pwn 0.4.478 → 0.4.481

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +2 -2
  3. data/README.md +2 -2
  4. data/bin/pwn_perimeter_recon +2 -2
  5. data/bin/pwn_shodan_search +1 -1
  6. data/lib/pwn/plugins/msr206.rb +161 -65
  7. data/lib/pwn/version.rb +1 -1
  8. metadata +6 -6
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: '09d06003d8060cade6a56174ce2237cb1d60044e596117e66b8dd882778bc971'
4
- data.tar.gz: 00d295054465bae88230fd25606a00c10fe635478300b40409af241e99f20322
3
+ metadata.gz: 9982a0cc0ec0ac9abb6f30e3bdb8cfb48328e69683ca48824381133ad235edf1
4
+ data.tar.gz: e0d25785cb24747d2593e622c3338fd37d27bc711bc18577cecd16b71d9ad48a
5
5
  SHA512:
6
- metadata.gz: 5ddbe9550e2d6ecf8f480fc76ffaa2c44b04db21e53e3d617a7cc562ffa26a34e44db6aaee0ad1972c96533a3f91ecec97a1f8159a797db3e994405a7163904b
7
- data.tar.gz: 309fb8124dbf9c76fa24b89b984b32f1e8f11869395e8e95d3bd6ba79f4438ed814475b5329dd0e5f6e660092e5d7f681cb002d4734a3c5f0af0b7a0fe7cd8d2
6
+ metadata.gz: f956e5a528a46aafdc929ff4cc6836423b510d6103bf985193491b1a9c08d69c34da582a1f2aa172d9d9265def2789927f623d9d37b117670242f1f03b613c3a
7
+ data.tar.gz: 26c61de702fb0f1e6047afb53ba36f64f83c331c78553d7c038134a7891d66c682454074207f7a8516e221e66f281d7a0c1a596ae1fc2239171abc02ba076ef3
data/Gemfile CHANGED
@@ -33,12 +33,12 @@ gem 'ipaddress', '0.8.3'
33
33
  gem 'js-beautify', '0.1.8'
34
34
  gem 'json', '2.6.2'
35
35
  gem 'jsonpath', '1.1.2'
36
- gem 'jwt', '2.4.0'
36
+ gem 'jwt', '2.4.1'
37
37
  gem 'luhn', '1.0.2'
38
38
  gem 'mail', '2.7.1'
39
39
  gem 'mongo', '2.17.1'
40
40
  gem 'msfrpc-client', '1.1.2'
41
- gem 'net-ldap', '0.17.0'
41
+ gem 'net-ldap', '0.17.1'
42
42
  gem 'net-openvpn', '0.8.7'
43
43
  gem 'net-smtp', '0.3.1'
44
44
  gem 'nexpose', '7.3.0'
data/README.md CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.1.2@pwn
37
37
  $ rvm list gemsets
38
38
  $ gem install --verbose pwn
39
39
  $ pwn
40
- pwn[v0.4.478]:001 >>> PWN.help
40
+ pwn[v0.4.481]:001 >>> PWN.help
41
41
  ```
42
42
 
43
43
  [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.1.2@pwn
52
52
  $ gem uninstall --all --executables pwn
53
53
  $ gem install --verbose pwn
54
54
  $ pwn
55
- pwn[v0.4.478]:001 >>> PWN.help
55
+ pwn[v0.4.481]:001 >>> PWN.help
56
56
  ```
57
57
 
58
58
 
data/bin/pwn_perimeter_recon CHANGED
@@ -130,7 +130,7 @@ def invoke_burp(opts = {})
130
130
  )
131
131
 
132
132
  File.open(json_results, 'w') do |f|
133
- f.puts scan_issues_hash.to_json
133
+ f.puts JSON.pretty_generate(scan_issues_hash)
134
134
  end
135
135
  puts "#{@green}complete.#{@end_of_color}\n\n\n"
136
136
 
