pwn 0.4.454 → 0.4.459

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7706d2f67e06a72947df5fba37be484be147119aee1d537a5172b650619ee753
-  data.tar.gz: 1254894deed2a1e8c72dc0c90e9924abd5d56d22a84a2d8f7305d8c22b94a8ed
+  metadata.gz: 34af764fdd574b15da3c45adb4097933e47a3aaca2de6dcb4c8f8005b6608f1d
+  data.tar.gz: 5bf7e7551c6c62d12a2c2811493034ba31a0545f59aa3a72483aa3701b04b626
 SHA512:
-  metadata.gz: 0b05ab90c4110617d5bf15bfa590e32af4fe19bf70e7791d8571c2907c45dbe53470ae1364a0568e04366bfcf7c7eda13f18fdf0f5a639e6502d482fd88a364e
-  data.tar.gz: 07bddeec0fd64dd636c738f644ea32f843bcf4237755a596fd9c4a80c1945cd6e8fe43e185e9716ba40d19e5731baf1ce427f93364c1d760d6e002b834908969
+  metadata.gz: 95f9def16df7e14a69731c08b4b7f4d3cf5e9e2e4b2c618b7c5b75dfba4bbbeed142f2aa03328ef3412c8bc95bc5ee87292ded504adc2d50d197113ce80c648d
+  data.tar.gz: 98d0f7cc871533e29b2c1321ae65ef48f56be4debc0bad1cb0617504567e0b12adf1d363c295746c5c1241c3666b42e95a46eaded7028467228cb799d0a33416

data/Gemfile

@@ -67,7 +67,7 @@ gem 'ruby-nmap', '0.10.0'
 gem 'ruby-saml', '1.14.0'
 gem 'rvm', '1.11.3.9'
 gem 'savon', '2.12.1'
-gem 'selenium-devtools', '0.101.0'
+gem 'selenium-devtools', '0.102.0'
 gem 'serialport', '1.3.2'
 gem 'sinatra', '2.2.0'
 gem 'slack-ruby-client', '1.0.0'

data/README.md

@@ -37,7 +37,7 @@ $ rvm use ruby-3.1.2@pwn
 $ rvm list gemsets
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.454]:001 >>> PWN.help
+pwn[v0.4.459]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.1.2@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.454]:001 >>> PWN.help
+pwn[v0.4.459]:001 >>> PWN.help
 ```
 
 

data/lib/pwn/plugins/msr206.rb

@@ -0,0 +1,372 @@
+# frozen_string_literal: true
+
+module PWN
+  module Plugins
+    # This plugin is used for interacting with a three track
+    # MSR206 Magnetic Stripe Reader / Writer
+    module MSR206
+      # Supported Method Parameters::
+      # msr206_obj = PWN::Plugins::MSR206.connect(
+      #   block_dev: 'optional - serial block device path (defaults to /dev/ttyUSB0)',
+      #   baud: 'optional - (defaults to 9600)',
+      #   data_bits: 'optional - (defaults to 8)',
+      #   stop_bits: 'optional - (defaults to 1)',
+      #   parity: 'optional - (defaults to SerialPort::NONE)',
+      #   flow_control: 'optional - (defaults to SerialPort::HARD) SerialPort::NONE|SerialPort::SOFT|SerialPort::HARD'
+      # )
+
+      public_class_method def self.connect(opts = {})
+        # Default Baud Rate for this Device is 19200
+        opts[:baud] = 19_200 if opts[:baud].nil?
+        msr206_obj = PWN::Plugins::Serial.connect(opts)
+      rescue StandardError => e
+        disconnect(msr206_obj: msr206_obj) unless msr206_obj.nil?
