pwn 0.4.865 → 0.4.867

Sign up to get free protection for your applications and to get access to all the features.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/.rubocop_todo.yml +0 -6
  3. data/README.md +2 -2
  4. data/bin/pwn_shodan_search +0 -4
  5. data/lib/pwn/plugins/burp_suite.rb +2 -2
  6. data/lib/pwn/plugins/shodan.rb +16 -28
  7. data/lib/pwn/version.rb +1 -1
  8. data/lib/pwn/www/hacker_one.rb +18 -20
  9. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: da139fa7c3d5b1e27909f0b99942e9a524118f9ebe825d2716c8703b576d351a
4
- data.tar.gz: '0518c9a00bc10bfdea7af3366f40a0683959405d145ab253e1102c0a475f08a5'
3
+ metadata.gz: 145befe33721bfed27906af44b0adecb461cc720998bb2b0e67cec388cd09337
4
+ data.tar.gz: d2f13d2a283176bc2f27bc7321265e60b17ee9b0e260a0e5e98409c65cefeac1
5
5
  SHA512:
6
- metadata.gz: b081eaf40b453ae96682fc93d10e4f006ed7371b3c29ef10e6cb58fa12a763d74bfa491bb74a5752fef10ae4a52da6fc31b6f4fb08ebb661d9e324e754d476ed
7
- data.tar.gz: 208cb6d8ec5aa41ac1370df5eb3bd29406d91e38a2949c28782ab338411249295f66e4399974f7f62732a04b8eb876daaad91cc4fbf9359fea096d8a7090ca38
6
+ metadata.gz: 3a300155409cc978fc05c743d8a5e91261e93d712623c36adb0236d5c7ff718c0279d63e63654b4063ebd04ee4828792b052b5e25f503963142bdb479c2fccc6
7
+ data.tar.gz: ddfd5e53d6879c2747e5e41b39903ec77cdf67a6d391e79ed6b7e4a59e2d42b2a6d5c28386d5a7395ee84de9cf9ee8f696d72964294d8011fd3bdb9ec99fc349
data/.rubocop_todo.yml CHANGED
@@ -92,12 +92,6 @@ Style/IfUnlessModifier:
92
92
  - 'bin/pwn'
93
93
  - 'lib/pwn/plugins/baresip.rb'
94
94
 
95
- # Offense count: 1
96
- # This cop supports safe autocorrection (--autocorrect).
97
- Style/RedundantBegin:
98
- Exclude:
99
- - 'lib/pwn/www/hacker_one.rb'
100
-
101
95
  # Offense count: 95
102
96
  # This cop supports safe autocorrection (--autocorrect).
103
97
  Style/RedundantCondition:
data/README.md CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
37
37
  $ rvm list gemsets
38
38
  $ gem install --verbose pwn
39
39
  $ pwn
40
- pwn[v0.4.865]:001 >>> PWN.help
40
+ pwn[v0.4.867]:001 >>> PWN.help
41
41
  ```
42
42
 
43
43
  [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
52
52
  $ gem uninstall --all --executables pwn
53
53
  $ gem install --verbose pwn
54
54
  $ pwn
55
- pwn[v0.4.865]:001 >>> PWN.help
55
+ pwn[v0.4.867]:001 >>> PWN.help
56
56
  ```
57
57
 
58
58
 
data/bin/pwn_shodan_search CHANGED
@@ -84,10 +84,6 @@ begin
84
84
  end
85
85
  end
86
86
  File.write(raw_query_results_file, JSON.pretty_generate(raw_results_arr))
87
- rescue JSON::GeneratorError
88
- # Sometimes we get source sequence is illegal/malformed utf-8
89
- # errors, so we still attempt to write without pretty_generate
90
- File.write(raw_query_results_file, raw_results_arr.to_json)
91
87
  rescue SystemExit, Interrupt
92
88
  puts "\nGoodbye."
93
89
  end
data/lib/pwn/plugins/burp_suite.rb CHANGED
@@ -100,7 +100,7 @@ module PWN
100
100
  out_of_scope_arr = out_of_scope.select do |os|
101
101
  URI.parse(uri).scheme =~ /#{os[:protocol]}/ &&
102
102
  URI.parse(uri).host =~ /#{os[:host]}/ &&
103
- URI.parse(uri).path =~ /#{os[:file]}/
103
+ (URI.parse(uri).path =~ /#{os[:file]}/ || URI.parse(uri).path == '')
104
104
  end
105
105
  return false unless out_of_scope_arr.empty?
106
106
 
