pwn 0.4.514 → 0.4.517

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e6ef21821ecefa8074e3373780a936233ffa7bf83b0ce1b9db05d0b6cbf2553d
-  data.tar.gz: 1f1133a5f30eec2a0281563c7f0566b039061f66934abf6226f9f17b96d658e5
+  metadata.gz: c8e3f58022b83a3829453c781e95a45ac2d388795c1b3916a4ecd02ba16da233
+  data.tar.gz: efe0ee32060320d6dcee8f93cd0f6cb450066634f7e573e8d839aca2bdabb29b
 SHA512:
-  metadata.gz: 7de7ae8a8b6d03a7873996163d7661feefd60e8ca6fb7d05583859dd70f1a00f9bddec1848c82991ecf6c838dd97ca170c2f7b682a3b2f700db19e9b9657bfd3
-  data.tar.gz: 54a965b58711de0e4df07880ca22d66e7296299ce478d9fe0b13615b71593a3e59b7a9b13d1e9ad977d6c5700570a660d4897dc8284dd723d32727ffc8ef4c54
+  metadata.gz: c10feee36edd3037ea8a1ca3edccb12ed8629d9f3c64c70eb429cf0706b14721bf6b6900d5ecf08eb231b51b58fc5dcd222a2c7cd5de65ce39367ae23996f5cb
+  data.tar.gz: cf61e7be071b16c3ec493bd293f096008cfe4d71b57c0b2d2d2084a649c699bdc9eb25b9266b7f036ec4daa41bce0f0bd6a3e84c6f37c0171f469e83ec98efed

data/.rubocop_todo.yml

@@ -1,6 +1,6 @@
 # This configuration was generated by
 # `rubocop --auto-gen-config`
-# on 2022-07-08 17:25:42 UTC using RuboCop version 1.31.2.
+# on 2022-07-28 21:42:33 UTC using RuboCop version 1.31.2.
 # The point is for the user to remove these configuration records
 # one by one as the offenses are removed from the code base.
 # Note that changes in the inspected code, or installation of new
@@ -17,42 +17,48 @@ Layout/LineContinuationSpacing:
     - 'packer/provisioners/wpscan.rb'
     - 'vagrant/provisioners/beef.rb'
 
-# Offense count: 258
+# Offense count: 1
+# This cop supports unsafe autocorrection (--autocorrect-all).
+Lint/NonAtomicFileOperation:
+  Exclude:
+    - 'lib/pwn/plugins/baresip.rb'
+
+# Offense count: 264
 Lint/UselessAssignment:
   Enabled: false
 
-# Offense count: 260
+# Offense count: 263
 # Configuration parameters: IgnoredMethods, CountRepeatedAttributes.
 Metrics/AbcSize:
   Max: 328
 
-# Offense count: 64
+# Offense count: 66
 # Configuration parameters: CountComments, CountAsOne, ExcludedMethods, IgnoredMethods.
 # IgnoredMethods: refine
 Metrics/BlockLength:
   Max: 196
 
-# Offense count: 45
+# Offense count: 44
 # Configuration parameters: CountBlocks.
 Metrics/BlockNesting:
   Max: 5
 
-# Offense count: 91
+# Offense count: 94
 # Configuration parameters: IgnoredMethods.
 Metrics/CyclomaticComplexity:
   Max: 231
 
-# Offense count: 472
+# Offense count: 481
 # Configuration parameters: CountComments, CountAsOne, ExcludedMethods, IgnoredMethods.
 Metrics/MethodLength:
   Max: 466
 
-# Offense count: 34
+# Offense count: 44
 # Configuration parameters: CountComments, CountAsOne.
 Metrics/ModuleLength:
   Max: 1186
 
-# Offense count: 83
+# Offense count: 86
 # Configuration parameters: IgnoredMethods.
 Metrics/PerceivedComplexity:
   Max: 51
@@ -81,12 +87,12 @@ Style/RedundantCondition:
     - 'bin/pwn_simple_http_server'
     - 'lib/pwn/plugins/packet.rb'
 
-# Offense count: 44
+# Offense count: 43
 # This cop supports unsafe autocorrection (--autocorrect-all).
 Style/SlicingWithRange:
   Enabled: false
 
