pwn 0.4.671 → 0.4.672
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +2 -2
- data/bin/pwn_nmap_discover_tcp_udp +31 -5
- data/lib/pwn/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 9c947c88a2f7794cdb7116df8766315e92e2beed8d2911998848ef522d065174
|
|
4
|
+
data.tar.gz: e04d20bc854c1f8e39fba70bd70c9da49623b1242a05a667886914bff1658186
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 3c79d2adde425d48c119519c791376ac73ab5b30d2de7018b5fc0efc58ae28d1ca7c9c7d1d0adde3532ce9708c67c02054428d0beedf99058717a261412a4f3c
|
|
7
|
+
data.tar.gz: 98197ecaf90a52bf701faf8c96005eff4dc142682e2c0a8ae00ea7eea93dadfd3cdc1c1bad5119613eecb343532438935e73d7a272927322af8f77ea20455b7f
|
data/README.md
CHANGED
|
@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
|
37
37
|
$ rvm list gemsets
|
|
38
38
|
$ gem install --verbose pwn
|
|
39
39
|
$ pwn
|
|
40
|
-
pwn[v0.4.
|
|
40
|
+
pwn[v0.4.672]:001 >>> PWN.help
|
|
41
41
|
```
|
|
42
42
|
|
|
43
43
|
[](https://youtu.be/G7iLUY4FzsI)
|
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
|
53
53
|
$ gem install --verbose pwn
|
|
54
54
|
$ pwn
|
|
55
|
-
pwn[v0.4.
|
|
55
|
+
pwn[v0.4.672]:001 >>> PWN.help
|
|
56
56
|
```
|
|
57
57
|
|
|
58
58
|
|
|
@@ -2,7 +2,6 @@
|
|
|
2
2
|
# frozen_string_literal: false
|
|
3
3
|
|
|
4
4
|
require 'optparse'
|
|
5
|
-
require 'nokogiri'
|
|
6
5
|
require 'pwn'
|
|
7
6
|
|
|
8
7
|
opts = {}
|
|
@@ -42,7 +41,7 @@ with_tor = true if opts[:with_tor]
|
|
|
42
41
|
with_tor ||= false
|
|
43
42
|
if with_tor
|
|
44
43
|
tor_obj = PWN::Plugins::Tor.start
|
|
45
|
-
proxy = "socks4://#{tor_obj[:ip]}:#{tor_obj[:port]}"
|
|
44
|
+
proxy = ["socks4://#{tor_obj[:ip]}:#{tor_obj[:port]}"]
|
|
46
45
|
end
|
|
47
46
|
|
|
48
47
|
File.new(exclude_file, 'w') unless File.exist?(exclude_file)
|
|
@@ -106,11 +105,29 @@ latest_tcp_results = "#{nmap_results_root}/nmap_latest_tcp_results"
|
|
|
106
105
|
latest_udp_results = "#{nmap_results_root}/nmap_latest_udp_results"
