pwn 0.4.489 → 0.4.492
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile +2 -2
- data/README.md +2 -2
- data/bin/pwn_nessus_cloud_scan_crud +2 -3
- data/bin/pwn_serial_son_micro_sm132_rfid +7 -1
- data/lib/pwn/plugins/msr206.rb +5 -6
- data/lib/pwn/plugins/nessus_cloud.rb +2 -2
- data/lib/pwn/plugins/son_micro_rfid.rb +3 -10
- data/lib/pwn/version.rb +1 -1
- metadata +6 -6
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: c322dc457a88e28d2bd2b87830653da3e167a7c25c7cea9b5df5d8e8ae7a1ae3
|
4
|
+
data.tar.gz: 770907db6691c4f639a40d497e6084952c554e1289cad3ba02b2bd37d4136134
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: abfc7d67a3cf2b18c25e771d648fb9c6f7c1ab6483a96958ff45b962b55612c7961f0ab094abbd7b272a2dcd1aa6b3a43dc00ff9ae6b1d33cff9ac3af53a6303
|
7
|
+
data.tar.gz: b73297289b1cfb8feb41381b66e93c9b22e3027b39cbb502ffc79f20d850fbebff4eb134fea232639e9b93f94cf571143a2fd7454d567ad77689aaeb017620a3
|
data/Gemfile
CHANGED
@@ -18,7 +18,7 @@ gem 'aws-sdk', '3.1.0'
|
|
18
18
|
gem 'bettercap', '1.6.2'
|
19
19
|
gem 'brakeman', '5.2.3'
|
20
20
|
gem 'bson', '4.15.0'
|
21
|
-
gem 'bundler', '>=2.3.
|
21
|
+
gem 'bundler', '>=2.3.16'
|
22
22
|
gem 'bundler-audit', '0.9.1'
|
23
23
|
gem 'bunny', '2.19.0'
|
24
24
|
gem 'colorize', '0.8.1'
|
@@ -73,7 +73,7 @@ gem 'sinatra', '2.2.0'
|
|
73
73
|
gem 'slack-ruby-client', '1.1.0'
|
74
74
|
gem 'socksify', '1.7.1'
|
75
75
|
gem 'spreadsheet', '1.3.0'
|
76
|
-
gem 'sqlite3', '1.4.
|
76
|
+
gem 'sqlite3', '1.4.4'
|
77
77
|
gem 'thin', '1.8.1'
|
78
78
|
gem 'tty-prompt', '0.23.1'
|
79
79
|
gem 'watir', '7.1.0'
|
data/README.md
CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.1.2@pwn
|
|
37
37
|
$ rvm list gemsets
|
38
38
|
$ gem install --verbose pwn
|
39
39
|
$ pwn
|
40
|
-
pwn[v0.4.
|
40
|
+
pwn[v0.4.492]:001 >>> PWN.help
|
41
41
|
```
|
42
42
|
|
43
43
|
[](https://youtu.be/G7iLUY4FzsI)
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.1.2@pwn
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
53
53
|
$ gem install --verbose pwn
|
54
54
|
$ pwn
|
55
|
-
pwn[v0.4.
