pwn 0.4.468 → 0.4.471

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +2 -2
  3. data/bin/pwn_serial_msr206 +10 -5
  4. data/bin/pwn_shodan_search +76 -0
  5. data/lib/pwn/plugins/shodan.rb +14 -14
  6. data/lib/pwn/version.rb +1 -1
  7. metadata +3 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 98c7c96215e79c7af756b24a758d15c55ee42fddc0822d90350c5476059f5573
4
- data.tar.gz: 75ecc6b0534b384612dae50bb7d23143e4e11a5c3a2bddda8fc6f14ea1f8c44e
3
+ metadata.gz: 32922a349d82bb446e9fad95fb55df251fa80c58d9b72cbe6fafb50fb0e92a0c
4
+ data.tar.gz: d95bc2403937f02a5579744f8c85850c354f522e264300fed35a772360266477
5
5
  SHA512:
6
- metadata.gz: ee8208c011822cee15ef9d92a564ce3e3027c61dd2f975acb7d154e398b763a1bb820a56d6c56fe6ec63b9c0fbd6bf80528f0a05db6081d2327b831bde5f5bd1
7
- data.tar.gz: 747b0b22555e4f75be1b25455bbe07e903e82184bbbd68d67a6981e41c7f8f82173003cd6986e6953b5d3cc3e6fbf70aff3aaacd5f24b33881709c90494e007e
6
+ metadata.gz: 634a521d25395485a6f6318ad5754f5e7a8bd9c20bffe680bcbf0bea1fb6b01836cda1f01d658666e824073292d3c30e331754f88f9cde7bd0544cdcb7554b5a
7
+ data.tar.gz: 00ca0f938d5ce07390a7e3b92a4fb7c4be156a6e299997414b33ab5ad743be80b65dce1e38882d1d88a59e62c3ac3b2f69514afe737af824ce23869f031f213b
data/README.md CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.1.2@pwn
37
37
  $ rvm list gemsets
38
38
  $ gem install --verbose pwn
39
39
  $ pwn
40
- pwn[v0.4.468]:001 >>> PWN.help
40
+ pwn[v0.4.471]:001 >>> PWN.help
41
41
  ```
42
42
 
43
43
  [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.1.2@pwn
52
52
  $ gem uninstall --all --executables pwn
53
53
  $ gem install --verbose pwn
54
54
  $ pwn
55
- pwn[v0.4.468]:001 >>> PWN.help
55
+ pwn[v0.4.471]:001 >>> PWN.help
56
56
  ```
57
57
 
58
58
 
data/bin/pwn_serial_msr206 CHANGED
@@ -154,19 +154,24 @@ begin
154
154
  msr206_obj: msr206_obj,
155
155
  type: :arm_to_read
156
156
  )
157
+
157
158
  file = ''
159
+ backup_msg = ''
158
160
  loop do
159
- exec_resp = PWN::Plugins::MSR206.exec(
160
- msr206_obj: msr206_obj,
161
- cmd: :green_flash
162
- )
161
+ if backup_msg.empty?
162
+ exec_resp = PWN::Plugins::MSR206.exec(
163
+ msr206_obj: msr206_obj,
164
+ cmd: :green_flash
165
+ )
166
+ end
163
167
 
164
168
  print 'Enter File Name to Save Backup: '
165
169
  file = gets.scrub.chomp.strip
166
170
  file_dir = File.dirname(file)
167
171
  break if Dir.exist?(file_dir)
168
172
 
