.rb +3 -3
- data/vagrant/provisioners/update_jenkins_plugins.rb +3 -3
- metadata +12 -12
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: ae2da360fbd77bfb132cdb2def27d6706b6480cee191c54168dda853d4bf923f
|
4
|
+
data.tar.gz: 0e662e6d0d99a9de2d80ae0ba05b837e9f2beb56a91e958964173d59feab3fb3
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 94d95a31df6cdb1d2d154f1869ad92f95fc7e8ba916bed4f9567ca7949798745c57ace2b55f5aff3b2063fb13556d5d05ee2a01da22afdf0ca5c5a2c9d0d3191
|
7
|
+
data.tar.gz: 50f9edd9f5aa97c20da131c97b142371818c5db2b10e7bd67bdf8c943a32dfa9b13e7dc037ecf1c9fdc6ec71e464c24369523742a4d3b69eb2ed9563d683915a
|
data/.ruby-version
CHANGED
@@ -1 +1 @@
|
|
1
|
-
3.1.
|
1
|
+
3.1.2
|
data/Gemfile
CHANGED
@@ -17,8 +17,8 @@ gem 'authy', '3.0.0'
|
|
17
17
|
gem 'aws-sdk', '3.1.0'
|
18
18
|
gem 'bettercap', '1.6.2'
|
19
19
|
gem 'brakeman', '5.2.2'
|
20
|
-
gem 'bson', '4.
|
21
|
-
gem 'bundler', '>=2.3.
|
20
|
+
gem 'bson', '4.15.0'
|
21
|
+
gem 'bundler', '>=2.3.12'
|
22
22
|
gem 'bundler-audit', '0.9.0.1'
|
23
23
|
gem 'bunny', '2.19.0'
|
24
24
|
gem 'colorize', '0.8.1'
|
@@ -58,9 +58,9 @@ gem 'rex', '2.0.13'
|
|
58
58
|
gem 'rmagick', '4.2.5'
|
59
59
|
gem 'rspec', '3.11.0'
|
60
60
|
gem 'rtesseract', '3.1.2'
|
61
|
-
gem 'rubocop', '1.
|
61
|
+
gem 'rubocop', '1.28.1'
|
62
62
|
gem 'rubocop-rake', '0.6.0'
|
63
|
-
gem 'rubocop-rspec', '2.
|
63
|
+
gem 'rubocop-rspec', '2.10.0'
|
64
64
|
gem 'ruby-audio', '1.6.1'
|
65
65
|
gem 'ruby-nmap', '0.10.0'
|
66
66
|
gem 'ruby-saml', '1.14.0'
|
data/README.md
CHANGED
@@ -31,13 +31,13 @@ Leveraging various pre-built modules and the pwn prototyper, you can mix-and-mat
|
|
31
31
|
Tested on Linux, & OSX leveraging Ruby via RVM.
|
32
32
|
|
33
33
|
```
|
34
|
-
$ rvm use ruby-3.1.
|
34
|
+
$ rvm use ruby-3.1.2@global
|
35
35
|
$ rvm gemset create pwn
|
36
|
-
$ rvm use ruby-3.1.
|
36
|
+
$ rvm use ruby-3.1.2@pwn
|
37
37
|
$ rvm list gemsets
|
38
38
|
$ gem install --verbose pwn
|
39
39
|
$ pwn
|
40
|
-
pwn[v0.4.
|
40
|
+
pwn[v0.4.409]:001 >>> PWN.help
|
41
41
|
```
|
42
42
|
|
43
43
|
[![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
|
@@ -48,11 +48,11 @@ pwn[v0.4.407]:001 >>> PWN.help
|
|
48
48
|
It's wise to update pwn often as numerous versions are released/week:
|
49
49
|
```
|
50
50
|
$ rvm list gemsets
|
51
|
-
$ rvm use ruby-3.1.
|
51
|
+
$ rvm use ruby-3.1.2@pwn
|
52
52
|
$ gem uninstall --all --executables pwn
|
53
53
|
$ gem install --verbose pwn
|
54
54
|
$ pwn
|
55
|
-
pwn[v0.4.
