pwn 0.4.469 → 0.4.472
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +2 -2
- data/bin/pwn_shodan_search +77 -0
- data/lib/pwn/plugins/shodan.rb +14 -14
- data/lib/pwn/version.rb +1 -1
- metadata +3 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 79226d5832fb6d629db612d4a2f44e02c27ae32ddbfdd41722feca31cfb13b7c
|
4
|
+
data.tar.gz: d1116586791753444e1d60d46efe5f4f8d099fd40d4397e4f045943fb41dce23
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 23b26a6bbb579a707b948ea8bec858089e6a5dce7df26c8920946e6bc4637762cc71e8e03aa013d96ec9ad4fc35a497d4323b4fe006f5e50615e0093b6a279dd
|
7
|
+
data.tar.gz: 072f7811b42f425ef8a56fc120d64f6132df02408a19fa6229d725595464fe7a585db4bc9563c382a35ac5b083cc77f6df0017db466afaef86a2a99f147d5780
|
data/README.md
CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.1.2@pwn
|
|
37
37
|
$ rvm list gemsets
|
38
38
|
$ gem install --verbose pwn
|
39
39
|
$ pwn
|
40
|
-
pwn[v0.4.
|
40
|
+
pwn[v0.4.472]:001 >>> PWN.help
|
41
41
|
```
|
42
42
|
|
43
43
|
[![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.1.2@pwn
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
53
53
|
$ gem install --verbose pwn
|
54
54
|
$ pwn
|
55
|
-
pwn[v0.4.
|
55
|
+
pwn[v0.4.472]:001 >>> PWN.help
|
56
56
|
```
|
57
57
|
|
58
58
|
|
@@ -0,0 +1,77 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
# frozen_string_literal: false
|
3
|
+
|
4
|
+
require 'pwn'
|
5
|
+
require 'optparse'
|
6
|
+
require 'yaml'
|
7
|
+
require 'json'
|
8
|
+
|
9
|
+
opts = {}
|
10
|
+
OptionParser.new do |options|
|
11
|
+
options.banner = "USAGE:
|
12
|
+
#{$PROGRAM_NAME} [opts]
|
13
|
+
"
|
14
|
+
|
15
|
+
options.on('-c', '--config-yaml', '<Required - YAML config containing api_key from Shodan.io>') do |y|
|
16
|
+
opts[:yaml] = y
|
17
|
+
end
|
18
|
+
|
19
|
+
options.on('-qFILE', '--query-file=FILE', '<Required - File containing one Shodan.io query string per line>') do |q|
|
20
|
+
opts[:query_file] = q
|
21
|
+
end
|
22
|
+
|
23
|
+
options.on('-oFILE', '--output-results-file=FILE', '<Optional - Defaults to /tmp/shodan-results-Time.now.strftime("%y-%m-%d.%H:%M:%S").txt>') do |o|
|
24
|
+
opts[:output_results_file] = o
|
25
|
+
end
|
26
|
+
end.parse!
|
27
|
+
|
28
|
+
if opts.empty?
