RubyGems - pwn - Versions diffs - 0.4.527 → 0.4.530 - Mend

pwn 0.4.527 → 0.4.530

Files changed (5) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 97a29eb8082007674ab5011303a4ccb6897e03a99cc01201905e39a6b38e751f
-  data.tar.gz: d2fe796c9c3761a5d8a3e304946f590974c60bcc4c846cd0e22e727dbf705aff
+  metadata.gz: 612f547ef710363dbb2354048dbae80679dc8153f74512d09847f8d43e29e90c
+  data.tar.gz: ce2ef03d718183d5130749244cd0237774b3b58003e693b790c59abf21abbe5f
 SHA512:
-  metadata.gz: aa2e8b4e875882c5a8a6458aad83def7064e9fd60f40fe7ab25e84a54bbec3595e197e841ab8e89abbb778992281892f7cd2f1b52cc3ab6523f35caa8751ec33
-  data.tar.gz: 9a620498f22d2c08196e395f4867034e6b13c544ce8d6f7f4bb9d857d1c5ec5339beae2b789a643f2191a829a02821ac7345b10f2115e54ac305d58491b83504
+  metadata.gz: 6fd3b7a65884a9551eb6b8cec0b34f1d96dd3211d2d511c144ef31a93ba5ca828327c7c768e42b694765f46af93cfd8b858275c5cf4b9b1065336c430edb1ce7
+  data.tar.gz: 0bef199fc9669b712205d3dac1d30e50b24135dd389a28ceccc1a7e193c9fc01fbf33f578665f808d52f22e0d67d55fc72eccda2819b230317eaa7010b7b2f9e

data/README.md CHANGED Viewed

@@ -37,7 +37,7 @@ $ rvm use ruby-3.1.2@pwn
 $ rvm list gemsets
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.527]:001 >>> PWN.help
+pwn[v0.4.530]:001 >>> PWN.help
 ```
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.1.2@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.527]:001 >>> PWN.help
+pwn[v0.4.530]:001 >>> PWN.help
 ```

data/bin/pwn_www_uri_buster CHANGED Viewed

@@ -4,6 +4,7 @@
 require 'pwn'
 require 'optparse'
 require 'uri'
+require 'cgi'
 require 'htmlentities'
 opts = {}
@@ -43,6 +44,9 @@ if opts.empty?
 end
 begin
+  pwn_provider = ENV.fetch('PWN_PROVIDER') if ENV.fetch('PWN_PROVIDER')
+  $stdout.sync = true
   target_url = opts[:target_url]
   parsed_target_url = URI.parse(target_url)
@@ -78,12 +82,11 @@ begin
     next if wordlist_line.match?(/^#/)
-    http_uri = "#{target_url}/#{CGI.escape(wordlist_line)}"
     http_methods = %i[GET HEAD POST PUT DELETE OPTIONS TRACE]
     http_methods.each do |http_method|
       begin
         print '.'
+        http_uri = "#{target_url}/#{wordlist_line}"
         rest_client_resp_hash = {}
         rest_client = PWN::Plugins::TransparentBrowser.open(browser_type: :rest)::Request
         response = rest_client.execute(
@@ -101,6 +104,7 @@ begin
         }
       rescue RestClient::Forbidden,
              RestClient::BadRequest,
+             RestClient::MethodNotAllowed,
              RestClient::NotFound => e
         rest_client_resp_hash = {
@@ -111,6 +115,16 @@ begin
           http_resp: e.response.body[0..300]
         }
         next
+      rescue URI::InvalidURIError
+        url_encoded_wordlist_arr = []
+        wordlist_line.split('/').each do |path|
+          url_encoded_wordlist_arr.push(CGI.escape(path))
+        end
+        wordlist_line = url_encoded_wordlist_arr.join('/')
+        retry
+      rescue RestClient::TooManyRequests
+        sleep 60
       ensure
         mutex.synchronize do
           results_hash[:data].push(rest_client_resp_hash)

data/lib/pwn/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module PWN
-  VERSION = '0.4.527'
+  VERSION = '0.4.530'
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.4.527
+  version: 0.4.530
 platform: ruby
 authors:
 - 0day Inc.