@@ -190,7 +190,7 @@ unless ipinfo.nil?
190
190
 
191
191
  ipinfo_struc = PWN::Plugins::IPInfo.get(ip_or_host: ipinfo_target)
192
192
  File.open(ipinfo_json_results, 'w') do |f|
193
- f.puts ipinfo_struc.to_json
193
+ f.puts JSON.pretty_generate(ipinfo_struc)
194
194
  end
195
195
  end
196
196
  end
data/bin/pwn_shodan_search CHANGED
@@ -73,7 +73,7 @@ begin
73
73
  end
74
74
  end
75
75
  end
76
- File.write(raw_query_results_file, raw_results_arr.to_json)
76
+ File.write(raw_query_results_file, JSON.pretty_generate(raw_results_arr))
77
77
  rescue SystemExit, Interrupt
78
78
  puts "\nGoodbye."
79
79
  end
data/lib/pwn/plugins/msr206.rb CHANGED
@@ -106,6 +106,7 @@ module PWN
106
106
  decoded_data_str = ''
107
107
  if raw_byte_arr
108
108
  raw_byte_arr.first.split.each do |byte_str|
109
+ # TODO: Different case statements for each parity
109
110
  case byte_str
110
111
  when '1B'
111
112
  decoded_data_str += ''
@@ -612,6 +613,7 @@ module PWN
612
613
  msr206_obj: msr206_obj,
613
614
  cmd: type
614
615
  )
616
+ puts exec_resp.inspect
615
617
 
616
618
  print 'Ready to Read. Please Swipe Card Now:'
617
619
  loop do
@@ -620,6 +622,7 @@ module PWN
620
622
  cmd: type
621
623
  )
622
624
 
625
+ puts exec_resp[:msg]
623
626
  break if exec_resp[:msg] == :ack_command_completed
624
627
  end
625
628
 
@@ -659,6 +662,7 @@ module PWN
659
662
  params: [param]
660
663
  )
661
664
  exec_resp[:encoding] = encoding
665
+ exec_resp[:track_format] = [param]
662
666
  puts exec_resp[:decoded]
663
667
  puts exec_resp.inspect
664
668
  track_data_arr.push(exec_resp)
@@ -684,17 +688,20 @@ module PWN
684
688
  params: [param]
685
689
  )
686
690
  exec_resp[:encoding] = encoding
691
+ exec_resp[:track_format] = [param]
687
692
  puts exec_resp[:decoded]
688
693
  puts exec_resp.inspect
689
694
  track_data_arr.push(exec_resp)
690
695
 
691
696
  # 3 byte command
697
+ param = [0x5f] + [param]
692
698
  exec_resp = exec(
693
699
  msr206_obj: msr206_obj,
694
700
  cmd: cmd,
695
- params: [0x5f] + [param]
701
+ params: param
696
702
  )
697
703
  exec_resp[:encoding] = encoding
704
+ exec_resp[:track_format] = param
698
705
  puts exec_resp[:decoded]
699
706
  puts exec_resp.inspect
700
707
  track_data_arr.push(exec_resp)
@@ -705,6 +712,9 @@ module PWN
705
712
  :arm_to_write_with_raw,
706
713
  :arm_to_write_with_raw_speed_prompts
707
714
 
715
+ # TODO: Set Write Density for Tracks Here
716
+ # >>>
717
+
708
718
  if encoding == :iso
709
719
  cmds_arr = %i[
710
720
  load_iso_std_data_for_writing_track1
@@ -712,69 +722,96 @@ module PWN
712
722
  load_iso_std_data_for_writing_track3
713
723
  ]
714
724
 
