pwn 0.4.863 → 0.4.865

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: a28a1b0e7b97ef6739326da0d162f8e73405313eb847f76cb0b43416ad440d77
4
- data.tar.gz: 97cbcfd6fe13f9f53a28c0528fe2d76c84826fabc0eb9db682f4aeb8cd9e2b8e
3
+ metadata.gz: da139fa7c3d5b1e27909f0b99942e9a524118f9ebe825d2716c8703b576d351a
4
+ data.tar.gz: '0518c9a00bc10bfdea7af3366f40a0683959405d145ab253e1102c0a475f08a5'
5
5
  SHA512:
6
- metadata.gz: c58e456fe963d1f42bdf1cc25343c472a09dd083440f0b22e23099b9960724251b16567c1c7645e8299d3fea4b5c50b46a98bbe271f862387686f152ca87f057
7
- data.tar.gz: 36cf6c132c3381386842f3e631040e6936a2812f450614d2149a5892f33028311748e2ee9ceee3e969b3629bcd316055d62f5eca949f86b7aaf00e69bf2fc87c
6
+ metadata.gz: b081eaf40b453ae96682fc93d10e4f006ed7371b3c29ef10e6cb58fa12a763d74bfa491bb74a5752fef10ae4a52da6fc31b6f4fb08ebb661d9e324e754d476ed
7
+ data.tar.gz: 208cb6d8ec5aa41ac1370df5eb3bd29406d91e38a2949c28782ab338411249295f66e4399974f7f62732a04b8eb876daaad91cc4fbf9359fea096d8a7090ca38
data/README.md CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
37
37
  $ rvm list gemsets
38
38
  $ gem install --verbose pwn
39
39
  $ pwn
40
- pwn[v0.4.863]:001 >>> PWN.help
40
+ pwn[v0.4.865]:001 >>> PWN.help
41
41
  ```
42
42
 
43
43
  [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
52
52
  $ gem uninstall --all --executables pwn
53
53
  $ gem install --verbose pwn
54
54
  $ pwn
55
- pwn[v0.4.863]:001 >>> PWN.help
55
+ pwn[v0.4.865]:001 >>> PWN.help
56
56
  ```
57
57
 
58
58
 
@@ -84,6 +84,10 @@ begin
84
84
  end
85
85
  end
86
86
  File.write(raw_query_results_file, JSON.pretty_generate(raw_results_arr))
87
+ rescue JSON::GeneratorError
88
+ # Sometimes we get source sequence is illegal/malformed utf-8
89
+ # errors, so we still attempt to write without pretty_generate
90
+ File.write(raw_query_results_file, raw_results_arr.to_json)
87
91
  rescue SystemExit, Interrupt
88
92
  puts "\nGoodbye."
89
93
  end
@@ -1,7 +1,9 @@
1
1
  # frozen_string_literal: true
2
2
 
3
- require 'socket'
4
3
  require 'base64'
4
+ require 'json'
5
+ require 'socket'
6
+ require 'uri'
5
7
 
6
8
  module PWN
7
9
  module Plugins
@@ -76,6 +78,45 @@ module PWN
76
78
  raise e
77
79
  end
78
80
 
81
+ # Supported Method Parameters::
82
+ # uri_in_scope_bool = PWN::Plugins::BurpSuite.uri_in_scope(
83
+ # target_config: 'required - path to burp suite pro target config JSON file',
84
+ # uri: 'required - URI to determine if in scope'
85
+ # )
86
+
87
+ public_class_method def self.uri_in_scope(opts = {})
88
+ target_config = opts[:target_config]
89
+ raise 'ERROR: target_config does not exist' unless File.exist?(target_config)
90
+
91
+ uri = opts[:uri]
92
+ raise 'ERROR: uri parameter is required' if uri.nil?
93
+
94
+ target_config_json = JSON.parse(
95
+ File.read(target_config),
96
+ symbolize_names: true
97
+ )
98
+
99
+ out_of_scope = target_config_json[:target][:scope][:exclude]
100
+ out_of_scope_arr = out_of_scope.select do |os|
101
+ URI.parse(uri).scheme =~ /#{os[:protocol]}/ &&
102
+ URI.parse(uri).host =~ /#{os[:host]}/ &&
103
+ URI.parse(uri).path =~ /#{os[:file]}/
104
+ end
105
+ return false unless out_of_scope_arr.empty?
106
+
107
+ in_scope = target_config_json[:target][:scope][:include]
108
+ in_scope_arr = in_scope.select do |is|
109
+ URI.parse(uri).scheme =~ /#{is[:protocol]}/ &&
110
+ URI.parse(uri).host =~ /#{is[:host]}/ &&
111
+ URI.parse(uri).path =~ /#{is[:file]}/
112
+ end
113
+ return false if in_scope_arr.empty?
114
+
115
+ true
116
+ rescue StandardError => e
117
+ raise e
118
+ end
119
+
79
120
  # Supported Method Parameters::
80
121
  # PWN::Plugins::BurpSuite.enable_proxy(
81
122
  # burp_obj: 'required - burp_obj returned by #start method'
@@ -311,6 +352,12 @@ module PWN
311
352
  burp_jar_path: 'required - path of burp suite pro jar file',
312
353
  headless: 'optional - run headless if set to true',
313
354
  browser_type: 'optional - defaults to :firefox. See PWN::Plugins::TransparentBrowser.help for a list of types',
355
+ target_config: 'optional - path to burp suite pro target config JSON file'
356
+ )
357
+
358
+ uri_in_scope_bool = #{self}.uri_in_scope(
359
+ target_config: 'required - path to burp suite pro target config JSON file',
360
+ uri: 'required - URI to determine if in scope'
314
361
  )
315
362
 
316
363
  #{self}.enable_proxy(
data/lib/pwn/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module PWN
4
- VERSION = '0.4.863'
4
+ VERSION = '0.4.865'
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pwn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.863
4
+ version: 0.4.865
5
5
  platform: ruby
6
6
  authors:
7
7
  - 0day Inc.
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-08-22 00:00:00.000000000 Z
11
+ date: 2023-08-23 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport