pwn 0.4.888 → 0.4.890

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +2 -2
  3. data/lib/pwn/plugins/sock.rb +18 -2
  4. data/lib/pwn/version.rb +1 -1
  5. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 5c9290a5c2e09f3306dfebf9d4a557f5ee9d63ab0a909650af515c99fccdf7a1
4
- data.tar.gz: 9ef4d20e21c19bca22c9c678b50dcad41ab00747a09c9a059f06f58ec70d2721
3
+ metadata.gz: 0aee03438505f988dec845794f77b90774cfef10302079fd6330d22186a9d1fa
4
+ data.tar.gz: 54df3539d445d219efc550df5d52d16fd888e3246fcd00a2dd495cb1dabd6b1e
5
5
  SHA512:
6
- metadata.gz: 3207380842882ae96d64db682b3f1016963a551aa9757f56c29daa0472a2e7856899f5e1a328409ed88fd6e233fb7f06ba6bb92ccdc58bd2ffa78d969f209a3c
7
- data.tar.gz: db6d6deac66c00462f27cdb1e89c8a363a01338969489762f5d3d8b3803df66167b606ad78548bf95ebd6eb9eef22235e4d80e491993aacb93a97684ce12777a
6
+ metadata.gz: c6a2b62ee06d843941dfe74ccb18ad3c5bbabeb32cd1a91a8aa590c8713a7ef7193434253bd67aa266a2adaa5e760217d598470c546e1e67aa28d252e5cc6b1b
7
+ data.tar.gz: 79aebd2e519c689f5b362a2e0cc3dde1522267850d64702090607cb129bbf14e6a8bdf4cbe0841999c62b25f9c9d1f66fa03cb32d2c76bd38cfe537ba34f39a3
data/README.md CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
37
37
  $ rvm list gemsets
38
38
  $ gem install --verbose pwn
39
39
  $ pwn
40
- pwn[v0.4.888]:001 >>> PWN.help
40
+ pwn[v0.4.890]:001 >>> PWN.help
41
41
  ```
42
42
 
43
43
  [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
52
52
  $ gem uninstall --all --executables pwn
53
53
  $ gem install --verbose pwn
54
54
  $ pwn
55
- pwn[v0.4.888]:001 >>> PWN.help
55
+ pwn[v0.4.890]:001 >>> PWN.help
56
56
  ```
57
57
 
58
58
 
data/lib/pwn/plugins/sock.rb CHANGED
@@ -29,12 +29,16 @@ module PWN
29
29
  tls = true if opts[:tls]
30
30
  tls ||= false
31
31
 
32
+ tls_min_version = OpenSSL::SSL::TLS1_VERSION if tls_min_version.nil?
33
+
32
34
  case protocol
33
35
  when :tcp
34
36
  if tls
35
37
  sock = TCPSocket.open(target, port)
36
38
  tls_context = OpenSSL::SSL::SSLContext.new
37
39
  tls_context.set_params(verify_mode: OpenSSL::SSL::VERIFY_NONE)
40
+ tls_context.verify_hostname = false
41
+ tls_context.min_proto_version = tls_min_version
38
42
  tls_sock = OpenSSL::SSL::SSLSocket.new(sock, tls_context)
39
43
  sock_obj = tls_sock.connect
40
44
  else
@@ -48,6 +52,20 @@ module PWN
48
52
  end
49
53
 
50
54
  sock_obj
55
+ rescue OpenSSL::SSL::SSLError => e
56
+ tls_min_version = case tls_min_version
57
+ when OpenSSL::SSL::TLS1_VERSION
58
+ OpenSSL::SSL::TLS1_1_VERSION
59
+ when OpenSSL::SSL::TLS1_1_VERSION
60
+ OpenSSL::SSL::TLS1_2_VERSION
61
+ when OpenSSL::SSL::TLS1_2_VERSION
62
+ OpenSSL::SSL::TLS1_3_VERSION
63
+ else
64
+ :abort
65
+ end
66
+
67
+ retry unless tls_min_version == :abort
68
+ raise e if tls_min_version == :abort
51
69
  rescue StandardError => e
52
70
  sock_obj = disconnect(sock_obj: sock_obj) unless sock_obj.nil?
53
71
  raise e
@@ -188,8 +206,6 @@ module PWN
188
206
  )
189
207
  tls_sock_obj.sync_close = true
190
208
  tls_sock_obj.peer_cert
191
- rescue OpenSSL::SSL::SSLError
192
- false
193
209
  rescue StandardError => e
194
210
  raise e
195
211
  ensure
data/lib/pwn/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module PWN
4
- VERSION = '0.4.888'
4
+ VERSION = '0.4.890'
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pwn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.888
4
+ version: 0.4.890
5
5
  platform: ruby
6
6
  authors:
7
7
  - 0day Inc.