|
55
|
+
pwn[v0.4.492]:001 >>> PWN.help
|
56
56
|
```
|
57
57
|
|
58
58
|
|
@@ -67,7 +67,7 @@ OptionParser.new do |options|
|
|
67
67
|
opts[:starttime] = t
|
68
68
|
end
|
69
69
|
|
70
|
-
options.on('-rRRULES', '--rrules=RRULES', '<Optional - For One-Time Scans, the Starting Time and Date for the Scan (Defaults to "FREQ=
|
70
|
+
options.on('-rRRULES', '--rrules=RRULES', '<Optional - For One-Time Scans, the Starting Time and Date for the Scan (Defaults to "FREQ=null;INTERVAL=0;BYDAY=null")>') do |r|
|
71
71
|
opts[:rrules] = r
|
72
72
|
end
|
73
73
|
|
@@ -147,7 +147,7 @@ begin
|
|
147
147
|
starttime ||= Time.now.strftime('%Y%m%dT%H%M%S')
|
148
148
|
|
149
149
|
rrules = opts[:rrules]
|
150
|
-
rrules ||= 'FREQ=
|
150
|
+
rrules ||= 'FREQ=null;INTERVAL=0;BYDAY=null'
|
151
151
|
|
152
152
|
timezone = opts[:timezone]
|
153
153
|
timezone ||= 'UTC'
|
@@ -218,7 +218,6 @@ begin
|
|
218
218
|
name: scan_template_name
|
219
219
|
)
|
220
220
|
scan_template_uuid = scan_template[:uuid]
|
221
|
-
puts scan_template_uuid
|
222
221
|
|
223
222
|
# Part 2: Populate settings object from options passed to driver
|
224
223
|
settings = {}
|
@@ -67,7 +67,13 @@ begin
|
|
67
67
|
son_micro_rfid_obj: son_micro_rfid_obj,
|
68
68
|
cmd: :firmware
|
69
69
|
)
|
70
|
-
|
70
|
+
|
71
|
+
firmware_decoded = ''
|
72
|
+
exec_resp.last[:hex_resp].split.each do |byte_str|
|
73
|
+
firmware_decoded += [byte_str].pack('H*')
|
74
|
+
end
|
75
|
+
|
76
|
+
puts "Firmware Version: #{firmware_decoded.scrub.strip.chomp}"
|
71
77
|
|
72
78
|
# Main Menu
|
73
79
|
menu_msg = ''
|
data/lib/pwn/plugins/msr206.rb
CHANGED
@@ -615,7 +615,7 @@ module PWN
|
|
615
615
|
)
|
616
616
|
puts exec_resp.inspect
|
617
617
|
|
618
|
-
print '
|
618
|
+
print 'Reader Activated. Please Swipe Card...'
|
619
619
|
loop do
|
620
620
|
exec_resp = parse_responses(
|
621
621
|
msr206_obj: msr206_obj,
|
@@ -813,7 +813,7 @@ module PWN
|
|
813
813
|
)
|
814
814
|
puts exec_resp.inspect
|
815
815
|
|
816
|
-
print '
|
816
|
+
print 'Writer Activated. Please Swipe Card...'
|
817
817
|
loop do
|
818
818
|
exec_resp = parse_responses(
|
819
819
|
msr206_obj: msr206_obj,
|
@@ -923,6 +923,8 @@ module PWN
|
|
923
923
|
cmd: :yellow_off
|
924
924
|
)
|
925
925
|
|
926
|
+
puts 'complete.'
|
927
|
+
|
926
928
|
track_data
|
927
929
|
rescue StandardError => e
|
928
930
|
raise e
|
@@ -1017,7 +1019,6 @@ module PWN
|
|
1017
1019
|
)
|
1018
1020
|
|
1019
1021
|
encoding = track_data.first[:encoding] if track_data.length == 3
|
1020
|
-
# TODO: Save Original Card Contents
|
1021
1022
|
write_card(
|
1022
1023
|
msr206_obj: msr206_obj,
|
1023
1024
|
encoding: encoding,
|
@@ -1061,6 +1062,7 @@ module PWN
|
|
1061
1062
|
)
|
1062
1063
|
end
|
1063
1064
|
|
1065
|
+
# Read Card from Backup
|
1064
1066
|
track_data = JSON.parse(
|
1065
1067
|
File.read(file),
|
1066
1068
|
symbolize_names: true
|
@@ -1071,10 +1073,7 @@ module PWN
|
|
1071
1073
|
cmd: :yellow_off
|
1072
1074
|
)
|
1073
1075
|
|
1074
|
-
# Read Card from Backup
|
1075
1076
|
encoding = track_data.first[:encoding] if track_data.length == 3
|
1076
|
-
|
1077
|
-
# TODO: Save Original Card Contents
|
1078
1077
|
write_card(
|
1079
1078
|
msr206_obj: msr206_obj,
|
1080
1079
|
encoding: encoding,
|
@@ -431,13 +431,13 @@ module PWN
|
|
431
431
|
|
432
432
|
public_class_method def self.create_scan(opts = {})
|
433
433
|
nessus_obj = opts[:nessus_obj]
|
434
|
-
|
434
|
+
