pwn 0.4.673 → 0.4.675

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 66259ccdc59be89f796f56e88a20f9eb5bef320c46a4b7fc268b62f664e50c6e
4
- data.tar.gz: 162ad18b794121a96802d6f5de739b4fc22eb8c0dda0a780fc6144fedc107af3
3
+ metadata.gz: b3988112277371e7f9cafefa42d88f325db8c58a97ab35d20c2d65fde2c3bacf
4
+ data.tar.gz: b6eb594719ebab68d095d072391ddd9b747f27286cda0e30906083acf3f457ed
5
5
  SHA512:
6
- metadata.gz: 2e6515b72bf8b01805b50cc9e5bb701edf2fb725182c1a1c425188e8d2542badd19cd93cbdf4c358fc2c2cfcb9c49341b4322cc76d596a200548eebe73c4ffd4
7
- data.tar.gz: 846a1b1ca1f1ef9bc2affdb57ea1accf45f210e86085da968b54d01e45e9f6d6103f8108a7ef7a2888f4ebadd57988f68afafea86925f8c7c4867915388c36a7
6
+ metadata.gz: 3d9c197e9286753124276f6a355d16f9edcf0b6ef85a1f2202f102bfdd862dea76f7e7892db911845d2b02622f9fd07dfbd32010b7944b211130273e7035abf5
7
+ data.tar.gz: a8a8a5061682887c2e2d5a4661685c731d0c6206691bfa0e483b076db6e0e9d67d324f8a90fee8768fe3e3f6f01f092cd49018352ce48c1f5ea954aefc678b1c
data/Gemfile CHANGED
@@ -66,7 +66,7 @@ gem 'rspec', '3.12.0'
66
66
  gem 'rtesseract', '3.1.2'
67
67
  gem 'rubocop', '1.50.2'
68
68
  gem 'rubocop-rake', '0.6.0'
69
- gem 'rubocop-rspec', '2.20.0'
69
+ gem 'rubocop-rspec', '2.21.0'
70
70
  gem 'ruby-audio', '1.6.1'
71
71
  gem 'ruby-nmap', '1.0.1'
72
72
  gem 'ruby-saml', '1.15.0'
data/README.md CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
37
37
  $ rvm list gemsets
38
38
  $ gem install --verbose pwn
39
39
  $ pwn
40
- pwn[v0.4.673]:001 >>> PWN.help
40
+ pwn[v0.4.675]:001 >>> PWN.help
41
41
  ```
42
42
 
43
43
  [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
52
52
  $ gem uninstall --all --executables pwn
53
53
  $ gem install --verbose pwn
54
54
  $ pwn
55
- pwn[v0.4.673]:001 >>> PWN.help
55
+ pwn[v0.4.675]:001 >>> PWN.help
56
56
  ```
57
57
 
58
58
 
@@ -3,6 +3,7 @@
3
3
 
4
4
  require 'optparse'
5
5
  require 'pwn'
6
+ require 'time'
6
7
 
7
8
  opts = {}
8
9
  OptionParser.new do |options|
@@ -10,8 +11,8 @@ OptionParser.new do |options|
10
11
  #{$PROGRAM_NAME} [opts]
11
12
  "
12
13
 
13
- options.on('-IRANGE', '--ip-range=RANGE', '<Required - nmap supported ip range e.g. 192.168.1.1-20, 192.168.1.0/24, etc>') do |i|
14
- opts[:ip_range] = i
14
+ options.on('-tRANGE', '--target-range=RANGE', '<Required - nmap supported host || ip range e.g. foo.bar, 192.168.1.1-20, 192.168.1.0/24, etc>') do |t|
15
+ opts[:target_range] = t
15
16
  end
16
17
 
17
18
  options.on('-eFILE', '--target-exclude-file=FILE', '<Optional - nmap excludes file>') do |e|
@@ -32,7 +33,13 @@ if opts.empty?
32
33
  exit 1
33
34
  end
34
35
 