169
- puts "\nDirectory #{file_dir} for #{file} does not exist."
173
+ backup_msg = "\n****** ERROR: Directory #{file_dir} for #{file} does not exist ******"
174
+ puts backup_msg
170
175
  exec_resp = PWN::Plugins::MSR206.exec(
171
176
  msr206_obj: msr206_obj,
172
177
  cmd: :green_off
data/bin/pwn_shodan_search ADDED
@@ -0,0 +1,76 @@
1
+ #!/usr/bin/env ruby
2
+ # frozen_string_literal: false
3
+
4
+ require 'pwn'
5
+ require 'optparse'
6
+ require 'yaml'
7
+ require 'json'
8
+
9
+ opts = {}
10
+ OptionParser.new do |options|
11
+ options.banner = "USAGE:
12
+ #{$PROGRAM_NAME} [opts]
13
+ "
14
+
15
+ options.on('-c', '--config-yaml', '<Required - YAML config containing api_key from Shodan.io>') do |y|
16
+ opts[:yaml] = y
17
+ end
18
+
19
+ options.on('-qFILE', '--query-file=FILE', '<Required - File containing one Shodan.io query string per line>') do |q|
20
+ opts[:query_file] = q
21
+ end
22
+
23
+ options.on('-oFILE', '--output-results-file=FILE', '<Optional - Defaults to /tmp/shodan-results-Time.now.strftime("%y-%m-%d.%H:%M:%S").txt>') do |o|
24
+ opts[:output_results_file] = o
25
+ end
26
+ end.parse!
27
+
28
+ if opts.empty?
29
+ puts `#{$PROGRAM_NAME} --help`
30
+ exit 1
31
+ end
32
+
33
+ begin
34
+ yaml_file = opts[:yaml]
35
+ raise "ERROR: #{yaml_file} does not exist." unless File.exist?(yaml_file)
36
+
37
+ yaml = YAML.load_file(yaml_file, symbolize_names: true)
38
+
39
+ api_key = yaml[:api_key]
40
+
41
+ query_file = opts[:query_file]
42
+ raise "ERROR: #{query_file} does not exist." unless File.exist?(query_file)
43
+
44
+ queries = File.readlines(query_file)
45
+
46
+ timestamp = Time.now.strftime('%Y-%m-%d.%H:%M:%S')
47
+ query_results_file = opts[:output_results_file]
48
+ query_results_file ||= "/tmp/shodan-results-#{timestamp}.txt"
49
+
50
+ raw_query_results_file = "/tmp/shodan-results-#{timestamp}-RAW.json"
51
+ File.open(raw_query_results_file, 'w') do |r|
52
+ File.open(query_results_file, 'w') do |f|
53
+ queries.each do |query_line|
54
+ query = query_line.chomp
55
+ print "QUERY: '#{query}'"
56
+ r.puts("QUERY: '#{query}'")
57
+ f.puts("QUERY: '#{query}'")
58
+ search_results = PWN::Plugins::Shodan.search(
59
+ api_key: api_key,
60
+ query: query
61
+ )
62
+ puts " >>> Matches: #{search_results[:total]}"
63
+ r.puts search_results.to_json
64
+
65
+ search_results[:matches].select do |m|
66
+ f.puts "ORG: #{m[:org]} | PUBIP: #{m[:ip_str]} #{'*' * 36}"
67
+ f.puts "Product: #{m[:product]}"
68
+ f.puts "TCP Port: #{m[:port]}"
69
+ f.puts "Data: #{m[:data]}\n\n\n"
70
+ end
71
+ end
72
+ end
73
+ end
74
+ rescue SystemExit, Interrupt
75
+ puts "\nGoodbye."
76
+ end
data/lib/pwn/plugins/shodan.rb CHANGED
@@ -90,7 +90,7 @@ module PWN
90
90
  rest_call: "shodan/host/#{target_ip}",
91
91
  params: params
92
92
  )
93
- services_by_ips.push(JSON.parse(response))
93
+ services_by_ips.push(JSON.parse(response, symbolize_names: true))
94
94
  rescue StandardError => e
95
95
  services_by_ips.push(error: e.message)
96
96
  next
@@ -131,7 +131,7 @@ module PWN
131
131
  rest_call: 'shodan/host/count',
132
132
  params: params
133
133
  )
134
- JSON.parse(response)
134
+ JSON.parse(response, symbolize_names: true)
135
135
  rescue StandardError => e
136
136
  raise e
137
137
  end
@@ -166,7 +166,7 @@ module PWN
166
166
  rest_call: 'shodan/host/search',
167
167
  params: params
168
168
  )
169
- JSON.parse(response)
169
+ JSON.parse(response, symbolize_names: true)
170
170
  rescue StandardError => e
171
171
  raise e
172
172
  end
@@ -191,7 +191,7 @@ module PWN
191
191
  rest_call: 'shodan/host/search/tokens',
192
192
