pwn 0.4.893 → 0.4.895
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +2 -2
- data/lib/pwn/plugins/sock.rb +20 -13
- data/lib/pwn/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 0be40d335f4d72a780159b0c23766f0a56df3a51df3d5cdc07ac2ad3e948f2d3
|
4
|
+
data.tar.gz: 4fa26682b9f867fd543886bf75c998a9194ebfe3a8b86eb4de2f39d01c444ca9
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 0ca17de1b531dea094258dcaab043bcc258720bd93105a5d1fb87bd1b337a7905fb03f290c764a6610cd477eae81e4e0f98cea6cd33a4c2de3ea59a3a21779d2
|
7
|
+
data.tar.gz: c9c7f2396fcbc46f5ddc97b0c1838351432204889a5f5aad8ee9dd828e7e5cbb0ba7707cc445f2fc3b8607d255f331cac5338bc9001d349d5ca9d59aed008863
|
data/README.md
CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
37
37
|
$ rvm list gemsets
|
38
38
|
$ gem install --verbose pwn
|
39
39
|
$ pwn
|
40
|
-
pwn[v0.4.
|
40
|
+
pwn[v0.4.895]:001 >>> PWN.help
|
41
41
|
```
|
42
42
|
|
43
43
|
[![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
53
53
|
$ gem install --verbose pwn
|
54
54
|
$ pwn
|
55
|
-
pwn[v0.4.
|
55
|
+
pwn[v0.4.895]:001 >>> PWN.help
|
56
56
|
```
|
57
57
|
|
58
58
|
|
data/lib/pwn/plugins/sock.rb
CHANGED
@@ -30,6 +30,9 @@ module PWN
|
|
30
30
|
tls ||= false
|
31
31
|
|
32
32
|
tls_min_version = OpenSSL::SSL::TLS1_VERSION if tls_min_version.nil?
|
33
|
+
# tls_version Values can be Displayed via:
|
34
|
+
# OpenSSL::SSL::SSLContext::METHODS
|
35
|
+
tls_version = 'TLSv1_client' if tls_version.nil?
|
33
36
|
|
34
37
|
case protocol
|
35
38
|
when :tcp
|
@@ -38,6 +41,7 @@ module PWN
|
|
38
41
|
tls_context = OpenSSL::SSL::SSLContext.new
|
39
42
|
tls_context.set_params(verify_mode: OpenSSL::SSL::VERIFY_NONE)
|
40
43
|
tls_context.verify_hostname = false
|
44
|
+
tls_context.ssl_version = tls_version
|
41
45
|
tls_context.min_version = tls_min_version
|
42
46
|
tls_sock = OpenSSL::SSL::SSLSocket.new(sock, tls_context)
|
43
47
|
sock_obj = tls_sock.connect
|
@@ -53,19 +57,22 @@ module PWN
|
|
53
57
|
|
54
58
|
sock_obj
|
55
59
|
rescue OpenSSL::SSL::SSLError => e
|
56
|
-
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
-
|
66
|
-
|
67
|
-
|
68
|
-
|
60
|
+
case tls_min_version
|
61
|
+
when OpenSSL::SSL::TLS1_VERSION
|
62
|
+
puts 'Attempting OpenSSL::SSL::TLS1_1_VERSION...'
|
63
|
+
tls_version = 'TLSv1_1_client'
|
64
|
+
tls_min_version = OpenSSL::SSL::TLS1_1_VERSION
|
65
|
+
when OpenSSL::SSL::TLS1_1_VERSION
|
66
|
+
puts 'Attempting OpenSSL::SSL::TLS1_2_VERSION...'
|
67
|
+
tls_version = 'TLSv1_2_client'
|
68
|
+
tls_min_version = OpenSSL::SSL::TLS1_2_VERSION
|
69
|
+
when OpenSSL::SSL::TLS1_2_VERSION
|
70
|
+
puts 'Attempting OpenSSL::SSL::TLS1_3_VERSION...'
|
71
|
+
tls_version = 'TLSv1_3_client'
|
72
|
+
tls_min_version = OpenSSL::SSL::TLS1_3_VERSION
|
73
|
+
else
|
74
|
+
:abort
|
75
|
+
end
|
69
76
|
|
70
77
|
retry unless tls_min_version == :abort
|
71
78
|
raise "\n#{e}" if tls_min_version == :abort
|
data/lib/pwn/version.rb
CHANGED