RubyGems - pwn - Versions diffs - 0.4.558 → 0.4.560 - Mend

pwn 0.4.558 → 0.4.560

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

checksums.yaml +4 -4
data/README.md +2 -2
data/bin/pwn_fuzz_net_app_proto +1 -1
data/bin/pwn_phone +1 -1
data/bin/pwn_sast +1 -1
data/bin/pwn_www_uri_buster +71 -67
data/build_pwn_gem.sh +0 -6
data/git_commit_test_reinit_gem.sh +7 -0
data/lib/pwn/version.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9d5be653b5456b1ef5e858e7e93c3141267572b9f63d09ee5ddc804e05b4b287
-  data.tar.gz: 10f59a7fa3da847402b3bb3fae55e527663380e50c86be645b9e8155581b7c02
+  metadata.gz: 141967853c518920147525e9669739c9884959ee8d519f72a1dd7c2dbe15667d
+  data.tar.gz: 05d71ffd4948692045a5bf6d4b89f35b0648e7e3563683a7fee6fc21aec79986
 SHA512:
-  metadata.gz: ba4f7f66d1cc74ba597fe8b94ee5a35a3b54089396e262488a2798fb7dabe04225652420822b5a10ce609ebe3a3a93070c2917fc6bc9b475e8d95d1c6ecdd433
-  data.tar.gz: aee5c3440a05577dca65d55f6b3048a07c225e2ff754a76d80b1e02088b1c6f003ee12beff768d75467139102aaf749b96b086bbfb0120db1fd9ce6397103e50
+  metadata.gz: 60ea533b90a1bf27a3a65dc8494febed956ed42f07cb2583b9e71480a3b517c2f54cd3a4f46b215714f028b98d60e9451aecaae2557e01e5bc82099852c58a4f
+  data.tar.gz: ff8488b74b31867a28859f36e967f2df9342594efef304eb76abb960422a0a985567b23da801c81651b1c1edf634dcf1b62dbb3913365e541b1b435bb322390b

data/README.md CHANGED Viewed

@@ -37,7 +37,7 @@ $ rvm use ruby-3.1.2@pwn
 $ rvm list gemsets
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.558]:001 >>> PWN.help
+pwn[v0.4.560]:001 >>> PWN.help
 ```
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.1.2@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.558]:001 >>> PWN.help
+pwn[v0.4.560]:001 >>> PWN.help
 ```

data/bin/pwn_fuzz_net_app_proto CHANGED Viewed

@@ -77,8 +77,8 @@ if opts.empty?
   exit 1
 end
+pwn_provider = 'ruby-gem'
 pwn_provider = ENV.fetch('PWN_PROVIDER') if ENV.fetch('PWN_PROVIDER')
-pwn_provider ||= 'ruby-gem'
 dir_path = opts[:dir_path].to_s.scrub
 target = opts[:target]

data/bin/pwn_phone CHANGED Viewed

@@ -61,8 +61,8 @@ if opts.empty?
 end
 begin
+  pwn_provider = 'ruby-gem'
   pwn_provider = ENV.fetch('PWN_PROVIDER') if ENV.fetch('PWN_PROVIDER')
-  pwn_provider ||= 'ruby-gem'
   $stdout.sync = true
   # Required Flag Variables

data/bin/pwn_sast CHANGED Viewed

@@ -46,8 +46,8 @@ if opts.empty?
 end
 begin
+  pwn_provider = 'ruby-gem'
   pwn_provider = ENV.fetch('PWN_PROVIDER') if ENV.fetch('PWN_PROVIDER')
-  pwn_provider ||= 'ruby-gem'
   green = "\e[32m"
   end_of_color = "\e[0m"

