pwn 0.4.635 → 0.4.637

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 4822c9584882b0458c961dd3006ba1641222a80d6b3dc28515ec42287450b578
-  data.tar.gz: a9217d60d13dc7bbf56da5da0d892c207e4e9a208514c1af9cf58ed74d8427e4
+  metadata.gz: ed890d64be30032f92cd57c59abfe52a7b568816945c9196fcc46adb1ccdeb7e
+  data.tar.gz: 9e5f0acbfeaea73f98b1dc14e4ec3e54dc8bb71c654ffcf4d0ca14a7ee2e344d
 SHA512:
-  metadata.gz: 84e6e96ba8e6d98eae3170d799a3793d5ee73d910a24c2d2badca0ed15ed1309867f2dff05c41f5985c84ee8580a43049a84709e10985daddd986fb8996012c8
-  data.tar.gz: 33e54f91fff77b4d209512a74ecaa9b6dd9eaa62b7784a1c7265332cb62ca90bd26ff5fc5b223910fe96070d0fca34a102d8c809a08673d867bc95e3d2ad215c
+  metadata.gz: 26a50246edaa50f39dba47018111e7803891daea153f9ed2bf5b2dd916613eac40d30f66fbb6c6f5a5e3f0a2aa5b470715d2848b9a68219d59afc23533800fb7
+  data.tar.gz: 63dd51a285d26aa58d4a5de34000c2d28bbdee18333841ea3d09a2b003052141c094fe4c94d89d03da2030c74a4f2802487b8d1255c735ea846d422f49bb1e48

data/README.md

@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
 $ rvm list gemsets
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.635]:001 >>> PWN.help
+pwn[v0.4.637]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.635]:001 >>> PWN.help
+pwn[v0.4.637]:001 >>> PWN.help
 ```
 
 

data/lib/pwn/plugins/baresip.rb

@@ -84,12 +84,13 @@ module PWN
         raise "no http_listen value found in #{config}." if http_list_entry.empty?
 
         # Update http_listen value in respective config with random available port
-        random_port = -1
-        port_in_use = true
-        while port_in_use
-          random_port = Random.rand(1024..65_535)
-          port_in_use = PWN::Plugins::Sock.check_port_in_use(port: random_port)
-        end
+        # random_port = -1
+        # port_in_use = true
+        # while port_in_use
+        #   random_port = Random.rand(1024..65_535)
+        #   port_in_use = PWN::Plugins::Sock.check_port_in_use(port: random_port)
+        # end
+        random_port = PWN::Plugins::Sock.get_random_unused_port
         http_listen_ip_port = "127.0.0.1:#{random_port}"
 
         updated_config_content = ''

data/lib/pwn/plugins/burp_suite.rb

@@ -40,8 +40,11 @@ module PWN
         burp_obj = {}
         burp_obj[:pid] = Process.spawn(burp_cmd_string)
         rest_browser = PWN::Plugins::TransparentBrowser.open(browser_type: :rest)
-        burp_obj[:mitm_proxy] = '127.0.0.1:8080'
-        burp_obj[:burpbuddy_api] = '127.0.0.1:8001'
+        random_mitm_port = PWN::Plugins::Sock.get_random_unused_port
+        random_bb_port = random_mitm_port
+        random_bb_port = PWN::Plugins::Sock.get_random_unused_port while random_bb_port == random_mitm_port
+        burp_obj[:mitm_proxy] = "127.0.0.1:#{random_mitm_port}"
+        burp_obj[:burpbuddy_api] = "127.0.0.1:#{random_bb_port}"
         burp_obj[:rest_browser] = rest_browser
 
         # Proxy always listens on localhost...use SSH tunneling if remote access is required
@@ -54,7 +57,7 @@ module PWN
 
         # Wait for TCP 8001 to open prior to returning burp_obj
         loop do
-          s = TCPSocket.new('127.0.0.1', 8001)
+          s = TCPSocket.new('127.0.0.1', random_bb_port)
           s.close
           break
         rescue Errno::ECONNREFUSED

data/lib/pwn/plugins/owasp_zap.rb

@@ -75,7 +75,7 @@ module PWN
       #   api_key: 'required - api key for API authorization',
       #   zap_bin_path: 'optional - path to zap.sh file'
       #   headless: 'optional - run zap headless if set to true',
-      #   proxy: 'optional - change local zap proxy listener (defaults to http://127.0.0.1:8080)',
+      #   proxy: 'optional - change local zap proxy listener (defaults to http://127.0.0.1:<Random 1024-65535>)',
       # )
 
       public_class_method def self.start(opts = {})
@@ -118,7 +118,8 @@ module PWN
           proxy_uri = URI.parse(proxy)
           owasp_zap_cmd = "#{owasp_zap_cmd} -host #{proxy_uri.host} -port #{proxy_uri.port}"
         else
-          proxy = 'http://127.0.0.1:8080'
+          random_port = PWN::Plugins::Sock.get_random_unused_port
+          proxy = "http://127.0.0.1:#{random_port}"
           proxy_uri = URI.parse(proxy)
         end
         zap_obj[:host] = proxy_uri.host.to_s.scrub
@@ -499,7 +500,7 @@ module PWN
             api_key: 'required - api key for API authorization',
             zap_bin_path: 'optional - path to zap.sh file',
             headless: 'optional - run zap headless if set to true',
-            proxy: 'optional - change local zap proxy listener (defaults to http://127.0.0.1:8080)'
+            proxy: 'optional - change local zap proxy listener (defaults to http://127.0.0.1:<Random 1024-65535>)'
           )
           puts zap_obj.public_methods
 

data/lib/pwn/plugins/sock.rb

@@ -47,10 +47,40 @@ module PWN
         raise e
       end
 
+      # Supported Method Parameters::
+      # PWN::Plugins::Sock.get_random_unused_port(
+      #   server_ip: 'optional - target host or ip to check (Defaults to 127.0.0.1)',
+      #   protocol: 'optional - :tcp || :udp (defaults to tcp)'
+      # )
+
+      public_class_method def self.get_random_unused_port(opts = {})
+        server_ip = opts[:server_ip]
+        server_ip ||= '127.0.0.1'
+        port = -1
+        protocol = opts[:protocol]
+        protocol ||= :tcp
+
+        port_in_use = true
+        while port_in_use
+          port = Random.rand(1024..65_535)
+          port_in_use = check_port_in_use(
+            server_ip: server_ip,
+            port: port,
+            protocol: protocol
+          )
+        end
+
+        port
+      rescue Errno::ECONNREFUSED,
+             Errno::EHOSTUNREACH,
+             Errno::ETIMEDOUT
+        false
+      end
+
       # Supported Method Parameters::
       # PWN::Plugins::Sock.check_port_in_use(
-      #   port: 'required - target port',
       #   server_ip: 'optional - target host or ip to check (Defaults to 127.0.0.1)',
+      #   port: 'required - target port',
       #   protocol: 'optional - :tcp || :udp (defaults to tcp)'
       # )
 
@@ -120,7 +150,7 @@ module PWN
           listen_obj = UDPSocket.new
           listen_obj.bind(server_ip, port)
           while (client_input = listen_obj.recvmsg)
-            puts client_input[0].to_s
+            puts client_input[0]
           end
         else
           raise "Unsupported protocol: #{protocol}"
@@ -163,9 +193,14 @@ module PWN
             tls: 'optional - boolean connect to target socket using TLS (defaults to false)'
           )
 
-          #{self}.check_port_availability(
-            port: 'required - target port',
+          port = #{self}.get_random_unused_port(
+            server_ip: 'optional - target host or ip to check (Defaults to 127.0.0.1)',
+            protocol: 'optional - :tcp || :udp (defaults to tcp)'
+          )
+
+          #{self}.check_port_in_use(
             server_ip: 'optional - target host or ip to check (Defaults to 127.0.0.1)',
+            port: 'required - target port',
             protocol: 'optional - :tcp || :udp (defaults to tcp)'
           )
 

data/lib/pwn/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.4.635'
+  VERSION = '0.4.637'
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.4.635
+  version: 0.4.637
 platform: ruby
 authors:
 - 0day Inc.