pwn 0.4.856 → 0.4.858
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +2 -2
- data/bin/pwn_burp_suite_pro_active_scan +10 -2
- data/lib/pwn/plugins/burp_suite.rb +1 -1
- data/lib/pwn/version.rb +1 -1
- data/lib/pwn/www/hacker_one.rb +7 -5
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: dd95b987eb8392bf24b746113a9434e62fec82060f8e2efe934a3507efd4b04b
|
|
4
|
+
data.tar.gz: b9478f68b29f1c115e7514ac3bc610db3b5c579b0f455302087b1a9e26ccce10
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: e87be261070a3095db250ca8613d8efd4774cbfe7a5c691a975502fb9016a0664e3fe10bd0958e28528deae05bd60465dd5a1d4a3e8b25c17420c30bf8e28a89
|
|
7
|
+
data.tar.gz: 394f68f224193a595df3c430beed0e37635f4e6a111a8e7bf3a683091099b0a0b5d04c3db6476705b03f00f326e8b40287baa18a429ee503b8cce4997aba7a65
|
data/README.md
CHANGED
|
@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
|
37
37
|
$ rvm list gemsets
|
|
38
38
|
$ gem install --verbose pwn
|
|
39
39
|
$ pwn
|
|
40
|
-
pwn[v0.4.
|
|
40
|
+
pwn[v0.4.858]:001 >>> PWN.help
|
|
41
41
|
```
|
|
42
42
|
|
|
43
43
|
[](https://youtu.be/G7iLUY4FzsI)
|
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
|
53
53
|
$ gem install --verbose pwn
|
|
54
54
|
$ pwn
|
|
55
|
-
pwn[v0.4.
|
|
55
|
+
pwn[v0.4.858]:001 >>> PWN.help
|
|
56
56
|
```
|
|
57
57
|
|
|
58
58
|
|
|
@@ -29,6 +29,10 @@ OptionParser.new do |options|
|
|
|
29
29
|
options.on('-IINST', '--navigation_instruct=INST', '<Required - Path to Navigation Instructions (e.g. Auth w/ Target - see /pwn/etc/burpsuite/navigation.instruct.EXAMPLE)>') do |i|
|
|
30
30
|
opts[:navigation_instruct] = i
|
|
31
31
|
end
|
|
32
|
+
|
|
33
|
+
options.on('-cFILE', '--target-config=FILE', '<Optional - Path to Target Config JSON File>') do |c|
|
|
34
|
+
opts[:target_config] = c
|
|
35
|
+
end
|
|
32
36
|
end.parse!
|
|
33
37
|
|
|
34
38
|
if opts.empty?
|
|
@@ -47,18 +51,22 @@ begin
|
|
|
47
51
|
navigation_instruct = opts[:navigation_instruct]
|
|
48
52
|
raise 'Invalid path to browser instructions. Please check your spelling and try again.' unless File.exist?(navigation_instruct)
|
|
49
53
|
|
|
54
|
+
target_config = opts[:target_config]
|
|
55
|
+
|
|
50
56
|
# ------
|
|
51
57
|
# Open Burp
|
|
52
58
|
if headless
|
|
53
59
|
burp_obj = PWN::Plugins::BurpSuite.start(
|
|
54
60
|
burp_jar_path: burp_jar_path,
|
|
55
61
|
headless: true,
|
|
56
|
-
browser_type: :headless
|
|
62
|
+
browser_type: :headless,
|
|
63
|
+
target_config: target_config
|
|
57
64
|
)
|
|
58
65
|
else
|
|
59
66
|
burp_obj = PWN::Plugins::BurpSuite.start(
|
|
60
67
|
burp_jar_path: burp_jar_path,
|
|
61
|
-
browser_type: :chrome
|
|
68
|
+
browser_type: :chrome,
|
|
69
|
+
target_config: target_config
|
|
62
70
|
)
|
|
63
71
|
end
|
|
64
72
|
|
|
@@ -36,7 +36,7 @@ module PWN
|
|
|
36
36
|
