pwn 0.4.647 → 0.4.649

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7cac8dc36a8fa224c844ae74754c2e2fdfa19da971a130235ab8b220b081f419
-  data.tar.gz: 7d79fb7aedc4c01157eb15d35a9b790d09acf962edeb0e18fdff056fd5233ae0
+  metadata.gz: 0bb975f8a9a611bf3ebf207886d6ff732a9256260065f4113e899cb2351f1058
+  data.tar.gz: 3c24d920cd68004959016e20402a328dc465fb0ed76ff0abafa4979cb6a300e1
 SHA512:
-  metadata.gz: 741322843a67b02b60670ec2be63329f7a1c66b0e0b25ffa49544ab10830205a60044ba5ba16787f3660f9e651c15e1aa4e8b64008bc27a64398712963b207b7
-  data.tar.gz: b67539738e255c51ad75eb3d5e3d55ba0d63321a4557ca1bcf9fd19b5cf9f90ee1a7edadca79136d9787ae94ecfbe4f6b9568bf06d72c3c61438b5ff37e5adf9
+  metadata.gz: d54d1631b8ba697301535d8d00698d0861b75279d93930ae67cfb7a9953f639b3a44997c30d73c90872dac3159ca18fc5c17a3bec1c0513d02f32a85813ba36b
+  data.tar.gz: 748e285a1f0419b0c4cec38890e08b755892553e9314ae69e211bdccffd8b2da8d274142456d4ce52261c3a1aedcf691a3643c6f88391382f711001631897efc

data/.rubocop_todo.yml

@@ -1,6 +1,6 @@
 # This configuration was generated by
 # `rubocop --auto-gen-config`
-# on 2023-03-07 16:56:25 UTC using RuboCop version 1.48.0.
+# on 2023-04-21 20:18:30 UTC using RuboCop version 1.50.2.
 # The point is for the user to remove these configuration records
 # one by one as the offenses are removed from the code base.
 # Note that changes in the inspected code, or installation of new
@@ -8,7 +8,7 @@
 
 # Offense count: 5
 # This cop supports safe autocorrection (--autocorrect).
-# Configuration parameters: AutoCorrect, EnforcedStyle.
+# Configuration parameters: EnforcedStyle.
 # SupportedStyles: space, no_space
 Layout/LineContinuationSpacing:
   Exclude:
@@ -17,20 +17,20 @@ Layout/LineContinuationSpacing:
     - 'packer/provisioners/wpscan.rb'
     - 'vagrant/provisioners/beef.rb'
 
-# Offense count: 270
+# Offense count: 269
 Lint/UselessAssignment:
   Enabled: false
 
-# Offense count: 631
+# Offense count: 628
 Lint/UselessRescue:
   Enabled: false
 
-# Offense count: 271
+# Offense count: 273
 # Configuration parameters: AllowedMethods, AllowedPatterns, CountRepeatedAttributes.
 Metrics/AbcSize:
   Max: 328
 
-# Offense count: 69
+# Offense count: 70
 # Configuration parameters: CountComments, CountAsOne, AllowedMethods, AllowedPatterns.
 # AllowedMethods: refine
 Metrics/BlockLength:
@@ -47,12 +47,12 @@ Metrics/CollectionLiteralLength:
   Exclude:
     - 'lib/pwn/plugins/uri_scheme.rb'
 
-# Offense count: 98
+# Offense count: 100
 # Configuration parameters: AllowedMethods, AllowedPatterns.
 Metrics/CyclomaticComplexity:
   Max: 231
 
-# Offense count: 493
+# Offense count: 496
 # Configuration parameters: CountComments, CountAsOne, AllowedMethods, AllowedPatterns.
 Metrics/MethodLength:
   Max: 466
@@ -62,16 +62,16 @@ Metrics/MethodLength:
 Metrics/ModuleLength:
   Max: 1186
 
-# Offense count: 90
+# Offense count: 93
 # Configuration parameters: AllowedMethods, AllowedPatterns.
 Metrics/PerceivedComplexity:
   Max: 51
 
-# Offense count: 166
+# Offense count: 165
 Style/ClassVars:
   Enabled: false
 
-# Offense count: 285
+# Offense count: 289
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: EnforcedStyle, SingleLineConditionsOnly, IncludeTernaryExpressions.
 # SupportedStyles: assign_to_condition, assign_inside_condition
@@ -84,10 +84,11 @@ Style/ExplicitBlockArgument:
   Exclude:
     - 'lib/pwn/plugins/nmap_it.rb'
 
