pwn 0.4.812 → 0.4.813
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +2 -2
- data/bin/pwn_fuzz_net_app_proto +14 -3
- data/bin/pwn_phone +10 -3
- data/bin/pwn_sast +2 -2
- data/bin/pwn_www_uri_buster +24 -12
- data/lib/pwn/plugins/baresip.rb +4 -0
- data/lib/pwn/plugins/detect_os.rb +9 -7
- data/lib/pwn/reports/fuzz.rb +3 -2
- data/lib/pwn/reports/phone.rb +3 -2
- data/lib/pwn/reports/sast.rb +3 -2
- data/lib/pwn/reports/uri_buster.rb +3 -2
- data/lib/pwn/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 4180ba499107cf08547cffbb006d958959eadb02df8e336f534e114348194bdc
|
4
|
+
data.tar.gz: e250433e80715ffc153b303b6dac0bb06ec6a22fea437d6b6e5ab49ea0122429
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 8a209a39abc1ff6088b141afe3a19592e91e955dae687a6adc3d3e9c264b8bb1ba84dd8c276d9442f83c0760cd131839929be5ac54567a0fb4193d4c3687dca0
|
7
|
+
data.tar.gz: e88c7b94dff0693f9ee99caeb5f821698f865e22660c939ef52f7efcea8b313eb86216dfc0d0eab250b282907072940962f08cb8efca7141f2cae16c01e37da1
|
data/README.md
CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
37
37
|
$ rvm list gemsets
|
38
38
|
$ gem install --verbose pwn
|
39
39
|
$ pwn
|
40
|
-
pwn[v0.4.
|
40
|
+
pwn[v0.4.813]:001 >>> PWN.help
|
41
41
|
```
|
42
42
|
|
43
43
|
[![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
53
53
|
$ gem install --verbose pwn
|
54
54
|
$ pwn
|
55
|
-
pwn[v0.4.
|
55
|
+
pwn[v0.4.813]:001 >>> PWN.help
|
56
56
|
```
|
57
57
|
|
58
58
|
|
data/bin/pwn_fuzz_net_app_proto
CHANGED
@@ -67,6 +67,10 @@ OptionParser.new do |options|
|
|
67
67
|
opts[:max_threads] = i
|
68
68
|
end
|
69
69
|
|
70
|
+
options.on('-nREPORTNAME', '--report-name=REPORTNAME', '<Optional Report Name (Defaults to, "File.basename(Dir.pwd)")>') do |n|
|
71
|
+
opts[:report_name] = n
|
72
|
+
end
|
73
|
+
|
70
74
|
options.on('-s', '--[no-]start-reporting-server', '<Optional - Start Simple HTTP Server for Reporting>') do |s|
|
71
75
|
opts[:start_reporting_server] = s
|
72
76
|
end
|
@@ -103,9 +107,16 @@ opts[:char_encoding].nil? ? char_encoding = 'UTF-8' : char_encoding = opts[:char
|
|
103
107
|
response_timeout = opts[:response_timeout]
|
104
108
|
request_rate_limit = opts[:request_rate_limit]
|
105
109
|
opts[:max_threads].nil? ? max_threads = 1 : max_threads = opts[:max_threads].to_i
|
110
|
+
report_name = opts[:report_name]
|
111
|
+
report_name ||= File.basename(Dir.pwd)
|
106
112
|
start_reporting_server = opts[:start_reporting_server]
|
107
113
|
|
108
|
-
results_hash = {
|
114
|
+
results_hash = {
|
115
|
+
report_name: HTMLEntities.new.encode(
|
116
|
+
report_name.to_s.strip.scrub.chomp
|
117
|
+
),
|
118
|
+
data: []
|
119
|
+
}
|
109
120
|
results_arr = []
|
110
121
|
mutex = Mutex.new
|
111
122
|
|
@@ -150,13 +161,13 @@ puts 'complete.'