-# Offense count: 555
+# Offense count: 564
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, AllowedPatterns, IgnoredPatterns.
 # URISchemes: http, https

data/Gemfile

@@ -18,13 +18,14 @@ gem 'aws-sdk', '3.1.0'
 gem 'bettercap', '1.6.2'
 gem 'brakeman', '5.2.3'
 gem 'bson', '4.15.0'
-gem 'bundler', '>=2.3.18'
+gem 'bundler', '>=2.3.19'
 gem 'bundler-audit', '0.9.1'
 gem 'bunny', '2.19.0'
 gem 'colorize', '0.8.1'
 gem 'credit_card_validations', '5.0.0'
 gem 'eventmachine', '1.2.7'
 gem 'faye-websocket', '0.11.1'
+gem 'fftw3', '0.3'
 gem 'gdb', '1.0.0'
 gem 'gist', '6.0.0'
 gem 'htmlentities', '4.3.4'
@@ -36,18 +37,18 @@ gem 'jsonpath', '1.1.2'
 gem 'jwt', '2.4.1'
 gem 'luhn', '1.0.2'
 gem 'mail', '2.7.1'
-gem 'mongo', '2.17.1'
+gem 'mongo', '2.18.1'
 gem 'msfrpc-client', '1.1.2'
 gem 'net-ldap', '0.17.1'
 gem 'net-openvpn', '0.8.7'
 gem 'net-smtp', '0.3.1'
 gem 'nexpose', '7.3.0'
-gem 'nokogiri', '1.13.7'
+gem 'nokogiri', '1.13.8'
 gem 'oily_png', '1.2.1'
 gem 'os', '1.1.4'
 gem 'packetfu', '1.1.13'
 gem 'pdf-reader', '2.10.0'
-gem 'pg', '1.4.1'
+gem 'pg', '1.4.2'
 gem 'pry', '0.14.1'
 gem 'pry-doc', '1.3.0'
 gem 'rake', '13.0.6'
@@ -56,20 +57,20 @@ gem 'rbvmomi', '3.0.0'
 gem 'rdoc', '6.4.0'
 gem 'rest-client', '2.1.0'
 gem 'rex', '2.0.13'
-gem 'rmagick', '4.2.5'
+gem 'rmagick', '4.2.6'
 gem 'rspec', '3.11.0'
 gem 'rtesseract', '3.1.2'
-gem 'rubocop', '1.31.2'
+gem 'rubocop', '1.33.0'
 gem 'rubocop-rake', '0.6.0'
 gem 'rubocop-rspec', '2.12.1'
 gem 'ruby-audio', '1.6.1'
 gem 'ruby-nmap', '0.10.0'
 gem 'ruby-saml', '1.14.0'
 gem 'rvm', '1.11.3.9'
-gem 'savon', '2.12.1'
-gem 'selenium-devtools', '0.103.1'
+gem 'savon', '2.13.0'
+gem 'selenium-devtools', '0.104.0'
 gem 'serialport', '1.3.2'
-gem 'sinatra', '2.2.0'
+gem 'sinatra', '2.2.2'
 gem 'slack-ruby-client', '1.1.0'
 gem 'socksify', '1.7.1'
 gem 'spreadsheet', '1.3.0'

