pwn 0.4.862 → 0.4.864
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +2 -2
- data/lib/pwn/plugins/burp_suite.rb +48 -1
- data/lib/pwn/plugins/transparent_browser.rb +1 -1
- data/lib/pwn/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 33c1ab6f74eec4b541eda25e8c781ec5abdd91f6bf70d48a97e1dbbb00475801
|
|
4
|
+
data.tar.gz: 64b51527b2b15ea762d52c91c346dbc3c1aa6b14ee16072c5b0c09219e390dd9
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: e26153a1806be58722177c4ad4afedcd0b5bf6aee0a1a4bf715fa8291c66d1689c4c5238ac871fe8f12103f3240fbd462ab3ba33586f381a293546a0ce192187
|
|
7
|
+
data.tar.gz: 54970b745a9a4af74bd718b0d2a35c96718dbfdb35cc322c1a77ea8ae0e4b6fe099a3e8863968b7fa7b71ac1fae97d6532ce1a715d20387fb1174d661a4ac763
|
data/README.md
CHANGED
|
@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
|
37
37
|
$ rvm list gemsets
|
|
38
38
|
$ gem install --verbose pwn
|
|
39
39
|
$ pwn
|
|
40
|
-
pwn[v0.4.
|
|
40
|
+
pwn[v0.4.864]:001 >>> PWN.help
|
|
41
41
|
```
|
|
42
42
|
|
|
43
43
|
[](https://youtu.be/G7iLUY4FzsI)
|
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
|
53
53
|
$ gem install --verbose pwn
|
|
54
54
|
$ pwn
|
|
55
|
-
pwn[v0.4.
|
|
55
|
+
pwn[v0.4.864]:001 >>> PWN.help
|
|
56
56
|
```
|
|
57
57
|
|
|
58
58
|
|
|
@@ -1,7 +1,9 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
|
-
require 'socket'
|
|
4
3
|
require 'base64'
|
|
4
|
+
require 'json'
|
|
5
|
+
require 'socket'
|
|
6
|
+
require 'uri'
|
|
5
7
|
|
|
6
8
|
module PWN
|
|
7
9
|
module Plugins
|
|
@@ -76,6 +78,45 @@ module PWN
|
|
|
76
78
|
raise e
|
|
77
79
|
end
|
|
78
80
|
|
|
81
|
+
# Supported Method Parameters::
|
|
82
|
+
# uri_in_scope_bool = PWN::Plugins::BurpSuite.uri_in_scope(
|
|
83
|
+
# target_config: 'required - path to burp suite pro target config JSON file',
|
|
84
|
+
# uri: 'required - URI to determine if in scope'
|
|
85
|
+
# )
|
|
86
|
+
|
|
87
|
+
public_class_method def self.uri_in_scope(opts = {})
|
|
88
|
+
target_config = opts[:target_config]
|
|
89
|
+
raise 'ERROR: target_config does not exist' unless File.exist?(target_config)
|
|
90
|
+
|
|
91
|
+
uri = opts[:uri]
|
|
92
|
+
raise 'ERROR: uri parameter is required' if uri.nil?
|
|
93
|
+
|
|
94
|
+
target_config_json = JSON.parse(
|
|
95
|
+
File.read(target_config),
|
|
96
|
+
symbolize_names: true
|
|
97
|
+
)
|
|
98
|
+
|
|
99
|
+
out_of_scope = target_config_json[:target][:scope][:exclude]
|
|
100
|
+
out_of_scope_arr = out_of_scope.select do |os|
|
|
101
|
+
URI.parse(uri).scheme =~ /#{os[:protocol]}/ &&
|
|
102
|
+
URI.parse(uri).host =~ /#{os[:host]}/ &&
|
|
103
|
+
URI.parse(uri).path =~ /#{os[:file]}/
|
|
104
|
+
end
|
|
105
|
+
return false unless out_of_scope_arr.empty?
|
|
106
|
+
|
|
107
|
+
in_scope = target_config_json[:target][:scope][:include]
|
|
108
|
+
in_scope_arr = in_scope.select do |is|
|
|
109
|
+
URI.parse(uri).scheme =~ /#{is[:protocol]}/ &&
|
|
110
|
+
URI.parse(uri).host =~ /#{is[:host]}/ &&
|
|
111
|
+
URI.parse(uri).path =~ /#{is[:file]}/
|
|
112
|
+
end
|
|
113
|
+
return false if in_scope_arr.empty?
|
|
114
|
+
|
|
115
|
+
true
|
|
116
|
+
rescue StandardError => e
|
|
117
|
+
raise e
|
|
118
|
+
end
|
|
119
|
+
|
|
79
120
|
# Supported Method Parameters::
|
|
80
121
|
# PWN::Plugins::BurpSuite.enable_proxy(
|
|
81
122
|
# burp_obj: 'required - burp_obj returned by #start method'
|
|
@@ -311,6 +352,12 @@ module PWN
|
|
|
311
352
|
burp_jar_path: 'required - path of burp suite pro jar file',
|
|
312
353
|
headless: 'optional - run headless if set to true',
|
|
313
354
|
browser_type: 'optional - defaults to :firefox. See PWN::Plugins::TransparentBrowser.help for a list of types',
|
|
355
|
+
target_config: 'optional - path to burp suite pro target config JSON file'
|
|
356
|
+
)
|
|
357
|
+
|
|
358
|
+
uri_in_scope_bool = #{self}.uri_in_scope(
|
|
359
|
+
target_config: 'required - path to burp suite pro target config JSON file',
|
|
360
|
+
uri: 'required - URI to determine if in scope'
|
|
314
361
|
)
|
|
315
362
|
|
|
316
363
|
#{self}.enable_proxy(
|
|
@@ -284,7 +284,7 @@ module PWN
|
|
|
284
284
|
browser_obj = opts[:browser_obj]
|
|
285
285
|
text = opts[:text].to_s
|
|
286
286
|
|
|
287
|
-
elements_found = browser_obj[:browser].elements.
|
|
287
|
+
elements_found = browser_obj[:browser].elements.select do |element|
|
|
288
288
|
element.text == text
|
|
289
289
|
end
|
|
290
290
|
|
data/lib/pwn/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: pwn
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.4.
|
|
4
|
+
version: 0.4.864
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- 0day Inc.
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-08-
|
|
11
|
+
date: 2023-08-23 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activesupport
|