725
+ # TODO: Get Data by cmd (e.g. load_iso_std_data_for_writing_track1)
715
726
  cmds_arr.each_with_index do |cmd, track|
716
727
  puts "\n*** #{cmd.to_s.gsub('_', ' ').upcase} #{'*' * 17}"
728
+ puts track_data[track][:decoded]
729
+ next if track_data[track][:decoded] == '+'
730
+
717
731
  this_track = track_data[track][:decoded].chars.map do |c|
718
732
  c.unpack1('H*').to_i(16)
719
733
  end
720
- this_track_w_eot = this_track + [0x04]
721
- puts this_track_w_eot.inspect
734
+ track_eot = [0x04]
735
+ track_payload = this_track + track_eot
736
+ puts track_payload.inspect
722
737
  exec_resp = exec(
723
738
  msr206_obj: msr206_obj,
724
739
  cmd: cmd,
725
- params: this_track_w_eot
740
+ params: track_payload
741
+ )
742
+ exec_resp[:encoding] = encoding
743
+ puts exec_resp.inspect
744
+ track_data_arr.push(exec_resp)
745
+ end
746
+ end
747
+
748
+ if encoding == :iso_alt
749
+ cmds_arr = %i[
750
+ alt_load_iso_std_data_for_writing_track1
751
+ alt_load_iso_std_data_for_writing_track2
752
+ alt_load_iso_std_data_for_writing_track3
753
+ ]
754
+
755
+ # TODO: Get Data by cmd (e.g. alt_load_iso_std_data_for_writing_track1)
756
+ cmds_arr.each_with_index do |cmd, track|
757
+ puts "\n*** #{cmd.to_s.gsub('_', ' ').upcase} #{'*' * 17}"
758
+ puts track_data[track][:decoded]
759
+ next if track_data[track][:decoded] == '+'
760
+
761
+ this_track = track_data[track][:decoded].chars.map do |c|
762
+ c.unpack1('H*').to_i(16)
763
+ end
764
+ track_format = track_data[track][:track_format]
765
+ track_eot = [0x04]
766
+ track_payload = track_format + this_track + track_eot
767
+ puts track_payload.inspect
768
+ exec_resp = exec(
769
+ msr206_obj: msr206_obj,
770
+ cmd: cmd,
771
+ params: track_payload
726
772
  )
727
773
  exec_resp[:encoding] = encoding
728
- puts exec_resp[:decoded]
729
774
  puts exec_resp.inspect
730
775
  track_data_arr.push(exec_resp)
731
776
  end
732
777
  end
733
778
 
734
- # if encoding == :iso_alt
735
- # cmds_arr = %i[
736
- # alt_load_iso_std_data_for_writing_track1
737
- # alt_load_iso_std_data_for_writing_track2
738
- # alt_load_iso_std_data_for_writing_track3
739
- # ]
740
-
741
- # cmds_arr.each do |cmd|
742
- # puts "\n*** #{cmd.to_s.gsub('_', ' ').upcase} #{'*' * 17}"
743
- # exec_resp = exec(
744
- # msr206_obj: msr206_obj,
745
- # cmd: cmd
746
- # )
747
- # exec_resp[:encoding] = encoding
748
- # puts exec_resp[:decoded]
749
- # puts exec_resp.inspect
750
- # track_data_arr.push(exec_resp)
751
- # end
752
- # end
753
-
754
- # if encoding == :raw
755
- # cmds_arr = %i[
756
- # load_custom_data_for_writing_track1
757
- # load_custom_data_for_writing_track2
758
- # load_custom_data_for_writing_track3
759
- # ]
760
-
761
- # cmds_arr.each do |cmd|
762
- # puts "\n*** #{cmd.to_s.gsub('_', ' ').upcase} #{'*' * 17}"
763
- # exec_resp = exec(
764
- # msr206_obj: msr206_obj,
765
- # cmd: cmd
766
- # )
767
- # exec_resp[:encoding] = encoding
768
- # puts exec_resp[:decoded]
769
- # puts exec_resp.inspect
770
- # track_data_arr.push(exec_resp)
771
- # end
772
- # end
779
+ if encoding == :raw
780
+ cmds_arr = %i[
781
+ load_custom_data_for_writing_track1
782
+ load_custom_data_for_writing_track2
783
+ load_custom_data_for_writing_track3
784
+ ]
785
+
786
+ # TODO: Get Data by cmd (e.g. load_custom_data_for_writing_track1)
787
+ cmds_arr.each_with_index do |cmd, track|
788
+ puts "\n*** #{cmd.to_s.gsub('_', ' ').upcase} #{'*' * 17}"
789
+ puts track_data[track][:decoded]
790
+ next if track_data[track][:decoded] == '+'
791
+
792
+ this_track = track_data[track][:decoded].chars.map do |c|
793
+ c.unpack1('H*').to_i(16)
794
+ end
795
+ track_format = track_data[track][:track_format]
796
+ track_eot = [0x04]
797
+ track_payload = track_format + this_track + track_eot
798
+ puts track_payload.inspect
799
+ exec_resp = exec(
800
+ msr206_obj: msr206_obj,
801
+ cmd: cmd,
802
+ params: track_payload
803
+ )
804
+ exec_resp[:encoding] = encoding
805
+ puts exec_resp.inspect
806
+ track_data_arr.push(exec_resp)
807
+ end
808
+ end
773
809
 
