pwn 0.4.500 → 0.4.503

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1ddeb175b453fa39b85ee78df15d9e1d041a1e83b16b0fbb3ff12f40084a0e29
-  data.tar.gz: c9a4bd815d7e80824d220ba4b36b81921866cec1c0bd449bb977e646ab1e4137
+  metadata.gz: b596bbfaab1c2c5442b6be7e46c63fa7b2d9b7c3daa370bc8cfdea68b7e0e039
+  data.tar.gz: 79137ee35bdb6a599eba227124da98567776d6dec5593f8b44681fa95f543f2f
 SHA512:
-  metadata.gz: df0ab5450cafeb7e8f2af05a08f2c14170b5b9a0129d416d5e92db9ea0fa5e095278cc3abcdab2b4417b534e16a52a9be9877101871d18ce3abf591cab88d0ff
-  data.tar.gz: 4849a551aa69d9774bbc798a2a3393987ac2a1eb527ff498ed50d653904cfb24edec414c037f49dd909bbc430cc3f6f2442095328c76fded221e82f3f8e7cc29
+  metadata.gz: ac749d01182f84dc41213be5d947d7f5ed18d4b35397ebebffe470a9f7cbd175d42d6b3e36f20274bac7565348659ceca01fa21af66af934d1cc4a79263e745e
+  data.tar.gz: 2cd0bbfe6ab55336a62a878b8b55c503f345c46c5cb2b7648fc39761d45b08f045c3ff4426cc6f734350ce5ef03988e08b7125d5e18e89f888f43434ab864eeb

data/CHANGELOG_BETWEEN_TAGS.txt

@@ -0,0 +1,108 @@
+e761590 Gemfile - include whois-parser gem
+9125ac9 Gemfile - include whois gem
+8e280b1 pwn_nessus_cloud_scan_crud Driver - add tags to assets #bugfix
+282d8b6 pwn_nessus_cloud_scan_crud Driver - add tags to assets #bugfix
+e447047 pwn_nessus_cloud_scan_crud Driver - add tags to assets #bugfix
+15faf7b pwn_nessus_cloud_scan_crud Driver - add tags to assets
+c468e7b pwn_nessus_cloud_scan_crud Driver - disable schedule by default
+45a5eb6 pwn_nessus_cloud_scan_crud Driver - timezone && starttime default to nil
+09fe8a6 pwn_nessus_cloud_scan_crud Driver - rrules default to FREQ=null
+3b4c6c2 pwn_nessus_cloud_scan_crud Driver - bugfix in UUID
+e986c98 pwn_serial_son_micro_sm132_rfid Driver - slightly better output to stdout #bugfix
+45113bc pwn_serial_son_micro_sm132_rfid Driver - slightly better output to stdout #bugfix
+6c24858 pwn_serial_son_micro_sm132_rfid Driver - slightly better output to stdout #bugfix
+e4f9869 pwn_serial_son_micro_sm132_rfid Driver - slightly better output to stdout #bugfix
+b2a416c pwn_serial_son_micro_sm132_rfid Driver - slightly better output to stdout
+13e7540 pwn_serial_son_micro_sm132_rfid Driver - slightly better output to stdout
+a7efffd pwn_serial_son_micro_sm132_rfid Driver - initial commit
+b8427fd pwn_serial_mar206 Driver - remove redundant edit card option in favor of load card from file
+41da7df PWN::Plugins::MSR206 module - slight #tweak to coercivity menu
+3281c7d PWN::Plugins::MSR206 module - begin supporting iso_alt and raw writing modes
+89fd44c PWN::Plugins::MSR206 module - support high and low coercivity writes in #write_card method
+6a58842 PWN::Plugins::MSR206 module - pretty print JSON data in backup file w/in #backup_card method
+a9175b1 pwn_serial_msr206 Driver - working copy and load from file (i.e. write to card initial support)
+e529993 pwn_serial_msr206 Driver - working copy and load from file (i.e. write to card initial support)
+e0273b7 pwn_serial_msr206 Driver - implement alt ISO decoding and raw reading modes to support reading non-standard cards (e.g. metrocards)
+b87c22e pwn_shodan_search - array of hashes in json output #tweak
+e380835 pwn_shodan_search - array of hashes in json output
+1d8a0e8 pwn_shodan_search - bugfix in json output
+c4e4fb9 pwn_shodan_search - intial working commit #bugfix
+17111dd pwn_shodan_search - intial working commit #bugfix
+8e1715a pwn_shodan_search - intial working commit
+38f3bd8 PWN::Plugins::Shodan module - symbolize key names in method responses
