pwn 0.4.519 → 0.4.522
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rubocop_todo.yml +19 -19
- data/Gemfile +2 -2
- data/README.md +2 -2
- data/bin/pwn_sast +9 -4
- data/bin/pwn_www_uri_buster +156 -0
- data/lib/pwn/reports/uri_buster.rb +240 -0
- data/lib/pwn/reports.rb +1 -0
- data/lib/pwn/version.rb +1 -1
- data/spec/lib/pwn/reports/uri_buster_spec.rb +15 -0
- metadata +11 -7
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 6533b6e61c14117954e65f98867f0ed01525d0be080b483183f73ee1a498fdda
|
4
|
+
data.tar.gz: 6f2142e1e87fd1dff7666f74b6df81b06dc60c53017a08680d87664188753045
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 2a12e0c4324052400eae6b28a2f8d74b8b1af3ef5191e3a8fc6190b236991022d0003b91e777e55ecd4c2be0208c865101c2d0504b41f61df0be220dd4987863
|
7
|
+
data.tar.gz: f1472201917c401647937174846576536fb6f2ae7d6b7dabb94f51e1d16c9f304c91bcc4934f59d48ef54af468e02bf4b4f58044fecb4918b2e9038e3837423e
|
data/.rubocop_todo.yml
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
# This configuration was generated by
|
2
2
|
# `rubocop --auto-gen-config`
|
3
|
-
# on 2022-
|
3
|
+
# on 2022-08-29 16:58:30 UTC using RuboCop version 1.35.1.
|
4
4
|
# The point is for the user to remove these configuration records
|
5
5
|
# one by one as the offenses are removed from the code base.
|
6
6
|
# Note that changes in the inspected code, or installation of new
|
@@ -17,24 +17,18 @@ Layout/LineContinuationSpacing:
|
|
17
17
|
- 'packer/provisioners/wpscan.rb'
|
18
18
|
- 'vagrant/provisioners/beef.rb'
|
19
19
|
|
20
|
-
# Offense count: 1
|
21
|
-
# This cop supports unsafe autocorrection (--autocorrect-all).
|
22
|
-
Lint/NonAtomicFileOperation:
|
23
|
-
Exclude:
|
24
|
-
- 'lib/pwn/plugins/baresip.rb'
|
25
|
-
|
26
20
|
# Offense count: 264
|
27
21
|
Lint/UselessAssignment:
|
28
22
|
Enabled: false
|
29
23
|
|
30
|
-
# Offense count:
|
31
|
-
# Configuration parameters: IgnoredMethods, CountRepeatedAttributes.
|
24
|
+
# Offense count: 264
|
25
|
+
# Configuration parameters: AllowedMethods, AllowedPatterns, IgnoredMethods, CountRepeatedAttributes.
|
32
26
|
Metrics/AbcSize:
|
33
27
|
Max: 328
|
34
28
|
|
35
|
-
# Offense count:
|
36
|
-
# Configuration parameters: CountComments, CountAsOne, ExcludedMethods, IgnoredMethods.
|
37
|
-
#
|
29
|
+
# Offense count: 68
|
30
|
+
# Configuration parameters: CountComments, CountAsOne, ExcludedMethods, AllowedMethods, AllowedPatterns, IgnoredMethods.
|
31
|
+
# AllowedMethods: refine
|
38
32
|
Metrics/BlockLength:
|
39
33
|
Max: 196
|
40
34
|
|
@@ -44,22 +38,22 @@ Metrics/BlockNesting:
|
|
44
38
|
Max: 5
|
45
39
|
|
46
40
|
# Offense count: 94
|
47
|
-
# Configuration parameters: IgnoredMethods.
|
41
|
+
# Configuration parameters: AllowedMethods, AllowedPatterns, IgnoredMethods.
|
48
42
|
Metrics/CyclomaticComplexity:
|
49
43
|
Max: 231
|
50
44
|
|
51
|
-
# Offense count:
|
52
|
-
# Configuration parameters: CountComments, CountAsOne, ExcludedMethods, IgnoredMethods.
|
45
|
+
# Offense count: 482
|
46
|
+
# Configuration parameters: CountComments, CountAsOne, ExcludedMethods, AllowedMethods, AllowedPatterns, IgnoredMethods.
|
53
47
|
Metrics/MethodLength:
|
54
48
|
Max: 466
|
55
49
|
|
56
|
-
# Offense count:
|
50
|
+
# Offense count: 47
|
57
51
|
# Configuration parameters: CountComments, CountAsOne.
|
58
52
|
Metrics/ModuleLength:
|
59
53
|
Max: 1186
|
60
54
|
|
61
55
|
# Offense count: 86
|
62
|
-
# Configuration parameters: IgnoredMethods.
|
56
|
+
# Configuration parameters: AllowedMethods, AllowedPatterns, IgnoredMethods.
|
63
57
|
Metrics/PerceivedComplexity:
|
64
58
|
Max: 51
|
65
59
|
|
@@ -67,7 +61,7 @@ Metrics/PerceivedComplexity:
|
|
67
61
|
Style/ClassVars:
|
68
62
|
Enabled: false
|
69
63
|
|
70
|
-
# Offense count:
|
64
|
+
# Offense count: 284
|
71
65
|
# This cop supports safe autocorrection (--autocorrect).
|
72
66
|
# Configuration parameters: EnforcedStyle, SingleLineConditionsOnly, IncludeTernaryExpressions.
|
73
67
|
# SupportedStyles: assign_to_condition, assign_inside_condition
|
@@ -80,6 +74,12 @@ Style/ExplicitBlockArgument:
|
|
80
74
|
Exclude:
|
81
75
|
- 'lib/pwn/plugins/nmap_it.rb'
|
82
76
|
|
77
|
+
# Offense count: 1
|
78
|
+
# This cop supports safe autocorrection (--autocorrect).
|
79
|
+
Style/RedundantBegin:
|
80
|
+
Exclude:
|
81
|
+
- 'bin/pwn_www_uri_buster'
|
82
|
+
|
83
83
|
# Offense count: 95
|
84
84
|
# This cop supports safe autocorrection (--autocorrect).
|
85
85
|
Style/RedundantCondition:
|
@@ -92,7 +92,7 @@ Style/RedundantCondition:
|
|
92
92
|
Style/SlicingWithRange:
|
93
93
|
Enabled: false
|
94
94
|
|
95
|
-
# Offense count:
|
95
|
+
# Offense count: 570
|
96
96
|
# This cop supports safe autocorrection (--autocorrect).
|
97
97
|
# Configuration parameters: AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, AllowedPatterns, IgnoredPatterns.
|
98
98
|
# URISchemes: http, https
|
data/Gemfile
CHANGED
@@ -18,7 +18,7 @@ gem 'aws-sdk', '3.1.0'
|
|
18
18
|
gem 'bettercap', '1.6.2'
|
19
19
|
gem 'brakeman', '5.3.1'
|
20
20
|
gem 'bson', '4.15.0'
|
21
|
-
gem 'bundler', '>=2.3.
|
21
|
+
gem 'bundler', '>=2.3.21'
|
22
22
|
gem 'bundler-audit', '0.9.1'
|
23
23
|
gem 'bunny', '2.19.0'
|
24
24
|
gem 'colorize', '0.8.1'
|
@@ -34,7 +34,7 @@ gem 'ipaddress', '0.8.3'
|
|
34
34
|
gem 'js-beautify', '0.1.8'
|
35
35
|
gem 'json', '2.6.2'
|
36
36
|
gem 'jsonpath', '1.1.2'
|
37
|
-
gem 'jwt', '2.
|
37
|
+
gem 'jwt', '2.5.0'
|
38
38
|
gem 'luhn', '1.0.2'
|
39
39
|
gem 'mail', '2.7.1'
|
40
40
|
gem 'mongo', '2.18.1'
|
data/README.md
CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.1.2@pwn
|
|
37
37
|
$ rvm list gemsets
|
38
38
|
$ gem install --verbose pwn
|
39
39
|
$ pwn
|
40
|
-
pwn[v0.4.
|
40
|
+
pwn[v0.4.522]:001 >>> PWN.help
|
41
41
|
```
|
42
42
|
|
43
43
|
[![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.1.2@pwn
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
53
53
|
$ gem install --verbose pwn
|
54
54
|
$ pwn
|
55
|
-
pwn[v0.4.
|
55
|
+
pwn[v0.4.522]:001 >>> PWN.help
|
56
56
|
```
|
57
57
|
|
58
58
|
|
data/bin/pwn_sast
CHANGED
@@ -11,12 +11,14 @@ OptionParser.new do |options|
|
|
11
11
|
#{$PROGRAM_NAME} [opts]
|
12
12
|
"
|
13
13
|
|
14
|
-
options.on('-dDIR', '--dir-path=DIR', '<Required - Report Output Directory>') { |d| opts[:dir_path] = d }
|
15
|
-
|
16
14
|
options.on('-uGITURI', '--uri-source-root=GITURI', '<Required - HTTP URI of Git Repo Scanned e.g. https://github.com/0dayInc/pwn/tree/master>') do |u|
|
17
15
|
opts[:uri_source_root] = u
|
18
16
|
end
|
19
17
|
|
18
|
+
options.on('-dDIR', '--dir-path=DIR', '<Optional - Report Output Directory (Defaults to ".")>') do |d|
|
19
|
+
opts[:dir_path] = d
|
20
|
+
end
|
21
|
+
|
20
22
|
options.on('-tTHREADS', '--max-threads=THREADS', '<Optional # Test Cases to Run Simultaneously (Default 25)>') do |t|
|
21
23
|
opts[:max_threads] = t
|
22
24
|
end
|
@@ -53,12 +55,15 @@ begin
|
|
53
55
|
dir_path ||= '.'