data/bin/pwn_www_uri_buster CHANGED Viewed

@@ -56,75 +56,75 @@ def request_path(opts = {})
   http_request_headers = opts[:http_request_headers]
   proxy = opts[:proxy]
   wordlist_line = opts[:wordlist_line]
+  http_method = opts[:http_method]
+  rest_client_resp_hash = {}
+  begin
+    print '.'
+    http_uri = "#{target_url}/#{wordlist_line}"
+    if proxy
+      rest_client = PWN::Plugins::TransparentBrowser.open(
+        browser_type: :rest,
+        proxy: proxy
+      )::Request
+    else
+      rest_client = PWN::Plugins::TransparentBrowser.open(
+        browser_type: :rest
+      )::Request
+    end
-  http_methods = %i[DELETE GET HEAD OPTIONS PATCH POST PUT TRACE]
-  http_methods.each do |http_method|
-    begin
-      print '.'
-      http_uri = "#{target_url}/#{wordlist_line}"
-      rest_client_resp_hash = {}
-      if proxy
-        rest_client = PWN::Plugins::TransparentBrowser.open(
-          browser_type: :rest,
-          proxy: proxy
-        )::Request
-      else
-        rest_client = PWN::Plugins::TransparentBrowser.open(
-          browser_type: :rest
-        )::Request
-      end
-      headers = nil
-      if http_request_headers
-        headers = JSON.parse(
-          http_request_headers,
-          symbolize_names: true
-        )
-      end
-      response = rest_client.execute(
-        method: http_method,
-        url: http_uri,
-        headers: headers,
-        verify_ssl: false
+    headers = nil
+    if http_request_headers
+      headers = JSON.parse(
+        http_request_headers,
+        symbolize_names: true
       )
+    end
-      rest_client_resp_hash = {
-        request_timestamp: Time.now.strftime('%Y-%m-%d_%H-%M-%S'),
-        http_uri: http_uri,
-        http_method: http_method,
-        http_resp_code: response.code,
-        http_resp_length: response.body.length,
-        http_resp: "#{response.body[0..300]}..."
-      }
-    rescue RestClient::ExceptionWithResponse,
-           RestClient::ServerBrokeConnection => e
-      rest_client_resp_hash = {
-        request_timestamp: Time.now.strftime('%Y-%m-%d_%H-%M-%S'),
-        http_uri: http_uri,
-        http_method: http_method,
-        http_resp_code: e.response.code,
-        http_resp_length: e.response.body.length,
-        http_resp: "#{e.response.body[0..300]}..."
-      }
-      next
-    rescue URI::InvalidURIError
-      url_encoded_wordlist_arr = []
-      wordlist_line.split('/').each do |path|
-        url_encoded_wordlist_arr.push(CGI.escape(path))
-      end
-      wordlist_line = url_encoded_wordlist_arr.join('/')
+    response = rest_client.execute(
+      method: http_method,
+      url: http_uri,
+      headers: headers,
+      verify_ssl: false
+    )
-      retry
-    rescue RestClient::TooManyRequests
-      sleep 60
+    rest_client_resp_hash = {
+      request_timestamp: Time.now.strftime('%Y-%m-%d_%H-%M-%S'),
+      http_uri: http_uri,
+      http_method: http_method,
+      http_resp_code: response.code,
+      http_resp_length: response.body.length,
+      http_resp: "#{response.body[0..300]}..."
+    }
+  rescue RestClient::ExceptionWithResponse,
+         RestClient::ServerBrokeConnection => e
+    rest_client_resp_hash = {
+      request_timestamp: Time.now.strftime('%Y-%m-%d_%H-%M-%S'),
+      http_uri: http_uri,
+      http_method: http_method,
+      http_resp_code: e.response.code,
+      http_resp_length: e.response.body.length,
+      http_resp: "#{e.response.body[0..300]}..."
+    }
+    next
+  rescue URI::InvalidURIError
+    url_encoded_wordlist_arr = []
+    wordlist_line.split('/').each do |path|
+      url_encoded_wordlist_arr.push(CGI.escape(path))
     end
+    wordlist_line = url_encoded_wordlist_arr.join('/')
+    retry
+  rescue RestClient::TooManyRequests
+    sleep 60
   end
+  rest_client_resp_hash
 end
 begin
+  pwn_provider = 'ruby-gem'
   pwn_provider = ENV.fetch('PWN_PROVIDER') if ENV.fetch('PWN_PROVIDER')
-  pwn_provider ||= 'ruby-gem'
   $stdout.sync = true
   target_url = opts[:target_url]
@@ -166,15 +166,19 @@ begin
     next if wordlist_line.match?(/^#/)
-    rest_client_resp_hash = request_path(
-      target_url: target_url,
-      http_request_headers: http_request_headers,
-      proxy: proxy,
-      wordlist_line: wordlist_line
-    )
+    http_methods = %i[DELETE GET HEAD OPTIONS PATCH POST PUT TRACE]
+    http_methods.each do |http_method|
+      rest_client_resp_hash = request_path(
+        target_url: target_url,
+        http_request_headers: http_request_headers,
+        proxy: proxy,
+        wordlist_line: wordlist_line,
+        http_method: http_method
+      )
-    mutex.synchronize do
-      results_hash[:data].push(rest_client_resp_hash)
+      mutex.synchronize do
+        results_hash[:data].push(rest_client_resp_hash)
+      end
     end
   end

data/build_pwn_gem.sh CHANGED Viewed

@@ -24,12 +24,6 @@ if [[ $old_ruby_version == $new_ruby_version ]]; then
   rvmsudo gem rdoc --rdoc --ri --overwrite -V pwn
   echo "Invoking bundle-audit Gemfile Scanner..."
   rvmsudo bundle-audit
-  latest_gem=$(ls pkg/*.gem)
-  if [[ $latest_gem != "" ]]; then
-    echo "Pushing ${latest_gem} to RubyGems.org..."
-    rvmsudo gem push $latest_gem --debug
-  fi
 else
   cd $pwn_root && ./upgrade_ruby.sh $new_ruby_version $old_ruby_version
 fi

data/git_commit_test_reinit_gem.sh CHANGED Viewed

@@ -15,6 +15,13 @@ if (( $# == 3 )); then
   pwn_autoinc_version
   git commit -a -S --author="${1} <${2}>" -m "${3}"
   ./update_pwn.sh
+  latest_gem=$(ls pkg/*.gem)
+  if [[ $latest_gem != "" ]]; then
+    echo "Pushing ${latest_gem} to RubyGems.org..."
+    rvmsudo gem push $latest_gem --debug
+  fi
   # Tag for every 100 commits (i.e. 0.1.100, 0.1.200, etc)
   tag_this_version_bool=`ruby -r 'pwn' -e 'if PWN::VERSION.split(".")[-1].to_i % 100 == 0; then print true; else print false; end'`
   if [[ $tag_this_version_bool == 'true' ]]; then

data/lib/pwn/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module PWN
-  VERSION = '0.4.558'
+  VERSION = '0.4.560'
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.4.558
+  version: 0.4.560
 platform: ruby
 authors:
 - 0day Inc.
@@ -2032,7 +2032,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.24
+rubygems_version: 3.3.25
 signing_key:
 specification_version: 4
 summary: Automated Security Testing for CI/CD Pipelines & Beyond