|
|
150
161
|
|
151
162
|
# Start Simple HTTP Server (If Requested)
|
152
163
|
if start_reporting_server
|
153
|
-
listen_port =
|
164
|
+
listen_port = PWN::Plugins::Sock.get_random_unused_port
|
154
165
|
if pwn_provider == 'docker'
|
155
166
|
listen_ip = '0.0.0.0'
|
156
167
|
else
|
157
168
|
listen_ip = '127.0.0.1'
|
158
169
|
end
|
159
|
-
puts "For Scan Results Navigate to: http://127.0.0.1:#{listen_port}
|
170
|
+
puts "For Scan Results Navigate to: http://127.0.0.1:#{listen_port}/#{report_name}.html"
|
160
171
|
simple_http_server_params = "-i #{listen_ip} -p #{listen_port}"
|
161
172
|
Dir.chdir(dir_path)
|
162
173
|
system(
|
data/bin/pwn_phone
CHANGED
@@ -42,6 +42,10 @@ OptionParser.new do |options|
|
|
42
42
|
opts[:randomize] = r
|
43
43
|
end
|
44
44
|
|
45
|
+
options.on('-nREPORTNAME', '--report-name=REPORTNAME', '<Optional Report Name (Defaults to, "File.basename(Dir.pwd)")>') do |n|
|
46
|
+
opts[:report_name] = n
|
47
|
+
end
|
48
|
+
|
45
49
|
options.on('-H', '--[no-]start-reporting-server', '<Optional - Start Simple HTTP Server for Reporting>') do |s|
|
46
50
|
opts[:start_reporting_server] = s
|
47
51
|
end
|
@@ -81,6 +85,8 @@ begin
|
|
81
85
|
|
82
86
|
# Optional Flag Variables
|
83
87
|
randomize = opts[:randomize]
|
88
|
+
report_name = opts[:report_name]
|
89
|
+
report_name ||= File.basename(Dir.pwd)
|
84
90
|
start_reporting_server = opts[:start_reporting_server]
|
85
91
|
speech_to_text = opts[:speech_to_text]
|
86
92
|
src_num_rules = opts[:src_num_rules]
|
@@ -94,7 +100,8 @@ begin
|
|
94
100
|
src_num_rules: src_num_rules,
|
95
101
|
seconds_to_record: seconds_to_record,
|
96
102
|
sox_bin: sox_bin,
|
97
|
-
speech_to_text: speech_to_text
|
103
|
+
speech_to_text: speech_to_text,
|
104
|
+
report_name: report_name
|
98
105
|
)
|
99
106
|
|
100
107
|
# Generate HTML Report
|
@@ -107,7 +114,7 @@ begin
|
|
107
114
|
|
108
115
|
# Start Simple HTTP Server (If Requested)
|
109
116
|
if start_reporting_server
|
110
|
-
listen_port =
|
117
|
+
listen_port = PWN::Plugins::Sock.get_random_unused_port
|
111
118
|
|
112
119
|
if pwn_provider == 'docker'
|
113
120
|
listen_ip = '0.0.0.0'
|
@@ -115,7 +122,7 @@ begin
|
|
115
122
|
listen_ip = '127.0.0.1'
|
116
123
|
end
|
117
124
|
|
118
|
-
puts "For Scan Results Navigate to: http://127.0.0.1:#{listen_port}
|
125
|
+