|
54
56
|
|
55
57
|
uri_source_root = opts[:uri_source_root].to_s.scrub
|
58
|
+
|
56
59
|
max_threads = opts[:max_threads]
|
60
|
+
max_threads ||= 25
|
61
|
+
|
57
62
|
chosen_test_cases = opts[:chosen_test_cases]
|
58
63
|
list_test_cases = opts[:list_test_cases]
|
59
64
|
|
60
|
-
report_name =
|
61
|
-
report_name
|
65
|
+
report_name = opts[:report_name]
|
66
|
+
report_name ||= File.basename(Dir.pwd)
|
62
67
|
|
63
68
|
start_reporting_server = opts[:start_reporting_server]
|
64
69
|
|
@@ -0,0 +1,156 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
# frozen_string_literal: false
|
3
|
+
|
4
|
+
require 'pwn'
|
5
|
+
require 'optparse'
|
6
|
+
require 'uri'
|
7
|
+
require 'htmlentities'
|
8
|
+
|
9
|
+
opts = {}
|
10
|
+
OptionParser.new do |options|
|
11
|
+
options.banner = "USAGE:
|
12
|
+
#{$PROGRAM_NAME} [opts]
|
13
|
+
"
|
14
|
+
|
15
|
+
options.on('-uURL', '--target-url=URL', '<Required - Target URL)>') do |t|
|
16
|
+
opts[:target_url] = t
|
17
|
+
end
|
18
|
+
|
19
|
+
options.on('-wFILE', '--word-list=FILE', '<Required - Wordlist File to Use>') do |w|
|
20
|
+
opts[:wordlist] = w
|
21
|
+
end
|
22
|
+
|
23
|
+
options.on('-tTHREADS', '--max-threads=THREADS', '<Optional # HTTP Requests to Run Simultaneously (Default 100)>') do |t|
|
24
|
+
opts[:max_threads] = t
|
25
|
+
end
|
26
|
+
|
27
|
+
options.on('-dDIR', '--dir-path=DIR', '<Optional - Report Output Directory (Defaults to ".")>') do |w|
|
28
|
+
opts[:wordlist] = w
|
29
|
+
end
|
30
|
+
|
31
|
+
options.on('-nREPORTNAME', '--report-name=REPORTNAME', '<Optional Report Name (Defaults to, "<TARGET_URL_HOST>-<Time.now.strftime("%Y-%m-%d_%H-%M-%S")>")>') do |n|
|
32
|
+
opts[:report_name] = n
|
33
|
+
end
|
34
|
+
|
35
|
+
options.on('-s', '--[no-]start-reporting-server', '<Optional - Start Simple HTTP Server for Reporting>') do |s|
|
36
|
+
opts[:start_reporting_server] = s
|
37
|
+
end
|
38
|
+
end.parse!
|
39
|
+
|
40
|
+
if opts.empty?
|
41
|
+
puts `#{$PROGRAM_NAME} --help`
|
42
|
+
exit 1
|
43
|
+
end
|
44
|
+
|
45
|
+
begin
|
46
|
+
target_url = opts[:target_url]
|
47
|
+
raise "ERROR: Invalid URL #{target_url}\nBe sure to include URL scheme (e.g. http://)" if target_url =~ URI::DEFAULT_PARSER.make_regexp.nil?
|
48
|
+
|
49
|
+
parsed_target_url = URI.parse(target_url)
|
50
|
+
|
51
|
+
wordlist = opts[:wordlist]
|
52
|
+
raise "ERROR: #{wordlist} Does Not Exist." unless File.exist?(wordlist)
|
53
|
+
|
54
|
+
max_threads = opts[:max_threads]
|
55
|
+
max_threads ||= 100
|
56
|
+
|
57
|
+
dir_path = opts[:dir_path]
|
58
|
+
dir_path ||= '.'
|
59
|
+
|
60
|
+
report_name = opts[:report_name]
|
61
|
+
report_name ||= "#{parsed_target_url.host}-#{Time.now.strftime('%Y-%m-%d_%H-%M-%S')}"
|
62
|
+
|
63
|
+
start_reporting_server = opts[:start_reporting_server]
|
64
|
+
|
65
|
+
mutex = Mutex.new
|
66
|
+
|
67
|
+
results_hash = {
|
68
|
+
report_name: HTMLEntities.new.encode(
|
69
|
+
report_name.to_s.scrub.strip.chomp
|
70
|
+
),
|
71
|
+
data: []
|
72
|
+
}
|
73
|
+
|
74
|
+
wordlist_arr = File.readlines(wordlist)
|
75
|
+
PWN::Plugins::ThreadPool.fill(
|
76
|
+
enumerable_array: wordlist_arr,
|
77
|
+
max_threads: max_threads
|
78
|
+
) do |this_wl_line|
|
79
|
+
wordlist_line = this_wl_line.to_s.scrub.strip.chomp
|
80
|
+
|
81
|
+
next if wordlist_line.match?(/^#/)
|
82
|
+
|
83
|
+
http_methods = %i[GET HEAD POST PUT DELETE CONNECT OPTIONS TRACE]
|
84
|
+
|
85
|
+
http_methods.each do |http_method|
|
86
|
+
begin
|
87
|
+
print '.'
