pwn 0.4.549 → 0.4.551

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b0d1670b553866c3340800ed557e77398ca60a533583bc63534332d6e5ab4043
-  data.tar.gz: 6a36d5264d0d728a4fa348f4e5014b4638a94798781ddd8186da1b7377ebbb6d
+  metadata.gz: 37c116ff3072536f637e3b85299339fcff43cfae08fa907f51ef6db8f74bfeed
+  data.tar.gz: bf01ca52b18146da07b3aa882981be1484fc56a5fc72845415056a0d61438245
 SHA512:
-  metadata.gz: a1bf0a013d812084b936c34f72d5547b8b3a8067f0f60bc23a316de61e5c4f96498ae857569d0e1a2154f52d1591176b03b248c6c5005819a72a914b95f88ef6
-  data.tar.gz: 165057a3dfdc18c3f32b4cbcd9d002ddef46bfcc86cec92f0b7ba28180e626c16ef8e030f037a3701726262b1279b268243ab173ccefd9422f9bb94c9d381a38
+  metadata.gz: 4c4d7a6f950288b53d8850222c6a7f0ff22c54bf87de32cd7d842fde7ecef121374f1c1c6412f76fb26fb3fefc93b711b7b18e270d9b674c713e630f2174e381
+  data.tar.gz: 18553d6f48fe65b9a4885f17a912c58953539fa044da6e1f8d70a1d81bf860789cf8b8626f75b612ade3962dc7692714b1d15d857f657cf5f5770983d55cb3f8

data/Gemfile

@@ -48,7 +48,7 @@ gem 'oily_png', '1.2.1'
 gem 'os', '1.1.4'
 gem 'packetfu', '1.1.13'
 gem 'pdf-reader', '2.10.0'
-gem 'pg', '1.4.3'
+gem 'pg', '1.4.4'
 gem 'pry', '0.14.1'
 gem 'pry-doc', '1.3.0'
 gem 'rake', '13.0.6'
@@ -57,7 +57,7 @@ gem 'rbvmomi', '3.0.0'
 gem 'rdoc', '6.4.0'
 gem 'rest-client', '2.1.0'
 gem 'rex', '2.0.13'
-gem 'rmagick', '4.3.0'
+gem 'rmagick', '5.0.0'
 gem 'rspec', '3.11.0'
 gem 'rtesseract', '3.1.2'
 gem 'rubocop', '1.36.0'
@@ -74,7 +74,7 @@ gem 'sinatra', '3.0.2'
 gem 'slack-ruby-client', '1.1.0'
 gem 'socksify', '1.7.1'
 gem 'spreadsheet', '1.3.0'
-gem 'sqlite3', '1.5.2'
+gem 'sqlite3', '1.5.3'
 gem 'thin', '1.8.1'
 gem 'tty-prompt', '0.23.1'
 gem 'watir', '7.1.0'

