pwn 0.4.553 → 0.4.556

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/.rubocop_todo.yml +18 -7
  3. data/Gemfile +4 -4
  4. data/README.md +2 -2
  5. data/lib/pwn/plugins/baresip.rb +12 -65
  6. data/lib/pwn/version.rb +1 -1
  7. metadata +11 -11
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f6a9cf9077f04af8d1f05263ebf389014fc8d61847a2cc20d9e6f047c6c01c46
4
- data.tar.gz: a70a0943345f3a5b4b1ee18f12d4fda080e1580dbf45af8a3dde677661d9fad7
3
+ metadata.gz: 11dbd600732237336ae57156038e3dfd2a50827ac3d17c700fe4e22f454d6719
4
+ data.tar.gz: 05ae0f33ecf325c838d9001d4df3d08937a995759ebc7cc9e49e7f8358f3e245
5
5
  SHA512:
6
- metadata.gz: 2fdd15710865e4d378a779ba5800f4483723b8b5a512abfb9d98a888a4d2ccc06a1bf9bffe279b84dd6e186df83ea7eec92f1f0200f28a042eef16b63d009511
7
- data.tar.gz: b9bdf91a136054cd20b8f5aa6b12e49a8302c6812656a3bc031f157459522e5c49a395c141e4f16974472b0a45e3b9460bbba0644f7c26b45e668545a7296a28
6
+ metadata.gz: 7bc057c08e032a99ffedda3c0112645cbbb1d0e772782e67939c15aefb8aa35123bbfc620c61d071beea1084ce9766f662d47f081b196c106b88711abd2d2bf0
7
+ data.tar.gz: a2fc493cbac49a1b74b1bc8614c5b40f1f074693189165222ca04d144f778016ddeee19e0d7235d5af7079513b52372c42c98be9bebbd606780cb7a29b2f2142
data/.rubocop_todo.yml CHANGED
@@ -1,6 +1,6 @@
1
1
  # This configuration was generated by
2
2
  # `rubocop --auto-gen-config`
3
- # on 2022-09-23 22:54:28 UTC using RuboCop version 1.36.0.
3
+ # on 2022-10-23 04:53:17 UTC using RuboCop version 1.37.0.
4
4
  # The point is for the user to remove these configuration records
5
5
  # one by one as the offenses are removed from the code base.
6
6
  # Note that changes in the inspected code, or installation of new
@@ -17,16 +17,16 @@ Layout/LineContinuationSpacing:
17
17
  - 'packer/provisioners/wpscan.rb'
18
18
  - 'vagrant/provisioners/beef.rb'
19
19
 
20
- # Offense count: 265
20
+ # Offense count: 270
21
21
  Lint/UselessAssignment:
22
22
  Enabled: false
23
23
 
24
- # Offense count: 266
24
+ # Offense count: 268
25
25
  # Configuration parameters: AllowedMethods, AllowedPatterns, IgnoredMethods, CountRepeatedAttributes.
26
26
  Metrics/AbcSize:
27
27
  Max: 328
28
28
 
29
- # Offense count: 71
29
+ # Offense count: 69
30
30
  # Configuration parameters: CountComments, CountAsOne, ExcludedMethods, AllowedMethods, AllowedPatterns, IgnoredMethods.
31
31
  # AllowedMethods: refine
32
32
  Metrics/BlockLength:
@@ -37,7 +37,7 @@ Metrics/BlockLength:
37
37
  Metrics/BlockNesting:
38
38
  Max: 5
39
39
 
40
- # Offense count: 96
40
+ # Offense count: 97
41
41
  # Configuration parameters: AllowedMethods, AllowedPatterns, IgnoredMethods.
42
42
  Metrics/CyclomaticComplexity:
43
43
  Max: 231
@@ -52,7 +52,7 @@ Metrics/MethodLength:
52
52
  Metrics/ModuleLength:
53
53
  Max: 1186
54
54
 
55
- # Offense count: 88
55
+ # Offense count: 89
56
56
  # Configuration parameters: AllowedMethods, AllowedPatterns, IgnoredMethods.
57
57
  Metrics/PerceivedComplexity:
58
58
  Max: 51
@@ -93,12 +93,23 @@ Style/RedundantCondition:
93
93
  - 'bin/pwn_simple_http_server'
94
94
  - 'lib/pwn/plugins/packet.rb'
95
95
 