scan_template_uuid = opts[:scan_template_uuid]
|
435
435
|
settings = opts[:settings]
|
436
436
|
credentials = opts[:credentials]
|
437
437
|
plugins = opts[:plugins]
|
438
438
|
|
439
439
|
http_body = {
|
440
|
-
uuid:
|
440
|
+
uuid: scan_template_uuid,
|
441
441
|
settings: settings,
|
442
442
|
credentials: credentials,
|
443
443
|
plugins: plugins
|
@@ -149,7 +149,6 @@ module PWN
|
|
149
149
|
end
|
150
150
|
next_response_detected = false
|
151
151
|
last_a_cmd_r_len = a_cmd_r_len
|
152
|
-
print "\n"
|
153
152
|
|
154
153
|
# Third byte
|
155
154
|
expected_cmd_resp_byte_len = cmd_resp.split[2].to_i(16) + 4
|
@@ -172,17 +171,10 @@ module PWN
|
|
172
171
|
|
173
172
|
# puts "\nALL CMD RESPS >>>"
|
174
173
|
# puts "#{all_cmd_responses}\n\n\n"
|
175
|
-
decoded = ''
|
176
|
-
cmd_resp.split.each do |byte_str|
|
177
|
-
decoded += [byte_str].pack('H*')
|
178
|
-
end
|
179
|
-
|
180
174
|
parsed_cmd_resp_hash = {}
|
181
|
-
parsed_cmd_resp_hash[:raw_resp] = PWN::Plugins::Serial.dump_session_data.inspect
|
182
|
-
parsed_cmd_resp_hash[:hex_resp] = cmd_resp
|
183
|
-
parsed_cmd_resp_hash[:decoded_resp] = decoded.to_s.scrub.strip.chomp
|
184
175
|
parsed_cmd_resp_hash[:cmd_hex] = cmd_hex
|
185
176
|
parsed_cmd_resp_hash[:cmd_desc] = cmd.to_sym
|
177
|
+
parsed_cmd_resp_hash[:hex_resp] = cmd_resp
|
186
178
|
resp_code = '?'
|
187
179
|
|
188
180
|
# TODO: Detect EMV
|
@@ -348,7 +340,7 @@ module PWN
|
|
348
340
|
|
349
341
|
public_class_method def self.read_card(opts = {})
|
350
342
|
son_micro_rfid_obj = opts[:son_micro_rfid_obj]
|
351
|
-
print '
|
343
|
+
print 'Reader Activated. Please Scan Card...'
|
352
344
|
exec_resp = exec(
|
353
345
|
son_micro_rfid_obj: son_micro_rfid_obj,
|
354
346
|
cmd: :seek_for_tag
|
@@ -399,6 +391,7 @@ module PWN
|
|
399
391
|
end
|
400
392
|
File.write(file, "#{JSON.pretty_generate(rfid_data)}\n")
|
401
393
|
|
394
|
+
puts 'complete.'
|
402
395
|
rfid_data
|
403
396
|
rescue StandardError => e
|
404
397
|
raise e
|
data/lib/pwn/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: pwn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.4.
|
4
|
+
version: 0.4.492
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- 0day Inc.
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-06-
|
11
|
+
date: 2022-06-15 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|
@@ -114,14 +114,14 @@ dependencies:
|
|
114
114
|
requirements:
|
115
115
|
- - ">="
|
116
116
|
- !ruby/object:Gem::Version
|
117
|
-
version: 2.3.
|
117
|
+
version: 2.3.16
|
118
118
|
type: :development
|
119
119
|
prerelease: false
|
120
120
|
version_requirements: !ruby/object:Gem::Requirement
|
121
121
|
requirements:
|
122
122
|
- - ">="
|
123
123
|
- !ruby/object:Gem::Version
|
124
|
-
version: 2.3.
|
124
|
+
version: 2.3.16
|
125
125
|
- !ruby/object:Gem::Dependency
|
126
126
|
name: bundler-audit
|
127
127
|
requirement: !ruby/object:Gem::Requirement
|
@@ -870,14 +870,14 @@ dependencies:
|
|
870
870
|
requirements:
|
871
871
|
- - '='
|
872
872
|
- !ruby/object:Gem::Version
|
873
|
-
version: 1.4.
|
873
|
+
version: 1.4.4
|
874
874
|
type: :runtime
|
875
875
|
prerelease: false
|
876
876
|
version_requirements: !ruby/object:Gem::Requirement
|
877
877
|
requirements:
|
878
878
|
- - '='
|
879
879
|
- !ruby/object:Gem::Version
|
880
|
-
version: 1.4.
|
880
|
+
version: 1.4.4
|
881
881
|
- !ruby/object:Gem::Dependency
|
882
882
|
name: thin
|
883
883
|
requirement: !ruby/object:Gem::Requirement
|