pwn 0.4.478 → 0.4.481

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +2 -2
  3. data/README.md +2 -2
  4. data/bin/pwn_perimeter_recon +2 -2
  5. data/bin/pwn_shodan_search +1 -1
  6. data/lib/pwn/plugins/msr206.rb +161 -65
  7. data/lib/pwn/version.rb +1 -1
  8. metadata +6 -6
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: '09d06003d8060cade6a56174ce2237cb1d60044e596117e66b8dd882778bc971'
4
- data.tar.gz: 00d295054465bae88230fd25606a00c10fe635478300b40409af241e99f20322
3
+ metadata.gz: 9982a0cc0ec0ac9abb6f30e3bdb8cfb48328e69683ca48824381133ad235edf1
4
+ data.tar.gz: e0d25785cb24747d2593e622c3338fd37d27bc711bc18577cecd16b71d9ad48a
5
5
  SHA512:
6
- metadata.gz: 5ddbe9550e2d6ecf8f480fc76ffaa2c44b04db21e53e3d617a7cc562ffa26a34e44db6aaee0ad1972c96533a3f91ecec97a1f8159a797db3e994405a7163904b
7
- data.tar.gz: 309fb8124dbf9c76fa24b89b984b32f1e8f11869395e8e95d3bd6ba79f4438ed814475b5329dd0e5f6e660092e5d7f681cb002d4734a3c5f0af0b7a0fe7cd8d2
6
+ metadata.gz: f956e5a528a46aafdc929ff4cc6836423b510d6103bf985193491b1a9c08d69c34da582a1f2aa172d9d9265def2789927f623d9d37b117670242f1f03b613c3a
7
+ data.tar.gz: 26c61de702fb0f1e6047afb53ba36f64f83c331c78553d7c038134a7891d66c682454074207f7a8516e221e66f281d7a0c1a596ae1fc2239171abc02ba076ef3
data/Gemfile CHANGED
@@ -33,12 +33,12 @@ gem 'ipaddress', '0.8.3'
33
33
  gem 'js-beautify', '0.1.8'
34
34
  gem 'json', '2.6.2'
35
35
  gem 'jsonpath', '1.1.2'
36
- gem 'jwt', '2.4.0'
36
+ gem 'jwt', '2.4.1'
37
37
  gem 'luhn', '1.0.2'
38
38
  gem 'mail', '2.7.1'
39
39
  gem 'mongo', '2.17.1'
40
40
  gem 'msfrpc-client', '1.1.2'
41
- gem 'net-ldap', '0.17.0'
41
+ gem 'net-ldap', '0.17.1'
42
42
  gem 'net-openvpn', '0.8.7'
43
43
  gem 'net-smtp', '0.3.1'
44
44
  gem 'nexpose', '7.3.0'
data/README.md CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.1.2@pwn
37
37
  $ rvm list gemsets
38
38
  $ gem install --verbose pwn
39
39
  $ pwn
40
- pwn[v0.4.478]:001 >>> PWN.help
40
+ pwn[v0.4.481]:001 >>> PWN.help
41
41
  ```
42
42
 
43
43
  [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.1.2@pwn
52
52
  $ gem uninstall --all --executables pwn
53
53
  $ gem install --verbose pwn
54
54
  $ pwn
55
- pwn[v0.4.478]:001 >>> PWN.help
55
+ pwn[v0.4.481]:001 >>> PWN.help
56
56
  ```
57
57
 
58
58
 
data/bin/pwn_perimeter_recon CHANGED
@@ -130,7 +130,7 @@ def invoke_burp(opts = {})
130
130
  )
131
131
 
132
132
  File.open(json_results, 'w') do |f|
133
- f.puts scan_issues_hash.to_json
133
+ f.puts JSON.pretty_generate(scan_issues_hash)
134
134
  end
135
135
  puts "#{@green}complete.#{@end_of_color}\n\n\n"
136
136
 
@@ -190,7 +190,7 @@ unless ipinfo.nil?
190
190
 
191
191
  ipinfo_struc = PWN::Plugins::IPInfo.get(ip_or_host: ipinfo_target)
192
192
  File.open(ipinfo_json_results, 'w') do |f|
193
- f.puts ipinfo_struc.to_json
193
+ f.puts JSON.pretty_generate(ipinfo_struc)
194
194
  end
195
195
  end
196
196
  end
data/bin/pwn_shodan_search CHANGED
@@ -73,7 +73,7 @@ begin
73
73
  end
74
74
  end
75
75
  end
76
- File.write(raw_query_results_file, raw_results_arr.to_json)
76
+ File.write(raw_query_results_file, JSON.pretty_generate(raw_results_arr))
77
77
  rescue SystemExit, Interrupt
78
78
  puts "\nGoodbye."
79
79
  end
data/lib/pwn/plugins/msr206.rb CHANGED
@@ -106,6 +106,7 @@ module PWN
106
106
  decoded_data_str = ''
107
107
  if raw_byte_arr
108
108
  raw_byte_arr.first.split.each do |byte_str|
109
+ # TODO: Different case statements for each parity
109
110
  case byte_str
110
111
  when '1B'
111
112
  decoded_data_str += ''
@@ -612,6 +613,7 @@ module PWN
612
613
  msr206_obj: msr206_obj,
613
614
  cmd: type
614
615
  )
616
+ puts exec_resp.inspect
615
617
 
616
618
  print 'Ready to Read. Please Swipe Card Now:'
617
619
  loop do
@@ -620,6 +622,7 @@ module PWN
620
622
  cmd: type
621
623
  )
622
624
 
625
+ puts exec_resp[:msg]
623
626
  break if exec_resp[:msg] == :ack_command_completed
624
627
  end
625
628
 
@@ -659,6 +662,7 @@ module PWN
659
662
  params: [param]
660
663
  )
661
664
  exec_resp[:encoding] = encoding
665
+ exec_resp[:track_format] = [param]
662
666
  puts exec_resp[:decoded]
663
667
  puts exec_resp.inspect
664
668
  track_data_arr.push(exec_resp)
@@ -684,17 +688,20 @@ module PWN
684
688
  params: [param]
685
689
  )
686
690
  exec_resp[:encoding] = encoding
691
+ exec_resp[:track_format] = [param]
687
692
  puts exec_resp[:decoded]
688
693
  puts exec_resp.inspect
689
694
  track_data_arr.push(exec_resp)
690
695
 
691
696
  # 3 byte command
697
+ param = [0x5f] + [param]
692
698
  exec_resp = exec(
693
699
  msr206_obj: msr206_obj,
694
700
  cmd: cmd,
695
- params: [0x5f] + [param]
701
+ params: param
696
702
  )
697
703
  exec_resp[:encoding] = encoding
704
+ exec_resp[:track_format] = param
698
705
  puts exec_resp[:decoded]
699
706
  puts exec_resp.inspect
700
707
  track_data_arr.push(exec_resp)
@@ -705,6 +712,9 @@ module PWN
705
712
  :arm_to_write_with_raw,
706
713
  :arm_to_write_with_raw_speed_prompts
707
714
 
715
+ # TODO: Set Write Density for Tracks Here
716
+ # >>>
717
+
708
718
  if encoding == :iso
709
719
  cmds_arr = %i[
710
720
  load_iso_std_data_for_writing_track1
@@ -712,69 +722,96 @@ module PWN
712
722
  load_iso_std_data_for_writing_track3
713
723
  ]
714
724
 