+045796f pwn_serial_msr206 Driver - Reserve yellow led for minor errors #bugfix
+a051b7f pwn_serial_msr206 Driver - Reserve yellow led for minor errors
+cf398ad pwn_serial_msr206 Driver - (B)ackup Card #working
+53256f4 pwn_serial_msr206 Driver - display configuration bits at start && bugfix with error handling
+a56a1a2 pwn_serial_msr206 Driver - remove yellow_on debug output
+3dc8d41 pwn_serial_msr206 Driver - Working Card Read
+809e74b pwn_serial_msr206 Driver - Initial commit
+43755ab PWN::Plugins::BusPirate module - #bugfix in call to PWN::Plugins::Serial.request method
+ccc167a PWN::Plugins::BusPirate module - #bugfix in call to PWN::Plugins::Serial.request method
+c048f2c PWN::Plugins::Serial, PWN::Plugins::SonMicroRFID, & PWN::Plugins::MSR206 modules - cleanup some redudant methods, make requests over serial more reliable, and work towards better response output
+f31caad PWN::Plugins::MSR206 module - more refinements
+4eb6060 PWN::Plugins::MSR206 module - implement #list_cmds && #exec methods #rubocop
+96de906 PWN::Plugins::MSR206 module - implement #list_cmds && #exec methods
+79fe42a PWN::Plugins::MSR206 module - initial non-working commit (redact msr gem in favor of 100% ruby native module)
+13b0e31 PWN::Plugins::MSR206 module - initial non-working commit
+15fb720 pwn_nessus_cloud_scan_crud && pwn_nessus_cloud_vulnscan Drivers - rename pwn_nessus_cloud_create_scan to reflect ability to create, read, update, & delete scans #bugfix
+68a92cc PWN::Plugins::NessusCloud module - implement HTTP PUT method in #nessus_cloud_rest_call
+267b389 pwn_nessus_cloud_scan_crud Driver - rename pwn_nessus_cloud_create_scan to reflect ability to create, read, update, & delete scans
+94bb346 pwn_nessus_cloud_create_scan Driver - add tag uuid to settinggs[:tag_targets] instead of tag name #bugfix
+a33c3e0 pwn_nessus_cloud_create_scan Driver - add tag uuid to settinggs[:tag_targets] instead of tag name
+d1ae4f6 pwn_nessus_cloud_create_scan Driver - add debugging to #get_tag_values call to understand condition required to trigger #create_tag method #bugfix
+2eb9500 pwn_nessus_cloud_create_scan Driver - add debugging to #get_tag_values call to understand condition required to trigger #create_tag method
+f77a454 pwn_nessus_cloud_create_scan Driver - add debugging to #get_tag_values call to understand condition required to trigger #create_tag method
+486a5a2 PWN::Plugins::NessusCloud module - refactor #get_tags method #bugfix
+a59ad8d PWN::Plugins::NessusCloud module - refactor #get_tags method #bugfix
+22c4559 PWN::Plugins::NessusCloud module - refactor #get_tags method #bugfix
+550779a PWN::Plugins::NessusCloud module - refactor #get_tags method #bugfix
+f13218f PWN::Plugins::NessusCloud module - refactor #get_tags method
+e9b1a1b pwn_nessus_cloud_create_scan Driver - add --tag-category-name feature #rubocop
+7e347e3 pwn_nessus_cloud_create_scan Driver - add --tag-category-name feature
+478ec25 pwn_nessus_cloud_create_scan Driver - add --tag-targets feature
+a02f88b pwn_nessus_cloud_create_scan Driver - more code refinement
+1999189 pwn_nessus_cloud_create_scan Driver - more code refinement
+654c50d PWN::Plugins::NessusCloud module - #bugfix in #create_scan method
+b752378 pwn_nessus_cloud_create_scan Driver - tag_targets_arr #bugfix
+7719f22 pwn_nessus_cloud_create_scan Driver - credentials key #bugfix
+906a607 pwn_nessus_cloud_create_scan Driver - migrate credentials && plugins objeects into YAML config since the structure is so diverse depending on the object used (e.g. Windows vs SSH vs etc.)
+3a6e477 pwn_nessus_cloud_create_scan Driver - closer to working commit
+3e264d8 pwn_nessus_cloud_create_scan Driver - get target network UUID for --target-network-name
+75b2d64 pwn_nessus_cloud_create_scan && pwn_nessus_cloud_vulscan Drivers - more additions and migrating certain logic to plugin in an effort to reduce code redundancy in drivers
+0cdc0ce pwn_nessus_cloud_create_scan Driver - more additions
+cc95e2b pwn_nessus_cloud_create_scan Driver - add policy parameter
+2115eb3 pwn_nessus_cloud_create_scan Driver - add policy parameter
+ac67b0f pwn_nessus_cloud_create_scan Driver - initial non-working commit #tweaks #bugfix
+84ac773 pwn_nessus_cloud_create_scan Driver - initial non-working commit #tweaks #rubocop_fixes
+8a841d8 pwn_nessus_cloud_create_scan Driver - initial non-working commit #tweaks
+3fd2f1b pwn_nessus_cloud_create_scan Driver - initial non-working commit #tweaks
+9119659 PWN::Plugins::NessusCloud - add #list_scan_templates method && pwn_nessus_cloud_create_scan Driver - initial non-working commit
+a434c66 PWN::Plugins::CreditCard module - add #type method to aid in reversing weak generation methods used by some financial institutions #rubocop
+29fce17 PWN::Plugins::CreditCard module - add #type method to aid in reversing weak generation methods used by some financial institutions
+a1f7bf1 PWN::Plugins::SerialPort module - fix missing method #wait_readable #bugfix
+f4c91d6 pwn.gemspec - Specify requirements for only the minor Ruby version, not patch (i.e. 3.1.x)
+baecc3b pwn.gemspec - Support ruby-3.1.2p20
+1e80a2b .ruby-version - Support ruby-3.1.2p20
+bd770d0 .ruby-version - Support ruby-3.1.2p20
+68958e3 .ruby-version - Support ruby-3.1.2p20 - i.e. >= Preview 20
+947fbe3 PWN::VERSION - bump gem version
+ac9387b PWN::SAST::Signature module - initial commit
+67e9cde Packer provisioners - include env when setting user var, PWN_PROVIDER #bugfix
+066da28 Packer provisioners - include env when setting user var, PWN_PROVIDER #bugfix
+b1c87af *.sh in pwn repo root - bugfix in PWN_ROOT assignment when building within cloned ssrc
+ab3eb54 *.sh in pwn repo root - bugfix in PWN_ROOT assignment when building within cloned ssrc
+31bfdb9 Packer & Vagrant - fix bug in PWN_ROOT assignment when generating /etc/profile.d/pwn_envs.sh AND redirect STDERR to /dev/null when assigining PWN_ROOT
+21db2bc Packer & Vagrant - fix bug in PWN_ROOT assignment when generating /etc/profile.d/pwn_envs.sh
+007dc4d Packer & Vagrant - fix bug in PWN_ROOT assignment when generating /etc/profile.d/pwn_envs.sh
+917a82b .ruby-version - address weird versioning issue
+41fa60e .ruby-version - Bump to 3.1.2 #rubocop_fixes
+5d51b69 .ruby-version - Bump to 3.1.2
+a225371 PWN::SAST::* modules - fix NIST 800-53 links to show respective control desc for SAST module #bugfix
+321e5ea Packer && Vagrant - ensure PWN_ROOT reflects path of latest installed pwn gem
+eb5e59d PWN::Banner::* - slight tweaks
+959941d Gemfile && PWN::Plugins::CreditCard - reinstate module w/ compatible version of credit_card_validations (i.e.  5.0.0)
+3133eb6 pwn REPL driver - implement welcome-banner command in REPL session to display example usage on demand
+831d253 PWN::SAST::HTTPAuthorizationHeader module - initial commit
+611bbf0 PWN::Plugins::RabbitMQHole to PWN::Plugins::RabbitMQ module - update rdoc to include port parameter