35
- ip_range = opts[:ip_range]
36
+ ftimestr = '%Y-%m-%d %H:%M:%S.%N%z'
37
+ started_at = Time.now.strftime(ftimestr)
38
+ banner = '-' * 64
39
+ puts "\n\n\n#{banner}"
40
+ puts "- STARTED: #{started_at} "
41
+
42
+ target_range = opts[:target_range]
36
43
  exclude_file = opts[:exclude_file]
37
44
  exclude_file ||= '/tmp/nmap_targets_exclude.txt'
38
45
  interface = opts[:interface]
@@ -49,28 +56,24 @@ nmap_results_root = File.dirname(exclude_file)
49
56
  FileUtils.mkdir_p nmap_results_root
50
57
  puts "nmap Results Saved in: #{nmap_results_root}"
51
58
 
52
- discovery_ports = {
59
+ discovery_tcp_ports = {
53
60
  ftp: 21,
54
61
  ssh: 22,
55
62
  telnet: 23,
56
63
  smtp: 25,
57
- dns: 53,
58
64
  http: 80,
59
65
  pop3: 110,
60
- rpc: 111,
61
66
  ident: 113,
62
- ntp: 123,
67
+ msrpc: 135,
63
68
  netbios_name_service: 137,
64
69
  netbios_session_service: 139,
65
70
  imap: 143,
66
- snmp: 161,
67
71
  ldap: 389,
68
72
  https: 443,
69
73
  smb: 445,
70
74
  smtps: 465,
71
75
  remote_process: 512,
72
76
  login: 513,
73
- rsh: 514,
74
77
  ldaps: 636,
75
78
  rsync: 873,
76
79
  imaps: 993,
@@ -84,13 +87,12 @@ discovery_ports = {
84
87
  rdp: 3389,
85
88
  meterpreter: 4444,
86
89
  upnp: 5000,
87
- sip: 5060,
88
90
  postgres: 5432,
89
91
  postgres_alt: 5433,
90
92
  amqp: 5672,
91
93
  vnc: 5900,
92
94
  vncs: 5901,
93
- xfree86: 6000,
95
+ x11: 6000,
94
96
  irc: 6667,
95
97
  http_alt: 8080,
96
98
  https_alt: 8443,
@@ -99,10 +101,34 @@ discovery_ports = {
99
101
  http_alt4: 9999
100
102
  }
101
103
 
104
+ discovery_udp_ports = {
105
+ dns: 53,
106
+ dhcp: 67,
107
+ dhcp_client: 68,
108
+ tftp: 69,
109
+ nfs: 111,
110
+ ntp: 123,
111
+ snmp: 161,
112
+ snmp_traps: 162,
113
+ syslog: 514,
114
+ rip: 520,
115
+ iax: 4569,
116
+ sip: 5060,
117
+ mdns: 5353
118
+ }
119
+
120
+ discovery_sctp_ports = {
121
+ sigtran: 2905,
122
+ stl: 5000,
123
+ sap: 5004,
124
+ turn_ip: 5766,
125
+ sicc: 38_412
126
+ }
127
+
102
128
  target_file = "#{nmap_results_root}/nmap_targets.txt"
103
- latest_discovery_results = "#{nmap_results_root}/nmap_latest_discovery_results"
104
- latest_tcp_results = "#{nmap_results_root}/nmap_latest_tcp_results"
105
- latest_udp_results = "#{nmap_results_root}/nmap_latest_udp_results"
129
+ latest_discovery_results = "#{nmap_results_root}/nmap_discovery_results.xml"
130
+ latest_tcp_results = "#{nmap_results_root}/nmap_tcp_results"
131
+ latest_udp_results = "#{nmap_results_root}/nmap_udp_results"
106
132
 
107
133
  begin
108
134
  # Per man nmap:
@@ -124,7 +150,10 @@ begin
124
150
  # Target Discovery Scan
125
151
  # Using -T5 template to reduce number of
126
152
  # retransmission attempts on filtered ports.
153
+ puts "\n\n\n#{banner}"
154
+ puts '- PHASE 1: Target Discovery'
127
155
  PWN::Plugins::NmapIt.port_scan do |nmap|
156
+ nmap.verbose = true
128
157
  nmap.exclude_file = exclude_file
129
158
  nmap.interface = interface
130
159
  nmap.insane_timing = true
@@ -132,13 +161,16 @@ begin
132
161
  nmap.arp_ping = true
133
162
  nmap.icmp_echo_discovery = true
134
163
  nmap.icmp_timestamp_discovery = true
135
- nmap.syn_discovery = discovery_ports.values
136
- nmap.ack_discovery = discovery_ports.values
137
- nmap.udp_discovery = discovery_ports.values
138
- nmap.sctp_init_ping = discovery_ports.values
139
- nmap.output_all = latest_discovery_results
140
- nmap.targets = ip_range
164
+ nmap.syn_discovery = discovery_tcp_ports.values
165
+ nmap.ack_discovery = discovery_tcp_ports.values
166
+ nmap.udp_discovery = discovery_udp_ports.values
167
+ nmap.sctp_init_ping = discovery_sctp_ports.values
168
+ nmap.output_xml = latest_discovery_results
169
+ nmap.targets = target_range
141
170
  nmap.randomize_hosts = true
171
+ nmap.min_parallelism = 36
172
+ nmap.max_retries = 3
173
+ nmap.max_scan_delay = 3
142
174
  nmap.proxies = proxy if with_tor
143
175
  end
144
176
 
@@ -146,69 +178,89 @@ begin
146
178
  # taking into consideration IPs to skip scans
147
179
  File.open(target_file, 'w') do |f|
148
180
  PWN::Plugins::NmapIt.parse_xml_results(
149
- xml_file: "#{latest_discovery_results}.xml"
181
+ xml_file: latest_discovery_results
150
182
  ) do |xml|
151
183
  xml.each_host do |host|
152
- f.puts host.ip unless File.read(exclude_file).include?(host.ip)
184
+ next unless File.read(exclude_file).include?(host.ip)
185
+
186
+ hosts_arr = host.hostnames.map { |h| h[:name] }
187
+ f.print host.ip
188
+ f.puts " # { \"hostnames\": #{hosts_arr}}, \"mac\": \"#{host.mac}\" }"
153
189
  end
154
190
  end
155
191
  end
192
+
193
+ # Produce a good targets.txt redacting duplicates
156
194
  sorted_targets = File.readlines(target_file).sort.join
157
195
  File.write(target_file, sorted_targets)
158
196
 
159
197
  # Switch Tor Exit Node if with_tor
160
- PWN::Plugins::Tor.switch_exit_node(tor_obj: tor_obj) if with_tor
198
+ if with_tor
199
+ puts "\n\n\n#{banner}"
200
+ puts '- INFO: Switching to Clean Tor Circuit...'
201
+ PWN::Plugins::Tor.switch_exit_node(tor_obj: tor_obj)
202
+ end
161
203
 
162
204
  # TCP Scan
163
205
  # Using -T5 template to reduce number of
164
206
  # retransmission attempts on filtered ports.
207
+ puts "\n\n\n#{banner}"
208
+ puts '- PHASE 2: TCP Port Scanning'
165
209
  PWN::Plugins::NmapIt.port_scan do |nmap|
210
+ nmap.verbose = true
166
211
  nmap.target_file = target_file
167
212
  nmap.randomize_hosts = true
168
213
  nmap.show_reason = true
169
214
  nmap.exclude_file = exclude_file
170
215
  nmap.interface = interface
171
- nmap.min_host_group = 3
172
- nmap.host_timeout = '999m'
216
+ nmap.min_host_group = 9
217
+ nmap.host_timeout = '36m'
173
218
  nmap.insane_timing = true
174
219
  nmap.skip_discovery = true
175
220
  nmap.syn_scan = true
176
221
  nmap.default_script = true
177
222
  nmap.update_scriptdb = true
178
- nmap.service_scan = true
179
- nmap.os_fingerprint = true
180
- nmap.verbose = true
181
- nmap.all = true
182
223
  nmap.ports = [1..65_535]
183
224
  nmap.output_all = latest_tcp_results
225
+ nmap.min_parallelism = 36
226
+ nmap.max_retries = 3
227
+ nmap.max_scan_delay = 3
184
228
  nmap.proxies = proxy if with_tor
185
229
  end
186
230
  FileUtils.cp("#{latest_tcp_results}.nmap", "#{latest_tcp_results}.txt")
187
231
 
188
232
  # Switch Tor Exit Node if with_tor
189
- PWN::Plugins::Tor.switch_exit_node(tor_obj: tor_obj) if with_tor
233
+ if with_tor
234
+ puts "\n\n\n#{banner}"
235
+ puts '- INFO: Switching to Clean Tor Circuit...'
236
+ PWN::Plugins::Tor.switch_exit_node(tor_obj: tor_obj)
237
+ end
190
238
 
191
239
  # UDP Scan
192
240
  # Using -T5 template to reduce number of
193
241
  # retransmission attempts on filtered ports.
242
+ puts "\n\n\n#{banner}"
243
+ puts '- PHASE 3: UDP Port Scanning'
194
244
  PWN::Plugins::NmapIt.port_scan do |nmap|
245
+ nmap.verbose = true
195
246
  nmap.target_file = target_file
247
+ nmap.fast = true
196
248
  nmap.randomize_hosts = true
197
249
  nmap.show_reason = true
198
250
  nmap.exclude_file = exclude_file
199
251
  nmap.interface = interface
200
- nmap.min_host_group = 3
201
- nmap.host_timeout = '999m'
252
+ nmap.min_host_group = 9
253
+ nmap.host_timeout = '3m'
202
254
  nmap.insane_timing = true
203
255
  nmap.skip_discovery = true
204
256
  nmap.udp_scan = true
205
- nmap.default_script = true
206
- nmap.update_scriptdb = true
207
- nmap.service_scan = true
208
- nmap.os_fingerprint = true
209
- nmap.verbose = true
210
- nmap.all = true
257
+ nmap.default_script = true unless with_tor
258
+ nmap.update_scriptdb = true unless with_tor
211
259
  nmap.output_all = latest_udp_results
260
+ nmap.min_parallelism = 36
261
+ nmap.max_retries = 0
262
+ nmap.max_scan_delay = 3
263
+ nmap.data_length = Random.rand(1..256)
212
264
  nmap.proxies = proxy if with_tor
213
265
  end
214
266
  FileUtils.cp("#{latest_udp_results}.nmap", "#{latest_udp_results}.txt")
@@ -218,4 +270,15 @@ rescue StandardError => e
218
270
  raise e
219
271
  ensure
220
272
  tor_obj = PWN::Plugins::Tor.stop(tor_obj: tor_obj) if with_tor
273
+ ended_at = Time.now.strftime(ftimestr)
274
+ puts "\n\n\n#{banner}"
275
+ puts "- ENDED: #{ended_at}"
276
+
277
+ started_at_parse = Time.parse(started_at)
278
+ ended_at_parse = Time.parse(ended_at)
279
+ elapsed_in_seconds = (ended_at_parse - started_at_parse).to_f
280
+ fmt_elapsed_in_seconds = format('%0.2f', elapsed_in_seconds)
281
+ puts "\n\n\n#{banner}"
282
+ puts "- SCAN COMPLETE! DURATION: #{fmt_elapsed_in_seconds} seconds"
283
+ puts banner
221
284
  end
data/lib/pwn/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module PWN
4
- VERSION = '0.4.673'
4
+ VERSION = '0.4.675'
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pwn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.673
4
+ version: 0.4.675
5
5
  platform: ruby
6
6
  authors:
7
7
  - 0day Inc.
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-05-04 00:00:00.000000000 Z
11
+ date: 2023-05-05 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -786,14 +786,14 @@ dependencies:
786
786
  requirements:
787
787
  - - '='
788
788
  - !ruby/object:Gem::Version
789
- version: 2.20.0
789
+ version: 2.21.0
790
790
  type: :runtime
791
791
  prerelease: false
792
792
  version_requirements: !ruby/object:Gem::Requirement
793
793
  requirements:
794
794
  - - '='
795
795
  - !ruby/object:Gem::Version
796
- version: 2.20.0
796
+ version: 2.21.0
797
797
  - !ruby/object:Gem::Dependency
798
798
  name: ruby-audio
799
799
  requirement: !ruby/object:Gem::Requirement