pwn 0.4.810 → 0.4.813

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 882c1d390d4998cf8afa29f9c2f9ef744c0f7c6119ebc7a498a0c91df4b0a3fc
-  data.tar.gz: a5f61eb7011a689c7549ad33cfd11bebfea98d332568478086b961a3e2abf385
+  metadata.gz: 4180ba499107cf08547cffbb006d958959eadb02df8e336f534e114348194bdc
+  data.tar.gz: e250433e80715ffc153b303b6dac0bb06ec6a22fea437d6b6e5ab49ea0122429
 SHA512:
-  metadata.gz: 684ab1368fc47db2cd4af7adbd988f34966937390c57990138342dc0ae085758b51e80f5d5b590094351cebd0e8eaaa0799b147ddd5ea8576d359c6f9879841b
-  data.tar.gz: 1c023903bf84336ff469d93d40eec8d8ddcc0e244dfc8182d5b04893883229d57d9d52a03e22f00e18c3ac51be5dd1a180c267aa21084df02053742e228af007
+  metadata.gz: 8a209a39abc1ff6088b141afe3a19592e91e955dae687a6adc3d3e9c264b8bb1ba84dd8c276d9442f83c0760cd131839929be5ac54567a0fb4193d4c3687dca0
+  data.tar.gz: e88c7b94dff0693f9ee99caeb5f821698f865e22660c939ef52f7efcea8b313eb86216dfc0d0eab250b282907072940962f08cb8efca7141f2cae16c01e37da1

data/Gemfile

@@ -42,7 +42,6 @@ gem 'luhn', '1.0.2'
 gem 'mail', '2.8.1'
 gem 'mongo', '2.19.1'
 gem 'msfrpc-client', '1.1.2'
-gem 'neovim', '0.9.0'
 gem 'netaddr', '2.0.6'
 gem 'net-ldap', '0.18.0'
 gem 'net-openvpn', '0.8.7'

data/README.md

@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
 $ rvm list gemsets
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.810]:001 >>> PWN.help
+pwn[v0.4.813]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.810]:001 >>> PWN.help
+pwn[v0.4.813]:001 >>> PWN.help
 ```
 
 

data/bin/pwn_fuzz_net_app_proto

@@ -67,6 +67,10 @@ OptionParser.new do |options|
     opts[:max_threads] = i
   end
 
+  options.on('-nREPORTNAME', '--report-name=REPORTNAME', '<Optional Report Name (Defaults to, "File.basename(Dir.pwd)")>') do |n|
+    opts[:report_name] = n
+  end
+
   options.on('-s', '--[no-]start-reporting-server', '<Optional - Start Simple HTTP Server for Reporting>') do |s|
     opts[:start_reporting_server] = s
   end
@@ -103,9 +107,16 @@ opts[:char_encoding].nil? ? char_encoding = 'UTF-8' : char_encoding = opts[:char
 response_timeout = opts[:response_timeout]
 request_rate_limit = opts[:request_rate_limit]
 opts[:max_threads].nil? ? max_threads = 1 : max_threads = opts[:max_threads].to_i
+report_name = opts[:report_name]
+report_name ||= File.basename(Dir.pwd)
 start_reporting_server = opts[:start_reporting_server]
 
-results_hash = { data: [] }
+results_hash = {
+  report_name: HTMLEntities.new.encode(
+    report_name.to_s.strip.scrub.chomp
+  ),
+  data: []
+}
 results_arr = []
 mutex = Mutex.new
 
@@ -150,13 +161,13 @@ puts 'complete.'
 
 # Start Simple HTTP Server (If Requested)
 if start_reporting_server
-  listen_port = 3333
+  listen_port = PWN::Plugins::Sock.get_random_unused_port
   if pwn_provider == 'docker'
     listen_ip = '0.0.0.0'
   else
     listen_ip = '127.0.0.1'
   end
-  puts "For Scan Results Navigate to: http://127.0.0.1:#{listen_port}/pwn_fuzz_net_app_proto.html"
+  puts "For Scan Results Navigate to: http://127.0.0.1:#{listen_port}/#{report_name}.html"
   simple_http_server_params = "-i #{listen_ip} -p #{listen_port}"
   Dir.chdir(dir_path)
   system(

data/bin/pwn_phone

@@ -42,6 +42,10 @@ OptionParser.new do |options|
     opts[:randomize] = r
   end
 
+  options.on('-nREPORTNAME', '--report-name=REPORTNAME', '<Optional Report Name (Defaults to, "File.basename(Dir.pwd)")>') do |n|
+    opts[:report_name] = n
+  end
+
   options.on('-H', '--[no-]start-reporting-server', '<Optional - Start Simple HTTP Server for Reporting>') do |s|
     opts[:start_reporting_server] = s
   end
@@ -81,6 +85,8 @@ begin
 
   # Optional Flag Variables
   randomize = opts[:randomize]
+  report_name = opts[:report_name]
+  report_name ||= File.basename(Dir.pwd)
   start_reporting_server = opts[:start_reporting_server]
   speech_to_text = opts[:speech_to_text]
   src_num_rules = opts[:src_num_rules]
@@ -94,7 +100,8 @@ begin
     src_num_rules: src_num_rules,
     seconds_to_record: seconds_to_record,
     sox_bin: sox_bin,
-    speech_to_text: speech_to_text
+    speech_to_text: speech_to_text,
+    report_name: report_name
   )
 
   # Generate HTML Report
@@ -107,7 +114,7 @@ begin
 
   # Start Simple HTTP Server (If Requested)
   if start_reporting_server
-    listen_port = Random.rand(1_025..65_535).to_s
+    listen_port = PWN::Plugins::Sock.get_random_unused_port
 
     if pwn_provider == 'docker'
       listen_ip = '0.0.0.0'
@@ -115,7 +122,7 @@ begin
       listen_ip = '127.0.0.1'
     end
 
-    puts "For Scan Results Navigate to: http://127.0.0.1:#{listen_port}/pwn_phone.html"
+    puts "For Scan Results Navigate to: http://127.0.0.1:#{listen_port}/#{report_name}.html"
     Dir.chdir(session_root)
     system(
       'pwn_simple_http_server',

data/bin/pwn_sast

@@ -162,7 +162,7 @@ begin
 
   # Start Simple HTTP Server (If Requested)
   if start_reporting_server
-    listen_port = Random.rand(1_025..65_535).to_s
+    listen_port = PWN::Plugins::Sock.get_random_unused_port
 
     if pwn_provider == 'docker'
       listen_ip = '0.0.0.0'
@@ -170,7 +170,7 @@ begin
       listen_ip = '127.0.0.1'
     end
 
-    puts "For Scan Results Navigate to: http://127.0.0.1:#{listen_port}/pwn_scan_git_source.html"
+    puts "For Scan Results Navigate to: http://127.0.0.1:#{listen_port}/#{report_name}.html"
     Dir.chdir(dir_path)
     system(
       'pwn_simple_http_server',

data/bin/pwn_www_uri_buster

@@ -21,11 +21,15 @@ OptionParser.new do |options|
     opts[:wordlist] = w
   end
 
+  options.on('-aPATTERN', '--append=PATTERN', '<Optional - Append Pattern to Each Entry in the Wordlist (e.g .inc, .BAK, .git, etc>') do |a|
+    opts[:append_pattern] = a
+  end
+
   options.on('-pPROXY', '--proxy=PROXY', '<Optional - Proxy SCHEME://ADDRESS:PORT>') do |p|
     opts[:proxy] = p
   end
 
-  options.on('-tTHREADS', '--max-threads=THREADS', '<Optional # HTTP Requests to Run Simultaneously (Default 100)>') do |t|
+  options.on('-tTHREADS', '--max-threads=THREADS', '<Optional # HTTP Requests to Run Simultaneously (Default 25)>') do |t|
     opts[:max_threads] = t
   end
 
@@ -105,6 +109,7 @@ def request_path(opts = {})
     raise 'ERROR: Connection(s) Refused. Try lowering the --max-threads value.'
   rescue Errno::ECONNRESET,
          RestClient::Exceptions::ReadTimeout,
+         RestClient::Exceptions::OpenTimeout,
          RestClient::ServerBrokeConnection => e
     rest_client_resp_hash = {
       request_timestamp: Time.now.strftime('%Y-%m-%d_%H-%M-%S'),
@@ -115,14 +120,25 @@ def request_path(opts = {})
       http_resp: e.class
     }
   rescue RestClient::ExceptionWithResponse => e
-    rest_client_resp_hash = {
-      request_timestamp: Time.now.strftime('%Y-%m-%d_%H-%M-%S'),
-      http_uri: http_uri,
-      http_method: http_method,
-      http_resp_code: e.response.code,
-      http_resp_length: e.response.body.length,
-      http_resp: "#{e.response.body[0..300]}..."
-    }
+    if e.responds_to?(:response)
+      rest_client_resp_hash = {
+        request_timestamp: Time.now.strftime('%Y-%m-%d_%H-%M-%S'),
+        http_uri: http_uri,
+        http_method: http_method,
+        http_resp_code: e.response.code,
+        http_resp_length: e.response.body.length,
+        http_resp: "#{e.response.body[0..300]}..."
+      }
+    else
+      resp_client_resp_hash = {
+        request_timestamp: Time.now.strftime('%Y-%m-%d_%H-%M-%S'),
+        http_uri: http_uri,
+        http_method: http_method,
+        http_resp_code: 'N/A',
+        http_resp_length: 'N/A',
+        http_resp: 'N/A'
+      }
+    end
   rescue URI::InvalidURIError
     url_encoded_wordlist_arr = []
     wordlist_line.split('/').each do |path|
@@ -150,10 +166,11 @@ begin
   wordlist = opts[:wordlist]
   raise "ERROR: #{wordlist} Does Not Exist." unless File.exist?(wordlist)
 
+  append_pattern = opts[:append_pattern]
   proxy = opts[:proxy]
 
   max_threads = opts[:max_threads]
-  max_threads ||= 100
+  max_threads ||= 25
 
   http_request_headers = opts[:http_request_headers]
   http_response_codes = opts[:http_response_codes]
@@ -191,7 +208,7 @@ begin
         target_url: target_url,
         proxy: proxy,
         http_request_headers: http_request_headers,
-        wordlist_line: wordlist_line,
+        wordlist_line: "#{wordlist_line}#{append_pattern}",
         http_method: http_method
       )
 
@@ -216,7 +233,7 @@ begin
 
   # Start Simple HTTP Server (If Requested)
   if start_reporting_server
-    listen_port = Random.rand(1_025..65_535).to_s
+    listen_port = PWN::Plugins::Sock.get_random_unused_port
 
     if pwn_provider == 'docker'
       listen_ip = '0.0.0.0'
@@ -224,7 +241,7 @@ begin
       listen_ip = '127.0.0.1'
     end
 
-    puts "For Scan Results Navigate to: http://127.0.0.1:#{listen_port}/pwn_www_uri_buster.html"
+    puts "For Scan Results Navigate to: http://127.0.0.1:#{listen_port}/#{report_name}.html"
     Dir.chdir(dir_path)
     system(
       'pwn_simple_http_server',

data/lib/pwn/plugins/baresip.rb

@@ -623,6 +623,7 @@ module PWN
         sox_bin = opts[:sox_bin] if File.exist?(opts[:sox_bin].to_s)
         sox_bin ||= '/usr/bin/sox'
         speech_to_text = opts[:speech_to_text]
+        report_name = opts[:report_name]
 
         target_range = parse_target_file(
           target_file: target_file,
@@ -630,6 +631,9 @@ module PWN
         )
 
         results_hash = {
+          report_name: HTMLEntities.new.encode(
+            report_name.to_s.scrub.strip.chomp
+          ),
           session_started: Time.now.strftime('%Y-%m-%d_%H.%M.%S'),
           data: []
         }

data/lib/pwn/plugins/detect_os.rb

@@ -10,13 +10,15 @@ module PWN
       # PWN::Plugins::DetectOS.type
 
       public_class_method def self.type
-        :cygwin if OS.cygwin?
-        :freebsd if OS.freebsd?
-        :linux if OS.linux?
-        :netbsd if OS.host_os.include?('netbsd')
-        :openbsd if OS.host_os.include?('openbsd')
-        :osx if OS.osx?
-        :windows if OS.windows?
+        os = :cygwin if OS.cygwin?
+        os = :freebsd if OS.freebsd?
+        os = :linux if OS.linux?
+        os = :netbsd if OS.host_os.include?('netbsd')
+        os = :openbsd if OS.host_os.include?('openbsd')
+        os = :osx if OS.osx?
+        os = :windows if OS.windows?
+
+        os
       rescue StandardError => e
         raise e
       end

data/lib/pwn/reports/fuzz.rb

@@ -21,10 +21,11 @@ module PWN
         raise "PWN Error: Invalid Directory #{dir_path}" if dir_path.nil?
 
         results_hash = opts[:results_hash]
+        report_name = results_hash[:report_name]
         opts[:char_encoding].nil? ? char_encoding = 'UTF-8' : char_encoding = opts[:char_encoding].to_s
 
         # JSON object Completion
-        File.open("#{dir_path}/pwn_fuzz_net_app_proto.json", "w:#{char_encoding}") do |f|
+        File.open("#{dir_path}/#{report_name}.json", "w:#{char_encoding}") do |f|
           f.print(
             JSON.pretty_generate(results_hash).force_encoding(char_encoding)
           )
@@ -239,7 +240,7 @@ module PWN
         </html>
         }
 
-        File.open("#{dir_path}/pwn_fuzz_net_app_proto.html", 'w') do |f|
+        File.open("#{dir_path}/#{report_name}.html", 'w') do |f|
           f.print(html_report)
         end
       rescue StandardError => e

data/lib/pwn/reports/phone.rb

@@ -17,9 +17,10 @@ module PWN
         raise "PWN Error: Invalid Directory #{dir_path}" if dir_path.nil?
 
         results_hash = opts[:results_hash]
+        report_name = results_hash[:report_name]
 
         File.write(
-          "#{dir_path}/pwn_phone.json",
+          "#{dir_path}/#{report_name}.json",
           JSON.pretty_generate(results_hash)
         )
 
@@ -280,7 +281,7 @@ module PWN
         </html>
         }
 
-        File.open("#{dir_path}/pwn_phone.html", 'w') do |f|
+        File.open("#{dir_path}/#{report_name}.html", 'w') do |f|
           f.print(html_report)
         end
       rescue StandardError => e

data/lib/pwn/reports/sast.rb

@@ -20,13 +20,14 @@ module PWN
         raise "PWN Error: Invalid Directory #{dir_path}" if dir_path.nil?
 
         results_hash = opts[:results_hash]
+        report_name = results_hash[:report_name]
 
         # JSON object Completion
         # File.open("#{dir_path}/pwn_scan_git_source.json", 'w') do |f|
         #   f.print(results_hash.to_json)
         # end
         File.write(
-          "#{dir_path}/pwn_scan_git_source.json",
+          "#{dir_path}/#{report_name}.json",
           JSON.pretty_generate(results_hash)
         )
 
@@ -279,7 +280,7 @@ module PWN
         </html>
         }
 
-        File.open("#{dir_path}/pwn_scan_git_source.html", 'w') do |f|
+        File.open("#{dir_path}/#{report_name}.html", 'w') do |f|
           f.print(html_report)
         end
       rescue StandardError => e

data/lib/pwn/reports/uri_buster.rb

@@ -17,9 +17,10 @@ module PWN
         raise "PWN Error: Invalid Directory #{dir_path}" if dir_path.nil?
 
         results_hash = opts[:results_hash]
+        report_name = results_name[:report_name]
 
         File.write(
-          "#{dir_path}/pwn_www_uri_buster.json",
+          "#{dir_path}/#{report_name}.json",
           JSON.pretty_generate(results_hash)
         )
 
@@ -216,7 +217,7 @@ module PWN
         </html>
         }
 
-        File.open("#{dir_path}/pwn_www_uri_buster.html", 'w') do |f|
+        File.open("#{dir_path}/#{report_name}.html", 'w') do |f|
           f.print(html_report)
         end
       rescue StandardError => e

data/lib/pwn/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.4.810'
+  VERSION = '0.4.813'
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.4.810
+  version: 0.4.813
 platform: ruby
 authors:
 - 0day Inc.
@@ -430,20 +430,6 @@ dependencies:
     - - '='
       - !ruby/object:Gem::Version
         version: 1.1.2
-- !ruby/object:Gem::Dependency
-  name: neovim
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.9.0
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.9.0
 - !ruby/object:Gem::Dependency
   name: netaddr
   requirement: !ruby/object:Gem::Requirement