pwn 0.4.571 → 0.4.574
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +13 -13
- data/README.md +2 -2
- data/lib/pwn/plugins/burp_suite.rb +7 -3
- data/lib/pwn/plugins/nmap_it.rb +4 -3
- data/lib/pwn/plugins/son_micro_rfid.rb +2 -1
- data/lib/pwn/version.rb +1 -1
- data/packer/provisioners/pwn.sh +7 -0
- data/packer/provisioners/ruby.sh +1 -2
- data/packer/provisioners/rvm.sh +2 -1
- metadata +29 -29
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: cb88a0293d025a0bddb923374dcfc1092f6a64763e182df73c1475b47be2cf29
|
4
|
+
data.tar.gz: b28ee3fa4b754ffec3067865e4fc660af3f9bc395787bb125aee275bcdff9cbc
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 1e474ce41fe0d15b1804b8d862ee3c70a593869ce787e6cfcef56c1ff5f61ded879c5e4c0fb41e03c0bf282fe77641123e4d1af536023d3d9d737c74cb8b4a35
|
7
|
+
data.tar.gz: c8104d907f8424c29449c9f53b697c4cf05e79dc4d854c07e1742e0ca8df8ddc94bf08964d99e7a426132c29e98ce05400ac63aeebf5445c0830255d4c8250a5
|
data/Gemfile
CHANGED
@@ -16,9 +16,9 @@ gem 'anemone', '0.7.2'
|
|
16
16
|
gem 'authy', '3.0.1'
|
17
17
|
gem 'aws-sdk', '3.1.0'
|
18
18
|
gem 'bettercap', '1.6.2'
|
19
|
-
gem 'brakeman', '5.
|
19
|
+
gem 'brakeman', '5.4.0'
|
20
20
|
gem 'bson', '4.15.0'
|
21
|
-
gem 'bundler', '>=2.3.
|
21
|
+
gem 'bundler', '>=2.3.26'
|
22
22
|
gem 'bundler-audit', '0.9.1'
|
23
23
|
gem 'bunny', '2.19.0'
|
24
24
|
gem 'colorize', '0.8.1'
|
@@ -32,49 +32,49 @@ gem 'htmlentities', '4.3.4'
|
|
32
32
|
gem 'ipaddress', '0.8.3'
|
33
33
|
# gem 'jenkins_api_client', '1.5.3' # Temporarily disabled until arangamani/jenkins_api_client/issues/304 is Closed out
|
34
34
|
gem 'js-beautify', '0.1.8'
|
35
|
-
gem 'json', '2.6.
|
35
|
+
gem 'json', '2.6.3'
|
36
36
|
gem 'jsonpath', '1.1.2'
|
37
37
|
gem 'jwt', '2.5.0'
|
38
38
|
gem 'luhn', '1.0.2'
|
39
|
-
gem 'mail', '2.
|
39
|
+
gem 'mail', '2.8.0'
|
40
40
|
gem 'mongo', '2.18.1'
|
41
41
|
gem 'msfrpc-client', '1.1.2'
|
42
42
|
gem 'net-ldap', '0.17.1'
|
43
43
|
gem 'net-openvpn', '0.8.7'
|
44
44
|
gem 'net-smtp', '0.3.3'
|
45
45
|
gem 'nexpose', '7.3.0'
|
46
|
-
gem 'nokogiri', '1.13.
|
46
|
+
gem 'nokogiri', '1.13.10'
|
47
47
|
gem 'oily_png', '1.2.1'
|
48
48
|
gem 'os', '1.1.4'
|
49
49
|
gem 'packetfu', '1.1.13'
|
50
50
|
gem 'pdf-reader', '2.11.0'
|
51
|
-
gem 'pg', '1.4.
|
51
|
+
gem 'pg', '1.4.5'
|
52
52
|
gem 'pry', '0.14.1'
|
53
53
|
gem 'pry-doc', '1.3.0'
|
54
54
|
gem 'rake', '13.0.6'
|
55
55
|
gem 'rb-readline', '0.5.5'
|
56
56
|
gem 'rbvmomi', '3.0.0'
|
57
|
-
gem 'rdoc', '6.
|
57
|
+
gem 'rdoc', '6.5.0'
|
58
58
|
gem 'rest-client', '2.1.0'
|
59
59
|
gem 'rex', '2.0.13'
|
60
|
-
gem 'rmagick', '5.
|
60
|
+
gem 'rmagick', '5.1.0'
|
61
61
|
gem 'rspec', '3.12.0'
|
62
62
|
gem 'rtesseract', '3.1.2'
|
63
|
-
gem 'rubocop', '1.
|
63
|
+
gem 'rubocop', '1.40.0'
|
64
64
|
gem 'rubocop-rake', '0.6.0'
|
65
65
|
gem 'rubocop-rspec', '2.15.0'
|
66
66
|
gem 'ruby-audio', '1.6.1'
|
67
|
-
gem 'ruby-nmap', '0.
|
67
|
+
gem 'ruby-nmap', '1.0.0'
|
68
68
|
gem 'ruby-saml', '1.14.0'
|
69
69
|
gem 'rvm', '1.11.3.9'
|
70
70
|
gem 'savon', '2.13.1'
|
71
|
-
gem 'selenium-devtools', '0.
|
71
|
+
gem 'selenium-devtools', '0.108.0'
|
72
72
|
gem 'serialport', '1.3.2'
|
73
|
-
gem 'sinatra', '3.0.
|
73
|
+
gem 'sinatra', '3.0.4'
|
74
74
|
gem 'slack-ruby-client', '2.0.0'
|
75
75
|
gem 'socksify', '1.7.1'
|
76
76
|
gem 'spreadsheet', '1.3.0'
|
77
|
-
gem 'sqlite3', '1.5.
|
77
|
+
gem 'sqlite3', '1.5.4'
|
78
78
|
gem 'thin', '1.8.1'
|
79
79
|
gem 'tty-prompt', '0.23.1'
|
80
80
|
gem 'watir', '7.1.0'
|
data/README.md
CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.1.2@pwn
|
|
37
37
|
$ rvm list gemsets
|
38
38
|
$ gem install --verbose pwn
|
39
39
|
$ pwn
|
40
|
-
pwn[v0.4.
|
40
|
+
pwn[v0.4.574]:001 >>> PWN.help
|
41
41
|
```
|
42
42
|
|
43
43
|
[![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.1.2@pwn
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
53
53
|
$ gem install --verbose pwn
|
54
54
|
$ pwn
|
55
|
-
pwn[v0.4.
|
55
|
+
pwn[v0.4.574]:001 >>> PWN.help
|
56
56
|
```
|
57
57
|
|
58
58
|
|
@@ -245,9 +245,13 @@ module PWN
|
|
245
245
|
end
|
246
246
|
|
247
247
|
report_url = Base64.strict_encode64(target_domain)
|
248
|
-
# Ready scanreport API call in burpbuddy to support
|
249
|
-
report_resp = rest_browser.get(
|
250
|
-
#
|
248
|
+
# Ready scanreport API call in burpbuddy to support HTML & XML report generation
|
249
|
+
# report_resp = rest_browser.get(
|
250
|
+
# "http://#{burpbuddy_api}/scanreport/#{report_type.to_s.upcase}/#{report_url}"
|
251
|
+
# )
|
252
|
+
report_resp = rest_browser.get(
|
253
|
+
"http://#{burpbuddy_api}/scanreport/#{report_url}"
|
254
|
+
)
|
251
255
|
File.open(output_path, 'w') do |f|
|
252
256
|
f.puts(report_resp.body)
|
253
257
|
end
|
data/lib/pwn/plugins/nmap_it.rb
CHANGED
@@ -1,6 +1,7 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
require 'nmap'
|
3
|
+
require 'nmap/command'
|
4
|
+
require 'nmap/xml'
|
4
5
|
|
5
6
|
module PWN
|
6
7
|
module Plugins
|
@@ -12,7 +13,7 @@ module PWN
|
|
12
13
|
# end
|
13
14
|
|
14
15
|
public_class_method def self.port_scan
|
15
|
-
Nmap::
|
16
|
+
Nmap::Command.sudo do |nmap|
|
16
17
|
yield(nmap)
|
17
18
|
end
|
18
19
|
rescue StandardError => e
|
@@ -43,7 +44,7 @@ module PWN
|
|
43
44
|
public_class_method def self.parse_xml_results(opts = {})
|
44
45
|
xml_file = opts[:xml_file].to_s.scrub.strip.chomp if File.exist?(opts[:xml_file].to_s.scrub.strip.chomp)
|
45
46
|
|
46
|
-
Nmap::XML.