|
88
|
+
rest_client_resp_hash = {}
|
89
|
+
http_uri = "#{target_url}/#{wordlist_line}"
|
90
|
+
rest_client = PWN::Plugins::TransparentBrowser.open(browser_type: :rest)::Request
|
91
|
+
response = rest_client_request.execute(
|
92
|
+
method: http_method,
|
93
|
+
url: http_uri,
|
94
|
+
verify_ssl: false
|
95
|
+
)
|
96
|
+
|
97
|
+
rest_client_resp_hash = {
|
98
|
+
request_timestamp: Time.now.strftime('%Y-%m-%d_%H-%M-%S'),
|
99
|
+
http_uri: http_uri,
|
100
|
+
http_method: http_method,
|
101
|
+
http_resp_code: response.code,
|
102
|
+
http_resp: response.body
|
103
|
+
}
|
104
|
+
rescue RestClient::Forbidden,
|
105
|
+
RestClient::BadRequest,
|
106
|
+
RestClient::NotFound => e
|
107
|
+
|
108
|
+
rest_client_resp_hash = {
|
109
|
+
request_timestamp: Time.now.strftime('%Y-%m-%d_%H-%M-%S'),
|
110
|
+
http_uri: http_uri,
|
111
|
+
http_method: http_method,
|
112
|
+
http_resp_code: e.response.code,
|
113
|
+
http_resp: e.response.body
|
114
|
+
}
|
115
|
+
next
|
116
|
+
ensure
|
117
|
+
mutex.synchronize do
|
118
|
+
results_hash[:data].push(rest_client_resp_hash)
|
119
|
+
end
|
120
|
+
end
|
121
|
+
end
|
122
|
+
end
|
123
|
+
|
124
|
+
# Generate HTML Report
|
125
|
+
print "#{$PROGRAM_NAME} Generating Report..."
|
126
|
+
PWN::Reports::URIBuster.generate(
|
127
|
+
dir_path: dir_path,
|
128
|
+
results_hash: results_hash
|
129
|
+
)
|
130
|
+
puts 'complete.'
|
131
|
+
|
132
|
+
# Start Simple HTTP Server (If Requested)
|
133
|
+
if start_reporting_server
|
134
|
+
listen_port = Random.rand(1_025..65_535).to_s
|
135
|
+
|
136
|
+
if pwn_provider == 'docker'
|
137
|
+
listen_ip = '0.0.0.0'
|
138
|
+
else
|
139
|
+
listen_ip = '127.0.0.1'
|
140
|
+
end
|
141
|
+
|
142
|
+
puts "For Scan Results Navigate to: http://127.0.0.1:#{listen_port}/pwn_www_uri_buster.html"
|
143
|
+
Dir.chdir(dir_path)
|
144
|
+
system(
|
145
|
+
'pwn_simple_http_server',
|
146
|
+
'-i',
|
147
|
+
listen_ip,
|
148
|
+
'-p',
|
149
|
+
listen_port
|
150
|
+
)
|
151
|
+
end
|
152
|
+
rescue SystemExit, Interrupt
|
153
|
+
puts "\nGoodbye."
|
154
|
+
rescue StandardError => e
|
155
|
+
raise e
|
156
|
+
end
|
@@ -0,0 +1,240 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'json'
|
4
|
+
|
5
|
+
module PWN
|
6
|
+
module Reports
|
7
|
+
# This plugin generates the War Dialing results produced by pwn_www_uri_buster.
|
8
|
+
module URIBuster
|
9
|
+
# Supported Method Parameters::
|
10
|
+
# PWN::Reports::URIBuster.generate(
|
11
|
+
# dir_path: dir_path,
|
12
|
+
# results_hash: results_hash
|
13
|
+
# )
|
14
|
+
|
15
|
+
public_class_method def self.generate(opts = {})
|
16
|
+
dir_path = opts[:dir_path].to_s if File.directory?(opts[:dir_path].to_s)
|
17
|
+
raise "PWN Error: Invalid Directory #{dir_path}" if dir_path.nil?
