pwn 0.4.863 → 0.4.865

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +2 -2
  3. data/bin/pwn_shodan_search +4 -0
  4. data/lib/pwn/plugins/burp_suite.rb +48 -1
  5. data/lib/pwn/version.rb +1 -1
  6. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: a28a1b0e7b97ef6739326da0d162f8e73405313eb847f76cb0b43416ad440d77
4
- data.tar.gz: 97cbcfd6fe13f9f53a28c0528fe2d76c84826fabc0eb9db682f4aeb8cd9e2b8e
3
+ metadata.gz: da139fa7c3d5b1e27909f0b99942e9a524118f9ebe825d2716c8703b576d351a
4
+ data.tar.gz: '0518c9a00bc10bfdea7af3366f40a0683959405d145ab253e1102c0a475f08a5'
5
5
  SHA512:
6
- metadata.gz: c58e456fe963d1f42bdf1cc25343c472a09dd083440f0b22e23099b9960724251b16567c1c7645e8299d3fea4b5c50b46a98bbe271f862387686f152ca87f057
7
- data.tar.gz: 36cf6c132c3381386842f3e631040e6936a2812f450614d2149a5892f33028311748e2ee9ceee3e969b3629bcd316055d62f5eca949f86b7aaf00e69bf2fc87c
6
+ metadata.gz: b081eaf40b453ae96682fc93d10e4f006ed7371b3c29ef10e6cb58fa12a763d74bfa491bb74a5752fef10ae4a52da6fc31b6f4fb08ebb661d9e324e754d476ed
7
+ data.tar.gz: 208cb6d8ec5aa41ac1370df5eb3bd29406d91e38a2949c28782ab338411249295f66e4399974f7f62732a04b8eb876daaad91cc4fbf9359fea096d8a7090ca38
data/README.md CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
37
37
  $ rvm list gemsets
38
38
  $ gem install --verbose pwn
39
39
  $ pwn
40
- pwn[v0.4.863]:001 >>> PWN.help
40
+ pwn[v0.4.865]:001 >>> PWN.help
41
41
  ```
42
42
 
43
43
  [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
52
52
  $ gem uninstall --all --executables pwn
53
53
  $ gem install --verbose pwn
54
54
  $ pwn
55
- pwn[v0.4.863]:001 >>> PWN.help
55
+ pwn[v0.4.865]:001 >>> PWN.help
56
56
  ```
57
57
 
58
58
 
data/bin/pwn_shodan_search CHANGED
@@ -84,6 +84,10 @@ begin
84
84
  end
85
85
  end
86
86
  File.write(raw_query_results_file, JSON.pretty_generate(raw_results_arr))
87
+ rescue JSON::GeneratorError
88
+ # Sometimes we get source sequence is illegal/malformed utf-8
89
+ # errors, so we still attempt to write without pretty_generate
90
+ File.write(raw_query_results_file, raw_results_arr.to_json)
87
91
  rescue SystemExit, Interrupt
88
92
  puts "\nGoodbye."
89
93
  end
data/lib/pwn/plugins/burp_suite.rb CHANGED
@@ -1,7 +1,9 @@
1
1
  # frozen_string_literal: true
2
2
 
3
- require 'socket'
4
3
  require 'base64'
4
+ require 'json'
5
+ require 'socket'
6
+ require 'uri'
5
7
 
6
8
  module PWN
7
9
  module Plugins
@@ -76,6 +78,45 @@ module PWN
76
78
  raise e
77
79
  end
78
80
 
81
+ # Supported Method Parameters::
82
+ # uri_in_scope_bool = PWN::Plugins::BurpSuite.uri_in_scope(
83
+ # target_config: 'required - path to burp suite pro target config JSON file',
84
+ # uri: 'required - URI to determine if in scope'
85
+ # )
86
+
87
+ public_class_method def self.uri_in_scope(opts = {})
88
+ target_config = opts[:target_config]
89
+ raise 'ERROR: target_config does not exist' unless File.exist?(target_config)
90
+
91
+ uri = opts[:uri]
92
+ raise 'ERROR: uri parameter is required' if uri.nil?
93
+
94
+ target_config_json = JSON.parse(
95
+ File.read(target_config),
96
+ symbolize_names: true
97
+ )
98
+
99
+ out_of_scope = target_config_json[:target][:scope][:exclude]
100
+ out_of_scope_arr = out_of_scope.select do |os|
101
+ URI.parse(uri).scheme =~ /#{os[:protocol]}/ &&
102
+ URI.parse(uri).host =~ /#{os[:host]}/ &&
103
+ URI.parse(uri).path =~ /#{os[:file]}/
104
+ end
105
+ return false unless out_of_scope_arr.empty?
106
+
107
+ in_scope = target_config_json[:target][:scope][:include]
108
+ in_scope_arr = in_scope.select do |is|
109
+ URI.parse(uri).scheme =~ /#{is[:protocol]}/ &&
110
+ URI.parse(uri).host =~ /#{is[:host]}/ &&
111
+ URI.parse(uri).path =~ /#{is[:file]}/
112
+ end
113
+ return false if in_scope_arr.empty?
114
+
115
+ true
116
+ rescue StandardError => e
117
+ raise e
118
+ end
119
+
79
120
  # Supported Method Parameters::
80
121
  # PWN::Plugins::BurpSuite.enable_proxy(
81
122
  # burp_obj: 'required - burp_obj returned by #start method'
@@ -311,6 +352,12 @@ module PWN
311
352
  burp_jar_path: 'required - path of burp suite pro jar file',
312
353
  headless: 'optional - run headless if set to true',
313
354
  browser_type: 'optional - defaults to :firefox. See PWN::Plugins::TransparentBrowser.help for a list of types',
355
+ target_config: 'optional - path to burp suite pro target config JSON file'
356
+ )
357
+
358
+ uri_in_scope_bool = #{self}.uri_in_scope(
359
+ target_config: 'required - path to burp suite pro target config JSON file',
360
+ uri: 'required - URI to determine if in scope'
314
361
  )
315
362
 
316
363
  #{self}.enable_proxy(
data/lib/pwn/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module PWN
4
- VERSION = '0.4.863'
4
+ VERSION = '0.4.865'
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pwn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.863
4
+ version: 0.4.865
5
5
  platform: ruby
6
6
  authors:
7
7
  - 0day Inc.
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-08-22 00:00:00.000000000 Z
11
+ date: 2023-08-23 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport