pwn 0.4.887 → 0.4.889
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +2 -2
- data/lib/pwn/plugins/sock.rb +17 -4
- data/lib/pwn/version.rb +1 -1
- metadata +3 -3
- /data/bin/{pwn_graphql_introspection_detector → pwn_shodan_graphql_introspection} +0 -0
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 69484c812ad4eca31e6d5adbed96aabfb49561bd60488fbac1a3ea0bb78fd49f
|
|
4
|
+
data.tar.gz: ea49ea2042bffe392f99ac3a7af4be3823db59ad502c1f8a42d885ce3e4b743a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: e3732f05721c2f8cddf8ffc87f2fdd07106a6cec70bbb721a53e41ae7485efd13598f21f2e77eb70184dea52e8101676da6a406652eb58e6f6bde15c9d3e0f8a
|
|
7
|
+
data.tar.gz: 1f0a843073ada056e110c321747a684269b830823f20586719995f978f5895d8310802c06a2b9e2b68d86ef98e3fda481ba13d42389cc2c31875043da30dd550
|
data/README.md
CHANGED
|
@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
|
37
37
|
$ rvm list gemsets
|
|
38
38
|
$ gem install --verbose pwn
|
|
39
39
|
$ pwn
|
|
40
|
-
pwn[v0.4.
|
|
40
|
+
pwn[v0.4.889]:001 >>> PWN.help
|
|
41
41
|
```
|
|
42
42
|
|
|
43
43
|
[](https://youtu.be/G7iLUY4FzsI)
|
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
|
53
53
|
$ gem install --verbose pwn
|
|
54
54
|
$ pwn
|
|
55
|
-
pwn[v0.4.
|
|
55
|
+
pwn[v0.4.889]:001 >>> PWN.help
|
|
56
56
|
```
|
|
57
57
|
|
|
58
58
|
|
data/lib/pwn/plugins/sock.rb
CHANGED
|
@@ -26,8 +26,12 @@ module PWN
|
|
|
26
26
|
|
|
27
27
|
# TODO: Add proxy support
|
|
28
28
|
|
|
29
|
-
|
|
30
|
-
|
|
29
|
+
if opts[:tls]
|
|
30
|
+
tls = true
|
|
31
|
+
tls_attempt = 1 unless tls_attempt > 1
|
|
32
|
+
tls_min_version = OpenSSL::SSL::TLS1_VERSION
|
|
33
|
+
end
|
|
34
|
+
tls = false unless opts[:tls]
|
|
31
35
|
|
|
32
36
|
case protocol
|
|
33
37
|
when :tcp
|
|
@@ -35,6 +39,8 @@ module PWN
|
|
|
35
39
|
sock = TCPSocket.open(target, port)
|
|
36
40
|
tls_context = OpenSSL::SSL::SSLContext.new
|
|
37
41
|
tls_context.set_params(verify_mode: OpenSSL::SSL::VERIFY_NONE)
|
|
42
|
+
tls_context.verify_hostname = false
|
|
43
|
+
tls_context.min_proto_version = tls_min_version
|
|
38
44
|
tls_sock = OpenSSL::SSL::SSLSocket.new(sock, tls_context)
|
|
39
45
|
sock_obj = tls_sock.connect
|
|
40
46
|
else
|
|
@@ -48,6 +54,15 @@ module PWN
|
|
|
48
54
|
end
|
|
49
55
|
|
|
50
56
|
sock_obj
|
|
57
|
+
rescue OpenSSL::SSL::SSLError
|
|
58
|
+
tls_attempt += 1
|
|
59
|
+
|
|
60
|
+
tls_min_version = OpenSSL::SSL::TLS1_1_VERSION if tls_attempt == 2
|
|
61
|
+
tls_min_version = OpenSSL::SSL::TLS1_2_VERSION if tls_attempt == 3
|
|
62
|
+
tls_min_version = OpenSSL::SSL::TLS1_3_VERSION if tls_attempt == 4
|
|
63
|
+
|
|
64
|
+
retry if tls_attempt < 5
|
|
65
|
+
raise e if tls_attempt > 4
|
|
51
66
|
rescue StandardError => e
|
|
52
67
|
sock_obj = disconnect(sock_obj: sock_obj) unless sock_obj.nil?
|
|
53
68
|
raise e
|
|
@@ -188,8 +203,6 @@ module PWN
|
|
|
188
203
|
)
|
|
189
204
|
tls_sock_obj.sync_close = true
|
|
190
205
|
tls_sock_obj.peer_cert
|
|
191
|
-
rescue OpenSSL::SSL::SSLError
|
|
192
|
-
false
|
|
193
206
|
rescue StandardError => e
|
|
194
207
|
raise e
|
|
195
208
|
ensure
|
data/lib/pwn/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: pwn
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.4.
|
|
4
|
+
version: 0.4.889
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- 0day Inc.
|
|
@@ -1167,7 +1167,6 @@ executables:
|
|
|
1167
1167
|
- pwn_diff_csv_files_w_column_exclude
|
|
1168
1168
|
- pwn_domain_reversewhois
|
|
1169
1169
|
- pwn_fuzz_net_app_proto
|
|
1170
|
-
- pwn_graphql_introspection_detector
|
|
1171
1170
|
- pwn_ibm_appscan_enterprise
|
|
1172
1171
|
- pwn_jenkins_create_job
|
|
1173
1172
|
- pwn_jenkins_create_view
|
|
@@ -1190,6 +1189,7 @@ executables:
|
|
|
1190
1189
|
- pwn_serial_msr206
|
|
1191
1190
|
- pwn_serial_qualcomm_commands
|
|
1192
1191
|
- pwn_serial_son_micro_sm132_rfid
|
|
1192
|
+
- pwn_shodan_graphql_introspection
|
|
1193
1193
|
- pwn_shodan_search
|
|
1194
1194
|
- pwn_simple_http_server
|
|
1195
1195
|
- pwn_web_cache_deception
|
|
@@ -1234,7 +1234,6 @@ files:
|
|
|
1234
1234
|
- bin/pwn_diff_csv_files_w_column_exclude
|
|
1235
1235
|
- bin/pwn_domain_reversewhois
|
|
1236
1236
|
- bin/pwn_fuzz_net_app_proto
|
|
1237
|
-
- bin/pwn_graphql_introspection_detector
|
|
1238
1237
|
- bin/pwn_ibm_appscan_enterprise
|
|
1239
1238
|
- bin/pwn_jenkins_create_job
|
|
1240
1239
|
- bin/pwn_jenkins_create_view
|
|
@@ -1257,6 +1256,7 @@ files:
|
|
|
1257
1256
|
- bin/pwn_serial_msr206
|
|
1258
1257
|
- bin/pwn_serial_qualcomm_commands
|
|
1259
1258
|
- bin/pwn_serial_son_micro_sm132_rfid
|
|
1259
|
+
- bin/pwn_shodan_graphql_introspection
|
|
1260
1260
|
- bin/pwn_shodan_search
|
|
1261
1261
|
- bin/pwn_simple_http_server
|
|
1262
1262
|
- bin/pwn_web_cache_deception
|
|
File without changes
|