|
18
|
+
|
19
|
+
results_hash = opts[:results_hash]
|
20
|
+
|
21
|
+
File.write(
|
22
|
+
"#{dir_path}/pwn_www_uri_buster.json",
|
23
|
+
JSON.pretty_generate(results_hash)
|
24
|
+
)
|
25
|
+
|
26
|
+
html_report = %q{<!DOCTYPE HTML>
|
27
|
+
<html>
|
28
|
+
<head>
|
29
|
+
<!-- favicon.ico from https://0dayinc.com -->
|
30
|
+
<link rel="icon" href="data:image/x-icon;base64,AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAAAQAABIXAAASFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIkAAACJAgAAiSYAAIlbAACJcAAAiX0AAIlmAACJLQAAiQQAAIkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIkAAACJAAAAiS0AAIluAACJdwAAiXgAAIl+AACJeAAAiXQAAIk5AACJAQAAiQAAAAAAAAAAAAAAAAAAAAAAAACJAAAAiRgAAIlvAACJbQAAiXcAAIl7AACJcwAAiXEAAIl1AACJZwAAiR4AAIkAAACJAAAAAAAAAAAAAACJAAAAiQAAAIlEAACJfAAAiXIAAIlyAACJewAAiX4AAIl5AACJdQAAiXcAAIlIAACJAAAAiQAAAAAAAAAAAAAAiQAAAIkJAACJWQAAiXUAAIl9AACJdAAAiYYAAImLAACJdAAAiXkAAImNAACJfQAAiQwAAIkAAAAAAAAAAAAAAIkAAACJFQAAiWsAAIl2AACJfAAAiYIAAImCAACJfwAAiXYAAIl5AACJiQAAiYYAAIkWAACJAAAAAAAAAAAAAACJAAAAiSAAAIl2AACJeQAAiXkAAIl1AACJfwAAiYEAAIl8AACJbwAAiXoAAImBAACJFgAAiQAAAAAAAAAAAAAAiQAAAIkpAACJeAAAiXMAAIl3AACJeQAAiXUAAImAAACJfwAAiWYAAIl4AACJfwAAiR4AAIkAAAAAAAAAAAAAAIkAAACJKAAAiXkAAIlyAACJdQAAiXQAAIluAACJfAAAiXwAAIl3AACJewAAiXwAAIkvAACJAAAAAAAAAAAAAACJAAAAiSMAAIl4AACJdgAAiXsAAIl1AACJcQAAiXcAAIl6AACJeQAAiXoAAIl0AACJKQAAiQAAAAAAAAAAAAAAiQAAAIkXAACJaAAAiXgAAIl3AACJfAAAiXkAAIl3AACJZwAAiXcAAIl0AACJagAAiSgAAIkAAAAAAAAAAAAAAIkAAACJDgAAiV4AAIl5AACJbwAAiW4AAIl9AACJewAAiXcAAIl6AACJfQAAiW8AAIkWAACJAAAAAAAAAAAAAACJAAAAiQ0AAIllAACJewAAiXYAAIl4AACJdQAAiXUAAIl4AACJbQAAiXkAAIlNAACJAwAAiQAAAAAAAAAAAAAAiQAAAIkCAACJPQAAiXMAAIl2AACJeAAAiWgAAIlsAACJfQAAiXsAAIlwAACJGQAAiQAAAIkAAAAAAAAAAAAAAAAAAACJAAAAiQcAAIk4AACJXAAAiXoAAIl7AACJfAAAiYAAAIlsAACJJwAAiQMAAIkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIkAAACJAQAAiSsAAIluAACJewAAiXwAAIluAACJKgAAiQAAAIkAAAAAAAAAAAAAAAAA8A8AAPAHAADgBwAA4AcAAMADAADAAwAAwAMAAMADAADAAwAAwAMAAMADAADAAwAAwAMAAMAHAADgBwAA8B8AAA==" type="image/x-icon" />
|
31
|
+
<style>
|
32
|
+
body {
|
33
|
+
font-family: Verdana, Geneva, sans-serif;
|
34
|
+
font-size: 11px;
|
35
|
+
background-color: #FFFFFF;
|
36
|
+
color: #084B8A !important;
|
37
|
+
}
|
38
|
+
|
39
|
+
a:link {
|
40
|
+
color: #0174DF;
|
41
|
+
text-decoration: none;
|
42
|
+
}
|
43
|
+
|
44
|
+
a:visited {
|
45
|
+
color: #B40404;
|
46
|
+
text-decoration: none;
|
47
|
+
}
|
48
|
+
|
49
|
+
a:hover {
|
50
|
+
color: #01A9DB;
|
51
|
+
text-decoration: underline;
|
52
|
+
}
|
53
|
+
|
54
|
+
a:active {
|
55
|
+
color: #610B5E;
|
56
|
+
text-decoration: underline;
|
57
|
+
}
|
58
|
+
|
59
|
+
table {
|
60
|
+
width: 100%;
|
61
|
+
border-spacing:0px;
|
62
|
+
}
|
63
|
+
|
64
|
+
table.squish {
|
65
|
+
table-layout: fixed;
|
66
|
+
}
|
67
|
+
|
68
|
+
td {
|
69
|
+
vertical-align: top;
|
70
|
+
word-wrap: break-word !important;
|
71
|
+
}
|
72
|
+
|
73
|
+
.highlighted {
|
74
|
+
background-color: #F2F5A9 !important;
|
75
|
+
}
|
76
|
+
</style>
|
77
|
+
|
78
|
+
<!-- jQuery, DataTables, & FancyApps -->
|
79
|
+
<script type="text/javascript" src="//code.jquery.com/jquery-3.6.0.min.js"></script>
|
80
|
+
|
81
|
+
<link rel="stylesheet" type="text/css" href="//cdn.datatables.net/v/dt/dt-1.11.4/b-2.2.2/b-colvis-2.2.2/b-html5-2.2.2/b-print-2.2.2/cr-1.5.5/fc-4.0.1/fh-3.2.1/kt-2.6.4/r-2.2.9/rg-1.1.4/rr-1.2.8/sc-2.0.5/sp-1.4.0/sl-1.3.4/datatables.min.css"/>
|
82
|
+
|
83
|
+
<script type="text/javascript" src="//cdn.datatables.net/v/dt/dt-1.11.4/b-2.2.2/b-colvis-2.2.2/b-html5-2.2.2/b-print-2.2.2/cr-1.5.5/fc-4.0.1/fh-3.2.1/kt-2.6.4/r-2.2.9/rg-1.1.4/rr-1.2.8/sc-2.0.5/sp-1.4.0/sl-1.3.4/datatables.min.js"></script>
|
84
|
+
|
85
|
+
</head>
|
86
|
+
|
87
|
+
<body id="pwn_body">
|
88
|
+
|
89
|
+
<h1 style="display:inline">
|
90
|
+
<a href="https://github.com/0dayinc/pwn/tree/master">~ pwn www uri buster</a>
|
91
|
+
</h1><br /><br />
|
92
|
+
<h2 id="report_name"></h2><br />
|
93
|
+
|
94
|
+
<div><button type="button" id="button">Rows Selected</button></div><br />
|
95
|
+
<div>
|
96
|
+
<b>Toggle Column(s):</b>
|
97
|
+
<a class="toggle-vis" data-column="1" href="#">Request Time</a> |
|
98
|
+
<a class="toggle-vis" data-column="2" href="#">URI</a> |
|
99
|
+
<a class="toggle-vis" data-column="3" href="#">HTTP Method</a> |
|
100
|
+
<a class="toggle-vis" data-column="4" href="#">HTTP Response Code</a> |
|
101
|
+
<a class="toggle-vis" data-column="5" href="#">HTTP Response</a> |
|
102
|
+
</div>
|
103
|
+
<br /><br />
|
104
|
+
|
105
|
+
<div>
|
106
|
+
<table id="pwn_www_uri_buster_results" class="display" cellspacing="0">
|
107
|
+
<thead>
|
108
|
+
<tr>
|
109
|
+
<th>#</th>
|
110
|
+
<th>Request Time</th>
|
111
|
+
<th>URI</th>
|
112
|
+
<th>HTTP Method</th>
|
113
|
+
<th>HTTP Response Code</th>
|
114
|
+
<th>HTTP Response</th>
|
115
|
+
</tr>
|
116
|
+
</thead>
|
117
|
+
<!-- DataTables <tbody> -->
|
118
|
+
</table>
|
119
|
+
</div>
|
120
|
+
|
121
|
+
<script>
|
122
|
+
var htmlEntityEncode = $.fn.dataTable.render.text().display;
|
123
|
+
var line_entry_uri = "";
|
124
|
+
$(document).ready(function() {
|
125
|
+
var oldStart = 0;
|
126
|
+
var table = $('#pwn_www_uri_buster_results').DataTable( {
|
127
|
+
"paging": true,
|
128
|
+
"pagingType": "full_numbers",
|
129
|
+
"fnDrawCallback": function ( oSettings ) {
|
130
|
+
/* Need to redo the counters if filtered or sorted */
|
131
|
+
if ( oSettings.bSorted || oSettings.bFiltered ) {
|
132
|
+
for ( var i=0, iLen=oSettings.aiDisplay.length ; i<iLen ; i++ ) {
|
133
|
+
$('td:eq(0)', oSettings.aoData[ oSettings.aiDisplay[i] ].nTr ).html( i+1 );
|
134
|
+
}
|
135
|
+
}
|
136
|
+
// Jump to top when utilizing pagination
|
137
|
+
if ( oSettings._iDisplayStart != oldStart ) {
|
138
|
+
var targetOffset = $('#pwn_body').offset().top;
|
139
|
+
$('html,body').animate({scrollTop: targetOffset}, 500);
|
140
|
+
oldStart = oSettings._iDisplayStart;
|
141
|
+
}
|
142
|
+
// Select individual lines in a row
|
143
|
+
$('#multi_line_select tbody').on('click', 'tr', function () {
|
144
|
+
$(this).toggleClass('highlighted');
|
145
|
+
if ($('#multi_line_select tr.highlighted').length > 0) {
|
146
|
+
$('#multi_line_select tr td button').attr('disabled', 'disabled');
|
147
|
+
// Remove multi-line bug button
|
148
|
+
} else {
|
149
|
+
$('#multi_line_select tr td button').removeAttr('disabled');
|
150
|
+
// Add multi-line bug button
|
151
|
+
}
|
152
|
+
});
|
153
|
+
},
|
154
|
+
"ajax": "pwn_www_uri_buster.json",
