pwn 0.4.638 → 0.4.640

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +2 -2
  3. data/bin/pwn_owasp_zap_active_scan +2 -3
  4. data/lib/pwn/plugins/burp_suite.rb +4 -4
  5. data/lib/pwn/plugins/owasp_zap.rb +6 -8
  6. data/lib/pwn/version.rb +1 -1
  7. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e3997d085d7b525c646e2899c95468a734df8021f722717c1453c52cf3d6c208
4
- data.tar.gz: 5490d6e641a80efa324b8b12184f8d368012c3a7fd7a137c0d5171efd77f6a45
3
+ metadata.gz: 4c40109d7dcb603b5bc2b8de9dbf35572a4349b59d3077bd1201faaa06d31884
4
+ data.tar.gz: be4911b1f1cbdfd1feb30458ac1c1ed82db29e82e0161737b3e76a423aec6e50
5
5
  SHA512:
6
- metadata.gz: 72c2121bfc843d071e745e53452a77523e996d18b88e2e1fd93184048e3154151a5348fa86fbdbc669d33af01c028483d1cbf19278eb721b5aa34aab2abd2029
7
- data.tar.gz: 894d262d198208c8c585594edb0fa36805b32bf465abcf4ac61fc4e4609021f6a6845ab776b91139c5b4a257a2bfb209c3b7c08cdf9470404719f0a885cf7862
6
+ metadata.gz: 3d3d7b800e65da20d2b1642e322ed9a45cce9a7b907518d2b28de6ecd4c2301e37ec6faddac162cbd3f618ee58a9908b47790f4c4be1d6c2725b1453be301d8b
7
+ data.tar.gz: 93798c09ef3098d1dab7d38c20a9b8bca87c3b8af0abec88dd707f313748aa5665246725007c264836d48850529ab941bbdb07e166a55ae48c0a5871df7bd5e1
data/README.md CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
37
37
  $ rvm list gemsets
38
38
  $ gem install --verbose pwn
39
39
  $ pwn
40
- pwn[v0.4.638]:001 >>> PWN.help
40
+ pwn[v0.4.640]:001 >>> PWN.help
41
41
  ```
42
42
 
43
43
  [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
52
52
  $ gem uninstall --all --executables pwn
53
53
  $ gem install --verbose pwn
54
54
  $ pwn
55
- pwn[v0.4.638]:001 >>> PWN.help
55
+ pwn[v0.4.640]:001 >>> PWN.help
56
56
  ```
57
57
 
58
58
 
data/bin/pwn_owasp_zap_active_scan CHANGED
@@ -38,7 +38,7 @@ OptionParser.new do |options|
38
38
  opts[:headless] = h
39
39
  end
40
40
 
41
- options.on('-pPROXY', '--proxy=PROXY', '<Optional - Change Local Zap Proxy Listener (Default http://127.0.0.1:8080)>') do |p|
41
+ options.on('-pPROXY', '--proxy=PROXY', '<Optional - Change Local Zap Proxy Listener (Default http://127.0.0.1:<Random 1024-65535>)>') do |p|
42
42
  opts[:proxy] = p
43
43
  end
44
44
  end.parse!
@@ -64,8 +64,7 @@ begin
64
64
  navigation_instruct = opts[:navigation_instruct].to_s.strip.chomp.scrub if File.exist?(opts[:navigation_instruct].to_s.strip.chomp.scrub)
65
65
  zap_bin_path = opts[:zap_bin_path].to_s.strip.chomp.scrub if File.exist?(opts[:zap_bin_path].to_s.strip.chomp.scrub)
66
66
  headless = opts[:headless]
67
- proxy = opts[:proxy].to_s.strip.chomp.scrub
68
- proxy = 'http://127.0.0.1:8080' if proxy == ''
67
+ proxy = opts[:proxy]
69
68
 
70
69
  # ------
71
70
  # Dynamically build arguments hash based on flags passed and Open Zap
data/lib/pwn/plugins/burp_suite.rb CHANGED
@@ -29,11 +29,11 @@ module PWN
29
29
  end
30
30
 
31
31
  if opts[:headless]
32
- # burp_cmd_string = "java -Xmx3G -Djava.awt.headless=true -classpath #{burp_root}/burpbuddy.jar:#{burp_jar_path} burp.StartBurp"
33
- burp_cmd_string = "java -Xmx3G -Djava.awt.headless=true -classpath #{burp_root}/burpbuddy.jar -jar #{burp_jar_path}"
32
+ # burp_cmd_string = "java -Xmx4G -Djava.awt.headless=true -classpath #{burp_root}/burpbuddy.jar:#{burp_jar_path} burp.StartBurp"
33
+ burp_cmd_string = "java -Xmx4G -Djava.awt.headless=true -classpath #{burp_root}/burpbuddy.jar -jar #{burp_jar_path}"
34
34
  else
35
- # burp_cmd_string = "java -Xmx3G -classpath #{burp_root}/burpbuddy.jar:#{burp_jar_path} burp.StartBurp"
36
- burp_cmd_string = "java -Xmx3G -classpath #{burp_root}/burpbuddy.jar -jar #{burp_jar_path}"
35
+ # burp_cmd_string = "java -Xmx4G -classpath #{burp_root}/burpbuddy.jar:#{burp_jar_path} burp.StartBurp"
36
+ burp_cmd_string = "java -Xmx4G -classpath #{burp_root}/burpbuddy.jar -jar #{burp_jar_path}"
37
37
  end
38
38
 
39
39
  # Construct burp_obj
data/lib/pwn/plugins/owasp_zap.rb CHANGED
@@ -113,14 +113,12 @@ module PWN
113
113
  owasp_zap_cmd = "cd #{zap_dir} && ./#{zap_bin}"
114
114
  end
115
115
 
116
- if opts[:proxy]
117
- proxy = opts[:proxy].to_s.scrub.strip.chomp
118
- proxy_uri = URI.parse(proxy)
119
- else
120
- random_port = PWN::Plugins::Sock.get_random_unused_port
121
- proxy = "http://127.0.0.1:#{random_port}"
122
- proxy_uri = URI.parse(proxy)
123
- end
116
+ random_port = PWN::Plugins::Sock.get_random_unused_port
117
+
118
+ proxy = "http://127.0.0.1:#{random_port}"
119
+ proxy = opts[:proxy].to_s.scrub.strip.chomp if opts[:proxy]
120
+
121
+ proxy_uri = URI.parse(proxy)
124
122
  owasp_zap_cmd = "#{owasp_zap_cmd} -host #{proxy_uri.host} -port #{proxy_uri.port}"
125
123
  zap_obj[:host] = proxy_uri.host.to_s.scrub
126
124
  zap_obj[:port] = proxy_uri.port.to_i
data/lib/pwn/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module PWN
4
- VERSION = '0.4.638'
4
+ VERSION = '0.4.640'
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pwn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.638
4
+ version: 0.4.640
5
5
  platform: ruby
6
6
  authors:
7
7
  - 0day Inc.