RubyGems - pwn - Versions diffs - 0.4.636 → 0.4.637 - Mend

pwn 0.4.636 → 0.4.637

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

checksums.yaml +4 -4
data/README.md +2 -2
data/lib/pwn/plugins/baresip.rb +7 -6
data/lib/pwn/plugins/burp_suite.rb +6 -3
data/lib/pwn/plugins/owasp_zap.rb +4 -3
data/lib/pwn/plugins/sock.rb +38 -3
data/lib/pwn/version.rb +1 -1
metadata +1 -1

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a53e0d51559f7f2ef0d158dad69d01317a5b3d1effc551bdc2864296472ce1ca
-  data.tar.gz: b3c9a88c2fae88c35bc97d6461107482bc33565d60d2c8acaa714debcc400999
+  metadata.gz: ed890d64be30032f92cd57c59abfe52a7b568816945c9196fcc46adb1ccdeb7e
+  data.tar.gz: 9e5f0acbfeaea73f98b1dc14e4ec3e54dc8bb71c654ffcf4d0ca14a7ee2e344d
 SHA512:
-  metadata.gz: 0e03ec1ebe7a078a6c2872172d28e7af661905e0612b5768ddec77621a86635a79a2c6a3f3b2fe1e9a00d1bbad0802dbf08b8ee5095d9387eeb557aa0e603c2c
-  data.tar.gz: 3dcd87ad285151b44c6f3d1d6bb4d8944b668db44b836d46a956470040fe5ab3cca9d665802420bf9da6602bdebd4474cbefafb09d05ddfd0cb169c3dc43d61b
+  metadata.gz: 26a50246edaa50f39dba47018111e7803891daea153f9ed2bf5b2dd916613eac40d30f66fbb6c6f5a5e3f0a2aa5b470715d2848b9a68219d59afc23533800fb7
+  data.tar.gz: 63dd51a285d26aa58d4a5de34000c2d28bbdee18333841ea3d09a2b003052141c094fe4c94d89d03da2030c74a4f2802487b8d1255c735ea846d422f49bb1e48

data/README.md CHANGED Viewed

@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
 $ rvm list gemsets
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.636]:001 >>> PWN.help
+pwn[v0.4.637]:001 >>> PWN.help
 ```
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.636]:001 >>> PWN.help
+pwn[v0.4.637]:001 >>> PWN.help
 ```

data/lib/pwn/plugins/baresip.rb CHANGED Viewed

@@ -84,12 +84,13 @@ module PWN
         raise "no http_listen value found in #{config}." if http_list_entry.empty?
         # Update http_listen value in respective config with random available port
-        random_port = -1
-        port_in_use = true
-        while port_in_use
-          random_port = Random.rand(1024..65_535)
-          port_in_use = PWN::Plugins::Sock.check_port_in_use(port: random_port)
-        end
+        # random_port = -1
+        # port_in_use = true
+        # while port_in_use
+        #   random_port = Random.rand(1024..65_535)
+        #   port_in_use = PWN::Plugins::Sock.check_port_in_use(port: random_port)
+        # end
+        random_port = PWN::Plugins::Sock.get_random_unused_port
         http_listen_ip_port = "127.0.0.1:#{random_port}"
         updated_config_content = ''

data/lib/pwn/plugins/burp_suite.rb CHANGED Viewed

@@ -40,8 +40,11 @@ module PWN
         burp_obj = {}
         burp_obj[:pid] = Process.spawn(burp_cmd_string)
         rest_browser = PWN::Plugins::TransparentBrowser.open(browser_type: :rest)
-        burp_obj[:mitm_proxy] = '127.0.0.1:8080'
-        burp_obj[:burpbuddy_api] = '127.0.0.1:8001'
+        random_mitm_port = PWN::Plugins::Sock.get_random_unused_port
+        random_bb_port = random_mitm_port
+        random_bb_port = PWN::Plugins::Sock.get_random_unused_port while random_bb_port == random_mitm_port
+        burp_obj[:mitm_proxy] = "127.0.0.1:#{random_mitm_port}"
+        burp_obj[:burpbuddy_api] = "127.0.0.1:#{random_bb_port}"
         burp_obj[:rest_browser] = rest_browser
         # Proxy always listens on localhost...use SSH tunneling if remote access is required
@@ -54,7 +57,7 @@ module PWN
         # Wait for TCP 8001 to open prior to returning burp_obj
         loop do
-          s = TCPSocket.new('127.0.0.1', 8001)
+          s = TCPSocket.new('127.0.0.1', random_bb_port)
           s.close
           break
         rescue Errno::ECONNREFUSED

data/lib/pwn/plugins/owasp_zap.rb CHANGED Viewed

@@ -75,7 +75,7 @@ module PWN
       #   api_key: 'required - api key for API authorization',
       #   zap_bin_path: 'optional - path to zap.sh file'
       #   headless: 'optional - run zap headless if set to true',
-      #   proxy: 'optional - change local zap proxy listener (defaults to http://127.0.0.1:8080)',
+      #   proxy: 'optional - change local zap proxy listener (defaults to http://127.0.0.1:<Random 1024-65535>)',
       # )
       public_class_method def self.start(opts = {})
@@ -118,7 +118,8 @@ module PWN
           proxy_uri = URI.parse(proxy)
           owasp_zap_cmd = "#{owasp_zap_cmd} -host #{proxy_uri.host} -port #{proxy_uri.port}"
         else
-          proxy = 'http://127.0.0.1:8080'
+          random_port = PWN::Plugins::Sock.get_random_unused_port
+          proxy = "http://127.0.0.1:#{random_port}"
           proxy_uri = URI.parse(proxy)
         end
         zap_obj[:host] = proxy_uri.host.to_s.scrub
@@ -499,7 +500,7 @@ module PWN
             api_key: 'required - api key for API authorization',
             zap_bin_path: 'optional - path to zap.sh file',
             headless: 'optional - run zap headless if set to true',
-            proxy: 'optional - change local zap proxy listener (defaults to http://127.0.0.1:8080)'
+            proxy: 'optional - change local zap proxy listener (defaults to http://127.0.0.1:<Random 1024-65535>)'
           )
           puts zap_obj.public_methods

data/lib/pwn/plugins/sock.rb CHANGED Viewed

@@ -47,10 +47,40 @@ module PWN
         raise e
       end
+      # Supported Method Parameters::
+      # PWN::Plugins::Sock.get_random_unused_port(
+      #   server_ip: 'optional - target host or ip to check (Defaults to 127.0.0.1)',
+      #   protocol: 'optional - :tcp || :udp (defaults to tcp)'
+      # )
+      public_class_method def self.get_random_unused_port(opts = {})
+        server_ip = opts[:server_ip]
+        server_ip ||= '127.0.0.1'
+        port = -1
+        protocol = opts[:protocol]
+        protocol ||= :tcp
+        port_in_use = true
+        while port_in_use
+          port = Random.rand(1024..65_535)
+          port_in_use = check_port_in_use(
+            server_ip: server_ip,
+            port: port,
+            protocol: protocol
+          )
+        end
+        port
+      rescue Errno::ECONNREFUSED,
+             Errno::EHOSTUNREACH,
+             Errno::ETIMEDOUT
+        false
+      end
       # Supported Method Parameters::
       # PWN::Plugins::Sock.check_port_in_use(
-      #   port: 'required - target port',
       #   server_ip: 'optional - target host or ip to check (Defaults to 127.0.0.1)',
+      #   port: 'required - target port',
       #   protocol: 'optional - :tcp || :udp (defaults to tcp)'
       # )
@@ -163,9 +193,14 @@ module PWN
             tls: 'optional - boolean connect to target socket using TLS (defaults to false)'
           )
-          #{self}.check_port_availability(
-            port: 'required - target port',
+          port = #{self}.get_random_unused_port(
+            server_ip: 'optional - target host or ip to check (Defaults to 127.0.0.1)',
+            protocol: 'optional - :tcp || :udp (defaults to tcp)'
+          )
+          #{self}.check_port_in_use(
             server_ip: 'optional - target host or ip to check (Defaults to 127.0.0.1)',
+            port: 'required - target port',
             protocol: 'optional - :tcp || :udp (defaults to tcp)'
           )

data/lib/pwn/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module PWN
-  VERSION = '0.4.636'
+  VERSION = '0.4.637'
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.4.636
+  version: 0.4.637
 platform: ruby
 authors:
 - 0day Inc.