@@ -108,7 +108,7 @@ module PWN
108
108
  in_scope_arr = in_scope.select do |is|
109
109
  URI.parse(uri).scheme =~ /#{is[:protocol]}/ &&
110
110
  URI.parse(uri).host =~ /#{is[:host]}/ &&
111
- URI.parse(uri).path =~ /#{is[:file]}/
111
+ (URI.parse(uri).path =~ /#{is[:file]}/ || URI.parse(uri).path == '')
112
112
  end
113
113
  return false if in_scope_arr.empty?
114
114
 
data/lib/pwn/plugins/shodan.rb CHANGED
@@ -104,7 +104,7 @@ module PWN
104
104
  else
105
105
  raise @@logger.error("Unsupported HTTP Method #{http_method} for #{self} Plugin")
106
106
  end
107
- response
107
+ JSON.parse(response.scrub, symbolize_names: true)
108
108
  rescue RestClient::TooManyRequests
109
109
  print 'Too many requests. Sleeping 10s...'
110
110
  sleep 10
@@ -136,7 +136,7 @@ module PWN
136
136
  rest_call: "shodan/host/#{target_ip}",
137
137
  params: params
138
138
  )
139
- services_by_ips.push(JSON.parse(response, symbolize_names: true))
139
+ services_by_ips.push(response)
140
140
  rescue StandardError => e
141
141
  services_by_ips.push(error: e.message)
142
142
  next
@@ -172,12 +172,11 @@ module PWN
172
172
  }
173
173
  end
174
174
 
175
- response = shodan_rest_call(
175
+ shodan_rest_call(
176
176
  api_key: api_key,
177
177
  rest_call: 'shodan/host/count',
178
178
  params: params
179
179
  )
180
- JSON.parse(response, symbolize_names: true)
181
180
  rescue StandardError => e
182
181
  raise e
183
182
  end
@@ -207,12 +206,11 @@ module PWN
207
206
  }
208
207
  end
209
208
 
210
- response = shodan_rest_call(
209
+ shodan_rest_call(
211
210
  api_key: api_key,
212
211
  rest_call: 'shodan/host/search',
213
212
  params: params
214
213
  )
215
- JSON.parse(response, symbolize_names: true)
216
214
  rescue StandardError => e
217
215
  raise e
218
216
  end
@@ -232,12 +230,11 @@ module PWN
232
230
  query: query
233
231
  }
234
232
 
235
- response = shodan_rest_call(
233
+ shodan_rest_call(
236
234
  api_key: api_key,
237
235
  rest_call: 'shodan/host/search/tokens',
238
236
  params: params
239
237
  )
240
- JSON.parse(response, symbolize_names: true)
241
238
  rescue StandardError => e
242
239
  raise e
243
240
  end
@@ -251,12 +248,11 @@ module PWN
251
248
  api_key = opts[:api_key].to_s.scrub
252
249
 
253
250
  params = { key: api_key }
254
- response = shodan_rest_call(
251
+ shodan_rest_call(
255
252
  api_key: api_key,
256
253
  rest_call: 'shodan/ports',
257
254
  params: params
258
255
  )
259
- JSON.parse(response, symbolize_names: true)
260
256
  rescue StandardError => e
261
257
  raise e
262
258
  end
@@ -270,12 +266,11 @@ module PWN
270
266
  api_key = opts[:api_key].to_s.scrub
271
267
 
272
268
  params = { key: api_key }
273
- response = shodan_rest_call(
269
+ shodan_rest_call(
274
270
  api_key: api_key,
275
271
  rest_call: 'shodan/protocols',
276
272
  params: params
277
273
  )
278
- JSON.parse(response, symbolize_names: true)
279
274
  rescue StandardError => e
280
275
  raise e
281
276
  end
@@ -292,14 +287,13 @@ module PWN
292
287
 
293
288
  params = { key: api_key }
294
289
  http_body = "ips=#{target_ips}"
295
- response = shodan_rest_call(
290
+ shodan_rest_call(
296
291
  http_method: :post,
297
292
  api_key: api_key,
298
293
  rest_call: 'shodan/scan',
299
294
  params: params,
300
295
  http_body: http_body
301
296
  )
302
- JSON.parse(response, symbolize_names: true)
303
297
  rescue StandardError => e
304
298
  raise e
305
299
  end
@@ -318,14 +312,13 @@ module PWN
318
312
 
319
313
  params = { key: api_key }
320
314
  http_body = "port=#{port}&protocol=#{protocol}"
321
- response = shodan_rest_call(
315
+ shodan_rest_call(
322
316
  http_method: :post,
323
317
  api_key: api_key,
324
318
  rest_call: 'shodan/scan/internet',
325
319
  params: params,
326
320
  http_body: http_body
327
321
  )
328
- JSON.parse(response, symbolize_names: true)
329
322
  rescue StandardError => e
330
323
  raise e
331
324
  end
@@ -344,12 +337,11 @@ module PWN
344
337
  key: api_key
345
338
  }
346
339
 