|
47
|
+
Nmap::XML.open(xml_file) do |xml|
|
47
48
|
yield(xml)
|
48
49
|
end
|
49
50
|
rescue StandardError => e
|
@@ -3,7 +3,8 @@
|
|
3
3
|
module PWN
|
4
4
|
module Plugins
|
5
5
|
# This plugin is used for interacting with a SonMicro
|
6
|
-
# SM132 USB RFID Reader / Writer (PCB
|
6
|
+
# SM132 USB RFID Reader / Writer (PCB V3) &&
|
7
|
+
# SM2330-USB Rev.0
|
7
8
|
module SonMicroRFID
|
8
9
|
# Supported Method Parameters::
|
9
10
|
# son_micro_rfid_obj = PWN::Plugins::SonMicroRFID.connect(
|
data/lib/pwn/version.rb
CHANGED
data/packer/provisioners/pwn.sh
CHANGED
@@ -22,6 +22,9 @@ case $os in
|
|
22
22
|
echo "Installing fontconfig..."
|
23
23
|
sudo port -N install fontconfig
|
24
24
|
|
25
|
+
echo "Installing cmatrix..."
|
26
|
+
sudo port -N install cmatrix
|
27
|
+
|
25
28
|
echo 'Installing Postgres Libraries for pg gem...'
|
26
29
|
sudo port -N install postgresql96-server
|
27
30
|
|
@@ -49,6 +52,10 @@ case $os in
|
|
49
52
|
$screen_cmd "${apt} install -y fontconfig ${assess_update_errors}"
|
50
53
|
grok_error
|
51
54
|
|
55
|
+
echo "Installing fontmatrix..."
|
56
|
+
$screen_cmd "${apt} install -y fontmatrix ${assess_update_errors}"
|
57
|
+
grok_error
|
58
|
+
|
52
59
|
echo "Installing Postgres Libraries for pg gem..."
|
53
60
|
$screen_cmd "${apt} install -y postgresql-server-dev-all ${assess_update_errors}"
|
54
61
|
grok_error
|
data/packer/provisioners/ruby.sh
CHANGED
@@ -32,5 +32,4 @@ esac
|
|
32
32
|
sudo /bin/bash --login -c "git clone https://github.com/0dayinc/pwn.git ${pwn_root}"
|
33
33
|
|
34
34
|
ruby_version=`cat ${pwn_root}/.ruby-version`
|
35
|
-
|
36
|
-
sudo /bin/bash --login -c "source /etc/profile.d/rvm.sh && rvm install ruby-${ruby_version}"
|
35
|
+
rvmsudo rvm install ruby-$ruby_version
|
data/packer/provisioners/rvm.sh
CHANGED
@@ -27,4 +27,5 @@ sudo /bin/bash --login -c "echo -e \"trust\n5\ny\n\" | gpg2 --no-tty --command-f
|
|
27
27
|
sudo /bin/bash --login -c "echo -e \"trust\n5\ny\n\" | gpg2 --no-tty --command-fd 0 --edit-key ${key2}"
|
28
28
|
|
29
29
|
# Multi-user install required due to the need to run MSFRPCD as root w/in metasploit gemset
|
30
|
-
curl -sSL https://get.rvm.io | sudo bash -s
|
30
|
+
curl -sSL https://get.rvm.io | sudo bash -s stable
|
31
|
+
rvm reload
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: pwn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.4.
|
4
|
+
version: 0.4.574
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- 0day Inc.
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-
|
11
|
+
date: 2022-12-08 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|
@@ -86,14 +86,14 @@ dependencies:
|
|
86
86
|
requirements:
|
87
87
|
- - '='
|
88
88
|
- !ruby/object:Gem::Version
|
89
|
-
version: 5.
|
89
|
+
version: 5.4.0
|
90
90
|
type: :runtime
|
91
91
|
prerelease: false
|
92
92
|
version_requirements: !ruby/object:Gem::Requirement
|
93
93
|
requirements:
|
94
94
|
- - '='
|
95
95
|
- !ruby/object:Gem::Version
|
96
|
-
version: 5.
|
96
|
+
version: 5.4.0
|
97
97
|
- !ruby/object:Gem::Dependency
|
98
98
|
name: bson
|
99
99
|
requirement: !ruby/object:Gem::Requirement
|
@@ -114,14 +114,14 @@ dependencies:
|
|
114
114
|
requirements:
|
115
115
|
- - ">="
|
116
116
|
- !ruby/object:Gem::Version
|
117
|
-
version: 2.3.
|
117
|
+
version: 2.3.26
|
118
118
|
type: :development
|
119
119
|
prerelease: false
|
120
120
|
version_requirements: !ruby/object:Gem::Requirement
|
121
121
|
requirements:
|
122
122
|
- - ">="
|
123
123
|
- !ruby/object:Gem::Version
|
124
|
-
version: 2.3.