|
55
|
+
pwn[v0.4.409]:001 >>> PWN.help
|
56
56
|
```
|
57
57
|
|
58
58
|
|
data/Vagrantfile
CHANGED
@@ -7,13 +7,13 @@ require 'pathname'
|
|
7
7
|
|
8
8
|
API_VERSION = '2'
|
9
9
|
pwn_root = Pathname.new(__FILE__).realpath.expand_path.parent
|
10
|
-
vagrant_gui = ENV
|
11
|
-
pwn_provider = ENV
|
10
|
+
vagrant_gui = ENV.fetch('VAGRANT_GUI') if ENV.fetch('VAGRANT_GUI')
|
11
|
+
pwn_provider = ENV.fetch('PWN_PROVIDER') if ENV.fetch('PWN_PROVIDER')
|
12
12
|
runtime_userland = 'vagrant_rsync_userland_configs.lst'
|
13
13
|
template_userland = "#{pwn_root}/vagrant_rsync_userland_template.lst"
|
14
14
|
|
15
15
|
if pwn_provider == 'docker'
|
16
|
-
docker_container_target = ENV
|
16
|
+
docker_container_target = ENV.fetch('DOCKER_CONTAINER_TARGET') if ENV.fetch('DOCKER_CONTAINER_TARGET')
|
17
17
|
docker_create_args = [
|
18
18
|
'--interactive',
|
19
19
|
'--tty'
|
data/bin/pwn_fuzz_net_app_proto
CHANGED
data/bin/pwn_sast
CHANGED
@@ -17,8 +17,8 @@ module PWN
|
|
17
17
|
if opts[:yaml_conf] && File.exist?(opts[:yaml_conf])
|
18
18
|
yaml_conf = YAML.load_file(opts[:yaml_conf].to_s.strip.chomp.scrub)
|
19
19
|
else
|
20
|
-
pwn_root = ENV
|
21
|
-
pwn_provider = ENV
|
20
|
+
pwn_root = ENV.fetch('PWN_ROOT') if ENV.fetch('PWN_ROOT')
|
21
|
+
pwn_provider = ENV.fetch('PWN_PROVIDER') if ENV.fetch('PWN_PROVIDER')
|
22
22
|
yaml_conf = YAML.load_file("#{pwn_root}/etc/userland/#{pwn_provider}/metasploit/vagrant.yaml")
|
23
23
|
end
|
24
24
|
|
data/lib/pwn/version.rb
CHANGED
data/packer/daemons/msfrpcd.rb
CHANGED
@@ -21,15 +21,15 @@ end
|
|
21
21
|
action = opts[:action].to_s.scrub.to_sym
|
22
22
|
|
23
23
|
def start
|
24
|
-
if ENV
|
25
|
-
pwn_root = ENV
|
24
|
+
if ENV.fetch('PWN_ROOT')
|
25
|
+
pwn_root = ENV.fetch('PWN_ROOT')
|
26
26
|
elsif Dir.exist?('/pwn')
|
27
27
|
pwn_root = '/pwn'
|
28
28
|
else
|
29
29
|
pwn_root = Dir.pwd
|
30
30
|
end
|
31
31
|
|
32
|
-
pwn_provider = ENV
|
32
|
+
pwn_provider = ENV.fetch('PWN_PROVIDER') if ENV.fetch('PWN_PROVIDER')
|
33
33
|
metasploit_root = '/opt/metasploit-framework-dev'
|
34
34
|
|
35
35
|
msfrpcd_config = YAML.load_file("#{pwn_root}/etc/userland/#{pwn_provider}/metasploit/vagrant.yaml")
|
@@ -5,15 +5,15 @@ require 'yaml'
|
|
5
5
|
|
6
6
|
# Install Metasploit from Source
|
7
7
|
printf 'Installing Metasploit *****************************************************************'
|
8
|
-
if ENV
|
9
|
-
pwn_root = ENV
|
8
|
+
if ENV.fetch('PWN_ROOT')
|
9
|
+
pwn_root = ENV.fetch('PWN_ROOT')
|
10
10
|
elsif Dir.exist?('/pwn')
|
11
11
|
pwn_root = '/pwn'
|
12
12
|
else
|
13
13
|
pwn_root = Dir.pwd
|
14
14
|
end
|
15
15
|
|
16
|
-
pwn_provider = ENV
|
16
|
+
pwn_provider = ENV.fetch('PWN_PROVIDER') if ENV.fetch('PWN_PROVIDER')
|
17
17
|
|
18
18
|
metasploit_root = '/opt/metasploit-framework-dev'
|
19
19
|
`sudo git clone https://github.com/rapid7/metasploit-framework.git #{metasploit_root}`
|
@@ -5,15 +5,15 @@ require 'yaml'
|
|
5
5
|
require 'digest'
|
6
6
|
require 'fileutils'
|
7
7
|
|
8
|
-
if ENV
|
9
|
-
pwn_root = ENV
|
8
|
+
if ENV.fetch('PWN_ROOT')
|
9
|
+
pwn_root = ENV.fetch('PWN_ROOT')
|
10
10
|
elsif Dir.exist?('/pwn')
|
11
11
|
pwn_root = '/pwn'
|
12
12
|
else
|
13
13
|
pwn_root = Dir.pwd
|
14
14
|
end
|
15
15
|
|
16
|
-
pwn_provider = ENV
|
16
|
+
pwn_provider = ENV.fetch('PWN_PROVIDER') if ENV.fetch('PWN_PROVIDER')
|
17
17
|
userland_config = "#{pwn_root}/etc/userland/#{pwn_provider}/burpsuite/vagrant.yaml"
|
18
18
|
userland_burpsuite_pro_jar_path = "#{pwn_root}/third_party/burpsuite-pro.jar"
|
19
19
|
burpsuite_pro_jar_dest_path = "/opt/burpsuite/#{File.basename(userland_burpsuite_pro_jar_path)}"
|
@@ -4,15 +4,15 @@
|
|
4
4
|
require 'yaml'
|
5
5
|
require 'pwn'
|
6
6
|
|
7
|
-
if ENV
|
8
|
-
pwn_root = ENV
|
7
|
+
if ENV.fetch('PWN_ROOT')
|
8
|
+
pwn_root = ENV.fetch('PWN_ROOT')
|
9
9
|
elsif Dir.exist?('/pwn')
|
10
10
|
pwn_root = '/pwn'
|
11
11
|
else
|
12
12
|
pwn_root = Dir.pwd
|
13
13
|
end
|
14
14
|
|
15
|
-
pwn_provider = ENV
|
15
|
+
pwn_provider = ENV.fetch('PWN_PROVIDER') if ENV.fetch('PWN_PROVIDER')
|
16
16
|
jenkins_userland_config = YAML.load_file("#{pwn_root}/etc/userland/#{pwn_provider}/jenkins/vagrant.yaml")
|
17
17
|
private_key_path = '/var/lib/jenkins/.ssh/id_rsa-pwn_jenkins'
|
18
18
|
userland_ssh_keygen_pass = jenkins_userland_config['ssh_keygen_pass']
|
@@ -4,15 +4,15 @@
|
|
4
4
|
require 'yaml'
|
5
5
|
|
6
6
|
print "Installing Let's Encrypt **************************************************************"
|
7
|
-
if ENV
|
8
|
-
pwn_root = ENV
|
7
|
+
if ENV.fetch('PWN_ROOT')
|
8
|
+
pwn_root = ENV.fetch('PWN_ROOT')
|
9
9
|
elsif Dir.exist?('/pwn')
|
10
10
|
pwn_root = '/pwn'
|
11
11
|
else
|
12
12
|
pwn_root = Dir.pwd
|
13
13
|
end
|
14
14
|
|
15
|
-
pwn_provider = ENV
|
15
|
+
pwn_provider = ENV.fetch('PWN_PROVIDER') if ENV.fetch('PWN_PROVIDER')
|
16
16
|
letsencrypt_git = 'https://github.com/letsencrypt/letsencrypt'
|
17
17
|
letsencrypt_root = '/opt/letsencrypt-git'
|
18
18
|
letsencrypt_yaml = YAML.load_file("#{pwn_root}/etc/userland/#{pwn_provider}/letsencrypt/vagrant.yaml")
|
@@ -3,15 +3,15 @@
|
|
3
3
|
|
4
4
|
require 'yaml'
|
5
5
|
|
6
|
-
if
|
7
|
-
pwn_root = ENV
|
6
|
+
if ENVfetch('PWN_ROOT')
|
7
|
+
pwn_root = ENV.fetch('PWN_ROOT')
|
8
8
|
elsif Dir.exist?('/pwn')
|
9
9
|
pwn_root = '/pwn'
|
10
10
|
else
|
11
11
|
pwn_root = Dir.pwd
|
12
12
|
end
|
13
13
|
|
14
|
-
pwn_provider = ENV
|
14
|
+
pwn_provider = ENV.fetch('PWN_PROVIDER') if ENV.fetch('PWN_PROVIDER')
|
15
15
|
jenkins_userland_config = YAML.load_file("#{pwn_root}/etc/userland/#{pwn_provider}/jenkins/vagrant.yaml")
|
16
16
|
userland_user = jenkins_userland_config['user']
|
17
17
|
userland_pass = jenkins_userland_config['pass']
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: pwn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.4.
|
4
|
+
version: 0.4.409
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- 0day Inc.
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-04-
|
11
|
+
date: 2022-04-21 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|
@@ -100,28 +100,28 @@ dependencies:
|
|
100
100
|
requirements:
|
101
101
|
- - '='
|
102
102
|
- !ruby/object:Gem::Version
|
103
|
-
version: 4.
|
103
|
+
version: 4.15.0
|
104
104
|
type: :runtime
|
105
105
|
prerelease: false
|
106
106
|
version_requirements: !ruby/object:Gem::Requirement
|
107
107
|
requirements:
|
108
108
|
- - '='
|
109
109
|
- !ruby/object:Gem::Version
|
110
|
-
version: 4.
|
110
|
+
version: 4.15.0
|
111
111
|
- !ruby/object:Gem::Dependency
|
112
112
|
name: bundler
|
113
113
|
requirement: !ruby/object:Gem::Requirement
|
114
114
|
requirements:
|
115
115
|
- - ">="
|
116
116
|
- !ruby/object:Gem::Version
|
117
|
-
version: 2.3.
|
117
|
+
version: 2.3.12
|
118
118
|
type: :development
|
119
119
|
prerelease: false
|
120
120
|
version_requirements: !ruby/object:Gem::Requirement
|
121
121
|
requirements:
|
122
122
|
- - ">="
|
123
123
|
- !ruby/object:Gem::Version
|
124
|
-
version: 2.3.
|
124
|
+
version: 2.3.12
|
125
125
|
- !ruby/object:Gem::Dependency
|
126
126
|
name: bundler-audit
|
127
127
|
requirement: !ruby/object:Gem::Requirement
|
@@ -660,14 +660,14 @@ dependencies:
|
|
660
660
|
requirements:
|
661
661
|
- - '='
|
662
662
|
- !ruby/object:Gem::Version
|
663
|
-
version: 1.
|
663
|
+
version: 1.28.1
|
664
664
|
type: :runtime
|
665
665
|
prerelease: false
|
666
666
|
version_requirements: !ruby/object:Gem::Requirement
|
667
667
|
requirements:
|
668
668
|
- - '='
|
669
669
|
- !ruby/object:Gem::Version
|
670
|
-
version: 1.
|
670
|
+
version: 1.28.1
|
671
671
|
- !ruby/object:Gem::Dependency
|
672
672
|
name: rubocop-rake
|
673
673
|
requirement: !ruby/object:Gem::Requirement
|
@@ -688,14 +688,14 @@ dependencies:
|
|
688
688
|
requirements:
|
689
689
|
- - '='
|
690
690
|
- !ruby/object:Gem::Version
|
691
|
-
version: 2.
|
691
|
+
version: 2.10.0
|
692
692
|
type: :runtime
|
693
693
|
prerelease: false
|
694
694
|
version_requirements: !ruby/object:Gem::Requirement
|
695
695
|
requirements:
|
696
696
|
- - '='
|
697
697
|
- !ruby/object:Gem::Version
|
698
|
-
version: 2.
|
698
|
+
version: 2.10.0
|
699
699
|
- !ruby/object:Gem::Dependency
|
700
700
|
name: ruby-audio
|
701
701
|
requirement: !ruby/object:Gem::Requirement
|
@@ -1943,14 +1943,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
1943
1943
|
requirements:
|
1944
1944
|
- - ">="
|
1945
1945
|
- !ruby/object:Gem::Version
|
1946
|
-
version: 3.1.
|
1946
|
+
version: 3.1.2
|
1947
1947
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
1948
1948
|
requirements:
|
1949
1949
|
- - ">="
|
1950
1950
|
- !ruby/object:Gem::Version
|
1951
1951
|
version: '0'
|
1952
1952
|
requirements: []
|
1953
|
-
rubygems_version: 3.3.
|
1953
|
+
rubygems_version: 3.3.12
|
1954
1954
|
signing_key:
|
1955
1955
|
specification_version: 4
|
1956
1956
|
summary: Automated Security Testing for CI/CD Pipelines & Beyond
|