-# Offense count: 1
+# Offense count: 3
 # This cop supports safe autocorrection (--autocorrect).
 Style/IfUnlessModifier:
   Exclude:
+    - 'bin/pwn'
     - 'lib/pwn/plugins/baresip.rb'
 
 # Offense count: 95
@@ -108,12 +109,27 @@ Style/RedundantStringEscape:
     - 'lib/pwn/sast/redos.rb'
     - 'vagrant/provisioners/kali_customize.rb'
 
-# Offense count: 46
+# Offense count: 44
 # This cop supports unsafe autocorrection (--autocorrect-all).
 Style/SlicingWithRange:
   Enabled: false
 
-# Offense count: 579
+# Offense count: 1
+# This cop supports safe autocorrection (--autocorrect).
+# Configuration parameters: AllowModifier.
+Style/SoleNestedConditional:
+  Exclude:
+    - 'bin/pwn'
+
+# Offense count: 1
+# This cop supports safe autocorrection (--autocorrect).
+# Configuration parameters: EnforcedStyle, ConsistentQuotesInMultiline.
+# SupportedStyles: single_quotes, double_quotes
+Style/StringLiterals:
+  Exclude:
+    - 'bin/pwn'
+
+# Offense count: 585
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, AllowedPatterns.
 # URISchemes: http, https