+87e1ef5 PWN REPL driver - regress colors back to ansi strings to avoid readline issues on prompt && rename PWN::Plugins::RabbitMQHole to PWN::Plugins::RabbitMQ and include a port parameter that can be passed to the #open method

data/Gemfile

@@ -47,7 +47,7 @@ gem 'oily_png', '1.2.1'
 gem 'os', '1.1.4'
 gem 'packetfu', '1.1.13'
 gem 'pdf-reader', '2.10.0'
-gem 'pg', '1.3.5'
+gem 'pg', '1.4.0'
 gem 'pry', '0.14.1'
 gem 'pry-doc', '1.3.0'
 gem 'rake', '13.0.6'

data/README.md

@@ -37,7 +37,7 @@ $ rvm use ruby-3.1.2@pwn
 $ rvm list gemsets
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.500]:001 >>> PWN.help
+pwn[v0.4.503]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.1.2@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.500]:001 >>> PWN.help
+pwn[v0.4.503]:001 >>> PWN.help
 ```
 
 

data/bin/pwn_android_war_dialer

@@ -91,11 +91,18 @@ begin
     # Record Call
     pid_to_kill = 0
     wav_file = "#{wav_archive}/#{target_num}-#{start_timestamp}.wav"
-    sox_params = "-d #{wav_file} trim 0 #{seconds_to_record}"
 
     puts red
     puts "Recording Duration: #{seconds_to_record}s"
-    system(sox_bin, sox_params)
+    system(
+      sox_bin,
+      '-d',
+      wav_file,
+      'trim',
+      '0',
+      seconds_to_record.to_s
+    )
+
     puts 'Complete.'
     puts end_of_color
 
@@ -109,11 +116,27 @@ begin
 
     puts cayan
     puts 'Generating Audio Spectrogram...'
-    sox_params = "#{wav_file} -n spectrogram -o #{wav_file}-spectrogram.png -d #{seconds_to_record}"
-    system(sox_bin, sox_params)
+    system(
+      sox_bin,
+      wav_file,
+      '-n',
+      'spectrogram',
+      '-o',
+      "#{wav_file}-spectrogram.png",
+      '-d',
+      seconds_to_record.to_s
+    )
+
     puts 'Generating Audio Waveform...'
-    waveform_params = "-c '#FF0000' -b '#000000' -F #{wav_file} #{wav_file}-waveform.png"
-    system(waveform_bin, waveform_params)
+    system(
+      waveform_bin,
+      '-c',
+      '#FF0000',
+      '-b',
+      '#000000',
+      '-F',
+      "#{wav_file} #{wav_file}-waveform.png"
+    )
     puts 'Complete.'
     puts end_of_color
 

data/bin/pwn_arachni

@@ -117,14 +117,39 @@ begin
   end
 
   # Kick off scan as defined by pwn_arachni flags
-  system("sudo /bin/bash --login -c \"#{arachni_cmd_str}\"")
+  system(
+    'sudo',
+    '/bin/bash',
+    '--login',
+    '-c',
+    arachni_cmd_str
+  )
 
   # Report Scan Results
-  system("sudo /bin/bash --login -c \"arachni_reporter #{output_dir}/arachni_results.afr --reporter=html:outfile=#{output_dir}/arachni_results.html.zip\"")
-  system("sudo /bin/bash --login -c \"arachni_reporter #{output_dir}/arachni_results.afr --reporter=json:outfile=#{output_dir}/arachni_results.json\"")
+  system(
+    'sudo',
+    '/bin/bash',
+    '--login',
+    '-c',
+    "arachni_reporter #{output_dir}/arachni_results.afr --reporter=html:outfile=#{output_dir}/arachni_results.html.zip"
+  )
+
+  system(
+    'sudo',
+    '/bin/bash',
+    '--login',
+    '-c',
+    "arachni_reporter #{output_dir}/arachni_results.afr --reporter=json:outfile=#{output_dir}/arachni_results.json"
+  )
 
   # Unzip Results in Output Dir
-  system("sudo /bin/bash --login -c \"cd #{output_dir} && unzip -o arachni_results.html.zip\"")
+  system(
+    'sudo',
+    '/bin/bash',
+    '--login',
+    '-c',
+    "cd #{output_dir} && unzip -o arachni_results.html.zip"
+  )
 rescue StandardError, SystemExit, Interrupt => e
   raise e
 ensure

data/bin/pwn_fuzz_net_app_proto

@@ -145,5 +145,12 @@ if start_reporting_server
   end
   puts "For Scan Results Navigate to: http://127.0.0.1:#{listen_port}/pwn_fuzz_net_app_proto.html"
   simple_http_server_params = "-i #{listen_ip} -p #{listen_port}"
-  system("cd #{dir_path} && pwn_simple_http_server #{simple_http_server_params}")
+  Dir.chdir(dir_path)
+  system(
+    'pwn_simple_http_server',
+    '-i',
+    listen_ip,
+    '-p',
+    listen_port.to_s
+  )
 end

data/bin/pwn_perimeter_recon

@@ -218,7 +218,15 @@ unless nmap_path == ''
       # Eyewitness Nmap XML Results
       unless eyewitness_path == ''
         print "#{@green}Eyewitness Nmap XML Results...#{@end_of_color}"
-        system("#{eyewitness_path} -x '#{nmap_xml_results}' -d '#{output_dir}/#{nmap_target}-#{@runtime_timestamp}' --no-prompt --all-protocols")
+        system(
+          eyewitness_path,
+          '-x',
+          nmap_xml_results,
+          '-d',
+          "#{output_dir}/#{nmap_target}-#{@runtime_timestamp}",
+          '--no-prompt',
+          '--all-protocols'
+        )
       end
 
       PWN::Plugins::NmapIt.parse_xml_results(xml_file: nmap_xml_results) do |xml|

data/bin/pwn_sast

@@ -147,7 +147,7 @@ begin
 
   # Start Simple HTTP Server (If Requested)
   if start_reporting_server
-    listen_port = Random.rand(1_025..65_535)
+    listen_port = Random.rand(1_025..65_535).to_s
 
     if pwn_provider == 'docker'
       listen_ip = '0.0.0.0'
@@ -156,7 +156,14 @@ begin
     end
 
     puts "For Scan Results Navigate to: http://127.0.0.1:#{listen_port}/pwn_scan_git_source.html"
-    system("cd #{dir_path} && pwn_simple_http_server -i #{listen_ip} -p #{listen_port}")
+    Dir.chdir(dir_path)
+    system(
+      'pwn_simple_http_server',
+      '-i',
+      listen_ip,
+      '-p',
+      listen_port
+    )
   end
 rescue SystemExit, Interrupt
   puts "\nGoodbye."

data/bin/pwn_simple_http_server

@@ -35,7 +35,17 @@ else
 end
 
 begin
-  system("thin start --adapter file --address #{bind_ip} --port #{port} --threaded --debug")
+  system(
+    'thin',
+    'start',
+    '--adapter file',
+    '--address',
+    bind_ip,
+    '--port',
+    port.to_s,
+    '--threaded',
+    '--debug'
+  )
 rescue RuntimeError
   puts "WARNING: Service Already Listening on TCP #{port}..."
   port = Random.rand(1_025..65_535)

data/git_commit_test_reinit_gem.sh

@@ -21,6 +21,9 @@ if (( $# == 3 )); then
     this_version=`ruby -r 'pwn' -e 'print PWN::VERSION'`
     echo "Tagging: ${this_version}"
     git tag $this_version
+    last_tag=$(git tag | tail -n 2 | head -n 1)
+    this_tag=$(git tag | tail -n 1)
+    git log $last_tag...$this_tag --oneline > CHANGELOG_BETWEEN_TAGS.txt
   fi
 else
   usage

data/lib/pwn/plugins/bus_pirate.rb

@@ -8,7 +8,6 @@ module PWN
     module BusPirate
       # Supported Method Parameters::
       # PWN::Plugins::BusPirate.connect_via_screen(
-      #   screen_bin: 'optional - defaults to /usr/bin/screen'
       #   block_dev: 'optional - serial block device path (defaults to /dev/ttyUSB0)'
       # )
 
@@ -17,19 +16,19 @@ module PWN
           opts[:block_dev].to_s
         )
 
-        block_dev = '/dev/ttyUSB0' if opts[:block_dev].nil?
-
-        if opts[:screen_bin].nil?
-          screen_bin = '/usr/bin/screen'
-        else
-          screen_bin = opts[:screen_bin].to_s.strip.chomp.scrub
-        end
+        block_dev ||= '/dev/ttyUSB0'
 
+        screen_bin = '/usr/bin/screen'
         raise "ERROR: #{screen_bin} not found." unless File.exist?(screen_bin)
 
-        screen_params = "#{block_dev} 115200 8 N 1"
-        screen_cmd = "#{screen_bin} #{screen_params}"
-        system(screen_cmd)
+        system(
+          screen_bin,
+          block_dev,
+          '115200',
+          '8',
+          'N',
+          '1'
+        )
       rescue StandardError => e
         raise e
       end
@@ -120,7 +119,6 @@ module PWN
       public_class_method def self.help
         puts "USAGE:
           #{self}.connect_via_screen(
-            screen_bin: 'optional - defaults to /usr/bin/screen'
             block_dev: 'optional serial block device path (defaults to /dev/ttyUSB0)'
           )
 

data/lib/pwn/plugins/github.rb

@@ -0,0 +1,136 @@
+# frozen_string_literal: true
+
+require 'json'
+
+module PWN
+  module Plugins
+    # This plugin is used for interacting w/ Github's REST API using
+    # the 'rest' browser type of PWN::Plugins::TransparentBrowser.
+    module Github
+      @@logger = PWN::Plugins::PWNLogger.create
+
+      # Supported Method Parameters::
+      # github_rest_call(
+      #   http_method: 'optional HTTP method (defaults to GET)
+      #   rest_call: 'required rest call to make per the schema',
+      #   params: 'optional params passed in the URI or HTTP Headers',
+      #   http_body: 'optional HTTP body sent in HTTP methods that support it e.g. POST'
+      # )
+
+      private_class_method def self.github_rest_call(opts = {})
+        http_method = if opts[:http_method].nil?
+                        :get
+                      else
+                        opts[:http_method].to_s.scrub.to_sym
+                      end
+        rest_call = opts[:rest_call].to_s.scrub
+        params = opts[:params]
+        http_body = opts[:http_body].to_s.scrub
+        base_gist_api_uri = 'https://api.github.com'
+
+        rest_client = PWN::Plugins::TransparentBrowser.open(browser_type: :rest)::Request
+
+        case http_method
+        when :get
+          response = rest_client.execute(
+            method: :get,
+            url: "#{base_gist_api_uri}/#{rest_call}",
+            headers: {
+              content_type: 'application/json; charset=UTF-8',
+              params: params
+            },
+            verify_ssl: false
+          )
+
+        when :post
+          response = rest_client.execute(
+            method: :post,
+            url: "#{base_gist_api_uri}/#{rest_call}",
+            headers: {
+              content_type: 'application/json; charset=UTF-8',
+              params: params
+            },
+            payload: http_body,
+            verify_ssl: false
+          )
+
+        else
+          raise @@logger.error("Unsupported HTTP Method #{http_method} for #{self} Plugin")
+        end
+
+        response
+      rescue RestClient::Forbidden
+        raise response
+      rescue RestClient::BadRequest, RestClient::NotFound, StandardError => e
+        raise
+      end
+
+      # Supported Method Parameters::
+      # response_json = PWN::Plugins::Github.download_all_gists(
+      #   username: 'required - username of gists to backup',
+      #   target_dir: 'required - target directory to save respective gists'
+      # )
+
+      public_class_method def self.download_all_gists(opts = {})
+        username = opts[:username].to_s.scrub
+        target_dir = opts[:target_dir].to_s.scrub
+
+        raise "ERROR: #{target_dir} Does Not Exist." unless Dir.exist?(target_dir)
+
+        params = {}
+        page = 1
+        response_json = [{}]
+        while response_json.any?