725
+ # TODO: Get Data by cmd (e.g. load_iso_std_data_for_writing_track1)
715
726
  cmds_arr.each_with_index do |cmd, track|
716
727
  puts "\n*** #{cmd.to_s.gsub('_', ' ').upcase} #{'*' * 17}"
728
+ puts track_data[track][:decoded]
729
+ next if track_data[track][:decoded] == '+'
730
+
717
731
  this_track = track_data[track][:decoded].chars.map do |c|
718
732
  c.unpack1('H*').to_i(16)
719
733
  end
720
- this_track_w_eot = this_track + [0x04]
721
- puts this_track_w_eot.inspect
734
+ track_eot = [0x04]
735
+ track_payload = this_track + track_eot
736
+ puts track_payload.inspect
722
737
  exec_resp = exec(
723
738
  msr206_obj: msr206_obj,
724
739
  cmd: cmd,
725
- params: this_track_w_eot
740
+ params: track_payload
741
+ )
742
+ exec_resp[:encoding] = encoding
743
+ puts exec_resp.inspect
744
+ track_data_arr.push(exec_resp)
745
+ end
746
+ end
747
+
748
+ if encoding == :iso_alt
749
+ cmds_arr = %i[
750
+ alt_load_iso_std_data_for_writing_track1
751
+ alt_load_iso_std_data_for_writing_track2
752
+ alt_load_iso_std_data_for_writing_track3
753
+ ]
754
+
755
+ # TODO: Get Data by cmd (e.g. alt_load_iso_std_data_for_writing_track1)
756
+ cmds_arr.each_with_index do |cmd, track|
757
+ puts "\n*** #{cmd.to_s.gsub('_', ' ').upcase} #{'*' * 17}"
758
+ puts track_data[track][:decoded]
759
+ next if track_data[track][:decoded] == '+'
760
+
761
+ this_track = track_data[track][:decoded].chars.map do |c|
762
+ c.unpack1('H*').to_i(16)
763
+ end
764
+ track_format = track_data[track][:track_format]
765
+ track_eot = [0x04]
766
+ track_payload = track_format + this_track + track_eot
767
+ puts track_payload.inspect
768
+ exec_resp = exec(
769
+ msr206_obj: msr206_obj,
770
+ cmd: cmd,
771
+ params: track_payload
726
772
  )
727
773
  exec_resp[:encoding] = encoding
728
- puts exec_resp[:decoded]
729
774
  puts exec_resp.inspect
730
775
  track_data_arr.push(exec_resp)
731
776
  end
732
777
  end
733
778
 
734
- # if encoding == :iso_alt
735
- # cmds_arr = %i[
736
- # alt_load_iso_std_data_for_writing_track1
737
- # alt_load_iso_std_data_for_writing_track2
738
- # alt_load_iso_std_data_for_writing_track3
739
- # ]
740
-
741
- # cmds_arr.each do |cmd|
742
- # puts "\n*** #{cmd.to_s.gsub('_', ' ').upcase} #{'*' * 17}"
743
- # exec_resp = exec(
744
- # msr206_obj: msr206_obj,
745
- # cmd: cmd
746
- # )
747
- # exec_resp[:encoding] = encoding
748
- # puts exec_resp[:decoded]
749
- # puts exec_resp.inspect
750
- # track_data_arr.push(exec_resp)
751
- # end
752
- # end
753
-
754
- # if encoding == :raw
755
- # cmds_arr = %i[
756
- # load_custom_data_for_writing_track1
757
- # load_custom_data_for_writing_track2
758
- # load_custom_data_for_writing_track3
759
- # ]
760
-
761
- # cmds_arr.each do |cmd|
762
- # puts "\n*** #{cmd.to_s.gsub('_', ' ').upcase} #{'*' * 17}"
763
- # exec_resp = exec(
764
- # msr206_obj: msr206_obj,
765
- # cmd: cmd
766
- # )
767
- # exec_resp[:encoding] = encoding
768
- # puts exec_resp[:decoded]
769
- # puts exec_resp.inspect
770
- # track_data_arr.push(exec_resp)
771
- # end
772
- # end
779
+ if encoding == :raw
780
+ cmds_arr = %i[
781
+ load_custom_data_for_writing_track1
782
+ load_custom_data_for_writing_track2
783
+ load_custom_data_for_writing_track3
784
+ ]
785
+
786
+ # TODO: Get Data by cmd (e.g. load_custom_data_for_writing_track1)
787
+ cmds_arr.each_with_index do |cmd, track|
788
+ puts "\n*** #{cmd.to_s.gsub('_', ' ').upcase} #{'*' * 17}"
789
+ puts track_data[track][:decoded]
790
+ next if track_data[track][:decoded] == '+'
791
+
792
+ this_track = track_data[track][:decoded].chars.map do |c|
793
+ c.unpack1('H*').to_i(16)
794
+ end
795
+ track_format = track_data[track][:track_format]
796
+ track_eot = [0x04]
797
+ track_payload = track_format + this_track + track_eot
798
+ puts track_payload.inspect
799
+ exec_resp = exec(
800
+ msr206_obj: msr206_obj,
801
+ cmd: cmd,
802
+ params: track_payload
803
+ )
804
+ exec_resp[:encoding] = encoding
805
+ puts exec_resp.inspect
806
+ track_data_arr.push(exec_resp)
807
+ end
808
+ end
773
809
 
774
810
  exec_resp = PWN::Plugins::MSR206.exec(
775
811
  msr206_obj: msr206_obj,
776
812
  cmd: type
777
813
  )
814
+ puts exec_resp.inspect
778
815
 
779
816
  print 'Ready to Write. Please Swipe Card Now:'
780
817
  loop do
@@ -880,13 +917,86 @@ module PWN
880
917
  )
881
918
  end
882
919
 
883
- File.write(file, "#{track_data.to_json}\n")
920
+ File.write(file, "#{JSON.pretty_generate(track_data)}\n")
884
921
  exec_resp = exec(
885
922
  msr206_obj: msr206_obj,
886
923
  cmd: :yellow_off
887
924
  )
888
925
 
889
- puts 'complete.'
926
+ track_data
927
+ rescue StandardError => e
928
+ raise e
929
+ end
930
+
931
+ # Supported Method Parameters::
932
+ # PWN::Plugins::MSR206.write_card(
933
+ # msr206_obj: 'required - msr206_obj returned from #connect method',
934
+ # encoding: 'required - :iso || :alt_iso || :raw',
935
+ # track_data: 'requred - track data to write (see #backup_card for structure)'
936
+ # )
937
+
938
+ public_class_method def self.write_card(opts = {})
939
+ msr206_obj = opts[:msr206_obj]
940
+ encoding = opts[:encoding].to_s.scrub.strip.chomp.to_sym
941
+ track_data = opts[:track_data]
942
+
943
+ puts 'IN ORDER TO GET BLANK TRACKS, A STRONG MAGNETIC FIELD MUST BE PRESENT TO FIRST WIPE THE CARD TARGETED FOR WRITING.'
944
+ # puts 'Default Write Current:'
945
+ # exec_resp = exec(
946
+ # msr206_obj: msr206_obj,
947
+ # cmd: :view_default_write_current
948
+ # )
949
+ # puts exec_resp.inspect
950
+
951
+ # puts 'Temporary Write Current:'
952
+ # exec_resp = exec(
953
+ # msr206_obj: msr206_obj,
954
+ # cmd: :view_temp_write_current
955
+ # )
956
+ # puts exec_resp.inspect
957
+
958
+ coercivity = :waiting_for_selection
959
+ loop do
960
+ puts "\nCOERCIVITY OPTIONS:"
961
+ puts '[(H)igh (Black Stripe)]'
962
+ puts '[(L)ow (Brown Stripe)]'
963
+ print 'COERCIVITY LEVEL >>> '
964
+ coercivity_choice = gets.scrub.chomp.strip.upcase.to_sym
965
+
966
+ # Write Current Settings vs. Media Coercivties
967
+ # Media Coercivity (Oersteds)|Write Current Setting*|Typical Usage
968
+ # 300 |36 |Low coercivity
969
+ # 600 | |
970
+ # 1800 | |
971
+ # 3600+ |255 |Typical high corcivity
972
+
973
+ case coercivity_choice
974
+ when :H
975
+ coercivity = [0x32, 0x35, 0x35]
976
+ break
977
+ when :L
978
+ coercivity = [0x30, 0x33, 0x36]
979
+ break
980
+ end
981
+ end
982
+
983
+ exec_resp = exec(
984
+ msr206_obj: msr206_obj,
985
+ cmd: :set_temp_write_current,
986
+ params: coercivity
987
+ )
988
+
989
+ track_data = wait_for_swipe(
990
+ msr206_obj: msr206_obj,
991
+ type: :arm_to_write_no_raw,
992
+ encoding: encoding,
993
+ track_data: track_data
994
+ )
995
+
996
+ exec_resp = PWN::Plugins::MSR206.exec(
997
+ msr206_obj: msr206_obj,
998
+ cmd: :simulate_power_cycle_warm_reset
999
+ )
890
1000
 