|
155
|
+
//"deferRender": true,
|
156
|
+
"dom": "fplitfpliS",
|
157
|
+
"autoWidth": false,
|
158
|
+
"columns": [
|
159
|
+
{ "data": null },
|
160
|
+
{
|
161
|
+
"data": "request_timestamp",
|
162
|
+
"render": $.fn.dataTable.render.text()
|
163
|
+
},
|
164
|
+
{
|
165
|
+
"data": "http_uri",
|
166
|
+
"render": $.fn.dataTable.render.text()
|
167
|
+
},
|
168
|
+
{
|
169
|
+
"data": "http_method",
|
170
|
+
"render": $.fn.dataTable.render.text()
|
171
|
+
},
|
172
|
+
{
|
173
|
+
"data": "http_resp_code",
|
174
|
+
"render": $.fn.dataTable.render.text()
|
175
|
+
},
|
176
|
+
{
|
177
|
+
"data": "http_resp",
|
178
|
+
"render": $.fn.dataTable.render.text()
|
179
|
+
}
|
180
|
+
]
|
181
|
+
});
|
182
|
+
// Toggle Columns
|
183
|
+
$('a.toggle-vis').on('click', function (e) {
|
184
|
+
e.preventDefault();
|
185
|
+
|
186
|
+
// Get the column API object
|
187
|
+
var column = table.column( $(this).attr('data-column') );
|
188
|
+
|
189
|
+
// Toggle the visibility
|
190
|
+
column.visible( ! column.visible() );
|
191
|
+
});
|
192
|
+
|
193
|
+
// TODO: Open bug for highlighted rows ;)
|
194
|
+
$('#button').click( function () {
|
195
|
+
alert($('#multi_line_select tr.highlighted').length +' row(s) highlighted');
|
196
|
+
});
|
197
|
+
});
|
198
|
+
|
199
|
+
function multi_line_select() {
|
200
|
+
// Select all lines in a row
|
201
|
+
//$('#pwn_www_uri_buster_results tbody').on('click', 'tr', function () {
|
202
|
+
// $(this).children('td').children('#multi_line_select').children('tbody').children('tr').toggleClass('highlighted');
|
203
|
+
//});
|
204
|
+
|
205
|
+
}
|
206
|
+
</script>
|
207
|
+
</body>
|
208
|
+
</html>
|
209
|
+
}
|
210
|
+
|
211
|
+
File.open("#{dir_path}/pwn_www_uri_buster.html", 'w') do |f|
|
212
|
+
f.print(html_report)
|
213
|
+
end
|
214
|
+
rescue StandardError => e
|
215
|
+
raise e
|
216
|
+
end
|
217
|
+
|
218
|
+
# Author(s):: 0day Inc. <request.pentest@0dayinc.com>
|
219
|
+
|
220
|
+
public_class_method def self.authors
|
221
|
+
"AUTHOR(S):
|
222
|
+
0day Inc. <request.pentest@0dayinc.com>
|
223
|
+
"
|
224
|
+
end
|
225
|
+
|
226
|
+
# Display Usage for this Module
|
227
|
+
|
228
|
+
public_class_method def self.help
|
229
|
+
puts "USAGE:
|
230
|
+
#{self}.generate(
|
231
|
+
dir_path: dir_path,
|
232
|
+
results_hash: results_hash
|
233
|
+
)
|
234
|
+
|
235
|
+
#{self}.authors
|
236
|
+
"
|
237
|
+
end
|
238
|
+
end
|
239
|
+
end
|
240
|
+
end
|
data/lib/pwn/reports.rb
CHANGED
data/lib/pwn/version.rb
CHANGED
@@ -0,0 +1,15 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'spec_helper'
|
4
|
+
|
5
|
+
describe PWN::Reports::URIBuster do
|
6
|
+
it 'should display information for authors' do
|
7
|
+
authors_response = PWN::Reports::URIBuster
|
8
|
+
expect(authors_response).to respond_to :authors
|
9
|
+
end
|
10
|
+
|
11
|
+
it 'should display information for existing help method' do
|
12
|
+
help_response = PWN::Reports::URIBuster
|
13
|
+
expect(help_response).to respond_to :help
|
14
|
+
end
|
15
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: pwn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.4.
|
4
|
+
version: 0.4.522
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- 0day Inc.
