pwn 0.4.564 → 0.4.566

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +2 -2
  3. data/bin/pwn_www_uri_buster +20 -9
  4. data/lib/pwn/version.rb +1 -1
  5. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 0e8727f452f14ea8c389c2a31ad2e1c38688fef705e3defd1760524d21b589d2
4
- data.tar.gz: dfd1cdaf5f2023292349a4f2e9a1e651804dac1030c9be78af287037660384fb
3
+ metadata.gz: 2553ead82298e5bf1777d773ba30179c73ef99a9eb1f6037783815a043827b9f
4
+ data.tar.gz: dd81551bda7c176989dfaa14ecbc8127e7699fa6c1852da79c7afea1fe6da1c4
5
5
  SHA512:
6
- metadata.gz: be114735fa769a158cb5fa342ba7ccb723cf92e104822bb0bdf3e961c760a09bc47aec81d62d8a14a097005e66d5fa974a5262c13b9a52db2238cfbb02e0e718
7
- data.tar.gz: 3142bc917c1ca58441ef7d5bf0fc9e4c8d4c6475f71df921f6e17e38100fe37b4f6b3e66eba0458a3fb4043cb687e8db78e93b3cf4844948448d3bf1d14d03af
6
+ metadata.gz: 9e6838110cd929b66850fb0e1c56358fe8614ab8adec019d41d7da9003943642074072951446467b405e1867823ad592c0173947442c0f8061cf3b1c0f546402
7
+ data.tar.gz: 30e278bd7bd3d8fbd6ef6fec48e45df77c7d160037c095d52b91f2df8b7b9bab6a507d0832ac282c80345d326abbda963e9a3aa5ad64fd02de4dcbdef101265f
data/README.md CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.1.2@pwn
37
37
  $ rvm list gemsets
38
38
  $ gem install --verbose pwn
39
39
  $ pwn
40
- pwn[v0.4.564]:001 >>> PWN.help
40
+ pwn[v0.4.566]:001 >>> PWN.help
41
41
  ```
42
42
 
43
43
  [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.1.2@pwn
52
52
  $ gem uninstall --all --executables pwn
53
53
  $ gem install --verbose pwn
54
54
  $ pwn
55
- pwn[v0.4.564]:001 >>> PWN.help
55
+ pwn[v0.4.566]:001 >>> PWN.help
56
56
  ```
57
57
 
58
58
 
data/bin/pwn_www_uri_buster CHANGED
@@ -21,10 +21,6 @@ OptionParser.new do |options|
21
21
  opts[:wordlist] = w
22
22
  end
23
23
 
24
- options.on('-rHEADERS', '--request-headers=HEADERS', '<Optional - HTTP Request Headers in JSON Format)>') do |h|
25
- opts[:http_request_headers] = h
26
- end
27
-
28
24
  options.on('-pPROXY', '--proxy=PROXY', '<Optional - Proxy SCHEME://ADDRESS:PORT>') do |p|
29
25
  opts[:proxy] = p
30
26
  end
@@ -33,6 +29,14 @@ OptionParser.new do |options|
33
29
  opts[:max_threads] = t
34
30
  end
35
31
 
32
+ options.on('-rHEADERS', '--request-headers=HEADERS', '<Optional - HTTP Request Headers in JSON Format)>') do |h|
33
+ opts[:http_request_headers] = h
34
+ end
35
+
36
+ options.on('-cCODES', '--only-report-response-codes=CODES', '<Optional - Comma-Delimited List of Response Codes to Only Include in Report)>') do |c|
37
+ opts[:http_response_codes] = c
38
+ end
39
+
36
40
  options.on('-dDIR', '--dir-path=DIR', '<Optional - Report Output Directory (Defaults to ".")>') do |w|
37
41
  opts[:wordlist] = w
38
42
  end
@@ -53,8 +57,8 @@ end
53
57
 
54
58
  def request_path(opts = {})
55
59
  target_url = opts[:target_url]
56
- http_request_headers = opts[:http_request_headers]
57
60
  proxy = opts[:proxy]
61
+ http_request_headers = opts[:http_request_headers]
58
62
  wordlist_line = opts[:wordlist_line]
59
63
  http_method = opts[:http_method]
60
64
 
@@ -132,13 +136,15 @@ begin
132
136
  wordlist = opts[:wordlist]
133
137
  raise "ERROR: #{wordlist} Does Not Exist." unless File.exist?(wordlist)
134
138
 
135
- http_request_headers = opts[:http_request_headers]
136
-
137
139
  proxy = opts[:proxy]
138
140
 
139
141
  max_threads = opts[:max_threads]
140
142
  max_threads ||= 100
141
143
 
144
+ http_request_headers = opts[:http_request_headers]
145
+ http_response_codes = opts[:http_response_codes]
146
+ http_response_codes = http_response_codes.delete("\s").split(',') if http_response_codes
147
+
142
148
  dir_path = opts[:dir_path]
143
149
  dir_path ||= '.'
144
150
 
@@ -169,14 +175,19 @@ begin
169
175
  http_methods.each do |http_method|
170
176
  rest_client_resp_hash = request_path(
171
177
  target_url: target_url,
172
- http_request_headers: http_request_headers,
173
178
  proxy: proxy,
179
+ http_request_headers: http_request_headers,
174
180
  wordlist_line: wordlist_line,
175
181
  http_method: http_method
176
182
  )
177
183
 
178
184
  mutex.synchronize do
179
- results_hash[:data].push(rest_client_resp_hash)
185
+ if http_response_codes
186
+ ret_http_resp_code = rest_client_resp_hash[:http_resp_code]
187
+ results_hash[:data].push(rest_client_resp_hash) if http_response_codes.include?(ret_http_resp_code)
188
+ else
189
+ results_hash[:data].push(rest_client_resp_hash)
190
+ end
180
191
  end
181
192
  end
182
193
  end
data/lib/pwn/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module PWN
4
- VERSION = '0.4.564'
4
+ VERSION = '0.4.566'
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pwn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.564
4
+ version: 0.4.566
5
5
  platform: ruby
6
6
  authors:
7
7
  - 0day Inc.