pwn 0.4.856 → 0.4.858
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +2 -2
- data/bin/pwn_burp_suite_pro_active_scan +10 -2
- data/lib/pwn/plugins/burp_suite.rb +1 -1
- data/lib/pwn/version.rb +1 -1
- data/lib/pwn/www/hacker_one.rb +7 -5
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: dd95b987eb8392bf24b746113a9434e62fec82060f8e2efe934a3507efd4b04b
|
|
4
|
+
data.tar.gz: b9478f68b29f1c115e7514ac3bc610db3b5c579b0f455302087b1a9e26ccce10
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: e87be261070a3095db250ca8613d8efd4774cbfe7a5c691a975502fb9016a0664e3fe10bd0958e28528deae05bd60465dd5a1d4a3e8b25c17420c30bf8e28a89
|
|
7
|
+
data.tar.gz: 394f68f224193a595df3c430beed0e37635f4e6a111a8e7bf3a683091099b0a0b5d04c3db6476705b03f00f326e8b40287baa18a429ee503b8cce4997aba7a65
|
data/README.md
CHANGED
|
@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
|
37
37
|
$ rvm list gemsets
|
|
38
38
|
$ gem install --verbose pwn
|
|
39
39
|
$ pwn
|
|
40
|
-
pwn[v0.4.
|
|
40
|
+
pwn[v0.4.858]:001 >>> PWN.help
|
|
41
41
|
```
|
|
42
42
|
|
|
43
43
|
[](https://youtu.be/G7iLUY4FzsI)
|
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
|
53
53
|
$ gem install --verbose pwn
|
|
54
54
|
$ pwn
|
|
55
|
-
pwn[v0.4.
|
|
55
|
+
pwn[v0.4.858]:001 >>> PWN.help
|
|
56
56
|
```
|
|
57
57
|
|
|
58
58
|
|
|
@@ -29,6 +29,10 @@ OptionParser.new do |options|
|
|
|
29
29
|
options.on('-IINST', '--navigation_instruct=INST', '<Required - Path to Navigation Instructions (e.g. Auth w/ Target - see /pwn/etc/burpsuite/navigation.instruct.EXAMPLE)>') do |i|
|
|
30
30
|
opts[:navigation_instruct] = i
|
|
31
31
|
end
|
|
32
|
+
|
|
33
|
+
options.on('-cFILE', '--target-config=FILE', '<Optional - Path to Target Config JSON File>') do |c|
|
|
34
|
+
opts[:target_config] = c
|
|
35
|
+
end
|
|
32
36
|
end.parse!
|
|
33
37
|
|
|
34
38
|
if opts.empty?
|
|
@@ -47,18 +51,22 @@ begin
|
|
|
47
51
|
navigation_instruct = opts[:navigation_instruct]
|
|
48
52
|
raise 'Invalid path to browser instructions. Please check your spelling and try again.' unless File.exist?(navigation_instruct)
|
|
49
53
|
|
|
54
|
+
target_config = opts[:target_config]
|
|
55
|
+
|
|
50
56
|
# ------
|
|
51
57
|
# Open Burp
|
|
52
58
|
if headless
|
|
53
59
|
burp_obj = PWN::Plugins::BurpSuite.start(
|
|
54
60
|
burp_jar_path: burp_jar_path,
|
|
55
61
|
headless: true,
|
|
56
|
-
browser_type: :headless
|
|
62
|
+
browser_type: :headless,
|
|
63
|
+
target_config: target_config
|
|
57
64
|
)
|
|
58
65
|
else
|
|
59
66
|
burp_obj = PWN::Plugins::BurpSuite.start(
|
|
60
67
|
burp_jar_path: burp_jar_path,
|
|
61
|
-
browser_type: :chrome
|
|
68
|
+
browser_type: :chrome,
|
|
69
|
+
target_config: target_config
|
|
62
70
|
)
|
|
63
71
|
end
|
|
64
72
|
|
|
@@ -36,7 +36,7 @@ module PWN
|
|
|
36
36
|