# burp_cmd_string = "java -Xmx4G -classpath #{burp_root}/burpbuddy.jar:#{burp_jar_path} burp.StartBurp"
|
|
37
37
|
burp_cmd_string = "java -Xmx4G -classpath #{burp_root}/burpbuddy.jar -jar #{burp_jar_path}"
|
|
38
38
|
end
|
|
39
|
-
burp_cmd_string = "#{burp_cmd_string} --config-file
|
|
39
|
+
burp_cmd_string = "#{burp_cmd_string} --config-file=#{target_config}" if target_config && File.exist?(target_config)
|
|
40
40
|
|
|
41
41
|
# Construct burp_obj
|
|
42
42
|
burp_obj = {}
|
data/lib/pwn/version.rb
CHANGED
data/lib/pwn/www/hacker_one.rb
CHANGED
|
@@ -81,7 +81,7 @@ module PWN
|
|
|
81
81
|
# programs_arr: 'required - array of hashes returned from #get_bounty_programs method',
|
|
82
82
|
# browser_opts: 'optional - opts supported by PWN::Plugins::TransparentBrowser.open method',
|
|
83
83
|
# name: 'optional - name of burp target config file (defaults to ALL)',
|
|
84
|
-
#
|
|
84
|
+
# root_dir: 'optional - directory to save burp target config files (defaults to "./"))'
|
|
85
85
|
# )
|
|
86
86
|
|
|
87
87
|
public_class_method def self.save_burp_target_config_file(opts = {})
|
|
@@ -96,13 +96,14 @@ module PWN
|
|
|
96
96
|
browser_opts[:browser_type] = :rest
|
|
97
97
|
|
|
98
98
|
name = opts[:name]
|
|
99
|
-
|
|
99
|
+
root_dir = opts[:root_dir]
|
|
100
100
|
|
|
101
101
|
rest_obj = PWN::Plugins::TransparentBrowser.open(browser_opts)
|
|
102
102
|
rest_client = rest_obj[:browser]::Request
|
|
103
103
|
|
|
104
104
|
if name
|
|
105
|
-
path = "./burp_target_config_file-#{name}.json" if opts[:
|
|
105
|
+
path = "./burp_target_config_file-#{name}.json" if opts[:root_dir].nil?
|
|
106
|
+
path = "#{root_dir}/burp_target_config_file-#{name}.json" unless opts[:root_dir].nil?
|
|
106
107
|
burp_download_link = programs_arr.select do |program|
|
|
107
108
|
program[:name] == name
|
|
108
109
|
end.first[:burp_target_config]
|
|
@@ -121,7 +122,8 @@ module PWN
|
|
|
121
122
|
begin
|
|
122
123
|
name = program[:name]
|
|
123
124
|
burp_download_link = program[:burp_target_config]
|
|
124
|
-
path = "./burp_target_config_file-#{name}.json" if opts[:
|
|
125
|
+
path = "./burp_target_config_file-#{name}.json" if opts[:root_dir].nil?
|
|
126
|
+
path = "#{root_dir}/burp_target_config_file-#{name}.json" unless opts[:root_dir].nil?
|
|
125
127
|
|
|
126
128
|
resp = rest_client.execute(
|
|
127
129
|
method: :get,
|
|
@@ -235,7 +237,7 @@ module PWN
|
|
|
235
237
|
programs_arr: 'required - array of hashes returned from #get_bounty_programs method',
|
|
236
238
|
browser_opts: 'optional - opts supported by PWN::Plugins::TransparentBrowser.open method',
|
|
237
239
|
name: 'optional - name of burp target config file (defaults to ALL)',
|
|
238
|
-
|
|
240
|
+
root_dir: 'optional - directory to save burp target config files (defaults to \"./\"))'
|
|
239
241
|
)
|
|
240
242
|
|
|
241
243
|
browser_obj = #{self}.login(
|