data/README.md

@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
 $ rvm list gemsets
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.647]:001 >>> PWN.help
+pwn[v0.4.649]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.647]:001 >>> PWN.help
+pwn[v0.4.649]:001 >>> PWN.help
 ```
 
 

data/bin/pwn

@@ -5,9 +5,6 @@ require 'optparse'
 require 'pwn'
 require 'pry'
 require 'yaml'
-# require 'colorize'
-# require 'tty-prompt'
-# require 'tty-reader'
 
 opts = {}
 OptionParser.new do |options|
@@ -21,29 +18,39 @@ OptionParser.new do |options|
 end.parse!
 
 begin
-  def gen_ps1_proc(opts = {})
-    delim = opts[:delim]
-
-    # title = 'pwn'.red.bold
-    title = "\001\e[1m\002\001\e[31m\002#{File.basename($PROGRAM_NAME)}\001\e[0m\002"
-    # version = PWN::VERSION.cyan
-    version = "\001\e[36m\002v#{PWN::VERSION}\001\e[0m\002"
-    # dchars = '>>>'.green
-    dchars = "\001\e[32m\002>>>\001\e[0m\002"
-    # dchars = '***'.yellow if delim == :splat
-    dchars = "\001\e[33m\002***\001\e[0m\002" if delim == :splat
-
-    proc do |_target_self, _nest_level, pry|
-      pry.config.pwn_repl_line += 1
+  def refresh_ps1_proc(opts = {})
+    mode = opts[:mode]
+
+    proc do |_target_self, _nest_level, pi|
+      pi.config.pwn_repl_line += 1
       line_pad = format(
         '%0.3d',
-        pry.config.pwn_repl_line
+        pi.config.pwn_repl_line
       )
-      line_count = "\001\e[34m\002#{line_pad}\001\e[0m\002" # Blue
-      "#{title}[#{version}]:#{line_count} #{dchars} ".to_s.scrub
+
+      pi.config.prompt_name = :pwn
+      name = "\001\e[1m\002\001\e[31m\002#{pi.config.prompt_name}\001\e[0m\002"
+      version = "\001\e[36m\002v#{PWN::VERSION}\001\e[0m\002"
+      line_count = "\001\e[34m\002#{line_pad}\001\e[0m\002"
+      dchars = "\001\e[32m\002>>>\001\e[0m\002"
+      dchars = "\001\e[33m\002***\001\e[0m\002" if mode == :splat
+      if pi.config.chat_gpt
+        pi.config.prompt_name = 'chatGPT.pwn'
+        pi.config.prompt_name = 'SPEAKING.chatGPT.pwn' if pi.config.chat_gpt_speak
+        name = "\001\e[1m\002\001\e[33m\002#{pi.config.prompt_name}\001\e[0m\002"
+        dchars = "\001\e[32m\002>>>\001\e[31m\002"
+        dchars = "\001\e[33m\002***\001\e[31m\002" if mode == :splat
+        if pi.config.chat_gpt_debug
+          dchars = "\001\e[32m\002(DEBUG) >>>\001\e[31m\002"
+          dchars = "\001\e[33m\002(DEBUG) ***\001\e[31m\002" if mode == :splat
+        end
+      end
+
+      "#{name}[#{version}]:#{line_count} #{dchars} ".to_s.scrub
     end
   end
 
+  # Pry Monkey Patches \_(oo)_/
   class Pry
     # Overwrite Pry::History.push method in History class to get duplicate history entries
     # in order to properly replay automation in this prototyping driver
@@ -66,6 +73,108 @@ begin
       end
       alias << push
     end
+
+    def handle_line(line, options)
+      if line.nil?
+        config.control_d_handler.call(self)
+        return
+      end
+
+      ensure_correct_encoding!(line)
+      Pry.history << line unless options[:generated]
+
+      @suppress_output = false
+      inject_sticky_locals!
+      begin
+        unless process_command_safely(line)
+          @eval_string += "#{line.chomp}\n" if !line.empty? || !@eval_string.empty?
+        end
+      rescue RescuableException => e
+        self.last_exception = e
+        result = e
+
+        Pry.critical_section do
+          show_result(result)
+        end
+        return
+      end
+
+      # This hook is supposed to be executed after each line of ruby code
+      # has been read (regardless of whether eval_string is yet a complete expression)
+      exec_hook :after_read, eval_string, self
+
+      begin
+        if config.chat_gpt
+          complete_expr = true
+          @eval_string += ';'
+        else
+          complete_expr = Pry::Code.complete_expression?(@eval_string)
+        end
+      rescue SyntaxError => e
+        output.puts e.message.gsub(/^.*syntax error, */, "SyntaxError: ")
+        reset_eval_string
+      end
+
+      if complete_expr
+        if @eval_string =~ /;\Z/ || @eval_string.empty? || @eval_string =~ /\A *#.*\n\z/
+          @suppress_output = true
+        end
+
+        # A bug in jruby makes java.lang.Exception not rescued by
+        # `rescue Pry::RescuableException` clause.
+        #
+        # * https://github.com/pry/pry/issues/854
+        # * https://jira.codehaus.org/browse/JRUBY-7100
+        #
+        # Until that gets fixed upstream, treat java.lang.Exception
+        # as an additional exception to be rescued explicitly.
+        #
+        # This workaround has a side effect: java exceptions specified
+        # in `Pry.config.unrescued_exceptions` are ignored.
+        jruby_exceptions = []
+        jruby_exceptions << Java::JavaLang::Exception if Helpers::Platform.jruby?
+
+        begin
+          # Reset eval string, in case we're evaluating Ruby that does something
+          # like open a nested REPL on this instance.
+          eval_string = @eval_string
+          reset_eval_string
+
+          result = evaluate_ruby(eval_string)
+        rescue RescuableException, *jruby_exceptions => e
+          # Eliminate following warning:
+          # warning: singleton on non-persistent Java type X
+          # (http://wiki.jruby.org/Persistence)
+          if Helpers::Platform.jruby? && e.class.respond_to?('__persistent__')
+            e.class.__persistent__ = true
+          end
+          self.last_exception = e
+          result = e
+        end
+