891
1001
  track_data
892
1002
  rescue StandardError => e
@@ -908,16 +1018,11 @@ module PWN
908
1018
 
909
1019
  encoding = track_data.first[:encoding] if track_data.length == 3
910
1020
  # TODO: Save Original Card Contents
911
- track_data = wait_for_swipe(
1021
+ write_card(
912
1022
  msr206_obj: msr206_obj,
913
- type: :arm_to_write_no_raw,
914
1023
  encoding: encoding,
915
1024
  track_data: track_data
916
1025
  )
917
-
918
- puts 'complete.'
919
-
920
- track_data
921
1026
  rescue StandardError => e
922
1027
  raise e
923
1028
  end
@@ -970,16 +1075,11 @@ module PWN
970
1075
  encoding = track_data.first[:encoding] if track_data.length == 3
971
1076
 
972
1077
  # TODO: Save Original Card Contents
973
- track_data = wait_for_swipe(
1078
+ write_card(
974
1079
  msr206_obj: msr206_obj,
975
- type: :arm_to_write_no_raw,
976
1080
  encoding: encoding,
977
1081
  track_data: track_data
978
1082
  )
979
-
980
- puts 'complete.'
981
-
982
- track_data
983
1083
  rescue StandardError => e
984
1084
  raise e
985
1085
  end
@@ -1001,15 +1101,11 @@ module PWN
1001
1101
 
1002
1102
  encoding = track_data.first[:encoding] if track_data.length == 3
1003
1103
  # TODO: Save Original Card Contents
1004
- track_data = wait_for_swipe(
1104
+ write_card(
1005
1105
  msr206_obj: msr206_obj,
1006
- type: :arm_to_write_no_raw,
1007
- encoding: encoding
1106
+ encoding: encoding,
1107
+ track_data: track_data
1008
1108
  )
1009
-
1010
- puts 'complete.'
1011
-
1012
- track_data
1013
1109
  rescue StandardError => e
1014
1110
  raise e
1015
1111
  end
data/lib/pwn/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module PWN
4
- VERSION = '0.4.478'
4
+ VERSION = '0.4.481'
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pwn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.478
4
+ version: 0.4.481
5
5
  platform: ruby
6
6
  authors:
7
7
  - 0day Inc.
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-06-06 00:00:00.000000000 Z
11
+ date: 2022-06-07 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -310,14 +310,14 @@ dependencies:
310
310
  requirements:
311
311
  - - '='
312
312
  - !ruby/object:Gem::Version
313
- version: 2.4.0
313
+ version: 2.4.1
314
314
  type: :runtime
315
315
  prerelease: false
316
316
  version_requirements: !ruby/object:Gem::Requirement
317
317
  requirements:
318
318
  - - '='
319
319
  - !ruby/object:Gem::Version
320
- version: 2.4.0
320
+ version: 2.4.1
321
321
  - !ruby/object:Gem::Dependency
322
322
  name: luhn
323
323
  requirement: !ruby/object:Gem::Requirement
@@ -380,14 +380,14 @@ dependencies:
380
380
  requirements:
381
381
  - - '='
382
382
  - !ruby/object:Gem::Version
383
- version: 0.17.0
383
+ version: 0.17.1
384
384
  type: :runtime
385
385
  prerelease: false
386
386
  version_requirements: !ruby/object:Gem::Requirement
387
387
  requirements:
388
388
  - - '='
389
389
  - !ruby/object:Gem::Version
390
- version: 0.17.0
390
+ version: 0.17.1
391
391
  - !ruby/object:Gem::Dependency
392
392
  name: net-openvpn
393
393
  requirement: !ruby/object:Gem::Requirement