+          params[:page] = page
+          response_body = github_rest_call(
+            rest_call: "users/#{username}/gists",
+            params: params
+          ).body
+
+          Dir.chdir(target_dir)
+          response_json = JSON.parse(response_body, symbolize_names: true)
+          response_json.each do |gist_hash|
+            clone_dir = gist_hash[:id]
+            clone_uri = gist_hash[:git_pull_url]
+            next if Dir.exist?(clone_dir)
+
+            print "Cloning: #{clone_uri}..."
+            system(
+              'git',
+              'clone',
+              clone_uri
+            )
+            puts 'complete.'
+          end
+
+          page += 1
+        end
+
+        response_json
+      rescue StandardError => e
+        raise e
+      end
+
+      # Author(s):: 0day Inc. <request.pentest@0dayinc.com>
+
+      public_class_method def self.authors
+        "AUTHOR(S):
+          0day Inc. <request.pentest@0dayinc.com>
+        "
+      end
+
+      # Display Usage for this Module
+
+      public_class_method def self.help
+        puts "USAGE:
+          response_json = #{self}.download_all_gists(
+            username: 'required - username of gists to download',
+            target_dir: 'required - target directory to save respective gists'
+          )
+
+          #{self}.authors
+        "
+      end
+    end
+  end
+end

data/lib/pwn/plugins/packet.rb

@@ -1107,31 +1107,73 @@ module PWN
             my_os = PWN::Plugins::DetectOS.type
             case my_os
             when :linux
-              ipfilter = 'sudo iptables'
-              chain_action = '-C'
-              ipfilter_rule = "OUTPUT --protocol tcp --source #{pkt.ip_saddr} --destination #{pkt.ip_daddr} --destination-port #{pkt.tcp_dst} --tcp-flags RST RST -j DROP"
-
-              ipfilter_cmd = "#{ipfilter} #{chain_action} #{ipfilter_rule}"
-
-              unless system(ipfilter_cmd, out: File::NULL, err: File::NULL)
-                chain_action = '-A'
-                ipfilter_cmd = "#{ipfilter} #{chain_action} #{ipfilter_rule}"
-
+              system_resp = system(
+                'sudo',
+                'iptables',
+                '-C',
+                'OUTPUT',
+                '--protocol',
+                'tcp',
+                '--source',
+                pkt.ip_saddr,
+                '--destination',
+                pkt.ip_daddr,
+                '--destination-port',
+                pkt.tcp_dst.to_s,
+                '--tcp-flags',
+                'RST',
+                'RST',
+                '-j',
+                'DROP',
+                out: File::NULL,
+                err: File::NULL
+              )
+
+              unless system_resp
                 puts 'Preventing kernel from misbehaving when manipulating packets.'
-                puts 'Creating the following iptables rule:'
-                puts ipfilter_cmd
-                system(ipfilter_cmd)
-
-                puts "Be sure to delete iptables rule, once completed.  Here's how:"
-                chain_action = '-D'
-                ipfilter_cmd = "#{ipfilter} #{chain_action} #{ipfilter_rule}"
-                puts ipfilter_cmd
+                system(
+                  'sudo',
+                  'iptables',
+                  '-A',
+                  'OUTPUT',
+                  '--protocol',
+                  'tcp',
+                  '--source',
+                  pkt.ip_saddr,
+                  '--destination',
+                  pkt.ip_daddr,
+                  '--destination-port',
+                  pkt.tcp_dst.to_s,
+                  '--tcp-flags',
+                  'RST',
+                  'RST',
+                  '-j',
+                  'DROP'
+                )
               end
 
               pkt.recalc
               pkt.to_w(iface)
 
-              system(ipfilter, "-D #{ipfilter_rule}")
+              system(
+                'sudo',
+                'iptables',
+                '-D',
+                'OUTPUT',
+                '--protocol',
+                'tcp',
+                '--source',
+                pkt.ip_saddr,
+                '--destination',
+                pkt.ip_daddr,
+                '--destination-port',
+                pkt.tcp_dst.to_s,
+                '--tcp-flags',
+                'RST',
+                'RST',
+                '-j',
+                'DROP'
+              )
             # when :osx
             #   ipfilter = 'pfctl'
             #   ipfilter_rule = "block out proto tcp from #{pkt.ip_saddr} to #{pkt.ip_daddr} port #{pkt.tcp_dst} flags R"

data/lib/pwn/plugins/rfidler.rb

@@ -7,7 +7,6 @@ module PWN
     module RFIDler
       # Supported Method Parameters::
       # PWN::Plugins::RFIDler.connect_via_screen(
-      #   screen_bin: 'optional - defaults to /usr/bin/screen'
       #   block_dev: 'optional - serial block device path (defaults to /dev/ttyUSB0)'
       # )
 
@@ -17,18 +16,18 @@ module PWN
         )
 
         block_dev = '/dev/ttyUSB0' if opts[:block_dev].nil?
