pwn 0.4.624 → 0.4.625
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +2 -2
- data/README.md +2 -2
- data/lib/pwn/plugins/pwn_logger.rb +23 -5
- data/lib/pwn/version.rb +1 -1
- data/spec/lib/pwn/plugins/ansible_vault_spec.rb +15 -0
- data/spec/lib/pwn/plugins/baresip_spec.rb +15 -0
- data/spec/lib/pwn/plugins/openai_spec.rb +15 -0
- data/spec/lib/pwn/plugins/pwn_logger_spec.rb +15 -0
- data/spec/lib/pwn/plugins/voice_spec.rb +15 -0
- metadata +12 -8
- data/lib/pwn/plugins/http_intercept_helper.rb +0 -122
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 0da791e6c3f9a7c97a48fbe245c2bba5b6c556102270bb3647b4dc2dc0c1bc3e
|
4
|
+
data.tar.gz: 627185dfe1d6aa46ee4752ddce5866fe955eecb70322ff4636209fb7e4996bc2
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: bfeb736cd7ff4a42a515a5473b5be930d378916b8c19efe8c53b07643dd20e958b71842823c7d45da140a210578db410e2467769fd09ac341b9fc23810b70546
|
7
|
+
data.tar.gz: 0e6c51e4e2231b9bf1db1d22b182468a73105e520f54752245a1bd300b5149d32d7efee7f8990aa36d0167139f5ed6e42dca51b53a9a86f276ceaf2d13ee5a32
|
data/Gemfile
CHANGED
@@ -18,7 +18,7 @@ gem 'aws-sdk', '3.1.0'
|
|
18
18
|
gem 'bettercap', '1.6.2'
|
19
19
|
gem 'brakeman', '5.4.1'
|
20
20
|
gem 'bson', '4.15.0'
|
21
|
-
gem 'bundler', '>=2.4.
|
21
|
+
gem 'bundler', '>=2.4.9'
|
22
22
|
gem 'bundler-audit', '0.9.1'
|
23
23
|
gem 'bunny', '2.20.3'
|
24
24
|
gem 'colorize', '0.8.1'
|
@@ -82,7 +82,7 @@ gem 'sqlite3', '1.6.1'
|
|
82
82
|
gem 'thin', '1.8.1'
|
83
83
|
gem 'tty-prompt', '0.23.1'
|
84
84
|
gem 'watir', '7.2.2'
|
85
|
-
gem 'waveform', '0.1.
|
85
|
+
gem 'waveform', '0.1.3'
|
86
86
|
gem 'webrick', '1.8.1'
|
87
87
|
gem 'whois', '5.1.0'
|
88
88
|
gem 'whois-parser', '2.0.0'
|
data/README.md
CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-ruby-3.2.1@pwn
|
|
37
37
|
$ rvm list gemsets
|
38
38
|
$ gem install --verbose pwn
|
39
39
|
$ pwn
|
40
|
-
pwn[v0.4.
|
40
|
+
pwn[v0.4.625]:001 >>> PWN.help
|
41
41
|
```
|
42
42
|
|
43
43
|
[![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
|
@@ -52,7 +52,7 @@ $ rvm use ruby-ruby-3.2.1@pwn
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
53
53
|
$ gem install --verbose pwn
|
54
54
|
$ pwn
|
55
|
-
pwn[v0.4.
|
55
|
+
pwn[v0.4.625]:001 >>> PWN.help
|
56
56
|
```
|
57
57
|
|
58
58
|
|
@@ -10,10 +10,26 @@ module PWN
|
|
10
10
|
# PWN::Plugins::PWNLogger.create(
|
11
11
|
# )
|
12
12
|
|
13
|
-
public_class_method def self.create
|
13
|
+
public_class_method def self.create(opts = {})
|
14
14
|
logger = Logger.new($stdout)
|
15
|
-
|
16
|
-
|
15
|
+
level = opts[:level]
|
16
|
+
|
17
|
+
case level.to_s.downcase.to_sym
|
18
|
+
when :debug
|
19
|
+
logger.level = Logger::DEBUG
|
20
|
+
when :error
|
21
|
+
logger.level = Logger::ERROR
|
22
|
+
when :fatal
|
23
|
+
logger.level = Logger::FATAL
|
24
|
+
when :unknown
|
25
|
+
logger.level = Logger::UNKNOWN
|
26
|
+
when :warn
|
27
|
+
logger.level = Logger::WARN
|
28
|
+
else
|
29
|
+
logger.level = Logger::INFO
|
30
|
+
end
|
31
|
+
|
32
|
+
logger.datetime_format = '%Y-%m-%d %H:%M:%S.%N'
|
17
33
|
|
18
34
|
logger.formatter = proc do |severity, _datetime, _progname, msg|
|
19
35
|
# TODO: Include datetime & progname vars
|
@@ -37,8 +53,10 @@ module PWN
|
|
37
53
|
|
38
54
|
public_class_method def self.help
|
39
55
|
puts "USAGE:
|
40
|
-
logger = #{self}.create(
|
41
|
-
|
56
|
+
logger = #{self}.create(
|
57
|
+
level: 'optional - logging verbosity :debug|:error|:fatal|:info|:unknown|:warn (Defaults to :info)'
|
58
|
+
)
|
59
|
+
#{self}.authors
|
42
60
|
"
|
43
61
|
end
|
44
62
|
end
|
data/lib/pwn/version.rb
CHANGED
@@ -0,0 +1,15 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'spec_helper'
|
4
|
+
|
5
|
+
describe PWN::Plugins::AnsibleVault do
|
6
|
+
it 'should display information for authors' do
|
7
|
+
authors_response = PWN::Plugins::AnsibleVault
|
8
|
+
expect(authors_response).to respond_to :authors
|
9
|
+
end
|
10
|
+
|
11
|
+
it 'should display information for existing help method' do
|
12
|
+
help_response = PWN::Plugins::AnsibleVault
|
13
|
+
expect(help_response).to respond_to :help
|
14
|
+
end
|
15
|
+
end
|
@@ -0,0 +1,15 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'spec_helper'
|
4
|
+
|
5
|
+
describe PWN::Plugins::BareSIP do
|
6
|
+
it 'should display information for authors' do
|
7
|
+
authors_response = PWN::Plugins::BareSIP
|
8
|
+
expect(authors_response).to respond_to :authors
|
9
|
+
end
|
10
|
+
|
11
|
+
it 'should display information for existing help method' do
|
12
|
+
help_response = PWN::Plugins::BareSIP
|
13
|
+
expect(help_response).to respond_to :help
|
14
|
+
end
|
15
|
+
end
|
@@ -0,0 +1,15 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'spec_helper'
|
4
|
+
|
5
|
+
describe PWN::Plugins::OpenAI do
|
6
|
+
it 'should display information for authors' do
|
7
|
+
authors_response = PWN::Plugins::OpenAI
|
8
|
+
expect(authors_response).to respond_to :authors
|
9
|
+
end
|
10
|
+
|
11
|
+
it 'should display information for existing help method' do
|
12
|
+
help_response = PWN::Plugins::OpenAI
|
13
|
+
expect(help_response).to respond_to :help
|
14
|
+
end
|
15
|
+
end
|
@@ -0,0 +1,15 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'spec_helper'
|
4
|
+
|
5
|
+
describe PWN::Plugins::PWNLogger do
|
6
|
+
it 'should display information for authors' do
|
7
|
+
authors_response = PWN::Plugins::PWNLogger
|
8
|
+
expect(authors_response).to respond_to :authors
|
9
|
+
end
|
10
|
+
|
11
|
+
it 'should display information for existing help method' do
|
12
|
+
help_response = PWN::Plugins::PWNLogger
|
13
|
+
expect(help_response).to respond_to :help
|
14
|
+
end
|
15
|
+
end
|
@@ -0,0 +1,15 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'spec_helper'
|
4
|
+
|
5
|
+
describe PWN::Plugins::Voice do
|
6
|
+
it 'should display information for authors' do
|
7
|
+
authors_response = PWN::Plugins::Voice
|
8
|
+
expect(authors_response).to respond_to :authors
|
9
|
+
end
|
10
|
+
|
11
|
+
it 'should display information for existing help method' do
|
12
|
+
help_response = PWN::Plugins::Voice
|
13
|
+
expect(help_response).to respond_to :help
|
14
|
+
end
|
15
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: pwn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.4.
|
4
|
+
version: 0.4.625
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- 0day Inc.
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-03-
|
11
|
+
date: 2023-03-23 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|
@@ -114,14 +114,14 @@ dependencies:
|
|
114
114
|
requirements:
|
115
115
|
- - ">="
|
116
116
|
- !ruby/object:Gem::Version
|
117
|
-
version: 2.4.
|
117
|
+
version: 2.4.9
|
118
118
|
type: :development
|
119
119
|
prerelease: false
|
120
120
|
version_requirements: !ruby/object:Gem::Requirement
|
121
121
|
requirements:
|
122
122
|
- - ">="
|
123
123
|
- !ruby/object:Gem::Version
|
124
|
-
version: 2.4.
|
124
|
+
version: 2.4.9
|
125
125
|
- !ruby/object:Gem::Dependency
|
126
126
|
name: bundler-audit
|
127
127
|
requirement: !ruby/object:Gem::Requirement
|
@@ -1010,14 +1010,14 @@ dependencies:
|
|
1010
1010
|
requirements:
|
1011
1011
|
- - '='
|
1012
1012
|
- !ruby/object:Gem::Version
|
1013
|
-
version: 0.1.
|
1013
|
+
version: 0.1.3
|
1014
1014
|
type: :runtime
|
1015
1015
|
prerelease: false
|
1016
1016
|
version_requirements: !ruby/object:Gem::Requirement
|
1017
1017
|
requirements:
|
1018
1018
|
- - '='
|
1019
1019
|
- !ruby/object:Gem::Version
|
1020
|
-
version: 0.1.
|
1020
|
+
version: 0.1.3
|
1021
1021
|
- !ruby/object:Gem::Dependency
|
1022
1022
|
name: webrick
|
1023
1023
|
requirement: !ruby/object:Gem::Requirement
|
@@ -1638,7 +1638,6 @@ files:
|
|
1638
1638
|
- lib/pwn/plugins/git.rb
|
1639
1639
|
- lib/pwn/plugins/github.rb
|
1640
1640
|
- lib/pwn/plugins/hacker_one.rb
|
1641
|
-
- lib/pwn/plugins/http_intercept_helper.rb
|
1642
1641
|
- lib/pwn/plugins/ibm_appscan.rb
|
1643
1642
|
- lib/pwn/plugins/ip_info.rb
|
1644
1643
|
- lib/pwn/plugins/jenkins.rb
|
@@ -1924,7 +1923,9 @@ files:
|
|
1924
1923
|
- spec/lib/pwn/banner_spec.rb
|
1925
1924
|
- spec/lib/pwn/ffi_spec.rb
|
1926
1925
|
- spec/lib/pwn/plugins/android_spec.rb
|
1926
|
+
- spec/lib/pwn/plugins/ansible_vault_spec.rb
|
1927
1927
|
- spec/lib/pwn/plugins/authentication_helper_spec.rb
|
1928
|
+
- spec/lib/pwn/plugins/baresip_spec.rb
|
1928
1929
|
- spec/lib/pwn/plugins/basic_auth_spec.rb
|
1929
1930
|
- spec/lib/pwn/plugins/beef_spec.rb
|
1930
1931
|
- spec/lib/pwn/plugins/burp_suite_spec.rb
|
@@ -1955,11 +1956,13 @@ files:
|
|
1955
1956
|
- spec/lib/pwn/plugins/nmap_it_spec.rb
|
1956
1957
|
- spec/lib/pwn/plugins/oauth2_spec.rb
|
1957
1958
|
- spec/lib/pwn/plugins/ocr_spec.rb
|
1959
|
+
- spec/lib/pwn/plugins/openai_spec.rb
|
1958
1960
|
- spec/lib/pwn/plugins/openvas_spec.rb
|
1959
1961
|
- spec/lib/pwn/plugins/owasp_zap_spec.rb
|
1960
1962
|
- spec/lib/pwn/plugins/packet_spec.rb
|
1961
1963
|
- spec/lib/pwn/plugins/pdf_parse_spec.rb
|
1962
1964
|
- spec/lib/pwn/plugins/pony_spec.rb
|
1965
|
+
- spec/lib/pwn/plugins/pwn_logger_spec.rb
|
1963
1966
|
- spec/lib/pwn/plugins/rabbit_mq_spec.rb
|
1964
1967
|
- spec/lib/pwn/plugins/rfidler_spec.rb
|
1965
1968
|
- spec/lib/pwn/plugins/serial_spec.rb
|
@@ -1973,6 +1976,7 @@ files:
|
|
1973
1976
|
- spec/lib/pwn/plugins/transparent_browser_spec.rb
|
1974
1977
|
- spec/lib/pwn/plugins/twitter_api_spec.rb
|
1975
1978
|
- spec/lib/pwn/plugins/uri_scheme_spec.rb
|
1979
|
+
- spec/lib/pwn/plugins/voice_spec.rb
|
1976
1980
|
- spec/lib/pwn/plugins/vsphere_spec.rb
|
1977
1981
|
- spec/lib/pwn/plugins_spec.rb
|
1978
1982
|
- spec/lib/pwn/reports/fuzz_spec.rb
|
@@ -2095,7 +2099,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
2095
2099
|
- !ruby/object:Gem::Version
|
2096
2100
|
version: '0'
|
2097
2101
|
requirements: []
|
2098
|
-
rubygems_version: 3.4.
|
2102
|
+
rubygems_version: 3.4.9
|
2099
2103
|
signing_key:
|
2100
2104
|
specification_version: 4
|
2101
2105
|
summary: Automated Security Testing for CI/CD Pipelines & Beyond
|
@@ -1,122 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
module PWN
|
4
|
-
module Plugins
|
5
|
-
# This plugin was created to generate UTF-8 characters for fuzzing
|
6
|
-
module HTTPInterceptHelper
|
7
|
-
@@logger = PWN::Plugins::PWNLogger.create
|
8
|
-
|
9
|
-
# Supported Method Parameters::
|
10
|
-
# request_hash = PWN::Plugins::HTTPInterceptHelper.raw_to_hash(
|
11
|
-
# request_raw: 'required => raw http request string to convert to hash'
|
12
|
-
# )
|
13
|
-
|
14
|
-
public_class_method def self.raw_to_hash(opts = {})
|
15
|
-
request_raw = opts[:request_raw].to_s
|
16
|
-
request_hash = {}
|
17
|
-
|
18
|
-
# Basic Parsing Begins
|
19
|
-
raw_intercepted_request_arr = request_raw.split("\r\n")
|
20
|
-
|
21
|
-
# Parse HTTP Protocol Request Line
|
22
|
-
raw_request_line_arr = raw_intercepted_request_arr[0].split
|
23
|
-
request_hash[:http_method] = raw_request_line_arr[0].to_s.upcase.to_sym
|
24
|
-
request_hash[:http_resource_path] = URI.parse(raw_request_line_arr[1])
|
25
|
-
request_hash[:http_version] = raw_request_line_arr[-1]
|
26
|
-
|
27
|
-
# Begin Parsing HTTP Headers & Body (If Applicable)
|
28
|
-
request_hash[:http_headers] = {}
|
29
|
-
|
30
|
-
case request_hash[:http_method]
|
31
|
-
when :CONNECT,
|
32
|
-
:DELETE,
|
33
|
-
:GET,
|
34
|
-
:HEAD,
|
35
|
-
:OPTIONS,
|
36
|
-
:PATCH,
|
37
|
-
:PUT,
|
38
|
-
:TRACE
|
39
|
-
puts request_hash[:http_method]
|
40
|
-
when :POST
|
41
|
-
# Parse HTTP Headers
|
42
|
-
raw_intercepted_request_arr[1..-1].each do |val|
|
43
|
-
break if val == '' # This may cause issues
|
44
|
-
|
45
|
-
key = ''
|
46
|
-
val.each_char do |char|
|
47
|
-
break if char == ':'
|
48
|
-
|
49
|
-
key = "#{key}#{char}"
|
50
|
-
end
|
51
|
-
|
52
|
-
header_val = val.gsub(/^#{key}:/, '').strip
|
53
|
-
|
54
|
-
request_hash[:http_headers][key.to_sym] = header_val
|
55
|
-
end
|
56
|
-
|
57
|
-
# Parse HTTP Body
|
58
|
-
raw_request_body = []
|
59
|
-
raw_intercepted_request_arr[1..-1].each_with_index do |val, index|
|
60
|
-
next if val != '' # This may cause issues
|
61
|
-
|
62
|
-
break_index = index + 2
|
63
|
-
request_hash[:http_body] = raw_intercepted_request_arr[break_index..-1].join(',')
|
64
|
-
end
|
65
|
-
else
|
66
|
-
raise "HTTP Method: #{request_hash[:http_method]} Currently Unsupported>"
|
67
|
-
end
|
68
|
-
|
69
|
-
request_hash
|
70
|
-
rescue StandardError => e
|
71
|
-
raise e
|
72
|
-
end
|
73
|
-
|
74
|
-
# Supported Method Parameters::
|
75
|
-
# request_raw = PWN::Plugins::HTTPInterceptHelper.hash_to_raw(
|
76
|
-
# request_hash: 'required => request_hash object returned by #raw_to_hash method'
|
77
|
-
# )
|
78
|
-
|
79
|
-
public_class_method def self.hash_to_raw(opts = {})
|
80
|
-
request_hash = opts[:request_hash]
|
81
|
-
|
82
|
-
# Populate HTTP Request Line
|
83
|
-
request_raw = "#{request_hash[:http_method]} "
|
84
|
-
request_raw = "#{request_raw}#{request_hash[:http_resource_path]} "
|
85
|
-
request_raw = "#{request_raw}#{request_hash[:http_version]}\r\n"
|
86
|
-
|
87
|
-
# Populate HTTP Headers
|
88
|
-
request_hash[:http_headers].each do |key, header_val|
|
89
|
-
request_raw = "#{request_raw}#{key}: #{header_val}\r\n"
|
90
|
-
end
|
91
|
-
|
92
|
-
# Populate HTTP Body (If Applicable)
|
93
|
-
request_raw = "#{request_raw}\r\n"
|
94
|
-
request_raw = "#{request_raw}#{request_hash[:http_body]}" unless request_hash[:http_body] == ''
|
95
|
-
rescue StandardError => e
|
96
|
-
raise e
|
97
|
-
end
|
98
|
-
|
99
|
-
# Author(s):: 0day Inc. <request.pentest@0dayinc.com>
|
100
|
-
|
101
|
-
public_class_method def self.authors
|
102
|
-
"AUTHOR(S):
|
103
|
-
0day Inc. <request.pentest@0dayinc.com>
|
104
|
-
"
|
105
|
-
end
|
106
|
-
|
107
|
-
# Display Usage for this Module
|
108
|
-
|
109
|
-
public_class_method def self.help
|
110
|
-
puts "USAGE:
|
111
|
-
request_hash = PWN::Plugins::HTTPInterceptHelper.raw_to_hash(
|
112
|
-
request_raw: 'required => raw http request string to convert to hash'
|
113
|
-
)
|
114
|
-
|
115
|
-
request_raw = PWN::Plugins::HTTPInterceptHelper.hash_to_raw(
|
116
|
-
request_hash: 'required => request_hash object returned by #raw_to_hash method'
|
117
|
-
)
|
118
|
-
"
|
119
|
-
end
|
120
|
-
end
|
121
|
-
end
|
122
|
-
end
|