96
+ # Offense count: 13
97
+ # This cop supports safe autocorrection (--autocorrect).
98
+ Style/RedundantStringEscape:
99
+ Exclude:
100
+ - 'bin/pwn_autoinc_version'
101
+ - 'lib/pwn/sast/emoticon.rb'
102
+ - 'lib/pwn/sast/php_type_juggling.rb'
103
+ - 'lib/pwn/sast/port.rb'
104
+ - 'lib/pwn/sast/redos.rb'
105
+ - 'vagrant/provisioners/kali_customize.rb'
106
+
96
107
  # Offense count: 45
97
108
  # This cop supports unsafe autocorrection (--autocorrect-all).
98
109
  Style/SlicingWithRange:
99
110
  Enabled: false
100
111
 
101
- # Offense count: 577
112
+ # Offense count: 574
102
113
  # This cop supports safe autocorrection (--autocorrect).
103
114
  # Configuration parameters: AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, AllowedPatterns, IgnoredPatterns.
104
115
  # URISchemes: http, https
data/Gemfile CHANGED
@@ -18,7 +18,7 @@ gem 'aws-sdk', '3.1.0'
18
18
  gem 'bettercap', '1.6.2'
19
19
  gem 'brakeman', '5.3.1'
20
20
  gem 'bson', '4.15.0'
21
- gem 'bundler', '>=2.3.23'
21
+ gem 'bundler', '>=2.3.24'
22
22
  gem 'bundler-audit', '0.9.1'
23
23
  gem 'bunny', '2.19.0'
24
24
  gem 'colorize', '0.8.1'
@@ -43,7 +43,7 @@ gem 'net-ldap', '0.17.1'
43
43
  gem 'net-openvpn', '0.8.7'
44
44
  gem 'net-smtp', '0.3.2'
45
45
  gem 'nexpose', '7.3.0'
46
- gem 'nokogiri', '1.13.8'
46
+ gem 'nokogiri', '1.13.9'
47
47
  gem 'oily_png', '1.2.1'
48
48
  gem 'os', '1.1.4'
49
49
  gem 'packetfu', '1.1.13'
@@ -60,7 +60,7 @@ gem 'rex', '2.0.13'
60
60
  gem 'rmagick', '5.0.0'
61
61
  gem 'rspec', '3.11.0'
62
62
  gem 'rtesseract', '3.1.2'
63
- gem 'rubocop', '1.36.0'
63
+ gem 'rubocop', '1.37.0'
64
64
  gem 'rubocop-rake', '0.6.0'
65
65
  gem 'rubocop-rspec', '2.13.2'
66
66
  gem 'ruby-audio', '1.6.1'
@@ -71,7 +71,7 @@ gem 'savon', '2.13.1'
71
71
  gem 'selenium-devtools', '0.106.0'
72
72
  gem 'serialport', '1.3.2'
73
73
  gem 'sinatra', '3.0.2'
74
- gem 'slack-ruby-client', '1.1.0'
74
+ gem 'slack-ruby-client', '2.0.0'
75
75
  gem 'socksify', '1.7.1'
76
76
  gem 'spreadsheet', '1.3.0'
77
77
  gem 'sqlite3', '1.5.3'
data/README.md CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.1.2@pwn
37
37
  $ rvm list gemsets
38
38
  $ gem install --verbose pwn
39
39
  $ pwn
40
- pwn[v0.4.553]:001 >>> PWN.help
40
+ pwn[v0.4.556]:001 >>> PWN.help
41
41
  ```
42
42
 
43
43
  [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.1.2@pwn
52
52
  $ gem uninstall --all --executables pwn
53
53
  $ gem install --verbose pwn
54
54
  $ pwn
55
- pwn[v0.4.553]:001 >>> PWN.help
55
+ pwn[v0.4.556]:001 >>> PWN.help
56
56
  ```
57
57
 
58
58
 
data/lib/pwn/plugins/baresip.rb CHANGED
@@ -143,10 +143,6 @@ module PWN
143
143
  '-v'
144
144
  )
145
145
 
146
- baresip_obj[:session_thread] = init_session_thread(
147
- baresip_obj: baresip_obj
148
- )
149
-
150
146
  ok = 'registered successfully'
151
147
  gone = 'account: No SIP accounts found'
152
148
  forb = '403 Forbidden'
@@ -154,7 +150,13 @@ module PWN
154
150
  # TODO: Make this faster.
155
151
  print 'Starting baresip...'
156
152
  loop do
157
- break if @session_data.select { |s| s.include?(ok) }.length.positive?
153
+ next unless File.exist?(screenlog_path)
154
+
155
+ dump_session_data = File.readlines(screenlog_path)
156
+ dump_session_data.delete_if do |line|
157
+ line.include?('ua: using best effort AF: af=AF_INET')
158
+ end
159
+ break if dump_session_data.select { |s| s.include?(ok) }.length.positive?
158
160
 
159
161
  next unless dump_session_data.select { |s| s.include?(gone) }.length.positive?
160
162
  next unless dump_session_data.select { |s| s.include?(forb) }.length.positive?
@@ -170,53 +172,6 @@ module PWN
170
172
  raise e
171
173
  end
172
174
 
173
- # Supported Method Parameters::
174
- # session_thread = init_session_thread(
175
- # serial_conn: 'required - SerialPort.new object'
176
- # )
177
-
178
- private_class_method def self.init_session_thread(opts = {})
179
- baresip_obj = opts[:baresip_obj]
180
-
181
- session_root = baresip_obj[:session_root]
182
- screenlog_path = baresip_obj[:screenlog_path]
183
-
184
- # Spin up a baresip_obj session_thread
185
- Thread.new do
186
- loop do
187
- next unless File.exist?(screenlog_path)
188
-
189
- # Continuously consume contents of screenlog_path
190
- @session_data = File.readlines(screenlog_path)
191
- @session_data.delete_if do |line|
192
- line.include?('ua: using best effort AF: af=AF_INET')
193
- end
194
- end
195
- end
196
- rescue StandardError => e
197
- session_thread&.terminate
198
-
199
- raise e
200
- end
201
-
202
- # Supported Method Parameters::
203
- # session_data = PWN::Plugins::BareSIP.dump_session_data
204
-
205
- public_class_method def self.dump_session_data
206
- @session_data
207
- rescue StandardError => e
208
- raise e
209
- end
210
-
211
- # Supported Method Parameters::
212
- # session_data = PWN::Plugins::BareSIP.flush_session_data
213
-
214
- public_class_method def self.flush_session_data
215
- @session_data.clear
216
- rescue StandardError => e
217
- raise e
218
- end
219
-
220
175
  # Supported Method Parameters::
221
176
  # cmd_resp = PWN::Plugins::BareSIP.baresip_exec(
222
177
  # baresip_obj: 'Required - baresip obj returned from #start method',
@@ -244,13 +199,8 @@ module PWN
244
199
 
245
200
  public_class_method def self.stop(opts = {})
246
201
  baresip_obj = opts[:baresip_obj]
247
- session_thread = baresip_obj[:session_thread]
248
202
  screen_session = baresip_obj[:screen_session]
249
203
 
250
- flush_session_data
251
-
252
- session_thread.terminate
253
-
254
204
  puts "STOPPING #{baresip_obj[:screen_session]}"
255
205
  cmd_resp = baresip_exec(
256
206
  baresip_obj: baresip_obj,
@@ -509,24 +459,23 @@ module PWN
509
459
  print "#{seconds_to_record}s to record - remaining: #{format('%-9.9s', countdown)}"
510
460
  print "\r"
511
461
 
512
- # TODO: Fix known issue - if remote terminates call early
513
- # all calls in thread pool will be stopped prematurely :-/
514
- # This likely has something to do w/ data scoping issues in dump_session_data
462
+ dump_session_data = File.readlines(screenlog_path)
463
+ dump_session_data.delete_if do |line|
464
+ line.include?('ua: using best effort AF: af=AF_INET')
465
+ end
466
+
515
467
  if dump_session_data.select { |s| s.include?(terminated) }.length.positive?
516
468
  reason = 'call terminated by other party'
517
- flush_session_data
518
469
  break
519
470
  end
520
471
 
521
472
  if dump_session_data.select { |s| s.include?(unavail) }.length.positive?
522
473
  reason = 'SIP 503 (service unavailable)'
523
- flush_session_data
524
474
  break
525
475
  end
526
476
 
527
477
  if dump_session_data.select { |s| s.include?(not_found) }.length.positive?
528
478
  reason = 'SIP 404 (not found)'
529
- flush_session_data
530
479
  break
531
480
  end
532
481
 
@@ -720,8 +669,6 @@ module PWN
720
669
  screen_session: 'Optional name of screen session (Defaults baresip)'
721
670
  )
722
671
 
723
- session_data_arr = #{self}.dump_session_data
724
-
725
672
  cmd_resp = #{self}.baresip_exec(
726
673
  baresip_obj: 'Required - baresip obj returned from #start method',
727
674
  cmd: 'Required - command to send to baresip HTTP daemon'
data/lib/pwn/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module PWN
4
- VERSION = '0.4.553'
4
+ VERSION = '0.4.556'
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pwn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.553
4
+ version: 0.4.556
5
5
  platform: ruby
6
6
  authors:
7
7
  - 0day Inc.
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-10-13 00:00:00.000000000 Z
11
+ date: 2022-10-23 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -114,14 +114,14 @@ dependencies:
114
114
  requirements:
115
115
  - - ">="
116
116
  - !ruby/object:Gem::Version
117
- version: 2.3.23
117
+ version: 2.3.24
118
118
  type: :development
119
119
  prerelease: false
120
120
  version_requirements: !ruby/object:Gem::Requirement
121
121
  requirements:
122
122
  - - ">="
123
123
  - !ruby/object:Gem::Version
124
- version: 2.3.23
124
+ version: 2.3.24
125
125
  - !ruby/object:Gem::Dependency
126
126
  name: bundler-audit
127
127
  requirement: !ruby/object:Gem::Requirement
@@ -450,14 +450,14 @@ dependencies:
450
450
  requirements:
451
451
  - - '='
452
452
  - !ruby/object:Gem::Version
453
- version: 1.13.8
453
+ version: 1.13.9
454
454
  type: :runtime
455
455
  prerelease: false
456
456
  version_requirements: !ruby/object:Gem::Requirement
457
457
  requirements:
458
458
  - - '='
459
459
  - !ruby/object:Gem::Version
460
- version: 1.13.8
460
+ version: 1.13.9
461
461
  - !ruby/object:Gem::Dependency
462
462
  name: oily_png
463
463
  requirement: !ruby/object:Gem::Requirement
@@ -688,14 +688,14 @@ dependencies:
688
688
  requirements:
689
689
  - - '='
690
690
  - !ruby/object:Gem::Version
691
- version: 1.36.0
691
+ version: 1.37.0
692
692
  type: :runtime
693
693
  prerelease: false
694
694
  version_requirements: !ruby/object:Gem::Requirement
695
695
  requirements:
696
696
  - - '='
697
697
  - !ruby/object:Gem::Version
698
- version: 1.36.0
698
+ version: 1.37.0
699
699
  - !ruby/object:Gem::Dependency
700
700
  name: rubocop-rake
701
701
  requirement: !ruby/object:Gem::Requirement
@@ -842,14 +842,14 @@ dependencies:
842
842
  requirements:
843
843
  - - '='
844
844
  - !ruby/object:Gem::Version
845
- version: 1.1.0
845
+ version: 2.0.0
846
846
  type: :runtime
847
847
  prerelease: false
848
848
  version_requirements: !ruby/object:Gem::Requirement
849
849
  requirements:
850
850
  - - '='
851
851
  - !ruby/object:Gem::Version
852
- version: 1.1.0
852
+ version: 2.0.0
853
853
  - !ruby/object:Gem::Dependency
854
854
  name: socksify
855
855
  requirement: !ruby/object:Gem::Requirement
@@ -2032,7 +2032,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
2032
2032
  - !ruby/object:Gem::Version
2033
2033
  version: '0'
2034
2034
  requirements: []
2035
- rubygems_version: 3.3.23
2035
+ rubygems_version: 3.3.24
2036
2036
  signing_key:
2037
2037
  specification_version: 4
2038
2038
  summary: Automated Security Testing for CI/CD Pipelines & Beyond