pwn 0.4.524 → 0.4.527

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a25f229c9216eca02d721249e3799f6b550772cc0356a8f7654fbeee3f61281f
-  data.tar.gz: 487b0a1c4a393f7a9878b311c5c84dde861570486b8b0d327877643dddef54f4
+  metadata.gz: 97a29eb8082007674ab5011303a4ccb6897e03a99cc01201905e39a6b38e751f
+  data.tar.gz: d2fe796c9c3761a5d8a3e304946f590974c60bcc4c846cd0e22e727dbf705aff
 SHA512:
-  metadata.gz: 24b915bbb16d51d36eab34c1576c650da54d6edaeaf00d70b2ab37dd4808e5394b51e22550dd948222a290991fbd867babfafb5bcfec752d41143a7b2b4d2755
-  data.tar.gz: 7f97bf77d74102c03b2b5b1c52d98dc4163bd096a752dfb9291c5eb6f58acd3bb5755dd5e3c7bb2920124f343c350bf8ef3ec8cba0c99c44408392aeb0932550
+  metadata.gz: aa2e8b4e875882c5a8a6458aad83def7064e9fd60f40fe7ab25e84a54bbec3595e197e841ab8e89abbb778992281892f7cd2f1b52cc3ab6523f35caa8751ec33
+  data.tar.gz: 9a620498f22d2c08196e395f4867034e6b13c544ce8d6f7f4bb9d857d1c5ec5339beae2b789a643f2191a829a02821ac7345b10f2115e54ac305d58491b83504

data/README.md

@@ -37,7 +37,7 @@ $ rvm use ruby-3.1.2@pwn
 $ rvm list gemsets
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.524]:001 >>> PWN.help
+pwn[v0.4.527]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.1.2@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.524]:001 >>> PWN.help
+pwn[v0.4.527]:001 >>> PWN.help
 ```
 
 

data/bin/pwn_www_uri_buster

@@ -28,7 +28,7 @@ OptionParser.new do |options|
     opts[:wordlist] = w
   end
 
-  options.on('-nREPORTNAME', '--report-name=REPORTNAME', '<Optional Report Name (Defaults to, "<TARGET_URL_HOST>-<Time.now.strftime("%Y-%m-%d_%H-%M-%S")>")>') do |n|
+  options.on('-nREPORTNAME', '--report-name=REPORTNAME', '<Optional Report Name (Defaults to, "<TARGET_URL_HOST>-<File.basename(wordlist)>-<Time.now.strftime("%Y-%m-%d_%H-%M-%S")>")>') do |n|
     opts[:report_name] = n
   end
 
@@ -56,7 +56,7 @@ begin
   dir_path ||= '.'
 
   report_name = opts[:report_name]
-  report_name ||= "#{parsed_target_url.host}-#{Time.now.strftime('%Y-%m-%d_%H-%M-%S')}"
+  report_name ||= "#{parsed_target_url.host}-#{File.basename(wordlist)}-#{Time.now.strftime('%Y-%m-%d_%H-%M-%S')}"
 
   start_reporting_server = opts[:start_reporting_server]
 
@@ -78,13 +78,13 @@ begin
 
     next if wordlist_line.match?(/^#/)
 
-    http_methods = %i[GET HEAD POST PUT DELETE OPTIONS TRACE]
+    http_uri = "#{target_url}/#{CGI.escape(wordlist_line)}"
 
+    http_methods = %i[GET HEAD POST PUT DELETE OPTIONS TRACE]
     http_methods.each do |http_method|
       begin
         print '.'
         rest_client_resp_hash = {}
-        http_uri = "#{target_url}/#{wordlist_line}"
         rest_client = PWN::Plugins::TransparentBrowser.open(browser_type: :rest)::Request
         response = rest_client.execute(
           method: http_method,
@@ -97,7 +97,7 @@ begin
           http_uri: http_uri,
           http_method: http_method,
           http_resp_code: response.code,
-          http_resp: response.body
+          http_resp: response.body[0..300]
         }
       rescue RestClient::Forbidden,
              RestClient::BadRequest,
@@ -108,7 +108,7 @@ begin
           http_uri: http_uri,
           http_method: http_method,
           http_resp_code: e.response.code,
-          http_resp: e.response.body
+          http_resp: e.response.body[0..300]
         }
         next
       ensure

data/lib/pwn/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.4.524'
+  VERSION = '0.4.527'
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.4.524
+  version: 0.4.527
 platform: ruby
 authors:
 - 0day Inc.