pwn 0.4.696 → 0.4.698

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +1 -0
  3. data/README.md +2 -2
  4. data/bin/pwn_diff_xml_files +1 -1
  5. data/lib/pwn/plugins/tor.rb +13 -1
  6. data/lib/pwn/version.rb +1 -1
  7. metadata +16 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 66aee2138bf202f3b99faf9cc3bf56750182f36d89d71447cfbdda6e0702026a
4
- data.tar.gz: 2d946d1912aae2ca9b3fc5391352bfc97e111cb2f2c90893b5e9248d74115f11
3
+ metadata.gz: 1876724f8a6e17d3f41247dc8bc4daea0f8fadaf433a99883ed67b016c45205d
4
+ data.tar.gz: f5f93dd5ed24f7d8e3d880bcd05d183d3105c10f3515302cf88a8db256e5fdf1
5
5
  SHA512:
6
- metadata.gz: deea47f668aea2aacf2821a3486951a4822559d9d203607bcc138f4749f5e3892c220580a4ab42e8b48cdacc17d57ee72ebc24abc9efbdcf965eb424711801cc
7
- data.tar.gz: 47cf1252ffd1f3ce058c8f98f72f7f7411789d3780137566f8e1289be2a21339fd8ca2d7397fe3316373d8c1f461d5a73c3f1ad04dd61cdd6a9ae9b75964c430
6
+ metadata.gz: f8703953cf8b45c61a0de488246dd9ee19d213d3c7577e43f756d26283f49842fc45371aeddcc00e734f730f9b89146a8df3363f47e9c9476de1c77f53078383
7
+ data.tar.gz: 5403587ece0718fa16fb20a053c37b12a32470cca9c97b0dade132d1ad321a4326253e7826458fbbc9fd50933e7f4fc4def891f8856b38658cf18d0e32297fce
data/Gemfile CHANGED
@@ -49,6 +49,7 @@ gem 'net-openvpn', '0.8.7'
49
49
  gem 'net-smtp', '0.3.3'
50
50
  gem 'nexpose', '7.3.0'
51
51
  gem 'nokogiri', '1.15.0'
52
+ gem 'nokogiri-diff', '0.2.0'
52
53
  gem 'oily_png', '1.2.1'
53
54
  gem 'os', '1.1.4'
54
55
  gem 'packetfu', '1.1.13'
data/README.md CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
37
37
  $ rvm list gemsets
38
38
  $ gem install --verbose pwn
39
39
  $ pwn
40
- pwn[v0.4.696]:001 >>> PWN.help
40
+ pwn[v0.4.698]:001 >>> PWN.help
41
41
  ```
42
42
 
43
43
  [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
52
52
  $ gem uninstall --all --executables pwn
53
53
  $ gem install --verbose pwn
54
54
  $ pwn
55
- pwn[v0.4.696]:001 >>> PWN.help
55
+ pwn[v0.4.698]:001 >>> PWN.help
56
56
  ```
57
57
 
58
58
 
data/bin/pwn_diff_xml_files CHANGED
@@ -1,7 +1,7 @@
1
1
  #!/usr/bin/env ruby
2
2
  # frozen_string_literal: true
3
3
 
4
- require 'nokogiri'
4
+ require 'nokogiri/diff'
5
5
  require 'optparse'
6
6
 
7
7
  opts = {}
data/lib/pwn/plugins/tor.rb CHANGED
@@ -1,5 +1,6 @@
1
1
  # frozen_string_literal: true
2
2
 
3
+ require 'netaddr'
3
4
  require 'pty'
4
5
 
5
6
  module PWN
@@ -77,6 +78,7 @@ module PWN
77
78
  # ip: 'optional - IP address to listen (default: 127.0.0.1)',
78
79
  # port: 'optional - socks port to listen (default: 1024-65535)',
79
80
  # ctrl_port: 'optional - tor control port to listen (default: 1024-65535)',
81
+ # net: 'optional - CIDR notation to accept connections (default: 127.0.0.0.1/32)',
80
82
  # data_dir: 'optional - directory to keep tor session data (default: /tmp/tor_pwn-TIMESTAMP)'
81
83
  # )
82
84
 
@@ -92,6 +94,11 @@ module PWN
92
94
  break if ctrl_port != port
93
95
  end
94
96
  end
97
+
98
+ net = opts[:net]
99
+ net ||= "#{ip}/32"
100
+ acl_net = NetAddr.parse_net(net)
101
+
95
102
  timestamp = Time.now.strftime('%Y-%m-%d_%H-%M-%S.%N%z')
96
103
  data_dir = opts[:data_dir]
97
104
  data_dir ||= "/tmp/tor_pwn-#{timestamp}"
@@ -115,7 +122,11 @@ module PWN
115
122
  'ControlPort',
116
123
  ctrl_port.to_s,
117
124
  'CookieAuthentication',
118
- '1'
125
+ '1',
126
+ 'SocksPolicy',
127
+ "accept #{acl_net}",
128
+ 'SocksPolicy',
129
+ 'reject *'
119
130
  ) do |stdout, _stdin, pid|
120
131
  File.write(pid_file, pid)
121
132
  stdout.each do |line|
@@ -201,6 +212,7 @@ module PWN
201
212
  ip: 'optional - IP address to listen (default: 127.0.0.1)',
202
213
  port: 'optional - socks port to listen (default: 9050)',
203
214
  ctrl_port: 'optional - tor control port to listen (default: 9051)',
215
+ net: 'optional - CIDR notation to accept connections (default: 127.0.0.1/32)',
204
216
  data_dir: 'optional - directory to keep tor session data (default: /tmp/tor_pwn-TIMESTAMP)'
205
217
  )
206
218
 
data/lib/pwn/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module PWN
4
- VERSION = '0.4.696'
4
+ VERSION = '0.4.698'
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pwn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.696
4
+ version: 0.4.698
5
5
  platform: ruby
6
6
  authors:
7
7
  - 0day Inc.
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-05-15 00:00:00.000000000 Z
11
+ date: 2023-05-16 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -542,6 +542,20 @@ dependencies:
542
542
  - - '='
543
543
  - !ruby/object:Gem::Version
544
544
  version: 1.15.0
545
+ - !ruby/object:Gem::Dependency
546
+ name: nokogiri-diff
547
+ requirement: !ruby/object:Gem::Requirement
548
+ requirements:
549
+ - - '='
550
+ - !ruby/object:Gem::Version
551
+ version: 0.2.0
552
+ type: :runtime
553
+ prerelease: false
554
+ version_requirements: !ruby/object:Gem::Requirement
555
+ requirements:
556
+ - - '='
557
+ - !ruby/object:Gem::Version
558
+ version: 0.2.0
545
559
  - !ruby/object:Gem::Dependency
546
560
  name: oily_png
547
561
  requirement: !ruby/object:Gem::Requirement