pwn 0.4.661 → 0.4.663
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +2 -2
- data/bin/pwn_nessus_cloud_vulnscan +2 -1
- data/lib/pwn/plugins/ansible_vault.rb +0 -2
- data/lib/pwn/plugins/baresip.rb +0 -1
- data/lib/pwn/plugins/burp_suite.rb +0 -2
- data/lib/pwn/plugins/char.rb +0 -2
- data/lib/pwn/plugins/fuzz.rb +0 -2
- data/lib/pwn/plugins/log.rb +123 -0
- data/lib/pwn/plugins/open_ai.rb +0 -2
- data/lib/pwn/plugins/pony.rb +0 -1
- data/lib/pwn/plugins/spider.rb +0 -2
- data/lib/pwn/plugins.rb +1 -0
- data/lib/pwn/version.rb +1 -1
- data/spec/lib/pwn/plugins/log_spec.rb +15 -0
- metadata +4 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 9fc057160008602306c98afd5dd5eb649b8d702b304ed885bdf2d7edb4df38be
|
4
|
+
data.tar.gz: dd6ddbea17943b85f834de5677ba316f4d4c36973237ede1c2951d2fdd4b3c3a
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: ef27e033d6dfa1acb58a98c57b49fc79a9d53d7666b79bcf91e6de7ef5359bd748ede77f48e7e0e49eadb8afd946402546bbcc605e702b25b0edbe4a4276003d
|
7
|
+
data.tar.gz: 6e293cc91415495a397ebbbfdd0c73444328cb74a017ac4dac43de8e1cfa811c5cda934b0b49179bad979406c9d9d19a929e19c92130c27995e96cf7140ec30f
|
data/README.md
CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
37
37
|
$ rvm list gemsets
|
38
38
|
$ gem install --verbose pwn
|
39
39
|
$ pwn
|
40
|
-
pwn[v0.4.
|
40
|
+
pwn[v0.4.663]:001 >>> PWN.help
|
41
41
|
```
|
42
42
|
|
43
43
|
[![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
53
53
|
$ gem install --verbose pwn
|
54
54
|
$ pwn
|
55
|
-
pwn[v0.4.
|
55
|
+
pwn[v0.4.663]:001 >>> PWN.help
|
56
56
|
```
|
57
57
|
|
58
58
|
|
@@ -77,7 +77,8 @@ begin
|
|
77
77
|
)
|
78
78
|
|
79
79
|
scan_status = scan_status_resp[:status]
|
80
|
-
break if scan_status != 'initializing' && scan_status != 'pending' && scan_status != 'running'
|
80
|
+
break if scan_status != 'initializing' && scan_status != 'pending' && scan_status != 'running' && scan_status != 'publishing'
|
81
|
+
# break if scan_status == 'completed'
|
81
82
|
end
|
82
83
|
|
83
84
|
raise "Scan status reached an unexpected condition: #{scan_status}. Re-verify the scan config for, '#{scan_name}' and try again." unless scan_status == 'completed'
|
@@ -6,8 +6,6 @@ module PWN
|
|
6
6
|
# Used to encrypt/decrypt configuration files leveraging AES256
|
7
7
|
# (ansible-vault utility wrapper)
|
8
8
|
module AnsibleVault
|
9
|
-
@@logger = PWN::Plugins::PWNLogger.create
|
10
|
-
|
11
9
|
# Supported Method Parameters::
|
12
10
|
# PWN::Plugins::AnsibleVault.encrypt(
|
13
11
|
# yaml_config: 'required - yaml config to encrypt',
|
data/lib/pwn/plugins/baresip.rb
CHANGED
@@ -14,8 +14,6 @@ module PWN
|
|
14
14
|
# browser_type: 'optional - defaults to :firefox. See PWN::Plugins::TransparentBrowser.help for a list of types',
|
15
15
|
# )
|
16
16
|
|
17
|
-
@@logger = PWN::Plugins::PWNLogger.create
|
18
|
-
|
19
17
|
public_class_method def self.start(opts = {})
|
20
18
|
burp_jar_path = opts[:burp_jar_path]
|
21
19
|
raise 'Invalid path to burp jar file. Please check your spelling and try again.' unless File.exist?(burp_jar_path)
|
data/lib/pwn/plugins/char.rb
CHANGED
@@ -7,8 +7,6 @@ module PWN
|
|
7
7
|
module Plugins
|
8
8
|
# This plugin was created to generate various characters for fuzzing
|
9
9
|
module Char
|
10
|
-
@@logger = PWN::Plugins::PWNLogger.create
|
11
|
-
|
12
10
|
# Supported Method Parameters::
|
13
11
|
# PWN::Plugins::Char.generate_by_range(
|
14
12
|
# from: 'required - integer to start from',
|
data/lib/pwn/plugins/fuzz.rb
CHANGED
@@ -8,8 +8,6 @@ module PWN
|
|
8
8
|
module Plugins
|
9
9
|
# This plugin was created to support fuzzing various networking protocols
|
10
10
|
module Fuzz
|
11
|
-
@@logger = PWN::Plugins::PWNLogger.create
|
12
|
-
|
13
11
|
# Supported Method Parameters::
|
14
12
|
# socket_fuzz_results_arr = PWN::Plugins::Fuzz.socket(
|
15
13
|
# target: 'required - target host or ip',
|
@@ -0,0 +1,123 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'json'
|
4
|
+
require 'logger'
|
5
|
+
require 'securerandom'
|
6
|
+
|
7
|
+
module PWN
|
8
|
+
module Plugins
|
9
|
+
# This plugin is used to instantiate a PWN logger with a custom message format
|
10
|
+
module Log
|
11
|
+
# Supported Method Parameters::
|
12
|
+
# PWN::Log.create(
|
13
|
+
# )
|
14
|
+
public_class_method def self.append(opts = {})
|
15
|
+
level = opts[:level].to_s.downcase.to_sym
|
16
|
+
msg = opts[:msg]
|
17
|
+
which_self = opts[:which_self].to_s
|
18
|
+
|
19
|
+
driver_name = File.basename($PROGRAM_NAME)
|
20
|
+
|
21
|
+
# Only attempt to exit gracefully if level == :error
|
22
|
+
exit_gracefully = false
|
23
|
+
|
24
|
+
# Define Date / Time Format
|
25
|
+
datetime_str = '%Y-%m-%d %H:%M:%S.%N%z'
|
26
|
+
|
27
|
+
# Always append to log file
|
28
|
+
if level == :learning
|
29
|
+
session = SecureRandom.hex
|
30
|
+
log_file_path = "/tmp/pwn-ai-#{session}.json" if level == :learning
|
31
|
+
log_file = File.open(log_file_path, 'w')
|
32
|
+
else
|
33
|
+
log_file_path = '/tmp/pwn.log'
|
34
|
+
log_file = File.open(log_file_path, 'a')
|
35
|
+
end
|
36
|
+
|
37
|
+
# Leave 10 "old" log files where
|
38
|
+
# each file is ~ 1,024,000 bytes
|
39
|
+
logger = Logger.new(
|
40
|
+
log_file,
|
41
|
+
10,
|
42
|
+
1_024_000
|
43
|
+
)
|
44
|
+
logger.datetime_format = datetime_str
|
45
|
+
|
46
|
+
case level
|
47
|
+
when :debug
|
48
|
+
logger.level = Logger::DEBUG
|
49
|
+
when :error
|
50
|
+
logger.level = Logger::ERROR
|
51
|
+
exit_gracefully = true unless driver_name == 'pwn'
|
52
|
+
puts "\nERROR: See #{log_file_path} for more details." if driver_name == 'pwn'
|
53
|
+
when :fatal
|
54
|
+
logger.level = Logger::FATAL
|
55
|
+
if driver_name == 'pwn'
|
56
|
+
puts "\n FATAL ERROR: See #{log_file_path} for more details."
|
57
|
+
end
|
58
|
+
when :info, :learning
|
59
|
+
logger.level = Logger::INFO
|
60
|
+
when :unknown
|
61
|
+
logger.level = Logger::UNKNOWN
|
62
|
+
when :warn
|
63
|
+
logger.level = Logger::WARN
|
64
|
+
else
|
65
|
+
level_error = "ERROR: Invalid log level. Valid options are:\n"
|
66
|
+
level_error += ":debug\n:error\n:fatal\n:info\n:learning\n:unknown\n:warn\n"
|
67
|
+
raise level_error
|
68
|
+
end
|
69
|
+
|
70
|
+
if level == :learning
|
71
|
+
log_event = msg
|
72
|
+
logger.formatter = proc do |_severity, _datetime, _progname, learning_arr|
|
73
|
+
JSON.pretty_generate(
|
74
|
+
learning_data: learning_arr
|
75
|
+
)
|
76
|
+
end
|
77
|
+
else
|
78
|
+
log_event = "driver: #{driver_name}"
|
79
|
+
|
80
|
+
if msg.instance_of?(Interrupt)
|
81
|
+
logger.level = Logger::WARN
|
82
|
+
if driver_name == 'pwn'
|
83
|
+
log_event += ' => CTRL+C Detected.'
|
84
|
+
else
|
85
|
+
log_event += ' => CTRL+C Detected...Exiting Session.'
|
86
|
+
exit_gracefully = true unless driver_name == 'pwn'
|
87
|
+
end
|
88
|
+
else
|
89
|
+
log_event += " => #{msg}"
|
90
|
+
if msg.respond_to?('backtrace') && !msg.instance_of?(Errno::ECONNRESET)
|
91
|
+
log_event += " => \n\t#{msg.backtrace.join("\n\t")}"
|
92
|
+
log_event += "\n\n\n"
|
93
|
+
end
|
94
|
+
end
|
95
|
+
end
|
96
|
+
|
97
|
+
logger.add(logger.level, log_event, which_self)
|
98
|
+
rescue Interrupt, StandardError => e
|
99
|
+
raise e
|
100
|
+
end
|
101
|
+
|
102
|
+
# Author(s):: 0day Inc. <request.pentest@0dayinc.com>
|
103
|
+
|
104
|
+
public_class_method def self.authors
|
105
|
+
"AUTHOR(S):
|
106
|
+
0day Inc. <request.pentest@0dayinc.com>
|
107
|
+
"
|
108
|
+
end
|
109
|
+
|
110
|
+
# Display Usage for this Module
|
111
|
+
|
112
|
+
public_class_method def self.help
|
113
|
+
puts "USAGE:
|
114
|
+
logger = #{self}.append(
|
115
|
+
level: 'required - log verbosity :debug|:error|:fatal|:info|:learning|:unknown|:warn',
|
116
|
+
msg: 'required - message to log',
|
117
|
+
which_self: 'required - pass in self object from module calling #{self}'
|
118
|
+
)
|
119
|
+
"
|
120
|
+
end
|
121
|
+
end
|
122
|
+
end
|
123
|
+
end
|
data/lib/pwn/plugins/open_ai.rb
CHANGED
@@ -11,8 +11,6 @@ module PWN
|
|
11
11
|
# This is based on the following OpenAI API Specification:
|
12
12
|
# https://api.openai.com/v1
|
13
13
|
module OpenAI
|
14
|
-
@@logger = PWN::Plugins::PWNLogger.create
|
15
|
-
|
16
14
|
# Supported Method Parameters::
|
17
15
|
# open_ai_rest_call(
|
18
16
|
# token: 'required - open_ai bearer token',
|
data/lib/pwn/plugins/pony.rb
CHANGED
@@ -10,7 +10,6 @@ module PWN
|
|
10
10
|
# This module's purpose is to exist until the necessary
|
11
11
|
# functionality can be integrated into PWN::Plugins::MailAgent
|
12
12
|
module Pony
|
13
|
-
@@logger = PWN::Plugins::PWNLogger.create
|
14
13
|
@@options = {}
|
15
14
|
@@override_options = {}
|
16
15
|
@@subject_prefix = false
|
data/lib/pwn/plugins/spider.rb
CHANGED
@@ -13,8 +13,6 @@ module PWN
|
|
13
13
|
# proxy: 'optional - proxy to spider through e.g. http://127.0.0.1:8080'
|
14
14
|
# )
|
15
15
|
|
16
|
-
@@logger = PWN::Plugins::PWNLogger.create
|
17
|
-
|
18
16
|
public_class_method def self.crawl(opts = {})
|
19
17
|
# TODO: Add AuthN Support
|
20
18
|
# FYI: Anemone very well may have a memory leak.
|
data/lib/pwn/plugins.rb
CHANGED
@@ -33,6 +33,7 @@ module PWN
|
|
33
33
|
autoload :Jenkins, 'pwn/plugins/jenkins'
|
34
34
|
autoload :JiraServer, 'pwn/plugins/jira_server'
|
35
35
|
autoload :JSONPathify, 'pwn/plugins/json_pathify'
|
36
|
+
autoload :Log, 'pwn/plugins/log'
|
36
37
|
autoload :MailAgent, 'pwn/plugins/mail_agent'
|
37
38
|
autoload :Metasploit, 'pwn/plugins/metasploit'
|
38
39
|
autoload :MSR206, 'pwn/plugins/msr206'
|
data/lib/pwn/version.rb
CHANGED
@@ -0,0 +1,15 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'spec_helper'
|
4
|
+
|
5
|
+
describe PWN::Plugins::Log do
|
6
|
+
it 'should display information for authors' do
|
7
|
+
authors_response = PWN::Plugins::Log
|
8
|
+
expect(authors_response).to respond_to :authors
|
9
|
+
end
|
10
|
+
|
11
|
+
it 'should display information for existing help method' do
|
12
|
+
help_response = PWN::Plugins::Log
|
13
|
+
expect(help_response).to respond_to :help
|
14
|
+
end
|
15
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: pwn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.4.
|
4
|
+
version: 0.4.663
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- 0day Inc.
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-
|
11
|
+
date: 2023-05-01 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|
@@ -1657,6 +1657,7 @@ files:
|
|
1657
1657
|
- lib/pwn/plugins/jenkins.rb
|
1658
1658
|
- lib/pwn/plugins/jira_server.rb
|
1659
1659
|
- lib/pwn/plugins/json_pathify.rb
|
1660
|
+
- lib/pwn/plugins/log.rb
|
1660
1661
|
- lib/pwn/plugins/mail_agent.rb
|
1661
1662
|
- lib/pwn/plugins/metasploit.rb
|
1662
1663
|
- lib/pwn/plugins/msr206.rb
|
@@ -1964,6 +1965,7 @@ files:
|
|
1964
1965
|
- spec/lib/pwn/plugins/jenkins_spec.rb
|
1965
1966
|
- spec/lib/pwn/plugins/jira_server_spec.rb
|
1966
1967
|
- spec/lib/pwn/plugins/json_pathify_spec.rb
|
1968
|
+
- spec/lib/pwn/plugins/log_spec.rb
|
1967
1969
|
- spec/lib/pwn/plugins/mail_agent_spec.rb
|
1968
1970
|
- spec/lib/pwn/plugins/metasploit_spec.rb
|
1969
1971
|
- spec/lib/pwn/plugins/msr206_spec.rb
|