data/README.md

@@ -37,7 +37,7 @@ $ rvm use ruby-3.1.2@pwn
 $ rvm list gemsets
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.549]:001 >>> PWN.help
+pwn[v0.4.551]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.1.2@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.549]:001 >>> PWN.help
+pwn[v0.4.551]:001 >>> PWN.help
 ```
 
 

data/bin/pwn_phone

@@ -46,7 +46,7 @@ OptionParser.new do |options|
     opts[:start_reporting_server] = s
   end
 
-  options.on('-xRULES', '--source-num-rules=RULES', '<Optional - Comma-delimited list of rules for src_num format (i.e. self, same_country, same_area, and/or same_prefix [Defaults to random src_num w/ same length as target_num])>') do |x|
+  options.on('-xRULES', '--source-num-rules=RULES', '<Optional - Comma-delimited list of rules for src_num format (i.e. XXXXXXXXXX, self, same_country, same_area, and/or same_prefix [Defaults to random src_num w/ same length as target_num])>') do |x|
     opts[:src_num_rules] = x
   end
 

data/lib/pwn/plugins/baresip.rb

@@ -187,8 +187,8 @@ module PWN
             next unless File.exist?(screenlog_path)
 
             # Continuously consume contents of screenlog_path
-            @session_data = File.readlines(screenlog_path)
-            @session_data.delete_if do |line|
+            session_data = File.readlines(screenlog_path)
+            session_data.delete_if do |line|
               line.include?('ua: using best effort AF: af=AF_INET')
             end
           end
@@ -203,7 +203,7 @@ module PWN
       # session_data = PWN::Plugins::BareSIP.dump_session_data
 
       public_class_method def self.dump_session_data
-        @session_data
+        session_data
       rescue StandardError => e
         raise e
       end
@@ -307,7 +307,7 @@ module PWN
       # Supported Method Parameters::
       # PWN::Plugins::BareSIP.apply_src_num_rules(
       #   target_num: 'Required - destination number to derive source number',
-      #   src_num_rules: 'Optional - Comma-delimited list of rules for src_num format (i.e. self, same_country, same_area, and/or same_prefix [Defaults to random src_num w/ same length as target_num])'
+      #   src_num_rules: 'Optional - Comma-delimited list of rules for src_num format (i.e. XXXXXXXXXX, self, same_country, same_area, and/or same_prefix [Defaults to random src_num w/ same length as target_num])'
       # )
 
       public_class_method def self.apply_src_num_rules(opts = {})
@@ -356,6 +356,7 @@ module PWN
         else
           raise "Target # should be 10-14 digits. Length is: #{target_num.to_s.length}"
         end
+        src_num_rules_arr.delete(:same_country)
 
         # > 799 for prefix leads to call issues when calling 800 numbers.
         # area = format('%0.3s', Random.rand(200..999))
@@ -363,14 +364,28 @@ module PWN
         area = target_num.to_s.chars[-10..-8].join if src_num_rules_arr.include?(
           :same_area
         )
+        src_num_rules_arr.delete(:same_area)
 
         prefix = format('%0.3d', Random.rand(200..999))
         prefix = target_num.to_s.chars[-7..-5].join if src_num_rules_arr.include?(
           :same_prefix
         )
+        src_num_rules_arr.delete(:same_prefix)
+
         suffix = format('%0.4d', Random.rand(0..9999))
+
+        # Defaults to Random Source Number
         src_num = "#{country}#{area}#{prefix}#{suffix}"
+
+        # Change to same as dest if :self is passed
         src_num = target_num if src_num_rules_arr.include?(:self)
+        src_num_rules_arr.delete(:self)
+
+        # Assume a custom number is passed if an element
+        # still exists in src_num_rules_arr
+        # Cast symbol to string, string to integer to massage input,
+        # and cast back to string.
+        src_num = src_num_rules_arr.first.to_s.to_i.to_s if src_num_rules_arr.any?
 
         # TODO: Update ~/.baresip/accounts to apply source number
         sip_accounts_path = "#{config_root}/accounts"
@@ -494,6 +509,8 @@ module PWN
           print "#{seconds_to_record}s to record - remaining: #{format('%-9.9s', countdown)}"
           print "\r"
 
+          # TODO: Fix known issue - if remote terminates call early
+          # all calls in thread pool will be stopped prematurely :-/
           if dump_session_data.select { |s| s.include?(terminated) }.length.positive?
             reason = 'call terminated by other party'
             break
@@ -514,14 +531,16 @@ module PWN
         call_resp_hash[:seconds_recorded] = seconds_recorded
         puts end_of_color
 
-        call_stopped = Time.now.strftime('%Y-%m-%d_%H.%M.%S')
-        puts "\n#{green}#{call_stopped} >>> #{reason} #{target_num}#{end_of_color}"
-        call_resp_hash[:call_stopped] = call_stopped
-        call_resp_hash[:reason] = reason
-        puts "call termination reason: #{reason}"
+        # Move to ensure block?
+        # call_stopped = Time.now.strftime('%Y-%m-%d_%H.%M.%S')
+        # puts "\n#{green}#{call_stopped} >>> #{reason} #{target_num}#{end_of_color}"
+        # call_resp_hash[:call_stopped] = call_stopped
+        # call_resp_hash[:reason] = reason
+        # puts "call termination reason: #{reason}"
 
-        stop(baresip_obj: baresip_obj)
-        FileUtils.rm_rf(config_root_for_target_num)
+        # stop(baresip_obj: baresip_obj)
+        # FileUtils.rm_rf(config_root_for_target_num)
+        # End of ensure block
 
         absolute_recording = ''
         relative_recording = ''
@@ -600,6 +619,16 @@ module PWN
         call_resp_hash
       rescue StandardError => e
         raise e
+      ensure
+        # Ensure baresip session is stopped
+        call_stopped = Time.now.strftime('%Y-%m-%d_%H.%M.%S')
+        puts "\n#{green}#{call_stopped} >>> #{reason} #{target_num}#{end_of_color}"
+        call_resp_hash[:call_stopped] = call_stopped
+        call_resp_hash[:reason] = reason
+        puts "call termination reason: #{reason}"
+
+        stop(baresip_obj: baresip_obj)
+        FileUtils.rm_rf(config_root_for_target_num)
       end
 
       # Supported Method Parameters::

data/lib/pwn/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.4.549'
+  VERSION = '0.4.551'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.4.549
+  version: 0.4.551
 platform: ruby
 authors:
 - 0day Inc.
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-10-05 00:00:00.000000000 Z
+date: 2022-10-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -520,14 +520,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.4.3
+        version: 1.4.4
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.4.3
+        version: 1.4.4
 - !ruby/object:Gem::Dependency
   name: pry
   requirement: !ruby/object:Gem::Requirement
@@ -646,14 +646,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 4.3.0
+        version: 5.0.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 4.3.0
+        version: 5.0.0
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
@@ -884,14 +884,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.5.2
+        version: 1.5.3
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.5.2
+        version: 1.5.3
 - !ruby/object:Gem::Dependency
   name: thin
   requirement: !ruby/object:Gem::Requirement
@@ -2032,7 +2032,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.22
+rubygems_version: 3.3.23
 signing_key:
 specification_version: 4
 summary: Automated Security Testing for CI/CD Pipelines & Beyond