data/README.md

@@ -37,7 +37,7 @@ $ rvm use ruby-3.1.2@pwn
 $ rvm list gemsets
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.514]:001 >>> PWN.help
+pwn[v0.4.517]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.1.2@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.514]:001 >>> PWN.help
+pwn[v0.4.517]:001 >>> PWN.help
 ```
 
 

data/bin/pwn_fuzz_net_app_proto

@@ -102,7 +102,10 @@ mutex = Mutex.new
 slice = max_threads * 3
 File.open(fuzz_file, "rb:#{char_encoding}") do |file|
   file.each_slice(slice) do |payload_batch_arr|
-    PWN::Plugins::ThreadPool.fill(enumerable_array: payload_batch_arr, max_threads: max_threads) do |payload|
+    PWN::Plugins::ThreadPool.fill(
+      enumerable_array: payload_batch_arr,
+      max_threads: max_threads
+    ) do |payload|
       socket_fuzz_results_arr = PWN::Plugins::Fuzz.socket(
         target: target,
         port: port,

data/bin/pwn_phone

@@ -0,0 +1,124 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+require 'pwn'
+require 'optparse'
+require 'fileutils'
+require 'ruby-audio'
+require 'fftw3'
+require 'waveform'
+
+opts = {}
+OptionParser.new do |options|
+  options.banner = "USAGE:
+    #{$PROGRAM_NAME} [opts]
+  "
+
+  options.on('-tPATH', '--target-file=PATH', '<Required - File Containing List of Targets to Dial>') do |t|
+    opts[:target_file] = t
+  end
+
+  options.on('-sSEC', '--seconds-to-record=SEC', '<Optional - Seconds to Record (Defaults to 60)>') do |s|
+    opts[:seconds_to_record] = s
+  end
+
+  options.on('-TTHREADS', '--max-threads=THREADS', '<Optional # Calls to Run Simultaneously (Defaults to 3 - update "call_max_calls" in ~/.baresip/config if > 4)>') do |t|
+    opts[:max_threads] = t
+  end
+
+  options.on('-bPATH', '--baresip-binary=PATH', '<Optional - Path to baresip Binary (Defaults to /usr/bin/baresip)>') do |bs|
+    opts[:baresip_bin] = bs
+  end
+
+  options.on('-SSOX', '--sox-path=SOX', '<Optional - Path to SoX Binary, the Swiss Army knife of Audio (Defaults to /usr/bin/sox)>') do |sox|
+    opts[:sox_bin] = sox
+  end
+
+  options.on('-rDIR', '--session-root=DIR', '<Optional - Directory to Store Session Files (Defaults to Present Working Directory))>') do |sr|
+    opts[:session_root] = sr
+  end
+
+  options.on('-R', '--[no-]randomize', '<Optional - Randomize Number Range (Defaults to false)>') do |r|
+    opts[:randomize] = r
+  end
+
+  options.on('-h', '--[no-]start-reporting-server', '<Optional - Start Simple HTTP Server for Reporting>') do |s|
+    opts[:start_reporting_server] = s
+  end
+
+  options.on('-xRULES', '--source-num-rules=RULES', '<Optional - Comma-delimited list of rules for src_num format (i.e. self, same_country, same_area, and/or same_prefix [Defaults to random src_num w/ same length as target_num])>') do |x|
+    opts[:src_num_rules] = x
+  end
+
+  # TODO: Add an hours of operation flag.
+  # TODO: Add a resume feature to resume session following an interruption.
+  # TODO: Append results to pwn_phone_results.json as things are running #save_memory.
+end.parse!
+
+if opts.empty?
+  puts `#{$PROGRAM_NAME} --help`
+  exit 1
+end
+
+begin
+  pwn_provider = ENV.fetch('PWN_PROVIDER') if ENV.fetch('PWN_PROVIDER')
+  $stdout.sync = true
+
+  # Required Flag Variables
+  target_file = opts[:target_file]
+  max_threads = opts[:max_threads]
+  seconds_to_record = opts[:seconds_to_record]
+  baresip_bin = opts[:baresip_bin]
+  sox_bin = opts[:sox_bin]
+  session_root = opts[:session_root]
+  session_root ||= Dir.pwd
+
+  # Optional Flag Variables
+  randomize = opts[:randomize]
+  start_reporting_server = opts[:start_reporting_server]
+  src_num_rules = opts[:src_num_rules]
+
+  # Initiallize Phone Reconaissance
+  results_hash = PWN::Plugins::BareSIP.recon(
+    baresip_bin: baresip_bin,
+    session_root: session_root,
+    target_file: target_file,
+    randomize: randomize,
+    src_num_rules: src_num_rules,
+    seconds_to_record: seconds_to_record,
+    sox_bin: sox_bin
+  )
+
+  # Generate HTML Report
+  print "#{$PROGRAM_NAME} Generating Report..."
+  PWN::Reports::Phone.generate(
+    dir_path: session_root,
+    results_hash: results_hash
+  )
+  puts 'complete.'
+
+  # Start Simple HTTP Server (If Requested)
+  if start_reporting_server
+    listen_port = Random.rand(1_025..65_535).to_s
+
+    if pwn_provider == 'docker'
+      listen_ip = '0.0.0.0'
+    else
+      listen_ip = '127.0.0.1'
+    end
+
+    puts "For Scan Results Navigate to: http://127.0.0.1:#{listen_port}/pwn_phone.html"
+    Dir.chdir(session_root)
+    system(
+      'pwn_simple_http_server',
+      '-i',
+      listen_ip,
+      '-p',
+      listen_port
+    )
+  end
+rescue StandardError => e
+  raise e.message
+rescue SystemExit, Interrupt
+  puts "\nGoodbye."
+end

data/bin/pwn_sast

@@ -49,7 +49,9 @@ begin
   green = "\e[32m"
   end_of_color = "\e[0m"
 
-  dir_path = opts[:dir_path].to_s.scrub
+  dir_path = opts[:dir_path]
+  dir_path ||= '.'
+
   uri_source_root = opts[:uri_source_root].to_s.scrub
   max_threads = opts[:max_threads]
   chosen_test_cases = opts[:chosen_test_cases]
@@ -121,7 +123,10 @@ begin
 
   mutex = Mutex.new
 
-  PWN::Plugins::ThreadPool.fill(enumerable_array: test_cases, max_threads: max_threads) do |test_case|
+  PWN::Plugins::ThreadPool.fill(
+    enumerable_array: test_cases,
+    max_threads: max_threads
+  ) do |test_case|
     sca_arr = PWN::SAST.const_get(
       test_case.to_s.scrub
     ).scan(