pwn 0.4.647 → 0.4.649
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rubocop_todo.yml +30 -14
- data/README.md +2 -2
- data/bin/pwn +154 -48
- data/lib/pwn/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 0bb975f8a9a611bf3ebf207886d6ff732a9256260065f4113e899cb2351f1058
|
4
|
+
data.tar.gz: 3c24d920cd68004959016e20402a328dc465fb0ed76ff0abafa4979cb6a300e1
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: d54d1631b8ba697301535d8d00698d0861b75279d93930ae67cfb7a9953f639b3a44997c30d73c90872dac3159ca18fc5c17a3bec1c0513d02f32a85813ba36b
|
7
|
+
data.tar.gz: 748e285a1f0419b0c4cec38890e08b755892553e9314ae69e211bdccffd8b2da8d274142456d4ce52261c3a1aedcf691a3643c6f88391382f711001631897efc
|
data/.rubocop_todo.yml
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
# This configuration was generated by
|
2
2
|
# `rubocop --auto-gen-config`
|
3
|
-
# on 2023-
|
3
|
+
# on 2023-04-21 20:18:30 UTC using RuboCop version 1.50.2.
|
4
4
|
# The point is for the user to remove these configuration records
|
5
5
|
# one by one as the offenses are removed from the code base.
|
6
6
|
# Note that changes in the inspected code, or installation of new
|
@@ -8,7 +8,7 @@
|
|
8
8
|
|
9
9
|
# Offense count: 5
|
10
10
|
# This cop supports safe autocorrection (--autocorrect).
|
11
|
-
# Configuration parameters:
|
11
|
+
# Configuration parameters: EnforcedStyle.
|
12
12
|
# SupportedStyles: space, no_space
|
13
13
|
Layout/LineContinuationSpacing:
|
14
14
|
Exclude:
|
@@ -17,20 +17,20 @@ Layout/LineContinuationSpacing:
|
|
17
17
|
- 'packer/provisioners/wpscan.rb'
|
18
18
|
- 'vagrant/provisioners/beef.rb'
|
19
19
|
|
20
|
-
# Offense count:
|
20
|
+
# Offense count: 269
|
21
21
|
Lint/UselessAssignment:
|
22
22
|
Enabled: false
|
23
23
|
|
24
|
-
# Offense count:
|
24
|
+
# Offense count: 628
|
25
25
|
Lint/UselessRescue:
|
26
26
|
Enabled: false
|
27
27
|
|
28
|
-
# Offense count:
|
28
|
+
# Offense count: 273
|
29
29
|
# Configuration parameters: AllowedMethods, AllowedPatterns, CountRepeatedAttributes.
|
30
30
|
Metrics/AbcSize:
|
31
31
|
Max: 328
|
32
32
|
|
33
|
-
# Offense count:
|
33
|
+
# Offense count: 70
|
34
34
|
# Configuration parameters: CountComments, CountAsOne, AllowedMethods, AllowedPatterns.
|
35
35
|
# AllowedMethods: refine
|
36
36
|
Metrics/BlockLength:
|
@@ -47,12 +47,12 @@ Metrics/CollectionLiteralLength:
|
|
47
47
|
Exclude:
|
48
48
|
- 'lib/pwn/plugins/uri_scheme.rb'
|
49
49
|
|
50
|
-
# Offense count:
|
50
|
+
# Offense count: 100
|
51
51
|
# Configuration parameters: AllowedMethods, AllowedPatterns.
|
52
52
|
Metrics/CyclomaticComplexity:
|
53
53
|
Max: 231
|
54
54
|
|
55
|
-
# Offense count:
|
55
|
+
# Offense count: 496
|
56
56
|
# Configuration parameters: CountComments, CountAsOne, AllowedMethods, AllowedPatterns.
|
57
57
|
Metrics/MethodLength:
|
58
58
|
Max: 466
|
@@ -62,16 +62,16 @@ Metrics/MethodLength:
|
|
62
62
|
Metrics/ModuleLength:
|
63
63
|
Max: 1186
|
64
64
|
|
65
|
-
# Offense count:
|
65
|
+
# Offense count: 93
|
66
66
|
# Configuration parameters: AllowedMethods, AllowedPatterns.
|
67
67
|
Metrics/PerceivedComplexity:
|
68
68
|
Max: 51
|
69
69
|
|
70
|
-
# Offense count:
|
70
|
+
# Offense count: 165
|
71
71
|
Style/ClassVars:
|
72
72
|
Enabled: false
|
73
73
|
|
74
|
-
# Offense count:
|
74
|
+
# Offense count: 289
|
75
75
|
# This cop supports safe autocorrection (--autocorrect).
|
76
76
|
# Configuration parameters: EnforcedStyle, SingleLineConditionsOnly, IncludeTernaryExpressions.
|
77
77
|
# SupportedStyles: assign_to_condition, assign_inside_condition
|
@@ -84,10 +84,11 @@ Style/ExplicitBlockArgument:
|
|
84
84
|
Exclude:
|
85
85
|
- 'lib/pwn/plugins/nmap_it.rb'
|
86
86
|
|
87
|
-
# Offense count:
|
87
|
+
# Offense count: 3
|
88
88
|
# This cop supports safe autocorrection (--autocorrect).
|
89
89
|
Style/IfUnlessModifier:
|
90
90
|
Exclude:
|
91
|
+
- 'bin/pwn'
|
91
92
|
- 'lib/pwn/plugins/baresip.rb'
|
92
93
|
|
93
94
|
# Offense count: 95
|
@@ -108,12 +109,27 @@ Style/RedundantStringEscape:
|
|
108
109
|
- 'lib/pwn/sast/redos.rb'
|
109
110
|
- 'vagrant/provisioners/kali_customize.rb'
|
110
111
|
|
111
|
-
# Offense count:
|
112
|
+
# Offense count: 44
|
112
113
|
# This cop supports unsafe autocorrection (--autocorrect-all).
|
113
114
|
Style/SlicingWithRange:
|
114
115
|
Enabled: false
|
115
116
|
|
116
|
-
# Offense count:
|
117
|
+
# Offense count: 1
|
118
|
+
# This cop supports safe autocorrection (--autocorrect).
|
119
|
+
# Configuration parameters: AllowModifier.
|
120
|
+
Style/SoleNestedConditional:
|
121
|
+
Exclude:
|
122
|
+
- 'bin/pwn'
|
123
|
+
|
124
|
+
# Offense count: 1
|
125
|
+
# This cop supports safe autocorrection (--autocorrect).
|
126
|
+
# Configuration parameters: EnforcedStyle, ConsistentQuotesInMultiline.
|
127
|
+
# SupportedStyles: single_quotes, double_quotes
|
128
|
+
Style/StringLiterals:
|
129
|
+
Exclude:
|
130
|
+
- 'bin/pwn'
|
131
|
+
|
132
|
+
# Offense count: 585
|
117
133
|
# This cop supports safe autocorrection (--autocorrect).
|
118
134
|
# Configuration parameters: AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, AllowedPatterns.
|
119
135
|
# URISchemes: http, https
|
data/README.md
CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
37
37
|
$ rvm list gemsets
|
38
38
|
$ gem install --verbose pwn
|
39
39
|
$ pwn
|
40
|
-
pwn[v0.4.
|
40
|
+
pwn[v0.4.649]:001 >>> PWN.help
|
41
41
|
```
|
42
42
|
|
43
43
|
[![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
53
53
|
$ gem install --verbose pwn
|
54
54
|
$ pwn
|
55
|
-
pwn[v0.4.
|
55
|
+
pwn[v0.4.649]:001 >>> PWN.help
|
56
56
|
```
|
57
57
|
|
58
58
|
|
data/bin/pwn
CHANGED
@@ -5,9 +5,6 @@ require 'optparse'
|
|
5
5
|
require 'pwn'
|
6
6
|
require 'pry'
|
7
7
|
require 'yaml'
|
8
|
-
# require 'colorize'
|
9
|
-
# require 'tty-prompt'
|
10
|
-
# require 'tty-reader'
|
11
8
|
|
12
9
|
opts = {}
|
13
10
|
OptionParser.new do |options|
|
@@ -21,29 +18,39 @@ OptionParser.new do |options|
|
|
21
18
|
end.parse!
|
22
19
|
|
23
20
|
begin
|
24
|
-
def
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
# version = PWN::VERSION.cyan
|
30
|
-
version = "\001\e[36m\002v#{PWN::VERSION}\001\e[0m\002"
|
31
|
-
# dchars = '>>>'.green
|
32
|
-
dchars = "\001\e[32m\002>>>\001\e[0m\002"
|
33
|
-
# dchars = '***'.yellow if delim == :splat
|
34
|
-
dchars = "\001\e[33m\002***\001\e[0m\002" if delim == :splat
|
35
|
-
|
36
|
-
proc do |_target_self, _nest_level, pry|
|
37
|
-
pry.config.pwn_repl_line += 1
|
21
|
+
def refresh_ps1_proc(opts = {})
|
22
|
+
mode = opts[:mode]
|
23
|
+
|
24
|
+
proc do |_target_self, _nest_level, pi|
|
25
|
+
pi.config.pwn_repl_line += 1
|
38
26
|
line_pad = format(
|
39
27
|
'%0.3d',
|
40
|
-
|
28
|
+
pi.config.pwn_repl_line
|
41
29
|
)
|
42
|
-
|
43
|
-
|
30
|
+
|
31
|
+
pi.config.prompt_name = :pwn
|
32
|
+
name = "\001\e[1m\002\001\e[31m\002#{pi.config.prompt_name}\001\e[0m\002"
|
33
|
+
version = "\001\e[36m\002v#{PWN::VERSION}\001\e[0m\002"
|
34
|
+
line_count = "\001\e[34m\002#{line_pad}\001\e[0m\002"
|
35
|
+
dchars = "\001\e[32m\002>>>\001\e[0m\002"
|
36
|
+
dchars = "\001\e[33m\002***\001\e[0m\002" if mode == :splat
|
37
|
+
if pi.config.chat_gpt
|
38
|
+
pi.config.prompt_name = 'chatGPT.pwn'
|
39
|
+
pi.config.prompt_name = 'SPEAKING.chatGPT.pwn' if pi.config.chat_gpt_speak
|
40
|
+
name = "\001\e[1m\002\001\e[33m\002#{pi.config.prompt_name}\001\e[0m\002"
|
41
|
+
dchars = "\001\e[32m\002>>>\001\e[31m\002"
|
42
|
+
dchars = "\001\e[33m\002***\001\e[31m\002" if mode == :splat
|
43
|
+
if pi.config.chat_gpt_debug
|
44
|
+
dchars = "\001\e[32m\002(DEBUG) >>>\001\e[31m\002"
|
45
|
+
dchars = "\001\e[33m\002(DEBUG) ***\001\e[31m\002" if mode == :splat
|
46
|
+
end
|
47
|
+
end
|
48
|
+
|
49
|
+
"#{name}[#{version}]:#{line_count} #{dchars} ".to_s.scrub
|
44
50
|
end
|
45
51
|
end
|
46
52
|
|
53
|
+
# Pry Monkey Patches \_(oo)_/
|
47
54
|
class Pry
|
48
55
|
# Overwrite Pry::History.push method in History class to get duplicate history entries
|
49
56
|
# in order to properly replay automation in this prototyping driver
|
@@ -66,6 +73,108 @@ begin
|
|
66
73
|
end
|
67
74
|
alias << push
|
68
75
|
end
|
76
|
+
|
77
|
+
def handle_line(line, options)
|
78
|
+
if line.nil?
|
79
|
+
config.control_d_handler.call(self)
|
80
|
+
return
|
81
|
+
end
|
82
|
+
|
83
|
+
ensure_correct_encoding!(line)
|
84
|
+
Pry.history << line unless options[:generated]
|
85
|
+
|
86
|
+
@suppress_output = false
|
87
|
+
inject_sticky_locals!
|
88
|
+
begin
|
89
|
+
unless process_command_safely(line)
|
90
|
+
@eval_string += "#{line.chomp}\n" if !line.empty? || !@eval_string.empty?
|
91
|
+
end
|
92
|
+
rescue RescuableException => e
|
93
|
+
self.last_exception = e
|
94
|
+
result = e
|
95
|
+
|
96
|
+
Pry.critical_section do
|
97
|
+
show_result(result)
|
98
|
+
end
|
99
|
+
return
|
100
|
+
end
|
101
|
+
|
102
|
+
# This hook is supposed to be executed after each line of ruby code
|
103
|
+
# has been read (regardless of whether eval_string is yet a complete expression)
|
104
|
+
exec_hook :after_read, eval_string, self
|
105
|
+
|
106
|
+
begin
|
107
|
+
if config.chat_gpt
|
108
|
+
complete_expr = true
|
109
|
+
@eval_string += ';'
|
110
|
+
else
|
111
|
+
complete_expr = Pry::Code.complete_expression?(@eval_string)
|
112
|
+
end
|
113
|
+
rescue SyntaxError => e
|
114
|
+
output.puts e.message.gsub(/^.*syntax error, */, "SyntaxError: ")
|
115
|
+
reset_eval_string
|
116
|
+
end
|
117
|
+
|
118
|
+
if complete_expr
|
119
|
+
if @eval_string =~ /;\Z/ || @eval_string.empty? || @eval_string =~ /\A *#.*\n\z/
|
120
|
+
@suppress_output = true
|
121
|
+
end
|
122
|
+
|
123
|
+
# A bug in jruby makes java.lang.Exception not rescued by
|
124
|
+
# `rescue Pry::RescuableException` clause.
|
125
|
+
#
|
126
|
+
# * https://github.com/pry/pry/issues/854
|
127
|
+
# * https://jira.codehaus.org/browse/JRUBY-7100
|
128
|
+
#
|
129
|
+
# Until that gets fixed upstream, treat java.lang.Exception
|
130
|
+
# as an additional exception to be rescued explicitly.
|
131
|
+
#
|
132
|
+
# This workaround has a side effect: java exceptions specified
|
133
|
+
# in `Pry.config.unrescued_exceptions` are ignored.
|
134
|
+
jruby_exceptions = []
|
135
|
+
jruby_exceptions << Java::JavaLang::Exception if Helpers::Platform.jruby?
|
136
|
+
|
137
|
+
begin
|
138
|
+
# Reset eval string, in case we're evaluating Ruby that does something
|
139
|
+
# like open a nested REPL on this instance.
|
140
|
+
eval_string = @eval_string
|
141
|
+
reset_eval_string
|
142
|
+
|
143
|
+
result = evaluate_ruby(eval_string)
|
144
|
+
rescue RescuableException, *jruby_exceptions => e
|
145
|
+
# Eliminate following warning:
|
146
|
+
# warning: singleton on non-persistent Java type X
|
147
|
+
# (http://wiki.jruby.org/Persistence)
|
148
|
+
if Helpers::Platform.jruby? && e.class.respond_to?('__persistent__')
|
149
|
+
e.class.__persistent__ = true
|
150
|
+
end
|
151
|
+
self.last_exception = e
|
152
|
+
result = e
|
153
|
+
end
|
154
|
+
|
155
|
+
Pry.critical_section do
|
156
|
+
show_result(result)
|
157
|
+
end
|
158
|
+
end
|
159
|
+
|
160
|
+
throw(:breakout) if current_binding.nil?
|
161
|
+
end
|
162
|
+
|
163
|
+
# Ensure the return value in chat_gpt mode reflects the input
|
164
|
+
def evaluate_ruby(code)
|
165
|
+
if config.chat_gpt
|
166
|
+
result = message = code.to_s
|
167
|
+
return
|
168
|
+
end
|
169
|
+
inject_sticky_locals!
|
170
|
+
exec_hook :before_eval, code, self
|
171
|
+
|
172
|
+
result = current_binding.eval(code, Pry.eval_path, Pry.current_line)
|
173
|
+
set_last_result(result, code)
|
174
|
+
ensure
|
175
|
+
update_input_history(code)
|
176
|
+
exec_hook :after_eval, result, self
|
177
|
+
end
|
69
178
|
end
|
70
179
|
|
71
180
|
# Define Custom REPL Commands
|
@@ -86,42 +195,38 @@ begin
|
|
86
195
|
end
|
87
196
|
end
|
88
197
|
|
89
|
-
Pry::Commands.create_command 'toggle-chatGPT
|
90
|
-
description "
|
198
|
+
Pry::Commands.create_command 'toggle-chatGPT' do
|
199
|
+
description "Interact w/ OpenAI's ChatGPT"
|
91
200
|
|
92
201
|
def process
|
93
202
|
pi = pry_instance
|
94
|
-
pi.config.
|
95
|
-
|
96
|
-
|
203
|
+
pi.config.chat_gpt ? pi.config.chat_gpt = false : pi.config.chat_gpt = true
|
204
|
+
pi.config.color = false if pi.config.chat_gpt
|
205
|
+
pi.config.color = true unless pi.config.chat_gpt
|
97
206
|
end
|
98
207
|
end
|
99
208
|
|
100
|
-
Pry::Commands.create_command 'toggle-chatGPT-
|
101
|
-
description
|
209
|
+
Pry::Commands.create_command 'toggle-chatGPT-debug' do
|
210
|
+
description "Display the response_history object while using OpenAI's ChatGPT."
|
102
211
|
|
103
212
|
def process
|
104
213
|
pi = pry_instance
|
105
|
-
pi.config.
|
106
|
-
print 'ChatGPT Speech Enabled.' if pi.config.chat_gpt_speak
|
107
|
-
puts 'ChatGPT Speech Disabled.' unless pi.config.chat_gpt_speak
|
214
|
+
pi.config.chat_gpt_debug ? pi.config.chat_gpt_debug = false : pi.config.chat_gpt_debug = true
|
108
215
|
end
|
109
216
|
end
|
110
217
|
|
111
|
-
Pry::Commands.create_command 'toggle-chatGPT' do
|
112
|
-
description
|
218
|
+
Pry::Commands.create_command 'toggle-chatGPT-speaks' do
|
219
|
+
description 'Use speech capabilities within PWN to speak OpenAI ChatGPT answers.'
|
113
220
|
|
114
221
|
def process
|
115
222
|
pi = pry_instance
|
116
|
-
pi.config.
|
117
|
-
puts 'ChatGPT Enabled.' if pi.config.chat_gpt
|
118
|
-
puts 'ChatGPT Disabled.' unless pi.config.chat_gpt
|
223
|
+
pi.config.chat_gpt_speak ? pi.config.chat_gpt_speak = false : pi.config.chat_gpt_speak = true
|
119
224
|
end
|
120
225
|
end
|
121
226
|
|
122
227
|
# Define REPL Hooks
|
123
228
|
# Welcome Banner Hook
|
124
|
-
Pry.config.hooks.add_hook(:before_session, :welcome) do |output, _binding,
|
229
|
+
Pry.config.hooks.add_hook(:before_session, :welcome) do |output, _binding, _pi|
|
125
230
|
output.puts PWN::Banner.welcome
|
126
231
|
end
|
127
232
|
|
@@ -134,8 +239,9 @@ begin
|
|
134
239
|
end
|
135
240
|
end
|
136
241
|
|
137
|
-
Pry.config.hooks.add_hook(:
|
138
|
-
if pi.config.chat_gpt && request
|
242
|
+
Pry.config.hooks.add_hook(:after_read, :open_ai_hook) do |request, pi|
|
243
|
+
if pi.config.chat_gpt && !request.chomp.empty?
|
244
|
+
request = pi.input.line_buffer
|
139
245
|
debug = pi.config.chat_gpt_debug
|
140
246
|
token = pi.config.chat_gpt_token
|
141
247
|
token ||= ''
|
@@ -150,13 +256,13 @@ begin
|
|
150
256
|
speak_answer = pi.config.chat_gpt_speak
|
151
257
|
response = PWN::Plugins::OpenAI.chat(
|
152
258
|
token: token,
|
153
|
-
request: request.
|
259
|
+
request: request.chomp,
|
154
260
|
temp: 1,
|
155
261
|
max_tokens: 0,
|
156
262
|
response_history: response_history,
|
157
263
|
speak_answer: speak_answer
|
158
264
|
)
|
159
|
-
puts "\n\n\n#{response[:choices].last[:content]}\n\n\n"
|
265
|
+
puts "\n\n\n\001\e[32m\002#{response[:choices].last[:content]}\001\e[31m\002\n\n\n"
|
160
266
|
|
161
267
|
response_history = {
|
162
268
|
id: response[:id],
|
@@ -167,9 +273,9 @@ begin
|
|
167
273
|
response_history[:choices] ||= response[:choices]
|
168
274
|
|
169
275
|
if debug
|
170
|
-
puts 'DEBUG: response_history
|
276
|
+
puts 'DEBUG: response_history => '
|
171
277
|
pp response_history
|
172
|
-
puts "
|
278
|
+
puts "\nresponse_history[:choices] Length: #{response_history[:choices].length}\n" unless response_history.nil?
|
173
279
|
end
|
174
280
|
pi.config.chat_gpt_response_history = response_history
|
175
281
|
end
|
@@ -177,22 +283,22 @@ begin
|
|
177
283
|
|
178
284
|
# Define PS1 Prompt
|
179
285
|
Pry.config.pwn_repl_line = 0
|
180
|
-
|
181
|
-
|
286
|
+
Pry.config.prompt_name = :pwn
|
287
|
+
arrow_ps1_proc = refresh_ps1_proc
|
288
|
+
splat_ps1_proc = refresh_ps1_proc(mode: :splat)
|
182
289
|
prompt_ps1 = [arrow_ps1_proc, splat_ps1_proc]
|
183
|
-
|
184
|
-
pwn_prompt = Pry::Prompt.new(
|
290
|
+
prompt = Pry::Prompt.new(
|
185
291
|
:pwn,
|
186
292
|
'PWN Prototyping REPL',
|
187
293
|
prompt_ps1
|
188
294
|
)
|
189
295
|
|
190
296
|
# Start PWN REPL
|
191
|
-
Pry.config.prompt_name = :pwn
|
192
297
|
Pry.start(
|
193
298
|
self,
|
194
|
-
prompt:
|
299
|
+
prompt: prompt
|
195
300
|
)
|
196
301
|
rescue StandardError => e
|
302
|
+
puts 1111 if Pry.config.chat_gpt
|
197
303
|
raise e
|
198
304
|
end
|
data/lib/pwn/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: pwn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.4.
|
4
|
+
version: 0.4.649
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- 0day Inc.
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-04-
|
11
|
+
date: 2023-04-21 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|