|
|
107
106
|
|
|
108
107
|
begin
|
|
108
|
+
# Per man nmap:
|
|
109
|
+
# The main effects of T0 are serializing the scan so only one port
|
|
110
|
+
# is scanned at a time, and waiting five minutes between sending
|
|
111
|
+
# each probe.
|
|
112
|
+
# T1 and T2 are similar but they only wait 15 seconds and 0.4 seconds,
|
|
113
|
+
# respectively, between probes.
|
|
114
|
+
# T3 is Nmap's default behavior, which includes parallelization.
|
|
115
|
+
# T4 does the equivalent of --max-rtt-timeout 1250ms --min-rtt-timeout 100ms
|
|
116
|
+
# --initial-rtt-timeout 500ms --max-retries 6 and sets the maximum TCP and
|
|
117
|
+
# SCTP scan delay to 10ms.
|
|
118
|
+
# T5 does the equivalent of --max-rtt-timeout 300ms --min-rtt-timeout 50ms
|
|
119
|
+
# --initial-rtt-timeout 250ms --max-retries 2 --host-timeout 15m
|
|
120
|
+
# --script-timeout 10m --max-scan-delay as well as setting the maximum TCP
|
|
121
|
+
# and SCTP scan delay to 5ms. Maximum UDP scan delay is not set by T4 or T5,
|
|
122
|
+
# but it can be set with the --max-scan-delay option.
|
|
123
|
+
|
|
109
124
|
# Target Discovery Scan
|
|
125
|
+
# Using -T5 template to reduce number of
|
|
126
|
+
# retransmission attempts on filtered ports.
|
|
110
127
|
PWN::Plugins::NmapIt.port_scan do |nmap|
|
|
111
128
|
nmap.exclude_file = exclude_file
|
|
112
129
|
nmap.interface = interface
|
|
113
|
-
nmap.
|
|
130
|
+
nmap.insane_timing = true
|
|
114
131
|
nmap.ping = true
|
|
115
132
|
nmap.arp_ping = true
|
|
116
133
|
nmap.icmp_echo_discovery = true
|
|
@@ -121,6 +138,7 @@ begin
|
|
|
121
138
|
nmap.sctp_init_ping = discovery_ports.values
|
|
122
139
|
nmap.output_all = latest_discovery_results
|
|
123
140
|
nmap.targets = ip_range
|
|
141
|
+
nmap.randomize_hosts = true
|
|
124
142
|
nmap.proxies = proxy if with_tor
|
|
125
143
|
end
|
|
126
144
|
|
|
@@ -135,19 +153,24 @@ begin
|
|
|
135
153
|
end
|
|
136
154
|
end
|
|
137
155
|
end
|
|
156
|
+
sorted_targets = File.readlines(target_file).sort.join
|
|
157
|
+
File.write(target_file, sorted_targets)
|
|
138
158
|
|
|
139
159
|
# Switch Tor Exit Node if with_tor
|
|
140
160
|
PWN::Plugins::Tor.switch_exit_node(tor_obj: tor_obj) if with_tor
|
|
141
161
|
|
|
142
162
|
# TCP Scan
|
|
163
|
+
# Using -T5 template to reduce number of
|
|
164
|
+
# retransmission attempts on filtered ports.
|
|
143
165
|
PWN::Plugins::NmapIt.port_scan do |nmap|
|
|
144
166
|
nmap.target_file = target_file
|
|
167
|
+
nmap.randomize_hosts = true
|
|
145
168
|
nmap.show_reason = true
|
|
146
169
|
nmap.exclude_file = exclude_file
|
|
147
170
|
nmap.interface = interface
|
|
148
171
|
nmap.min_host_group = 3
|
|
149
172
|
nmap.host_timeout = '999m'
|
|
150
|
-
nmap.
|
|
173
|
+
nmap.insane_timing = true
|
|
151
174
|
nmap.skip_discovery = true
|
|
152
175
|
nmap.syn_scan = true
|
|
153
176
|
nmap.default_script = true
|
|
@@ -166,14 +189,17 @@ begin
|
|
|
166
189
|
PWN::Plugins::Tor.switch_exit_node(tor_obj: tor_obj) if with_tor
|
|
167
190
|
|
|
168
191
|
# UDP Scan
|
|
192
|
+
# Using -T5 template to reduce number of
|
|
193
|
+
# retransmission attempts on filtered ports.
|
|
169
194
|
PWN::Plugins::NmapIt.port_scan do |nmap|
|
|
170
195
|
nmap.target_file = target_file
|
|
196
|
+
nmap.randomize_hosts = true
|
|
171
197
|
nmap.show_reason = true
|
|
172
198
|
nmap.exclude_file = exclude_file
|
|
173
199
|
nmap.interface = interface
|
|
174
200
|
nmap.min_host_group = 3
|
|
175
201
|
nmap.host_timeout = '999m'
|
|
176
|
-
nmap.
|
|
202
|
+
nmap.insane_timing = true
|
|
177
203
|
nmap.skip_discovery = true
|
|
178
204
|
nmap.udp_scan = true
|
|
179
205
|
nmap.default_script = true
|
data/lib/pwn/version.rb
CHANGED