+        raise e
+      end
+
+      # Supported Method Parameters::
+      #  cmds = PWN::Plugins::MSR206.list_cmds
+      public_class_method def self.list_cmds
+        # Returns an Array of Symbols
+        cmds = %i[
+          version_report
+          simulate_power_cycle_warm_reset
+          configuration_request
+          reproduce_last_command
+          resume_transmission_to_host
+          pause_transmission_to_host
+          abort_command
+          red_on
+          red_off
+          red_flash
+          green_on
+          green_off
+          green_flash
+          yellow_on
+          yellow_off
+          yellow_flash
+          arm_to_read
+          arm_to_read_w_speed_prompts
+          tx_iso_std_data_track1
+          tx_iso_std_data_track2
+          tx_iso_std_data_track3
+          alt_tx_iso_std_data_track1
+          alt_tx_iso_std_data_track2
+          alt_tx_iso_std_data_track3
+          tx_error_data
+          tx_custom_data_forward_track1
+          tx_custom_data_forward_track2
+          tx_custom_data_forward_track3
+          tx_passbook_data
+          alt_tx_passbook_data
+          write_verify
+          card_edge_detect
+          load_iso_std_data_for_writing_track1
+          load_iso_std_data_for_writing_track2
+          load_iso_std_data_for_writing_track3
+          alt_load_iso_std_data_for_writing_track1
+          alt_load_iso_std_data_for_writing_track2
+          alt_load_iso_std_data_for_writing_track3
+          load_passbook_data_for_writing
+          load_custom_data_for_writing_track1
+          load_custom_data_for_writing_track2
+          load_custom_data_for_writing_track3
+          set_write_density
+          set_write_density_210_bpi_tracks13
+          set_write_density_75_bpi_tracks13
+          set_write_density_210_bpi_tracks2
+          set_write_density_75_bpi_tracks2
+          set_default_write_current
+          view_default_write_current
+          set_temp_write_current
+          view_temp_write_current
+          arm_to_write_with_raw
+          arm_to_write_no_raw
+          arm_to_write_with_raw_speed_prompts
+        ]
+      rescue StandardError => e
+        raise e
+      end
+
+      # Supported Method Parameters::
+      # cmd_response_arr = get_cmd_responses(
+      #   msr206_obj: 'required - msr206_obj returned from #connect method'
+      # )
+
+      public_class_method def self.get_cmd_responses(opts = {})
+        msr206_obj = opts[:msr206_obj]
+
+        raw_byte_arr = PWN::Plugins::Serial.dump_session_data(
+          serial_obj: msr206_obj
+        )
+
+        hex_esc_raw_resp = ''
+        raw_byte_arr.each do |byte|
+          this_byte = byte.unpack1('H*')
+          # Needed when #unpack1 returns 2 bytes instead of one
+          # e.g."ް" translates to deb0 (that's not a double quote ")
+          # instead of de b0
+          # this condition is ghetto-hacker-ish.
+          if this_byte.length == 4
+            byte_one = this_byte[1..2]
+            byte_two = this_byte[-2..-1]
+            hex_esc_raw_resp = "#{hex_esc_raw_resp}\s#{byte_one}"
+            hex_esc_raw_resp = "#{hex_esc_raw_resp}\s#{byte_two}"
+          else
+            hex_esc_raw_resp = "#{hex_esc_raw_resp}\s#{this_byte}"
+          end
+        end
+
+        # Return command response array in space-delimited hex
+        cmd_response_arr = hex_esc_raw_resp.upcase.strip.split(/(?=FF)/)
+        cmd_response_arr.map(&:strip)
+      rescue StandardError => e
+        # Flush Responses for Next Request
+        PWN::Plugins::Serial.flush_session_data(
+          serial_obj: msr206_obj
+        )
+
+        raise e
+      end
+
+      # Supported Method Parameters::
+      # parsed_cmd_resp_arr = parse_responses(
+      #   cmd_resp: 'required - command response string'
+      # )
+
+      private_class_method def self.parse_responses(opts = {})
+        msr206_obj = opts[:msr206_obj]
+        cmd = opts[:cmd].to_s.scrub.strip.chomp
+
+        keep_parsing_responses = true
+        next_response_detected = false
+        all_cmd_responses = []
+        a_cmd_r_len = 0
+        last_a_cmd_r_len = 0
+
+        parsed_cmd_resp_arr = []
+        bytes_in_cmd_resp = 0
+        cmd_resp = ''
+
+        while keep_parsing_responses
+          until next_response_detected
+            all_cmd_responses = get_cmd_responses(
+              msr206_obj: msr206_obj
+            )
+            # bytes_in_cmd_resp = cmd_resp.split.length if cmd_resp
+            a_cmd_r_len = all_cmd_responses.length
+
+            next_response_detected = true if a_cmd_r_len > last_a_cmd_r_len
+          end
+
+          #   cmd_resp = all_cmd_responses.last
+          #   case cmd_resp
+          #   when '21', '28', '29', '2A', '2B', '2D', '2F', '3A', '31', '32', '33', '3E', '3F', '5E', '7E', '98 FE'
+          #     next_response_detected = true
+          #   end
+          next_response_detected = false
+          last_a_cmd_r_len = a_cmd_r_len
+          print "\n"
+          keep_parsing_responses = false
+        end
+
+        all_cmd_responses
+      rescue StandardError => e
+        raise e
+      ensure
+        # Flush Responses for Next Request
+        PWN::Plugins::Serial.flush_session_data(
+          serial_obj: msr206_obj
+        )
+      end
+
+      # Supported Method Parameters::
+      #  PWN::Plugins::MSR206.exec(
+      #   msr206_obj: 'required - msr206_obj returned from #connect method'
+      #   cmd: 'required - cmd returned from #list_cmds method',
+      #   params: 'optional - parameters for specific command returned from #list_params method'
+      # )
+      public_class_method def self.exec(opts = {})
+        msr206_obj = opts[:msr206_obj]
+        cmd = opts[:cmd].to_s.scrub.strip.chomp
+        params = opts[:params].to_s.scrub.strip.chomp
+
+        params_bytes = []
+        case cmd.to_sym
+        when :resume_transmission_to_host
+          cmd_bytes = [0x11]
+        when :pause_transmission_to_host
+          cmd_bytes = [0x13]
+        when :abort_command
+          cmd_bytes = [0x1B]
+        when :configuration_request
+          cmd_bytes = [0x23]
+        when :reproduce_last_command
+          cmd_bytes = [0x25]
+        when :card_edge_detect
+          cmd_bytes = [0x26]
+        when :green_flash
+          cmd_bytes = [0x28]
+        when :red_flash
+          cmd_bytes = [0x29]
+        when :version_report
+          cmd_bytes = [0x39]
+        when :power_on_report
+          cmd_bytes = [0x3A]
+        when :set_write_density
+          cmd_bytes = [0x3B]
+        when :set_temp_write_current
+          cmd_bytes = [0x3C]
+        when :view_temp_write_current
+          cmd_bytes = [0x3E]
+        when :write_verify
+          cmd_bytes = [0x3F]
+        when :arm_to_write_with_raw
+          cmd_bytes = [0x40]
+        when :load_iso_std_data_for_writing_track1
+          cmd_bytes = [0x41]
+        when :load_iso_std_data_for_writing_track2
+          cmd_bytes = [0x42]
+        when :load_iso_std_data_for_writing_track3
+          cmd_bytes = [0x43]
+        when :tx_custom_data_forward_track1, :load_custom_data_for_writing_track1
+          cmd_bytes = [0x45]
+        when :tx_custom_data_forward_track2, :load_custom_data_for_writing_track2
+          cmd_bytes = [0x46]
+        when :tx_custom_data_forward_track3, :load_custom_data_for_writing_track3
+          cmd_bytes = [0x47]
+        when :tx_error_data
+          cmd_bytes = [0x49]
+        when :yellow_on
+          cmd_bytes = [0x4B]
+        when :green_on
+          cmd_bytes = [0x4C]
+        when :red_on
+          cmd_bytes = [0x4D]
+        when :set_write_density_210_bpi_tracks2
+          cmd_bytes = [0x4E]
+        when :set_write_density_210_bpi_tracks13
+          cmd_bytes = [0x4F]
+        when :arm_to_read
+          cmd_bytes = [0x50]
+        when :tx_iso_std_data_track1
+          cmd_bytes = [0x51]
+        when :tx_iso_std_data_track2
+          cmd_bytes = [0x52]
+        when :tx_iso_std_data_track3
+          cmd_bytes = [0x53]
+        when :tx_passbook_data
+          cmd_bytes = [0x58]
+        when :arm_to_write_no_raw
+          cmd_bytes = [0x5A]
+        when :set_default_write_current
+          cmd_bytes = [0x5B]
+        when :view_default_write_current
+          cmd_bytes = [0x5D]
+        when :alt_load_iso_std_data_for_writing_track1
+          cmd_bytes = [0x61]
+        when :alt_load_iso_std_data_for_writing_track2
+          cmd_bytes = [0x62]
+        when :alt_load_iso_std_data_for_writing_track3
+          cmd_bytes = [0x63]
+        when :load_passbook_data_for_writing
+          cmd_bytes = [0x6A]
+        when :yellow_off
+          cmd_bytes = [0x6B]
+        when :green_off
+          cmd_bytes = [0x6C]
+        when :red_off
+          cmd_bytes = [0x6D]
+        when :set_write_density_75_bpi_tracks2
+          cmd_bytes = [0x6E]
+        when :set_write_density_75_bpi_tracks13
+          cmd_bytes = [0x6F]
+        when :arm_to_read_w_speed_prompts
+          cmd_bytes = [0x70]
+        when :alt_tx_iso_std_data_track1
+          cmd_bytes = [0x71]
+        when :alt_tx_iso_std_data_track2
+          cmd_bytes = [0x72]
+        when :alt_tx_iso_std_data_track3
+          cmd_bytes = [0x73]
+        when :alt_tx_passbook_data
+          cmd_bytes = [0x78]
+        when :arm_to_write_with_raw_speed_prompts
+          cmd_bytes = [0x7A]
+        when :yellow_flash
+          cmd_bytes = [0x7C]
+        when :simulate_power_cycle_warm_reset
+          cmd_bytes = [0x7F]
+        else
+          raise "Unsupported Command: #{cmd}.  Supported commands are:\n#{list_cmds}\n\n\n"
+        end
+
+        # If parameters to a command are set, append them.
+        cmd_bytes += params_bytes unless params_bytes.empty?
+        # Execute the command.
+        cmd_bytes.each do |byte|
+          msr206_obj[:serial_conn].putc(byte)
+        end
+
+        # Parse commands response(s).
+        # Return an array of hashes.
+        parse_responses(
+          msr206_obj: msr206_obj,
+          cmd: cmd.to_sym
+        )
+      rescue StandardError => e
+        raise e
+      end
+
+      # Supported Method Parameters::
+      # PWN::Plugins::MSR206.disconnect(
+      #   msr206_obj: 'required - msr206_obj returned from #connect method'
+      # )
+
+      public_class_method def self.disconnect(opts = {})
+        PWN::Plugins::Serial.disconnect(
+          serial_obj: opts[:msr206_obj]
+        )
+      rescue StandardError => e
+        raise e
+      end
+
+      # Author(s):: 0day Inc. <request.pentest@0dayinc.com>
+
+      public_class_method def self.authors
+        "AUTHOR(S):
+          0day Inc. <request.pentest@0dayinc.com>
+        "
+      end
+
+      # Display Usage for this Module
+
+      public_class_method def self.help
+        puts "USAGE:
+          msr206_obj = #{self}.connect(
+            block_dev: 'optional serial block device path (defaults to /dev/ttyUSB0)',
+            baud: 'optional (defaults to 9600)',
+            data_bits: 'optional (defaults to 8)',
+            stop_bits: 'optional (defaults to 1)',
+            parity: 'optional (defaults to SerialPort::NONE)',
+            flow_control: 'optional (defaults to SerialPort::NONE)'
+          )
+
+          cmds = #{self}.list_cmds
+
+          parsed_cmd_resp_arr = #{self}.exec(
+            msr206_obj: 'required msr206_obj returned from #connect method',
+            cmd: 'required - cmd returned from #list_cmds method',
+            params: 'optional - parameters for specific command returned from #list_params method'
+          )
+
+          #{self}.disconnect(
+            msr206_obj: 'required msr206_obj returned from #connect method'
+          )
+
+          #{self}.authors
+        "
+      end
+    end
+  end
+end

data/lib/pwn/plugins/son_micro_rfid.rb

@@ -151,7 +151,7 @@ module PWN
       end
 
       # Supported Method Parameters::
-      # parsed_cmd_resp_arr = parse_cmd_resp(
+      # parsed_cmd_resp_arr = parse_responses(
       #   cmd_resp: 'required - command response string'
       # )
 

data/lib/pwn/plugins.rb

@@ -32,6 +32,7 @@ module PWN
     autoload :JSONPathify, 'pwn/plugins/json_pathify'
     autoload :MailAgent, 'pwn/plugins/mail_agent'
     autoload :Metasploit, 'pwn/plugins/metasploit'
+    autoload :MSR206, 'pwn/plugins/msr206'
     autoload :NessusCloud, 'pwn/plugins/nessus_cloud'
     autoload :NexposeVulnScan, 'pwn/plugins/nexpose_vuln_scan'
     autoload :NmapIt, 'pwn/plugins/nmap_it'

data/lib/pwn/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.4.454'
+  VERSION = '0.4.459'
 end

data/spec/lib/pwn/plugins/msr206_spec.rb

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe PWN::Plugins::MSR206 do
+  it 'should display information for authors' do
+    authors_response = PWN::Plugins::MSR206
+    expect(authors_response).to respond_to :authors
+  end
+
+  it 'should display information for existing help method' do
+    help_response = PWN::Plugins::MSR206
+    expect(help_response).to respond_to :help
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.4.454
+  version: 0.4.459
 platform: ruby
 authors:
 - 0day Inc.
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-05-24 00:00:00.000000000 Z
+date: 2022-05-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -786,14 +786,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.101.0
+        version: 0.102.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.101.0
+        version: 0.102.0
 - !ruby/object:Gem::Dependency
   name: serialport
   requirement: !ruby/object:Gem::Requirement
@@ -1531,6 +1531,7 @@ files:
 - lib/pwn/plugins/json_pathify.rb
 - lib/pwn/plugins/mail_agent.rb
 - lib/pwn/plugins/metasploit.rb
+- lib/pwn/plugins/msr206.rb
 - lib/pwn/plugins/nessus_cloud.rb
 - lib/pwn/plugins/nexpose_vuln_scan.rb
 - lib/pwn/plugins/nmap_it.rb
@@ -1827,6 +1828,7 @@ files:
 - spec/lib/pwn/plugins/json_pathify_spec.rb
 - spec/lib/pwn/plugins/mail_agent_spec.rb
 - spec/lib/pwn/plugins/metasploit_spec.rb
+- spec/lib/pwn/plugins/msr206_spec.rb
 - spec/lib/pwn/plugins/nessus_cloud_spec.rb
 - spec/lib/pwn/plugins/nexpose_vuln_scan_spec.rb
 - spec/lib/pwn/plugins/nmap_it_spec.rb
@@ -2096,6 +2098,7 @@ test_files:
 - spec/lib/pwn/plugins/json_pathify_spec.rb
 - spec/lib/pwn/plugins/mail_agent_spec.rb
 - spec/lib/pwn/plugins/metasploit_spec.rb
+- spec/lib/pwn/plugins/msr206_spec.rb
 - spec/lib/pwn/plugins/nessus_cloud_spec.rb
 - spec/lib/pwn/plugins/nexpose_vuln_scan_spec.rb
 - spec/lib/pwn/plugins/nmap_it_spec.rb