347
- response = shodan_rest_call(
340
+ shodan_rest_call(
348
341
  api_key: api_key,
349
342
  rest_call: "shodan/scan/status/#{scan_id}",
350
343
  params: params
351
344
  )
352
- JSON.parse(response, symbolize_names: true)
353
345
  rescue StandardError => e
354
346
  raise e
355
347
  end
@@ -363,12 +355,11 @@ module PWN
363
355
  api_key = opts[:api_key].to_s.scrub
364
356
 
365
357
  params = { key: api_key }
366
- response = shodan_rest_call(
358
+ shodan_rest_call(
367
359
  api_key: api_key,
368
360
  rest_call: 'shodan/services',
369
361
  params: params
370
362
  )
371
- JSON.parse(response, symbolize_names: true)
372
363
  rescue StandardError => e
373
364
  raise e
374
365
  end
@@ -393,12 +384,12 @@ module PWN
393
384
  sort: sort.to_s,
394
385
  order: order.to_s
395
386
  }
396
- response = shodan_rest_call(
387
+
388
+ shodan_rest_call(
397
389
  api_key: api_key,
398
390
  rest_call: 'shodan/query',
399
391
  params: params
400
392
  )
401
- JSON.parse(response, symbolize_names: true)
402
393
  rescue StandardError => e
403
394
  raise e
404
395
  end
@@ -422,12 +413,11 @@ module PWN
422
413
  params = { key: api_key }
423
414
  end
424
415
 
425
- response = shodan_rest_call(
416
+ shodan_rest_call(
426
417
  api_key: api_key,
427
418
  rest_call: 'shodan/query/tags',
428
419
  params: params
429
420
  )
430
- JSON.parse(response, symbolize_names: true)
431
421
  rescue StandardError => e
432
422
  raise e
433
423
  end
@@ -441,12 +431,11 @@ module PWN
441
431
  api_key = opts[:api_key].to_s.scrub
442
432
 
443
433
  params = { key: api_key }
444
- response = shodan_rest_call(
434
+ shodan_rest_call(
445
435
  api_key: api_key,
446
436
  rest_call: 'account/profile',
447
437
  params: params
448
438
  )
449
- JSON.parse(response, symbolize_names: true)
450
439
  rescue StandardError => e
451
440
  raise e
452
441
  end
@@ -478,12 +467,11 @@ module PWN
478
467
  api_key = opts[:api_key].to_s.scrub
479
468
 
480
469
  params = { key: api_key }
481
- response = shodan_rest_call(
470
+ shodan_rest_call(
482
471
  api_key: api_key,
483
472
  rest_call: 'api-info',
484
473
  params: params
485
474
  )
486
- JSON.parse(response, symbolize_names: true)
487
475
  rescue StandardError => e
488
476
  raise e
489
477
  end
data/lib/pwn/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module PWN
4
- VERSION = '0.4.865'
4
+ VERSION = '0.4.867'
5
5
  end
data/lib/pwn/www/hacker_one.rb CHANGED
@@ -119,26 +119,24 @@ module PWN
119
119
  File.write(path, JSON.pretty_generate(json_resp))
120
120
  else
121
121
  programs_arr.each do |program|
122
- begin
123
- name = program[:name]
124
- burp_download_link = program[:burp_target_config]
125
- path = "./burp_target_config_file-#{name}.json" if opts[:root_dir].nil?
126
- path = "#{root_dir}/burp_target_config_file-#{name}.json" unless opts[:root_dir].nil?
127
-
128
- resp = rest_client.execute(
129
- method: :get,
130
- headers: { user_agent: user_agent },
131
- url: burp_download_link
132
- )
133
- json_resp = JSON.parse(resp.body)
134
-
135
- puts "Saving to: #{path}"
136
- File.write(path, JSON.pretty_generate(json_resp))
137
- rescue JSON::ParserError,
138
- RestClient::NotFound
139
- puts '-'
140
- next
141
- end
122
+ name = program[:name]
123
+ burp_download_link = program[:burp_target_config]
124
+ path = "./burp_target_config_file-#{name}.json" if opts[:root_dir].nil?
125
+ path = "#{root_dir}/burp_target_config_file-#{name}.json" unless opts[:root_dir].nil?
126
+
127
+ resp = rest_client.execute(
128
+ method: :get,
129
+ headers: { user_agent: user_agent },
130
+ url: burp_download_link
131
+ )
132
+ json_resp = JSON.parse(resp.body)
133
+
134
+ puts "Saving to: #{path}"
135
+ File.write(path, JSON.pretty_generate(json_resp))
136
+ rescue JSON::ParserError,
137
+ RestClient::NotFound
138
+ puts '-'
139
+ next
142
140
  end
143
141
  end
144
142
  puts 'complete.'
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pwn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.865
4
+ version: 0.4.867
5
5
  platform: ruby
6
6
  authors:
7
7
  - 0day Inc.