+        Pry.critical_section do
+          show_result(result)
+        end
+      end
+
+      throw(:breakout) if current_binding.nil?
+    end
+
+    # Ensure the return value in chat_gpt mode reflects the input
+    def evaluate_ruby(code)
+      if config.chat_gpt
+        result = message = code.to_s
+        return
+      end
+      inject_sticky_locals!
+      exec_hook :before_eval, code, self
+
+      result = current_binding.eval(code, Pry.eval_path, Pry.current_line)
+      set_last_result(result, code)
+    ensure
+      update_input_history(code)
+      exec_hook :after_eval, result, self
+    end
   end
 
   # Define Custom REPL Commands
@@ -86,42 +195,38 @@ begin
     end
   end
 
-  Pry::Commands.create_command 'toggle-chatGPT-debug' do
-    description "Display the response_history object while using OpenAI's ChatGPT."
+  Pry::Commands.create_command 'toggle-chatGPT' do
+    description "Interact w/ OpenAI's ChatGPT"
 
     def process
       pi = pry_instance
-      pi.config.chat_gpt_debug ? pi.config.chat_gpt_debug = false : pi.config.chat_gpt_debug = true
-      puts 'ChatGPT Debug Enabled.' if pi.config.chat_gpt_debug
-      puts 'ChatGPT Debug Disabled.' unless pi.config.chat_gpt_debug
+      pi.config.chat_gpt ? pi.config.chat_gpt = false : pi.config.chat_gpt = true
+      pi.config.color = false if pi.config.chat_gpt
+      pi.config.color = true unless pi.config.chat_gpt
     end
   end
 
-  Pry::Commands.create_command 'toggle-chatGPT-speaks' do
-    description 'Use speech capabilities within PWN to speak OpenAI ChatGPT answers.'
+  Pry::Commands.create_command 'toggle-chatGPT-debug' do
+    description "Display the response_history object while using OpenAI's ChatGPT."
 
     def process
       pi = pry_instance
-      pi.config.chat_gpt_speak ? pi.config.chat_gpt_speak = false : pi.config.chat_gpt_speak = true
-      print 'ChatGPT Speech Enabled.' if pi.config.chat_gpt_speak
-      puts 'ChatGPT Speech Disabled.' unless pi.config.chat_gpt_speak
+      pi.config.chat_gpt_debug ? pi.config.chat_gpt_debug = false : pi.config.chat_gpt_debug = true
     end
   end
 
-  Pry::Commands.create_command 'toggle-chatGPT' do
-    description "Interact w/ OpenAI's ChatGPT"
+  Pry::Commands.create_command 'toggle-chatGPT-speaks' do
+    description 'Use speech capabilities within PWN to speak OpenAI ChatGPT answers.'
 
     def process
       pi = pry_instance
-      pi.config.chat_gpt ? pi.config.chat_gpt = false : pi.config.chat_gpt = true
-      puts 'ChatGPT Enabled.' if pi.config.chat_gpt
-      puts 'ChatGPT Disabled.' unless pi.config.chat_gpt
+      pi.config.chat_gpt_speak ? pi.config.chat_gpt_speak = false : pi.config.chat_gpt_speak = true
     end
   end
 
   # Define REPL Hooks
   # Welcome Banner Hook
-  Pry.config.hooks.add_hook(:before_session, :welcome) do |output, _binding, _pry|
+  Pry.config.hooks.add_hook(:before_session, :welcome) do |output, _binding, _pi|
     output.puts PWN::Banner.welcome
   end
 
@@ -134,8 +239,9 @@ begin
     end
   end
 
-  Pry.config.hooks.add_hook(:after_eval, :open_ai_hook) do |request, pi|
-    if pi.config.chat_gpt && request
+  Pry.config.hooks.add_hook(:after_read, :open_ai_hook) do |request, pi|
+    if pi.config.chat_gpt && !request.chomp.empty?
+      request = pi.input.line_buffer
       debug = pi.config.chat_gpt_debug
       token = pi.config.chat_gpt_token
       token ||= ''
@@ -150,13 +256,13 @@ begin
       speak_answer = pi.config.chat_gpt_speak
       response = PWN::Plugins::OpenAI.chat(
         token: token,
-        request: request.to_s,
+        request: request.chomp,
         temp: 1,
         max_tokens: 0,
         response_history: response_history,
         speak_answer: speak_answer
       )
-      puts "\n\n\n#{response[:choices].last[:content]}\n\n\n"
+      puts "\n\n\n\001\e[32m\002#{response[:choices].last[:content]}\001\e[31m\002\n\n\n"
 
       response_history = {
         id: response[:id],
@@ -167,9 +273,9 @@ begin
       response_history[:choices] ||= response[:choices]
 
       if debug
-        puts 'DEBUG: response_history = '
+        puts 'DEBUG: response_history => '
         pp response_history
-        puts "response_history[:choices] Length: #{response_history[:choices].length}\n" unless response_history.nil?
+        puts "\nresponse_history[:choices] Length: #{response_history[:choices].length}\n" unless response_history.nil?
       end
       pi.config.chat_gpt_response_history = response_history
     end
@@ -177,22 +283,22 @@ begin
 
   # Define PS1 Prompt
   Pry.config.pwn_repl_line = 0
-  arrow_ps1_proc = gen_ps1_proc
-  splat_ps1_proc = gen_ps1_proc(delim: :splat)
+  Pry.config.prompt_name = :pwn
+  arrow_ps1_proc = refresh_ps1_proc
+  splat_ps1_proc = refresh_ps1_proc(mode: :splat)
   prompt_ps1 = [arrow_ps1_proc, splat_ps1_proc]
-
-  pwn_prompt = Pry::Prompt.new(
+  prompt = Pry::Prompt.new(
     :pwn,
     'PWN Prototyping REPL',
     prompt_ps1
   )
 
   # Start PWN REPL
-  Pry.config.prompt_name = :pwn
   Pry.start(
     self,
-    prompt: pwn_prompt
+    prompt: prompt
   )
 rescue StandardError => e
+  puts 1111 if Pry.config.chat_gpt
   raise e
 end

data/lib/pwn/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.4.647'
+  VERSION = '0.4.649'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.4.647
+  version: 0.4.649
 platform: ruby
 authors:
 - 0day Inc.
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-04-19 00:00:00.000000000 Z
+date: 2023-04-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport