pwn 0.4.863 → 0.4.865
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +2 -2
- data/bin/pwn_shodan_search +4 -0
- data/lib/pwn/plugins/burp_suite.rb +48 -1
- data/lib/pwn/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: da139fa7c3d5b1e27909f0b99942e9a524118f9ebe825d2716c8703b576d351a
|
4
|
+
data.tar.gz: '0518c9a00bc10bfdea7af3366f40a0683959405d145ab253e1102c0a475f08a5'
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: b081eaf40b453ae96682fc93d10e4f006ed7371b3c29ef10e6cb58fa12a763d74bfa491bb74a5752fef10ae4a52da6fc31b6f4fb08ebb661d9e324e754d476ed
|
7
|
+
data.tar.gz: 208cb6d8ec5aa41ac1370df5eb3bd29406d91e38a2949c28782ab338411249295f66e4399974f7f62732a04b8eb876daaad91cc4fbf9359fea096d8a7090ca38
|
data/README.md
CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
37
37
|
$ rvm list gemsets
|
38
38
|
$ gem install --verbose pwn
|
39
39
|
$ pwn
|
40
|
-
pwn[v0.4.
|
40
|
+
pwn[v0.4.865]:001 >>> PWN.help
|
41
41
|
```
|
42
42
|
|
43
43
|
[![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
53
53
|
$ gem install --verbose pwn
|
54
54
|
$ pwn
|
55
|
-
pwn[v0.4.
|
55
|
+
pwn[v0.4.865]:001 >>> PWN.help
|
56
56
|
```
|
57
57
|
|
58
58
|
|
data/bin/pwn_shodan_search
CHANGED
@@ -84,6 +84,10 @@ begin
|
|
84
84
|
end
|
85
85
|
end
|
86
86
|
File.write(raw_query_results_file, JSON.pretty_generate(raw_results_arr))
|
87
|
+
rescue JSON::GeneratorError
|
88
|
+
# Sometimes we get source sequence is illegal/malformed utf-8
|
89
|
+
# errors, so we still attempt to write without pretty_generate
|
90
|
+
File.write(raw_query_results_file, raw_results_arr.to_json)
|
87
91
|
rescue SystemExit, Interrupt
|
88
92
|
puts "\nGoodbye."
|
89
93
|
end
|
@@ -1,7 +1,9 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
require 'socket'
|
4
3
|
require 'base64'
|
4
|
+
require 'json'
|
5
|
+
require 'socket'
|
6
|
+
require 'uri'
|
5
7
|
|
6
8
|
module PWN
|
7
9
|
module Plugins
|
@@ -76,6 +78,45 @@ module PWN
|
|
76
78
|
raise e
|
77
79
|
end
|
78
80
|
|
81
|
+
# Supported Method Parameters::
|
82
|
+
# uri_in_scope_bool = PWN::Plugins::BurpSuite.uri_in_scope(
|
83
|
+
# target_config: 'required - path to burp suite pro target config JSON file',
|
84
|
+
# uri: 'required - URI to determine if in scope'
|
85
|
+
# )
|
86
|
+
|
87
|
+
public_class_method def self.uri_in_scope(opts = {})
|
88
|
+
target_config = opts[:target_config]
|
89
|
+
raise 'ERROR: target_config does not exist' unless File.exist?(target_config)
|
90
|
+
|
91
|
+
uri = opts[:uri]
|
92
|
+
raise 'ERROR: uri parameter is required' if uri.nil?
|
93
|
+
|
94
|
+
target_config_json = JSON.parse(
|
95
|
+
File.read(target_config),
|
96
|
+
symbolize_names: true
|
97
|
+
)
|
98
|
+
|
99
|
+
out_of_scope = target_config_json[:target][:scope][:exclude]
|
100
|
+
out_of_scope_arr = out_of_scope.select do |os|
|
101
|
+
URI.parse(uri).scheme =~ /#{os[:protocol]}/ &&
|
102
|
+
URI.parse(uri).host =~ /#{os[:host]}/ &&
|
103
|
+
URI.parse(uri).path =~ /#{os[:file]}/
|
104
|
+
end
|
105
|
+
return false unless out_of_scope_arr.empty?
|
106
|
+
|
107
|
+
in_scope = target_config_json[:target][:scope][:include]
|
108
|
+
in_scope_arr = in_scope.select do |is|
|
109
|
+
URI.parse(uri).scheme =~ /#{is[:protocol]}/ &&
|
110
|
+
URI.parse(uri).host =~ /#{is[:host]}/ &&
|
111
|
+
URI.parse(uri).path =~ /#{is[:file]}/
|
112
|
+
end
|
113
|
+
return false if in_scope_arr.empty?
|
114
|
+
|
115
|
+
true
|
116
|
+
rescue StandardError => e
|
117
|
+
raise e
|
118
|
+
end
|
119
|
+
|
79
120
|
# Supported Method Parameters::
|
80
121
|
# PWN::Plugins::BurpSuite.enable_proxy(
|
81
122
|
# burp_obj: 'required - burp_obj returned by #start method'
|
@@ -311,6 +352,12 @@ module PWN
|
|
311
352
|
burp_jar_path: 'required - path of burp suite pro jar file',
|
312
353
|
headless: 'optional - run headless if set to true',
|
313
354
|
browser_type: 'optional - defaults to :firefox. See PWN::Plugins::TransparentBrowser.help for a list of types',
|
355
|
+
target_config: 'optional - path to burp suite pro target config JSON file'
|
356
|
+
)
|
357
|
+
|
358
|
+
uri_in_scope_bool = #{self}.uri_in_scope(
|
359
|
+
target_config: 'required - path to burp suite pro target config JSON file',
|
360
|
+
uri: 'required - URI to determine if in scope'
|
314
361
|
)
|
315
362
|
|
316
363
|
#{self}.enable_proxy(
|
data/lib/pwn/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: pwn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.4.
|
4
|
+
version: 0.4.865
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- 0day Inc.
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-08-
|
11
|
+
date: 2023-08-23 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|