puts "For Scan Results Navigate to: http://127.0.0.1:#{listen_port}/#{report_name}.html"
|
119
126
|
Dir.chdir(session_root)
|
120
127
|
system(
|
121
128
|
'pwn_simple_http_server',
|
data/bin/pwn_sast
CHANGED
@@ -162,7 +162,7 @@ begin
|
|
162
162
|
|
163
163
|
# Start Simple HTTP Server (If Requested)
|
164
164
|
if start_reporting_server
|
165
|
-
listen_port =
|
165
|
+
listen_port = PWN::Plugins::Sock.get_random_unused_port
|
166
166
|
|
167
167
|
if pwn_provider == 'docker'
|
168
168
|
listen_ip = '0.0.0.0'
|
@@ -170,7 +170,7 @@ begin
|
|
170
170
|
listen_ip = '127.0.0.1'
|
171
171
|
end
|
172
172
|
|
173
|
-
puts "For Scan Results Navigate to: http://127.0.0.1:#{listen_port}
|
173
|
+
puts "For Scan Results Navigate to: http://127.0.0.1:#{listen_port}/#{report_name}.html"
|
174
174
|
Dir.chdir(dir_path)
|
175
175
|
system(
|
176
176
|
'pwn_simple_http_server',
|
data/bin/pwn_www_uri_buster
CHANGED
@@ -29,7 +29,7 @@ OptionParser.new do |options|
|
|
29
29
|
opts[:proxy] = p
|
30
30
|
end
|
31
31
|
|
32
|
-
options.on('-tTHREADS', '--max-threads=THREADS', '<Optional # HTTP Requests to Run Simultaneously (Default
|
32
|
+
options.on('-tTHREADS', '--max-threads=THREADS', '<Optional # HTTP Requests to Run Simultaneously (Default 25)>') do |t|
|
33
33
|
opts[:max_threads] = t
|
34
34
|
end
|
35
35
|
|
@@ -109,6 +109,7 @@ def request_path(opts = {})
|
|
109
109
|
raise 'ERROR: Connection(s) Refused. Try lowering the --max-threads value.'
|
110
110
|
rescue Errno::ECONNRESET,
|
111
111
|
RestClient::Exceptions::ReadTimeout,
|
112
|
+
RestClient::Exceptions::OpenTimeout,
|
112
113
|
RestClient::ServerBrokeConnection => e
|
113
114
|
rest_client_resp_hash = {
|
114
115
|
request_timestamp: Time.now.strftime('%Y-%m-%d_%H-%M-%S'),
|
@@ -119,14 +120,25 @@ def request_path(opts = {})
|
|
119
120
|
http_resp: e.class
|
120
121
|
}
|
121
122
|
rescue RestClient::ExceptionWithResponse => e
|
122
|
-
|
123
|
-
|
124
|
-
|
125
|
-
|
126
|
-
|
127
|
-
|
128
|
-
|
129
|
-
|
123
|
+
if e.responds_to?(:response)
|
124
|
+
rest_client_resp_hash = {
|
125
|
+
request_timestamp: Time.now.strftime('%Y-%m-%d_%H-%M-%S'),
|
126
|
+
http_uri: http_uri,
|
127
|
+
http_method: http_method,
|
128
|
+
http_resp_code: e.response.code,
|
129
|
+
http_resp_length: e.response.body.length,
|
130
|
+
http_resp: "#{e.response.body[0..300]}..."