|
124
|
+
version: 2.3.26
|
125
125
|
- !ruby/object:Gem::Dependency
|
126
126
|
name: bundler-audit
|
127
127
|
requirement: !ruby/object:Gem::Requirement
|
@@ -296,14 +296,14 @@ dependencies:
|
|
296
296
|
requirements:
|
297
297
|
- - '='
|
298
298
|
- !ruby/object:Gem::Version
|
299
|
-
version: 2.6.
|
299
|
+
version: 2.6.3
|
300
300
|
type: :runtime
|
301
301
|
prerelease: false
|
302
302
|
version_requirements: !ruby/object:Gem::Requirement
|
303
303
|
requirements:
|
304
304
|
- - '='
|
305
305
|
- !ruby/object:Gem::Version
|
306
|
-
version: 2.6.
|
306
|
+
version: 2.6.3
|
307
307
|
- !ruby/object:Gem::Dependency
|
308
308
|
name: jsonpath
|
309
309
|
requirement: !ruby/object:Gem::Requirement
|
@@ -352,14 +352,14 @@ dependencies:
|
|
352
352
|
requirements:
|
353
353
|
- - '='
|
354
354
|
- !ruby/object:Gem::Version
|
355
|
-
version: 2.
|
355
|
+
version: 2.8.0
|
356
356
|
type: :runtime
|
357
357
|
prerelease: false
|
358
358
|
version_requirements: !ruby/object:Gem::Requirement
|
359
359
|
requirements:
|
360
360
|
- - '='
|
361
361
|
- !ruby/object:Gem::Version
|
362
|
-
version: 2.
|
362
|
+
version: 2.8.0
|
363
363
|
- !ruby/object:Gem::Dependency
|
364
364
|
name: mongo
|
365
365
|
requirement: !ruby/object:Gem::Requirement
|
@@ -450,14 +450,14 @@ dependencies:
|
|
450
450
|
requirements:
|
451
451
|
- - '='
|
452
452
|
- !ruby/object:Gem::Version
|
453
|
-
version: 1.13.
|
453
|
+
version: 1.13.10
|
454
454
|
type: :runtime
|
455
455
|
prerelease: false
|
456
456
|
version_requirements: !ruby/object:Gem::Requirement
|
457
457
|
requirements:
|
458
458
|
- - '='
|
459
459
|
- !ruby/object:Gem::Version
|
460
|
-
version: 1.13.
|
460
|
+
version: 1.13.10
|
461
461
|
- !ruby/object:Gem::Dependency
|
462
462
|
name: oily_png
|
463
463
|
requirement: !ruby/object:Gem::Requirement
|
@@ -520,14 +520,14 @@ dependencies:
|
|
520
520
|
requirements:
|
521
521
|
- - '='
|
522
522
|
- !ruby/object:Gem::Version
|
523
|
-
version: 1.4.
|
523
|
+
version: 1.4.5
|
524
524
|
type: :runtime
|
525
525
|
prerelease: false
|
526
526
|
version_requirements: !ruby/object:Gem::Requirement
|
527
527
|
requirements:
|
528
528
|
- - '='
|
529
529
|
- !ruby/object:Gem::Version
|
530
|
-
version: 1.4.
|
530
|
+
version: 1.4.5
|
531
531
|
- !ruby/object:Gem::Dependency
|
532
532
|
name: pry
|
533
533
|
requirement: !ruby/object:Gem::Requirement
|
@@ -604,14 +604,14 @@ dependencies:
|
|
604
604
|
requirements:
|
605
605
|
- - '='
|
606
606
|
- !ruby/object:Gem::Version
|
607
|
-
version: 6.
|
607
|
+
version: 6.5.0
|
608
608
|
type: :development
|
609
609
|
prerelease: false
|
610
610
|
version_requirements: !ruby/object:Gem::Requirement
|
611
611
|
requirements:
|
612
612
|
- - '='
|
613
613
|
- !ruby/object:Gem::Version
|
614
|
-
version: 6.
|
614
|
+
version: 6.5.0
|
615
615
|
- !ruby/object:Gem::Dependency
|
616
616
|
name: rest-client
|
617
617
|
requirement: !ruby/object:Gem::Requirement
|
@@ -646,14 +646,14 @@ dependencies:
|
|
646
646
|
requirements:
|
647
647
|
- - '='
|
648
648
|
- !ruby/object:Gem::Version
|
649
|
-
version: 5.
|
649
|
+
version: 5.1.0
|
650
650
|
type: :runtime
|
651
651
|
prerelease: false
|
652
652
|
version_requirements: !ruby/object:Gem::Requirement
|
653
653
|
requirements:
|
654
654
|
- - '='
|
655
655
|
- !ruby/object:Gem::Version
|
656
|
-
version: 5.
|
656
|
+
version: 5.1.0
|
657
657
|
- !ruby/object:Gem::Dependency
|
658
658
|
name: rspec
|
659
659
|
requirement: !ruby/object:Gem::Requirement
|
@@ -688,14 +688,14 @@ dependencies:
|
|
688
688
|
requirements:
|
689
689
|
- - '='
|
690
690
|
- !ruby/object:Gem::Version
|
691
|
-
version: 1.
|
691
|
+
version: 1.40.0
|
692
692
|
type: :runtime
|
693
693
|
prerelease: false
|
694
694
|
version_requirements: !ruby/object:Gem::Requirement
|
695
695
|
requirements:
|
696
696
|
- - '='
|
697
697
|
- !ruby/object:Gem::Version
|
698
|
-
version: 1.
|
698
|
+
version: 1.40.0
|
699
699
|
- !ruby/object:Gem::Dependency
|
700
700
|
name: rubocop-rake
|
701
701
|
requirement: !ruby/object:Gem::Requirement
|
@@ -744,14 +744,14 @@ dependencies:
|
|
744
744
|
requirements:
|
745
745
|
- - '='
|
746
746
|
- !ruby/object:Gem::Version
|
747
|
-
version: 0.
|
747
|
+
version: 1.0.0
|
748
748
|
type: :runtime
|
749
749
|
prerelease: false
|
750
750
|
version_requirements: !ruby/object:Gem::Requirement
|
751
751
|
requirements:
|
752
752
|
- - '='
|
753
753
|
- !ruby/object:Gem::Version
|
754
|
-
version: 0.
|
754
|
+
version: 1.0.0
|
755
755
|
- !ruby/object:Gem::Dependency
|
756
756
|
name: ruby-saml
|
757
757
|
requirement: !ruby/object:Gem::Requirement
|
@@ -800,14 +800,14 @@ dependencies:
|
|
800
800
|
requirements:
|
801
801
|
- - '='
|
802
802
|
- !ruby/object:Gem::Version
|
803
|
-
version: 0.
|
803
|
+
version: 0.108.0
|
804
804
|
type: :runtime
|
805
805
|
prerelease: false
|
806
806
|
version_requirements: !ruby/object:Gem::Requirement
|
807
807
|
requirements:
|
808
808
|
- - '='
|
809
809
|
- !ruby/object:Gem::Version
|
810
|
-
version: 0.
|
810
|
+
version: 0.108.0
|
811
811
|
- !ruby/object:Gem::Dependency
|
812
812
|
name: serialport
|
813
813
|
requirement: !ruby/object:Gem::Requirement
|
@@ -828,14 +828,14 @@ dependencies:
|
|
828
828
|
requirements:
|
829
829
|
- - '='
|
830
830
|
- !ruby/object:Gem::Version
|
831
|
-
version: 3.0.
|
831
|
+
version: 3.0.4
|
832
832
|
type: :runtime
|
833
833
|
prerelease: false
|
834
834
|
version_requirements: !ruby/object:Gem::Requirement
|
835
835
|
requirements:
|
836
836
|
- - '='
|
837
837
|
- !ruby/object:Gem::Version
|
838
|
-
version: 3.0.
|
838
|
+
version: 3.0.4
|
839
839
|
- !ruby/object:Gem::Dependency
|
840
840
|
name: slack-ruby-client
|
841
841
|
requirement: !ruby/object:Gem::Requirement
|
@@ -884,14 +884,14 @@ dependencies:
|
|
884
884
|
requirements:
|
885
885
|
- - '='
|
886
886
|
- !ruby/object:Gem::Version
|
887
|
-
version: 1.5.
|
887
|
+
version: 1.5.4
|
888
888
|
type: :runtime
|
889
889
|
prerelease: false
|
890
890
|
version_requirements: !ruby/object:Gem::Requirement
|
891
891
|
requirements:
|
892
892
|
- - '='
|
893
893
|
- !ruby/object:Gem::Version
|
894
|
-
version: 1.5.
|
894
|
+
version: 1.5.4
|
895
895
|
- !ruby/object:Gem::Dependency
|
896
896
|
name: thin
|
897
897
|
requirement: !ruby/object:Gem::Requirement
|
@@ -2032,7 +2032,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
2032
2032
|
- !ruby/object:Gem::Version
|
2033
2033
|
version: '0'
|
2034
2034
|
requirements: []
|
2035
|
-
rubygems_version: 3.3.
|
2035
|
+
rubygems_version: 3.3.26
|
2036
2036
|
signing_key:
|
2037
2037
|
specification_version: 4
|
2038
2038
|
summary: Automated Security Testing for CI/CD Pipelines & Beyond
|