774
810
  exec_resp = PWN::Plugins::MSR206.exec(
775
811
  msr206_obj: msr206_obj,
776
812
  cmd: type
777
813
  )
814
+ puts exec_resp.inspect
778
815
 
779
816
  print 'Ready to Write. Please Swipe Card Now:'
780
817
  loop do
@@ -880,13 +917,86 @@ module PWN
880
917
  )
881
918
  end
882
919
 
883
- File.write(file, "#{track_data.to_json}\n")
920
+ File.write(file, "#{JSON.pretty_generate(track_data)}\n")
884
921
  exec_resp = exec(
885
922
  msr206_obj: msr206_obj,
886
923
  cmd: :yellow_off
887
924
  )
888
925
 
889
- puts 'complete.'
926
+ track_data
927
+ rescue StandardError => e
928
+ raise e
929
+ end
930
+
931
+ # Supported Method Parameters::
932
+ # PWN::Plugins::MSR206.write_card(
933
+ # msr206_obj: 'required - msr206_obj returned from #connect method',
934
+ # encoding: 'required - :iso || :alt_iso || :raw',
935
+ # track_data: 'requred - track data to write (see #backup_card for structure)'
936
+ # )
937
+
938
+ public_class_method def self.write_card(opts = {})
939
+ msr206_obj = opts[:msr206_obj]
940
+ encoding = opts[:encoding].to_s.scrub.strip.chomp.to_sym
941
+ track_data = opts[:track_data]
942
+
943
+ puts 'IN ORDER TO GET BLANK TRACKS, A STRONG MAGNETIC FIELD MUST BE PRESENT TO FIRST WIPE THE CARD TARGETED FOR WRITING.'
944
+ # puts 'Default Write Current:'
945
+ # exec_resp = exec(
946
+ # msr206_obj: msr206_obj,
947
+ # cmd: :view_default_write_current
948
+ # )
949
+ # puts exec_resp.inspect
950
+
951
+ # puts 'Temporary Write Current:'
952
+ # exec_resp = exec(
953
+ # msr206_obj: msr206_obj,
954
+ # cmd: :view_temp_write_current
955
+ # )
956
+ # puts exec_resp.inspect
957
+
958
+ coercivity = :waiting_for_selection
959
+ loop do
960
+ puts "\nCOERCIVITY OPTIONS:"
961
+ puts '[(H)igh (Black Stripe)]'
962
+ puts '[(L)ow (Brown Stripe)]'
963
+ print 'COERCIVITY LEVEL >>> '
964
+ coercivity_choice = gets.scrub.chomp.strip.upcase.to_sym
965
+
966
+ # Write Current Settings vs. Media Coercivties
967
+ # Media Coercivity (Oersteds)|Write Current Setting*|Typical Usage
968
+ # 300 |36 |Low coercivity
969
+ # 600 | |
970
+ # 1800 | |
971
+ # 3600+ |255 |Typical high corcivity
972
+
973
+ case coercivity_choice
974
+ when :H
975
+ coercivity = [0x32, 0x35, 0x35]
976
+ break
977
+ when :L
978
+ coercivity = [0x30, 0x33, 0x36]
979
+ break
980
+ end
981
+ end
982
+
983
+ exec_resp = exec(
984
+ msr206_obj: msr206_obj,
985
+ cmd: :set_temp_write_current,
986
+ params: coercivity
987
+ )
988
+
989
+ track_data = wait_for_swipe(
990
+ msr206_obj: msr206_obj,
991
+ type: :arm_to_write_no_raw,
992
+ encoding: encoding,
993
+ track_data: track_data
994
+ )
995
+
996
+ exec_resp = PWN::Plugins::MSR206.exec(
997
+ msr206_obj: msr206_obj,
998
+ cmd: :simulate_power_cycle_warm_reset
999
+ )
890
1000
 
