pwn 0.4.888 → 0.4.890

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +2 -2
  3. data/lib/pwn/plugins/sock.rb +18 -2
  4. data/lib/pwn/version.rb +1 -1
  5. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 5c9290a5c2e09f3306dfebf9d4a557f5ee9d63ab0a909650af515c99fccdf7a1
4
- data.tar.gz: 9ef4d20e21c19bca22c9c678b50dcad41ab00747a09c9a059f06f58ec70d2721
3
+ metadata.gz: 0aee03438505f988dec845794f77b90774cfef10302079fd6330d22186a9d1fa
4
+ data.tar.gz: 54df3539d445d219efc550df5d52d16fd888e3246fcd00a2dd495cb1dabd6b1e
5
5
  SHA512:
6
- metadata.gz: 3207380842882ae96d64db682b3f1016963a551aa9757f56c29daa0472a2e7856899f5e1a328409ed88fd6e233fb7f06ba6bb92ccdc58bd2ffa78d969f209a3c
7
- data.tar.gz: db6d6deac66c00462f27cdb1e89c8a363a01338969489762f5d3d8b3803df66167b606ad78548bf95ebd6eb9eef22235e4d80e491993aacb93a97684ce12777a
6
+ metadata.gz: c6a2b62ee06d843941dfe74ccb18ad3c5bbabeb32cd1a91a8aa590c8713a7ef7193434253bd67aa266a2adaa5e760217d598470c546e1e67aa28d252e5cc6b1b
7
+ data.tar.gz: 79aebd2e519c689f5b362a2e0cc3dde1522267850d64702090607cb129bbf14e6a8bdf4cbe0841999c62b25f9c9d1f66fa03cb32d2c76bd38cfe537ba34f39a3
data/README.md CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
37
37
  $ rvm list gemsets
38
38
  $ gem install --verbose pwn
39
39
  $ pwn
40
- pwn[v0.4.888]:001 >>> PWN.help
40
+ pwn[v0.4.890]:001 >>> PWN.help
41
41
  ```
42
42
 
43
43
  [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
52
52
  $ gem uninstall --all --executables pwn
53
53
  $ gem install --verbose pwn
54
54
  $ pwn
55
- pwn[v0.4.888]:001 >>> PWN.help
55
+ pwn[v0.4.890]:001 >>> PWN.help
56
56
  ```
57
57
 
58
58
 
data/lib/pwn/plugins/sock.rb CHANGED
@@ -29,12 +29,16 @@ module PWN
29
29
  tls = true if opts[:tls]
30
30
  tls ||= false
31
31
 
32
+ tls_min_version = OpenSSL::SSL::TLS1_VERSION if tls_min_version.nil?
33
+
32
34
  case protocol
33
35
  when :tcp
34
36
  if tls
35
37
  sock = TCPSocket.open(target, port)
36
38
  tls_context = OpenSSL::SSL::SSLContext.new
37
39
  tls_context.set_params(verify_mode: OpenSSL::SSL::VERIFY_NONE)
40
+ tls_context.verify_hostname = false
41
+ tls_context.min_proto_version = tls_min_version
38
42
  tls_sock = OpenSSL::SSL::SSLSocket.new(sock, tls_context)
39
43
  sock_obj = tls_sock.connect
40
44
  else
@@ -48,6 +52,20 @@ module PWN
48
52
  end
49
53
 
50
54
  sock_obj
55
+ rescue OpenSSL::SSL::SSLError => e
56
+ tls_min_version = case tls_min_version
57
+ when OpenSSL::SSL::TLS1_VERSION
58
+ OpenSSL::SSL::TLS1_1_VERSION
59
+ when OpenSSL::SSL::TLS1_1_VERSION
60
+ OpenSSL::SSL::TLS1_2_VERSION
61
+ when OpenSSL::SSL::TLS1_2_VERSION
62
+ OpenSSL::SSL::TLS1_3_VERSION
63
+ else
64
+ :abort
65
+ end
66
+
67
+ retry unless tls_min_version == :abort
68
+ raise e if tls_min_version == :abort
51
69
  rescue StandardError => e
52
70
  sock_obj = disconnect(sock_obj: sock_obj) unless sock_obj.nil?
53
71
  raise e
@@ -188,8 +206,6 @@ module PWN
188
206
  )
189
207
  tls_sock_obj.sync_close = true
190
208
  tls_sock_obj.peer_cert
191
- rescue OpenSSL::SSL::SSLError
192
- false
193
209
  rescue StandardError => e
194
210
  raise e
195
211
  ensure
data/lib/pwn/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module PWN
4
- VERSION = '0.4.888'
4
+ VERSION = '0.4.890'
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pwn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.888
4
+ version: 0.4.890
5
5
  platform: ruby
6
6
  authors:
7
7
  - 0day Inc.