# burp_cmd_string = "java -Xmx4G -classpath #{burp_root}/burpbuddy.jar:#{burp_jar_path} burp.StartBurp"
|
|
37
37
|
burp_cmd_string = "java -Xmx4G -classpath #{burp_root}/burpbuddy.jar -jar #{burp_jar_path}"
|
|
38
38
|
end
|
|
39
|
-
burp_cmd_string = "#{burp_cmd_string} --config-file
|
|
39
|
+
burp_cmd_string = "#{burp_cmd_string} --config-file=#{target_config}" if target_config && File.exist?(target_config)
|
|
40
40
|
|
|
41
41
|
# Construct burp_obj
|
|
42
42
|
burp_obj = {}
|
data/lib/pwn/version.rb
CHANGED
data/lib/pwn/www/hacker_one.rb
CHANGED
|
@@ -81,7 +81,7 @@ module PWN
|
|
|
81
81
|
# programs_arr: 'required - array of hashes returned from #get_bounty_programs method',
|
|
82
82
|
# browser_opts: 'optional - opts supported by PWN::Plugins::TransparentBrowser.open method',
|
|
83
83
|
# name: 'optional - name of burp target config file (defaults to ALL)',
|
|
84
|
-
#
|
|
84
|
+
# root_dir: 'optional - directory to save burp target config files (defaults to "./"))'
|
|
85
85
|
# )
|
|
86
86
|
|
|
87
87
|
public_class_method def self.save_burp_target_config_file(opts = {})
|
|
@@ -96,13 +96,14 @@ module PWN
|
|
|
96
96
|
browser_opts[:browser_type] = :rest
|
|
97
97
|
|
|
98
98
|
name = opts[:name]
|
|
99
|
-
|
|
99
|
+
root_dir = opts[:root_dir]
|
|
100
100
|
|
|
101
101
|
rest_obj = PWN::Plugins::TransparentBrowser.open(browser_opts)
|
|
102
102
|
rest_client = rest_obj[:browser]::Request
|
|
103
103
|
|
|
104
104
|
if name
|
|
105
|
-
path = "./burp_target_config_file-#{name}.json" if opts[:
|
|
105
|
+
path = "./burp_target_config_file-#{name}.json" if opts[:root_dir].nil?
|
|
106
|
+
path = "#{root_dir}/burp_target_config_file-#{name}.json" unless opts[:root_dir].nil?
|
|
106
107
|
burp_download_link = programs_arr.select do |program|
|
|
107
108
|
program[:name] == name
|
|
108
109
|
end.first[:burp_target_config]
|
|
@@ -121,7 +122,8 @@ module PWN
|
|
|
121
122
|
begin
|
|
122
123
|
name = program[:name]
|
|
123
124
|
burp_download_link = program[:burp_target_config]
|
|
124
|
-
path = "./burp_target_config_file-#{name}.json" if opts[:
|
|
125
|
+
path = "./burp_target_config_file-#{name}.json" if opts[:root_dir].nil?
|
|
126
|
+
path = "#{root_dir}/burp_target_config_file-#{name}.json" unless opts[:root_dir].nil?
|
|
125
127
|
|
|
126
128
|
resp = rest_client.execute(
|
|
127
129
|
method: :get,
|
|
@@ -235,7 +237,7 @@ module PWN
|
|
|
235
237
|
programs_arr: 'required - array of hashes returned from #get_bounty_programs method',
|
|
236
238
|
browser_opts: 'optional - opts supported by PWN::Plugins::TransparentBrowser.open method',
|
|
237
239
|
name: 'optional - name of burp target config file (defaults to ALL)',
|
|
238
|
-
|
|
240
|
+
root_dir: 'optional - directory to save burp target config files (defaults to \"./\"))'
|
|
239
241
|
)
|
|
240
242
|
|
|
241
243
|
browser_obj = #{self}.login(
|