891
1001
  track_data
892
1002
  rescue StandardError => e
@@ -908,16 +1018,11 @@ module PWN
908
1018
 
909
1019
  encoding = track_data.first[:encoding] if track_data.length == 3
910
1020
  # TODO: Save Original Card Contents
911
- track_data = wait_for_swipe(
1021
+ write_card(
912
1022
  msr206_obj: msr206_obj,
913
- type: :arm_to_write_no_raw,
914
1023
  encoding: encoding,
915
1024
  track_data: track_data
916
1025
  )
917
-
918
- puts 'complete.'
919
-
920
- track_data
921
1026
  rescue StandardError => e
922
1027
  raise e
923
1028
  end
@@ -970,16 +1075,11 @@ module PWN
970
1075
  encoding = track_data.first[:encoding] if track_data.length == 3
971
1076
 
972
1077
  # TODO: Save Original Card Contents
973
- track_data = wait_for_swipe(
1078
+ write_card(
974
1079
  msr206_obj: msr206_obj,
975
- type: :arm_to_write_no_raw,
976
1080
  encoding: encoding,
977
1081
  track_data: track_data
978
1082
  )
979
-
980
- puts 'complete.'
981
-
982
- track_data
983
1083
  rescue StandardError => e
984
1084
  raise e
985
1085
  end
@@ -1001,15 +1101,11 @@ module PWN
1001
1101
 
1002
1102
  encoding = track_data.first[:encoding] if track_data.length == 3
1003
1103
  # TODO: Save Original Card Contents
1004
- track_data = wait_for_swipe(
1104
+ write_card(
1005
1105
  msr206_obj: msr206_obj,
1006
- type: :arm_to_write_no_raw,
1007
- encoding: encoding
1106
+ encoding: encoding,
1107
+ track_data: track_data
1008
1108
  )
1009
-
1010
- puts 'complete.'
1011
-
1012
- track_data
1013
1109
  rescue StandardError => e
1014
1110
  raise e
1015
1111
  end
data/lib/pwn/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module PWN
4
- VERSION = '0.4.478'
4
+ VERSION = '0.4.481'
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pwn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.478
4
+ version: 0.4.481
5
5
  platform: ruby
6
6
  authors:
7
7
  - 0day Inc.
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-06-06 00:00:00.000000000 Z
11
+ date: 2022-06-07 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -310,14 +310,14 @@ dependencies:
310
310
  requirements:
311
311
  - - '='
312
312
  - !ruby/object:Gem::Version
313
- version: 2.4.0
313
+ version: 2.4.1
314
314
  type: :runtime
315
315
  prerelease: false
316
316
  version_requirements: !ruby/object:Gem::Requirement
317
317
  requirements:
318
318
  - - '='
319
319
  - !ruby/object:Gem::Version
320
- version: 2.4.0
320
+ version: 2.4.1
321
321
  - !ruby/object:Gem::Dependency
322
322
  name: luhn
323
323
  requirement: !ruby/object:Gem::Requirement
@@ -380,14 +380,14 @@ dependencies:
380
380
  requirements:
381
381
  - - '='
382
382
  - !ruby/object:Gem::Version
383
- version: 0.17.0
383
+ version: 0.17.1
384
384
  type: :runtime
385
385
  prerelease: false
386
386
  version_requirements: !ruby/object:Gem::Requirement
387
387
  requirements:
388
388
  - - '='
389
389
  - !ruby/object:Gem::Version
390
- version: 0.17.0
390
+ version: 0.17.1
391
391
  - !ruby/object:Gem::Dependency
392
392
  name: net-openvpn
393
393
  requirement: !ruby/object:Gem::Requirement