|
29
|
+
puts `#{$PROGRAM_NAME} --help`
|
30
|
+
exit 1
|
31
|
+
end
|
32
|
+
|
33
|
+
begin
|
34
|
+
yaml_file = opts[:yaml].to_s
|
35
|
+
raise "ERROR: #{yaml_file} does not exist." unless File.exist?(yaml_file)
|
36
|
+
|
37
|
+
yaml = YAML.load_file(yaml_file, symbolize_names: true)
|
38
|
+
|
39
|
+
api_key = yaml[:api_key]
|
40
|
+
|
41
|
+
query_file = opts[:query_file].to_s
|
42
|
+
raise "ERROR: #{query_file} does not exist." unless File.exist?(query_file)
|
43
|
+
|
44
|
+
queries = File.readlines(query_file)
|
45
|
+
|
46
|
+
timestamp = Time.now.strftime('%Y-%m-%d.%H:%M:%S')
|
47
|
+
query_results_file = opts[:output_results_file]
|
48
|
+
query_results_file ||= "/tmp/shodan-results-#{timestamp}.txt"
|
49
|
+
query_results_dir = File.dirname(query_results_file)
|
50
|
+
|
51
|
+
raw_query_results_file = "#{query_results_dir}/shodan-results-#{timestamp}-RAW.json"
|
52
|
+
File.open(raw_query_results_file, 'w') do |r|
|
53
|
+
File.open(query_results_file, 'w') do |f|
|
54
|
+
queries.each do |query_line|
|
55
|
+
query = query_line.chomp
|
56
|
+
print "QUERY: '#{query}'"
|
57
|
+
r.puts("QUERY: '#{query}'")
|
58
|
+
f.puts("QUERY: '#{query}'")
|
59
|
+
search_results = PWN::Plugins::Shodan.search(
|
60
|
+
api_key: api_key,
|
61
|
+
query: query
|
62
|
+
)
|
63
|
+
puts " >>> Matches: #{search_results[:total]}"
|
64
|
+
r.puts search_results.to_json
|
65
|
+
|
66
|
+
search_results[:matches].select do |m|
|
67
|
+
f.puts "ORG: #{m[:org]} | PUBIP: #{m[:ip_str]} #{'*' * 36}"
|
68
|
+
f.puts "Product: #{m[:product]}"
|
69
|
+
f.puts "TCP Port: #{m[:port]}"
|
70
|
+
f.puts "Data: #{m[:data]}\n\n\n"
|
71
|
+
end
|
72
|
+
end
|
73
|
+
end
|
74
|
+
end
|
75
|
+
rescue SystemExit, Interrupt
|
76
|
+
puts "\nGoodbye."
|
77
|
+
end
|
data/lib/pwn/plugins/shodan.rb
CHANGED
@@ -90,7 +90,7 @@ module PWN
|
|
90
90
|
rest_call: "shodan/host/#{target_ip}",
|
91
91
|
params: params
|
92
92
|
)
|
93
|
-
services_by_ips.push(JSON.parse(response))
|
93
|
+
services_by_ips.push(JSON.parse(response, symbolize_names: true))
|
94
94
|
rescue StandardError => e
|
95
95
|
services_by_ips.push(error: e.message)
|
96
96
|
next
|
@@ -131,7 +131,7 @@ module PWN
|
|
131
131
|
rest_call: 'shodan/host/count',
|
132
132
|
params: params
|
133
133
|
)
|
134
|
-
JSON.parse(response)
|
134
|
+
JSON.parse(response, symbolize_names: true)
|
135
135
|
rescue StandardError => e
|
136
136
|
raise e
|
137
137
|
end
|
@@ -166,7 +166,7 @@ module PWN
|
|
166
166
|
rest_call: 'shodan/host/search',
|
167
167
|
params: params
|
168
168
|
)
|
169
|
-
JSON.parse(response)
|
169
|
+
JSON.parse(response, symbolize_names: true)
|
170
170
|
rescue StandardError => e
|
171
171
|
raise e
|
172
172
|
end
|
@@ -191,7 +191,7 @@ module PWN
|
|
191
191
|
rest_call: 'shodan/host/search/tokens',
|
192
192
|
params: params
|
193
193
|
)
|
194
|
-
JSON.parse(response)
|
194
|
+
JSON.parse(response, symbolize_names: true)
|
195
195
|
rescue StandardError => e
|
196
196
|
raise e
|
197
197
|
end
|
@@ -210,7 +210,7 @@ module PWN
|
|
210
210
|
rest_call: 'shodan/ports',
|
211
211
|
params: params
|
212
212
|
)
|
213
|
-
JSON.parse(response)
|
213
|
+
JSON.parse(response, symbolize_names: true)
|
214
214
|
rescue StandardError => e
|
215
215
|
raise e
|
216
216
|
end
|
@@ -229,7 +229,7 @@ module PWN
|
|
229
229
|
rest_call: 'shodan/protocols',
|
230
230
|
params: params
|
231
231
|
)
|
232
|
-
JSON.parse(response)
|
232
|
+
JSON.parse(response, symbolize_names: true)
|
233
233
|
rescue StandardError => e
|
234
234
|
raise e
|
235
235
|
end
|
@@ -253,7 +253,7 @@ module PWN
|
|
253
253
|
params: params,
|
254
254
|
http_body: http_body
|
255
255
|
)
|
256
|
-
JSON.parse(response)
|
256
|
+
JSON.parse(response, symbolize_names: true)
|
257
257
|
rescue StandardError => e
|
258
258
|
raise e
|
259
259
|
end
|
@@ -279,7 +279,7 @@ module PWN
|
|
279
279
|
params: params,
|
280
280
|
http_body: http_body
|
281
281
|
)
|
282
|
-
JSON.parse(response)
|
282
|
+
JSON.parse(response, symbolize_names: true)
|
283
283
|
rescue StandardError => e
|
284
284
|
raise e
|
285
285
|
end
|
@@ -303,7 +303,7 @@ module PWN
|
|
303
303
|
rest_call: "shodan/scan/status/#{scan_id}",
|
304
304
|
params: params
|
305
305
|
)
|
306
|
-
JSON.parse(response)
|
306
|
+
JSON.parse(response, symbolize_names: true)
|
307
307
|
rescue StandardError => e
|
308
308
|
raise e
|
309
309
|
end
|
@@ -322,7 +322,7 @@ module PWN
|
|
322
322
|
rest_call: 'shodan/services',
|
323
323
|
params: params
|
324
324
|
)
|
325
|
-
JSON.parse(response)
|
325
|
+
JSON.parse(response, symbolize_names: true)
|
326
326
|
rescue StandardError => e
|
327
327
|
raise e
|
328
328
|
end
|
@@ -352,7 +352,7 @@ module PWN
|
|
352
352
|
rest_call: 'shodan/query',
|
353
353
|
params: params
|
354
354
|
)
|
355
|
-
JSON.parse(response)
|
355
|
+
JSON.parse(response, symbolize_names: true)
|
356
356
|
rescue StandardError => e
|
357
357
|
raise e
|
358
358
|
end
|
@@ -381,7 +381,7 @@ module PWN
|
|
381
381
|
rest_call: 'shodan/query/tags',
|
382
382
|
params: params
|
383
383
|
)
|
384
|
-
JSON.parse(response)
|
384
|
+
JSON.parse(response, symbolize_names: true)
|
385
385
|
rescue StandardError => e
|
386
386
|
raise e
|
387
387
|
end
|
@@ -400,7 +400,7 @@ module PWN
|
|
400
400
|
rest_call: 'account/profile',
|
401
401
|
params: params
|
402
402
|
)
|
403
|
-
JSON.parse(response)
|
403
|
+
JSON.parse(response, symbolize_names: true)
|
404
404
|
rescue StandardError => e
|
405
405
|
raise e
|
406
406
|
end
|
@@ -437,7 +437,7 @@ module PWN
|
|
437
437
|
rest_call: 'api-info',
|
438
438
|
params: params
|
439
439
|
)
|
440
|
-
JSON.parse(response)
|
440
|
+
JSON.parse(response, symbolize_names: true)
|
441
441
|
rescue StandardError => e
|
442
442
|
raise e
|
443
443
|
end
|
data/lib/pwn/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: pwn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.4.
|
4
|
+
version: 0.4.472
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- 0day Inc.
|
@@ -1018,6 +1018,7 @@ executables:
|
|
1018
1018
|
- pwn_serial_check_voicemail
|
1019
1019
|
- pwn_serial_msr206
|
1020
1020
|
- pwn_serial_qualcomm_commands
|
1021
|
+
- pwn_shodan_search
|
1021
1022
|
- pwn_simple_http_server
|
1022
1023
|
- pwn_web_cache_deception
|
1023
1024
|
- pwn_www_checkip
|
@@ -1078,6 +1079,7 @@ files:
|
|
1078
1079
|
- bin/pwn_serial_check_voicemail
|
1079
1080
|
- bin/pwn_serial_msr206
|
1080
1081
|
- bin/pwn_serial_qualcomm_commands
|
1082
|
+
- bin/pwn_shodan_search
|
1081
1083
|
- bin/pwn_simple_http_server
|
1082
1084
|
- bin/pwn_web_cache_deception
|
1083
1085
|
- bin/pwn_www_checkip
|