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-08-
|
11
|
+
date: 2022-08-29 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|
@@ -114,14 +114,14 @@ dependencies:
|
|
114
114
|
requirements:
|
115
115
|
- - ">="
|
116
116
|
- !ruby/object:Gem::Version
|
117
|
-
version: 2.3.
|
117
|
+
version: 2.3.21
|
118
118
|
type: :development
|
119
119
|
prerelease: false
|
120
120
|
version_requirements: !ruby/object:Gem::Requirement
|
121
121
|
requirements:
|
122
122
|
- - ">="
|
123
123
|
- !ruby/object:Gem::Version
|
124
|
-
version: 2.3.
|
124
|
+
version: 2.3.21
|
125
125
|
- !ruby/object:Gem::Dependency
|
126
126
|
name: bundler-audit
|
127
127
|
requirement: !ruby/object:Gem::Requirement
|
@@ -324,14 +324,14 @@ dependencies:
|
|
324
324
|
requirements:
|
325
325
|
- - '='
|
326
326
|
- !ruby/object:Gem::Version
|
327
|
-
version: 2.
|
327
|
+
version: 2.5.0
|
328
328
|
type: :runtime
|
329
329
|
prerelease: false
|
330
330
|
version_requirements: !ruby/object:Gem::Requirement
|
331
331
|
requirements:
|
332
332
|
- - '='
|
333
333
|
- !ruby/object:Gem::Version
|
334
|
-
version: 2.
|
334
|
+
version: 2.5.0
|
335
335
|
- !ruby/object:Gem::Dependency
|
336
336
|
name: luhn
|
337
337
|
requirement: !ruby/object:Gem::Requirement
|
@@ -1066,6 +1066,7 @@ executables:
|
|
1066
1066
|
- pwn_simple_http_server
|
1067
1067
|
- pwn_web_cache_deception
|
1068
1068
|
- pwn_www_checkip
|
1069
|
+
- pwn_www_uri_buster
|
1069
1070
|
- pwn_xss_dom_vectors
|
1070
1071
|
extensions: []
|
1071
1072
|
extra_rdoc_files: []
|
@@ -1130,6 +1131,7 @@ files:
|
|
1130
1131
|
- bin/pwn_simple_http_server
|
1131
1132
|
- bin/pwn_web_cache_deception
|
1132
1133
|
- bin/pwn_www_checkip
|
1134
|
+
- bin/pwn_www_uri_buster
|
1133
1135
|
- bin/pwn_xss_dom_vectors
|
1134
1136
|
- build_pwn_gem.sh
|
1135
1137
|
- documentation/PWN.png
|
@@ -1614,6 +1616,7 @@ files:
|
|
1614
1616
|
- lib/pwn/reports/fuzz.rb
|
1615
1617
|
- lib/pwn/reports/phone.rb
|
1616
1618
|
- lib/pwn/reports/sast.rb
|
1619
|
+
- lib/pwn/reports/uri_buster.rb
|
1617
1620
|
- lib/pwn/sast.rb
|
1618
1621
|
- lib/pwn/sast/amqp_connect_as_guest.rb
|
1619
1622
|
- lib/pwn/sast/apache_file_system_util_api.rb
|
@@ -1911,6 +1914,7 @@ files:
|
|
1911
1914
|
- spec/lib/pwn/reports/fuzz_spec.rb
|
1912
1915
|
- spec/lib/pwn/reports/phone_spec.rb
|
1913
1916
|
- spec/lib/pwn/reports/sast_spec.rb
|
1917
|
+
- spec/lib/pwn/reports/uri_buster_spec.rb
|
1914
1918
|
- spec/lib/pwn/reports_spec.rb
|
1915
1919
|
- spec/lib/pwn/sast/amqp_connect_as_guest_spec.rb
|
1916
1920
|
- spec/lib/pwn/sast/apache_file_system_util_api_spec.rb
|
@@ -2024,7 +2028,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
2024
2028
|
- !ruby/object:Gem::Version
|
2025
2029
|
version: '0'
|
2026
2030
|
requirements: []
|
2027
|
-
rubygems_version: 3.3.
|
2031
|
+
rubygems_version: 3.3.21
|
2028
2032
|
signing_key:
|
2029
2033
|
specification_version: 4
|
2030
2034
|
summary: Automated Security Testing for CI/CD Pipelines & Beyond
|