pwn 0.4.636 → 0.4.638

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +2 -2
  3. data/lib/pwn/plugins/baresip.rb +7 -6
  4. data/lib/pwn/plugins/burp_suite.rb +3 -0
  5. data/lib/pwn/plugins/owasp_zap.rb +5 -4
  6. data/lib/pwn/plugins/sock.rb +38 -3
  7. data/lib/pwn/version.rb +1 -1
  8. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: a53e0d51559f7f2ef0d158dad69d01317a5b3d1effc551bdc2864296472ce1ca
4
- data.tar.gz: b3c9a88c2fae88c35bc97d6461107482bc33565d60d2c8acaa714debcc400999
3
+ metadata.gz: e3997d085d7b525c646e2899c95468a734df8021f722717c1453c52cf3d6c208
4
+ data.tar.gz: 5490d6e641a80efa324b8b12184f8d368012c3a7fd7a137c0d5171efd77f6a45
5
5
  SHA512:
6
- metadata.gz: 0e03ec1ebe7a078a6c2872172d28e7af661905e0612b5768ddec77621a86635a79a2c6a3f3b2fe1e9a00d1bbad0802dbf08b8ee5095d9387eeb557aa0e603c2c
7
- data.tar.gz: 3dcd87ad285151b44c6f3d1d6bb4d8944b668db44b836d46a956470040fe5ab3cca9d665802420bf9da6602bdebd4474cbefafb09d05ddfd0cb169c3dc43d61b
6
+ metadata.gz: 72c2121bfc843d071e745e53452a77523e996d18b88e2e1fd93184048e3154151a5348fa86fbdbc669d33af01c028483d1cbf19278eb721b5aa34aab2abd2029
7
+ data.tar.gz: 894d262d198208c8c585594edb0fa36805b32bf465abcf4ac61fc4e4609021f6a6845ab776b91139c5b4a257a2bfb209c3b7c08cdf9470404719f0a885cf7862
data/README.md CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
37
37
  $ rvm list gemsets
38
38
  $ gem install --verbose pwn
39
39
  $ pwn
40
- pwn[v0.4.636]:001 >>> PWN.help
40
+ pwn[v0.4.638]:001 >>> PWN.help
41
41
  ```
42
42
 
43
43
  [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
52
52
  $ gem uninstall --all --executables pwn
53
53
  $ gem install --verbose pwn
54
54
  $ pwn
55
- pwn[v0.4.636]:001 >>> PWN.help
55
+ pwn[v0.4.638]:001 >>> PWN.help
56
56
  ```
57
57
 
58
58
 
data/lib/pwn/plugins/baresip.rb CHANGED
@@ -84,12 +84,13 @@ module PWN
84
84
  raise "no http_listen value found in #{config}." if http_list_entry.empty?
85
85
 
86
86
  # Update http_listen value in respective config with random available port
87
- random_port = -1
88
- port_in_use = true
89
- while port_in_use
90
- random_port = Random.rand(1024..65_535)
91
- port_in_use = PWN::Plugins::Sock.check_port_in_use(port: random_port)
92
- end
87
+ # random_port = -1
88
+ # port_in_use = true
89
+ # while port_in_use
90
+ # random_port = Random.rand(1024..65_535)
91
+ # port_in_use = PWN::Plugins::Sock.check_port_in_use(port: random_port)
92
+ # end
93
+ random_port = PWN::Plugins::Sock.get_random_unused_port
93
94
  http_listen_ip_port = "127.0.0.1:#{random_port}"
94
95
 
95
96
  updated_config_content = ''
data/lib/pwn/plugins/burp_suite.rb CHANGED
@@ -40,6 +40,9 @@ module PWN
40
40
  burp_obj = {}
41
41
  burp_obj[:pid] = Process.spawn(burp_cmd_string)
42
42
  rest_browser = PWN::Plugins::TransparentBrowser.open(browser_type: :rest)
43
+ # random_mitm_port = PWN::Plugins::Sock.get_random_unused_port
44
+ # random_bb_port = random_mitm_port
45
+ # random_bb_port = PWN::Plugins::Sock.get_random_unused_port while random_bb_port == random_mitm_port
43
46
  burp_obj[:mitm_proxy] = '127.0.0.1:8080'
44
47
  burp_obj[:burpbuddy_api] = '127.0.0.1:8001'
45
48
  burp_obj[:rest_browser] = rest_browser
data/lib/pwn/plugins/owasp_zap.rb CHANGED
@@ -75,7 +75,7 @@ module PWN
75
75
  # api_key: 'required - api key for API authorization',
76
76
  # zap_bin_path: 'optional - path to zap.sh file'
77
77
  # headless: 'optional - run zap headless if set to true',
78
- # proxy: 'optional - change local zap proxy listener (defaults to http://127.0.0.1:8080)',
78
+ # proxy: 'optional - change local zap proxy listener (defaults to http://127.0.0.1:<Random 1024-65535>)',
79
79
  # )
80
80
 
81
81
  public_class_method def self.start(opts = {})
@@ -116,11 +116,12 @@ module PWN
116
116
  if opts[:proxy]
117
117
  proxy = opts[:proxy].to_s.scrub.strip.chomp
118
118
  proxy_uri = URI.parse(proxy)
119
- owasp_zap_cmd = "#{owasp_zap_cmd} -host #{proxy_uri.host} -port #{proxy_uri.port}"
120
119
  else
121
- proxy = 'http://127.0.0.1:8080'
120
+ random_port = PWN::Plugins::Sock.get_random_unused_port
121
+ proxy = "http://127.0.0.1:#{random_port}"
122
122
  proxy_uri = URI.parse(proxy)
123
123
  end
124
+ owasp_zap_cmd = "#{owasp_zap_cmd} -host #{proxy_uri.host} -port #{proxy_uri.port}"
124
125
  zap_obj[:host] = proxy_uri.host.to_s.scrub
125
126
  zap_obj[:port] = proxy_uri.port.to_i
126
127
 
@@ -499,7 +500,7 @@ module PWN
499
500
  api_key: 'required - api key for API authorization',
500
501
  zap_bin_path: 'optional - path to zap.sh file',
501
502
  headless: 'optional - run zap headless if set to true',
502
- proxy: 'optional - change local zap proxy listener (defaults to http://127.0.0.1:8080)'
503
+ proxy: 'optional - change local zap proxy listener (defaults to http://127.0.0.1:<Random 1024-65535>)'
503
504
  )
504
505
  puts zap_obj.public_methods
505
506
 
data/lib/pwn/plugins/sock.rb CHANGED
@@ -47,10 +47,40 @@ module PWN
47
47
  raise e
48
48
  end
49
49
 
50
+ # Supported Method Parameters::
51
+ # PWN::Plugins::Sock.get_random_unused_port(
52
+ # server_ip: 'optional - target host or ip to check (Defaults to 127.0.0.1)',
53
+ # protocol: 'optional - :tcp || :udp (defaults to tcp)'
54
+ # )
55
+
56
+ public_class_method def self.get_random_unused_port(opts = {})
57
+ server_ip = opts[:server_ip]
58
+ server_ip ||= '127.0.0.1'
59
+ port = -1
60
+ protocol = opts[:protocol]
61
+ protocol ||= :tcp
62
+
63
+ port_in_use = true
64
+ while port_in_use
65
+ port = Random.rand(1024..65_535)
66
+ port_in_use = check_port_in_use(
67
+ server_ip: server_ip,
68
+ port: port,
69
+ protocol: protocol
70
+ )
71
+ end
72
+
73
+ port
74
+ rescue Errno::ECONNREFUSED,
75
+ Errno::EHOSTUNREACH,
76
+ Errno::ETIMEDOUT
77
+ false
78
+ end
79
+
50
80
  # Supported Method Parameters::
51
81
  # PWN::Plugins::Sock.check_port_in_use(
52
- # port: 'required - target port',
53
82
  # server_ip: 'optional - target host or ip to check (Defaults to 127.0.0.1)',
83
+ # port: 'required - target port',
54
84
  # protocol: 'optional - :tcp || :udp (defaults to tcp)'
55
85
  # )
56
86
 
@@ -163,9 +193,14 @@ module PWN
163
193
  tls: 'optional - boolean connect to target socket using TLS (defaults to false)'
164
194
  )
165
195
 
166
- #{self}.check_port_availability(
167
- port: 'required - target port',
196
+ port = #{self}.get_random_unused_port(
197
+ server_ip: 'optional - target host or ip to check (Defaults to 127.0.0.1)',
198
+ protocol: 'optional - :tcp || :udp (defaults to tcp)'
199
+ )
200
+
201
+ #{self}.check_port_in_use(
168
202
  server_ip: 'optional - target host or ip to check (Defaults to 127.0.0.1)',
203
+ port: 'required - target port',
169
204
  protocol: 'optional - :tcp || :udp (defaults to tcp)'
170
205
  )
171
206
 
data/lib/pwn/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module PWN
4
- VERSION = '0.4.636'
4
+ VERSION = '0.4.638'
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pwn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.636
4
+ version: 0.4.638
5
5
  platform: ruby
6
6
  authors:
7
7
  - 0day Inc.