-
-        if opts[:screen_bin].nil?
-          screen_bin = '/usr/bin/screen'
-        else
-          screen_bin = opts[:screen_bin].to_s.strip.chomp.scrub
-        end
+        screen_bin = '/usr/bin/screen'
 
         raise "ERROR: #{screen_bin} not found." unless File.exist?(screen_bin)
 
-        screen_params = "#{block_dev} 9600 8 N 1"
-        screen_cmd = "#{screen_bin} #{screen_params}"
-        system(screen_cmd)
+        system(
+          screen_bin,
+          block_dev,
+          '9600',
+          '8',
+          'N',
+          '1'
+        )
       rescue StandardError => e
         raise e
       end
@@ -46,7 +45,6 @@ module PWN
       public_class_method def self.help
         puts "USAGE:
           #{self}.connect_via_screen(
-            screen_bin: 'optional - defaults to /usr/bin/screen'
             block_dev: 'optional serial block device path (defaults to /dev/ttyUSB0)'
           )
 

data/lib/pwn/plugins.rb

@@ -25,6 +25,7 @@ module PWN
     autoload :FileFu, 'pwn/plugins/file_fu'
     autoload :Fuzz, 'pwn/plugins/fuzz'
     autoload :Git, 'pwn/plugins/git'
+    autoload :Github, 'pwn/plugins/github'
     autoload :HackerOne, 'pwn/plugins/hacker_one'
     autoload :IBMAppscan, 'pwn/plugins/ibm_appscan'
     autoload :IPInfo, 'pwn/plugins/ip_info'

data/lib/pwn/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.4.500'
+  VERSION = '0.4.503'
 end

data/spec/lib/pwn/plugins/github_spec.rb

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe PWN::Plugins::Github do
+  it 'should display information for authors' do
+    authors_response = PWN::Plugins::Github
+    expect(authors_response).to respond_to :authors
+  end
+
+  it 'should display information for existing help method' do
+    help_response = PWN::Plugins::Github
+    expect(help_response).to respond_to :help
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.4.500
+  version: 0.4.503
 platform: ruby
 authors:
 - 0day Inc.
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-06-16 00:00:00.000000000 Z
+date: 2022-06-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -506,14 +506,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.3.5
+        version: 1.4.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.3.5
+        version: 1.4.0
 - !ruby/object:Gem::Dependency
   name: pry
   requirement: !ruby/object:Gem::Requirement
@@ -1063,6 +1063,7 @@ files:
 - ".ruby-gemset"
 - ".ruby-version"
 - ".travis.yml"
+- CHANGELOG_BETWEEN_TAGS.txt
 - CODE_OF_CONDUCT.md
 - CONTRIBUTING.md
 - Gemfile
@@ -1557,6 +1558,7 @@ files:
 - lib/pwn/plugins/file_fu.rb
 - lib/pwn/plugins/fuzz.rb
 - lib/pwn/plugins/git.rb
+- lib/pwn/plugins/github.rb
 - lib/pwn/plugins/hacker_one.rb
 - lib/pwn/plugins/http_intercept_helper.rb
 - lib/pwn/plugins/ibm_appscan.rb
@@ -1855,6 +1857,7 @@ files:
 - spec/lib/pwn/plugins/file_fu_spec.rb
 - spec/lib/pwn/plugins/fuzz_spec.rb
 - spec/lib/pwn/plugins/git_spec.rb
+- spec/lib/pwn/plugins/github_spec.rb
 - spec/lib/pwn/plugins/hacker_one_spec.rb
 - spec/lib/pwn/plugins/ibm_appscan_spec.rb
 - spec/lib/pwn/plugins/ip_info_spec.rb