  params: params
193
193
  )
194
- JSON.parse(response)
194
+ JSON.parse(response, symbolize_names: true)
195
195
  rescue StandardError => e
196
196
  raise e
197
197
  end
@@ -210,7 +210,7 @@ module PWN
210
210
  rest_call: 'shodan/ports',
211
211
  params: params
212
212
  )
213
- JSON.parse(response)
213
+ JSON.parse(response, symbolize_names: true)
214
214
  rescue StandardError => e
215
215
  raise e
216
216
  end
@@ -229,7 +229,7 @@ module PWN
229
229
  rest_call: 'shodan/protocols',
230
230
  params: params
231
231
  )
232
- JSON.parse(response)
232
+ JSON.parse(response, symbolize_names: true)
233
233
  rescue StandardError => e
234
234
  raise e
235
235
  end
@@ -253,7 +253,7 @@ module PWN
253
253
  params: params,
254
254
  http_body: http_body
255
255
  )
256
- JSON.parse(response)
256
+ JSON.parse(response, symbolize_names: true)
257
257
  rescue StandardError => e
258
258
  raise e
259
259
  end
@@ -279,7 +279,7 @@ module PWN
279
279
  params: params,
280
280
  http_body: http_body
281
281
  )
282
- JSON.parse(response)
282
+ JSON.parse(response, symbolize_names: true)
283
283
  rescue StandardError => e
284
284
  raise e
285
285
  end
@@ -303,7 +303,7 @@ module PWN
303
303
  rest_call: "shodan/scan/status/#{scan_id}",
304
304
  params: params
305
305
  )
306
- JSON.parse(response)
306
+ JSON.parse(response, symbolize_names: true)
307
307
  rescue StandardError => e
308
308
  raise e
309
309
  end
@@ -322,7 +322,7 @@ module PWN
322
322
  rest_call: 'shodan/services',
323
323
  params: params
324
324
  )
325
- JSON.parse(response)
325
+ JSON.parse(response, symbolize_names: true)
326
326
  rescue StandardError => e
327
327
  raise e
328
328
  end
@@ -352,7 +352,7 @@ module PWN
352
352
  rest_call: 'shodan/query',
353
353
  params: params
354
354
  )
355
- JSON.parse(response)
355
+ JSON.parse(response, symbolize_names: true)
356
356
  rescue StandardError => e
357
357
  raise e
358
358
  end
@@ -381,7 +381,7 @@ module PWN
381
381
  rest_call: 'shodan/query/tags',
382
382
  params: params
383
383
  )
384
- JSON.parse(response)
384
+ JSON.parse(response, symbolize_names: true)
385
385
  rescue StandardError => e
386
386
  raise e
387
387
  end
@@ -400,7 +400,7 @@ module PWN
400
400
  rest_call: 'account/profile',
401
401
  params: params
402
402
  )
403
- JSON.parse(response)
403
+ JSON.parse(response, symbolize_names: true)
404
404
  rescue StandardError => e
405
405
  raise e
406
406
  end
@@ -437,7 +437,7 @@ module PWN
437
437
  rest_call: 'api-info',
438
438
  params: params
439
439
  )
440
- JSON.parse(response)
440
+ JSON.parse(response, symbolize_names: true)
441
441
  rescue StandardError => e
442
442
  raise e
443
443
  end
data/lib/pwn/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module PWN
4
- VERSION = '0.4.468'
4
+ VERSION = '0.4.471'
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pwn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.468
4
+ version: 0.4.471
5
5
  platform: ruby
6
6
  authors:
7
7
  - 0day Inc.
@@ -1018,6 +1018,7 @@ executables:
1018
1018
  - pwn_serial_check_voicemail
1019
1019
  - pwn_serial_msr206
1020
1020
  - pwn_serial_qualcomm_commands
1021
+ - pwn_shodan_search
1021
1022
  - pwn_simple_http_server
1022
1023
  - pwn_web_cache_deception
1023
1024
  - pwn_www_checkip
@@ -1078,6 +1079,7 @@ files:
1078
1079
  - bin/pwn_serial_check_voicemail
1079
1080
  - bin/pwn_serial_msr206
1080
1081
  - bin/pwn_serial_qualcomm_commands
1082
+ - bin/pwn_shodan_search
1081
1083
  - bin/pwn_simple_http_server
1082
1084
  - bin/pwn_web_cache_deception
1083
1085
  - bin/pwn_www_checkip