|
131
|
+
}
|
132
|
+
else
|
133
|
+
resp_client_resp_hash = {
|
134
|
+
request_timestamp: Time.now.strftime('%Y-%m-%d_%H-%M-%S'),
|
135
|
+
http_uri: http_uri,
|
136
|
+
http_method: http_method,
|
137
|
+
http_resp_code: 'N/A',
|
138
|
+
http_resp_length: 'N/A',
|
139
|
+
http_resp: 'N/A'
|
140
|
+
}
|
141
|
+
end
|
130
142
|
rescue URI::InvalidURIError
|
131
143
|
url_encoded_wordlist_arr = []
|
132
144
|
wordlist_line.split('/').each do |path|
|
@@ -158,7 +170,7 @@ begin
|
|
158
170
|
proxy = opts[:proxy]
|
159
171
|
|
160
172
|
max_threads = opts[:max_threads]
|
161
|
-
max_threads ||=
|
173
|
+
max_threads ||= 25
|
162
174
|
|
163
175
|
http_request_headers = opts[:http_request_headers]
|
164
176
|
http_response_codes = opts[:http_response_codes]
|
@@ -221,7 +233,7 @@ begin
|
|
221
233
|
|
222
234
|
# Start Simple HTTP Server (If Requested)
|
223
235
|
if start_reporting_server
|
224
|
-
listen_port =
|
236
|
+
listen_port = PWN::Plugins::Sock.get_random_unused_port
|
225
237
|
|
226
238
|
if pwn_provider == 'docker'
|
227
239
|
listen_ip = '0.0.0.0'
|
@@ -229,7 +241,7 @@ begin
|
|
229
241
|
listen_ip = '127.0.0.1'
|
230
242
|
end
|
231
243
|
|
232
|
-
puts "For Scan Results Navigate to: http://127.0.0.1:#{listen_port}
|
244
|
+
puts "For Scan Results Navigate to: http://127.0.0.1:#{listen_port}/#{report_name}.html"
|
233
245
|
Dir.chdir(dir_path)
|
234
246
|
system(
|
235
247
|
'pwn_simple_http_server',
|
data/lib/pwn/plugins/baresip.rb
CHANGED
@@ -623,6 +623,7 @@ module PWN
|
|
623
623
|
sox_bin = opts[:sox_bin] if File.exist?(opts[:sox_bin].to_s)
|
624
624
|
sox_bin ||= '/usr/bin/sox'
|
625
625
|
speech_to_text = opts[:speech_to_text]
|
626
|
+
report_name = opts[:report_name]
|
626
627
|
|
627
628
|
target_range = parse_target_file(
|
628
629
|
target_file: target_file,
|
@@ -630,6 +631,9 @@ module PWN
|
|
630
631
|
)
|
631
632
|
|
632
633
|
results_hash = {
|
634
|
+
report_name: HTMLEntities.new.encode(
|
635
|
+
report_name.to_s.scrub.strip.chomp
|
636
|
+
),
|
633
637
|
session_started: Time.now.strftime('%Y-%m-%d_%H.%M.%S'),
|
634
638
|
data: []
|
635
639
|
}
|
@@ -10,13 +10,15 @@ module PWN
|
|
10
10
|
# PWN::Plugins::DetectOS.type
|
11
11
|
|
12
12
|
public_class_method def self.type
|
13
|
-
:cygwin if OS.cygwin?
|
14
|
-
:freebsd if OS.freebsd?
|
15
|
-
:linux if OS.linux?
|
16
|
-
:netbsd if OS.host_os.include?('netbsd')
|
17
|
-
:openbsd if OS.host_os.include?('openbsd')
|
18
|
-
:osx if OS.osx?
|
19
|
-
:windows if OS.windows?
|
13
|
+
os = :cygwin if OS.cygwin?
|
14
|
+
os = :freebsd if OS.freebsd?
|
15
|
+
os = :linux if OS.linux?
|
16
|
+
os = :netbsd if OS.host_os.include?('netbsd')
|
17
|
+
os = :openbsd if OS.host_os.include?('openbsd')
|
18
|
+
os = :osx if OS.osx?
|
19
|
+
os = :windows if OS.windows?
|
20
|
+
|
21
|
+
os
|
20
22
|
rescue StandardError => e
|
21
23
|
raise e
|
22
24
|
end
|
data/lib/pwn/reports/fuzz.rb
CHANGED
@@ -21,10 +21,11 @@ module PWN
|
|
21
21
|
raise "PWN Error: Invalid Directory #{dir_path}" if dir_path.nil?
|
22
22
|
|
23
23
|
results_hash = opts[:results_hash]
|
24
|
+
report_name = results_hash[:report_name]
|
24
25
|
opts[:char_encoding].nil? ? char_encoding = 'UTF-8' : char_encoding = opts[:char_encoding].to_s
|
25
26
|
|
26
27
|
# JSON object Completion
|
27
|
-
File.open("#{dir_path}
|
28
|
+
File.open("#{dir_path}/#{report_name}.json", "w:#{char_encoding}") do |f|
|
28
29
|
f.print(
|
29
30
|
JSON.pretty_generate(results_hash).force_encoding(char_encoding)
|
30
31
|
)
|
@@ -239,7 +240,7 @@ module PWN
|
|
239
240
|
</html>
|
240
241
|
}
|
241
242
|
|
242
|
-
File.open("#{dir_path}
|
243
|
+
File.open("#{dir_path}/#{report_name}.html", 'w') do |f|
|
243
244
|
f.print(html_report)
|
244
245
|
end
|
245
246
|
rescue StandardError => e
|
data/lib/pwn/reports/phone.rb
CHANGED
@@ -17,9 +17,10 @@ module PWN
|
|
17
17
|
raise "PWN Error: Invalid Directory #{dir_path}" if dir_path.nil?
|
18
18
|
|
19
19
|
results_hash = opts[:results_hash]
|
20
|
+
report_name = results_hash[:report_name]
|
20
21
|
|
21
22
|
File.write(
|
22
|
-
"#{dir_path}
|
23
|
+
"#{dir_path}/#{report_name}.json",
|
23
24
|
JSON.pretty_generate(results_hash)
|
24
25
|
)
|
25
26
|
|
@@ -280,7 +281,7 @@ module PWN
|
|
280
281
|
</html>
|
281
282
|
}
|
282
283
|
|
283
|
-
File.open("#{dir_path}
|
284
|
+
File.open("#{dir_path}/#{report_name}.html", 'w') do |f|
|
284
285
|
f.print(html_report)
|
285
286
|
end
|
286
287
|
rescue StandardError => e
|
data/lib/pwn/reports/sast.rb
CHANGED
@@ -20,13 +20,14 @@ module PWN
|
|
20
20
|
raise "PWN Error: Invalid Directory #{dir_path}" if dir_path.nil?
|
21
21
|
|
22
22
|
results_hash = opts[:results_hash]
|
23
|
+
report_name = results_hash[:report_name]
|
23
24
|
|
24
25
|
# JSON object Completion
|
25
26
|
# File.open("#{dir_path}/pwn_scan_git_source.json", 'w') do |f|
|
26
27
|
# f.print(results_hash.to_json)
|
27
28
|
# end
|
28
29
|
File.write(
|
29
|
-
"#{dir_path}
|
30
|
+
"#{dir_path}/#{report_name}.json",
|
30
31
|
JSON.pretty_generate(results_hash)
|
31
32
|
)
|
32
33
|
|
@@ -279,7 +280,7 @@ module PWN
|
|
279
280
|
</html>
|
280
281
|
}
|
281
282
|
|
282
|
-
File.open("#{dir_path}
|
283
|
+
File.open("#{dir_path}/#{report_name}.html", 'w') do |f|
|
283
284
|
f.print(html_report)
|
284
285
|
end
|
285
286
|
rescue StandardError => e
|
@@ -17,9 +17,10 @@ module PWN
|
|
17
17
|
raise "PWN Error: Invalid Directory #{dir_path}" if dir_path.nil?
|
18
18
|
|
19
19
|
results_hash = opts[:results_hash]
|
20
|
+
report_name = results_name[:report_name]
|
20
21
|
|
21
22
|
File.write(
|
22
|
-
"#{dir_path}
|
23
|
+
"#{dir_path}/#{report_name}.json",
|
23
24
|
JSON.pretty_generate(results_hash)
|
24
25
|
)
|
25
26
|
|
@@ -216,7 +217,7 @@ module PWN
|
|
216
217
|
</html>
|
217
218
|
}
|
218
219
|
|
219
|
-
File.open("#{dir_path}
|
220
|
+
File.open("#{dir_path}/#{report_name}.html", 'w') do |f|
|
220
221
|
f.print(html_report)
|
221
222
|
end
|
222
223
|
rescue StandardError => e
|
data/lib/pwn/version.rb
CHANGED