pwn 0.4.899 → 0.4.900
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG_BETWEEN_TAGS.txt +168 -181
- data/README.md +2 -2
- data/lib/pwn/plugins/sock.rb +6 -1
- data/lib/pwn/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: ab94f09d0f8bbf236f327f3e9b46fde446be954ab5268a183403536675eb1b02
|
4
|
+
data.tar.gz: 5a1a387c87110edfc7ebe60e2af5ccc3595b71b4c01aaf09b5bc520c647e9f2e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: eb9f44624d56e01f18a54818eb51838b7421650e2a4dd255d2fbc99494d331b4d63b7548ec32e83aabb99a28be2bceab8cbac698e4e72c8ba1cc907ed7f95ae8
|
7
|
+
data.tar.gz: 72cca93ee656580b82a6e0262182a7cbaaf337d5514f3f0fe4b237608a5b1111661b049b2edf1e3c305f9cb737458386d7f78181a7d5ba8726dd53f561b56bca
|
data/CHANGELOG_BETWEEN_TAGS.txt
CHANGED
@@ -1,181 +1,168 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
54
|
-
|
55
|
-
|
56
|
-
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
-
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
|
78
|
-
|
79
|
-
|
80
|
-
|
81
|
-
|
82
|
-
|
83
|
-
|
84
|
-
|
85
|
-
|
86
|
-
|
87
|
-
|
88
|
-
|
89
|
-
|
90
|
-
|
91
|
-
|
92
|
-
|
93
|
-
|
94
|
-
|
95
|
-
|
96
|
-
|
97
|
-
|
98
|
-
|
99
|
-
|
100
|
-
|
101
|
-
|
102
|
-
|
103
|
-
|
104
|
-
|
105
|
-
|
106
|
-
|
107
|
-
|
108
|
-
|
109
|
-
|
110
|
-
|
111
|
-
|
112
|
-
|
113
|
-
|
114
|
-
|
115
|
-
|
116
|
-
|
117
|
-
|
118
|
-
|
119
|
-
|
120
|
-
|
121
|
-
|
122
|
-
|
123
|
-
|
124
|
-
|
125
|
-
|
126
|
-
|
127
|
-
|
128
|
-
|
129
|
-
|
130
|
-
|
131
|
-
|
132
|
-
|
133
|
-
|
134
|
-
|
135
|
-
|
136
|
-
|
137
|
-
|
138
|
-
|
139
|
-
|
140
|
-
|
141
|
-
|
142
|
-
|
143
|
-
|
144
|
-
|
145
|
-
|
146
|
-
|
147
|
-
|
148
|
-
|
149
|
-
|
150
|
-
|
151
|
-
|
152
|
-
|
153
|
-
|
154
|
-
|
155
|
-
|
156
|
-
|
157
|
-
|
158
|
-
|
159
|
-
|
160
|
-
|
161
|
-
|
162
|
-
|
163
|
-
|
164
|
-
|
165
|
-
|
166
|
-
|
167
|
-
|
168
|
-
|
169
|
-
eb8d222 Merge pull request #287 from ninp0/master
|
170
|
-
f6724a8 PWN::Plugins::DetectOS module - extend capabilities to detect *BSDs
|
171
|
-
dd8194a Merge pull request #286 from ninp0/master
|
172
|
-
da367d1 PWN::Plugins::PS module - replace sys-proctable gem requirement in pwn REPL driver to make compat w *nix and *bsd #rubocop_fix
|
173
|
-
8fecfe0 Merge pull request #285 from ninp0/master
|
174
|
-
f7932f8 PWN::Plugins::PS module - replace sys-proctable gem requirement in pwn REPL driver to make compat w *nix and *bsd
|
175
|
-
241096f Merge pull request #284 from ninp0/master
|
176
|
-
33a5322 PWN::Plugins::TransparentBrowser module - #bugfix in #close method
|
177
|
-
bc9bf5f Merge pull request #283 from ninp0/master
|
178
|
-
0ec4889 PWN::Plugins::TransparentBrowser module - refactor the return object for the #open method to be a hash containing the browser and tor_obj. Refactor pwn code to reflect this change.
|
179
|
-
727481b Merge pull request #282 from ninp0/master
|
180
|
-
810931a PWN::Plugins::TransparentBrowser module - use "tor" String as value to proxy parameter to trigger PWN::Plugins::Tor.start instead of using symbol
|
181
|
-
ca5ddef Merge pull request #281 from ninp0/master
|
1
|
+
b47ecb4 PWN::Plugins::Sock module - use lowest supported proto version when attempting to connect to a socket via the #connect method #try_again
|
2
|
+
fa1760e Merge pull request #428 from ninp0/master
|
3
|
+
2bd5d5e PWN::Plugins::Sock module - use lowest supported proto version when attempting to connect to a socket via the #connect method #try_again
|
4
|
+
7967c6f PWN::Plugins::Sock module - use lowest supported proto version when attempting to connect to a socket via the #connect method #try_again
|
5
|
+
14d80f3 Merge pull request #427 from ninp0/master
|
6
|
+
1c887ec PWN::Plugins::Sock module - use lowest supported proto version when attempting to connect to a socket via the #connect method #try_again
|
7
|
+
be15999 Merge pull request #426 from ninp0/master
|
8
|
+
b085855 PWN::Plugins::Sock module - use lowest supported proto version when attempting to connect to a socket via the #connect method #try_again
|
9
|
+
7652edd PWN::Plugins::Sock module - use lowest supported proto version when attempting to connect to a socket via the #connect method #try_again
|
10
|
+
f359109 PWN::Plugins::Sock module - use lowest supported proto version when attempting to connect to a socket via the #connect method #try_again
|
11
|
+
9c88be9 Merge pull request #425 from ninp0/master
|
12
|
+
2dfcf91 PWN::Plugins::Sock module - use lowest supported proto version when attempting to connect to a socket via the #connect method #try_again
|
13
|
+
f101f43 Merge pull request #424 from ninp0/master
|
14
|
+
946ed64 PWN::Plugins::Sock module - use lowest supported proto version when attempting to connect to a socket via the #connect method #bugfix
|
15
|
+
2e9c789 PWN::Plugins::Sock module - use lowest supported proto version when attempting to connect to a socket via the #connect method #bugfix
|
16
|
+
d15459e PWN::Plugins::Sock module - use lowest supported proto version when attempting to connect to a socket via the #connect method
|
17
|
+
4279ce0 Merge pull request #423 from ninp0/master
|
18
|
+
67a340a pwn_graphql_introspection_detector Driver - rename to pwn_shodan_graphql_introspection to better reflect its purpose
|
19
|
+
be974d9 Merge pull request #422 from ninp0/master
|
20
|
+
aeac8e7 pwn_graphql_introspection_detector Driver - initial commit
|
21
|
+
ba6ec74 Merge pull request #421 from ninp0/master
|
22
|
+
7c5a237 PWN::Plugins::IPInfo module - prefer specific common key values from cert_obj for this module. If additonal functionality is required, defer to using PWN::Plugins::Sock.get_tls_cert directly
|
23
|
+
a65d92e pwn_www_checkip Driver - JSON.pretty_generate when returning IP information via -i flag
|
24
|
+
63894da PWN::Plugins::IPInfo module - remove redundant cert_txt key from ip_info_resp, preferring a return of cert object which can call #to_text, #subject, #issuer, etc.
|
25
|
+
0733e4b Merge pull request #420 from ninp0/master
|
26
|
+
70baa71 PWN::Plugins::IPInfo module - #bugfix in returned object from #get_tls_cert method
|
27
|
+
068f2d6 PWN::Plugins::IPInfo module - #bugfixes
|
28
|
+
b60a94c PWN::Plugins::IPInfo module - get TLS cert if possible in attempt to obtain valid domain from IP addresses cert info #bugfix when checking for open tls port
|
29
|
+
e055792 PWN::Plugins::Sock module - add #get_tls_cert method
|
30
|
+
0d9bb3f PWN::Plugins::IPInfo module - get TLS cert if possible in attempt to obtain valid domain from IP addresses cert info
|
31
|
+
7f150c6 Merge pull request #419 from ninp0/master
|
32
|
+
647e5f3 pwn_shodan_search Driver - isolate objects in results that are causing JSON::GeneratorError: source sequence is illegal/malformed utf-8 messages when serializing to JSON strings #dont_use_gets
|
33
|
+
9ad051c pwn_shodan_search Driver - isolate objects in results that are causing JSON::GeneratorError: source sequence is illegal/malformed utf-8 messages when serializing to JSON strings #serialization_issue
|
34
|
+
0d166ee pwn_shodan_search Driver - #bugfix in JSON::GeneratorError where invalid UTF-8 sequences prevent writing to JSON file #nope_gotta_revert_that
|
35
|
+
3f84e71 pwn_shodan_search Driver - #bugfix in JSON::GeneratorError where invalid UTF-8 sequences prevent writing to JSON file
|
36
|
+
7721af4 Merge pull request #418 from ninp0/master
|
37
|
+
02b8719 PWN::Plugins::Shodan module - need to return specific hash when JSON::ParserError is resccued (related to invalid UTF-8 sequences) #bugfix
|
38
|
+
34df5ea Merge pull request #417 from ninp0/master
|
39
|
+
ea99612 pwn_shodan_search Driver - add RAW.arr results file containing raw_results_arr object prior to attempting to cast the object as JSON #bugfix / #cast_to_string
|
40
|
+
6104b15 Merge pull request #416 from ninp0/master
|
41
|
+
09b0ad9 pwn_shodan_search Driver - add RAW.arr results file containing raw_results_arr object prior to attempting to cast the object as JSON
|
42
|
+
705da0a Merge pull request #415 from ninp0/master
|
43
|
+
e63cee6 pwn_shodan_search Driver - add RAW.arr results file containing raw_results_arr object prior to attempting to cast the object as JSON
|
44
|
+
2e45a04 pwn_shodan_search Driver - strip comments when loading query file #rubocop_fix
|
45
|
+
5f9598a Merge pull request #414 from ninp0/master
|
46
|
+
4dfa34f pwn_shodan_search Driver - strip comments when loading query file
|
47
|
+
217800b Merge pull request #413 from ninp0/master
|
48
|
+
a473732 PWN::WWW::HackerOne module - #rubocop_fix
|
49
|
+
5a9296e Merge pull request #412 from ninp0/master
|
50
|
+
35236cc PWN::Plugins::Shodan module - scrub response.body for malformed UTF-8 characters that would otherwise prevent saving JSON results to file within pwn_shodan_search driver #attemptN
|
51
|
+
cb17de9 Merge pull request #411 from ninp0/master
|
52
|
+
afea697 PWN::Plugins::Shodan module - scrub response.body for malformed UTF-8 characters that would otherwise prevent saving JSON results to file within pwn_shodan_search driver
|
53
|
+
bd7fd57 Merge pull request #410 from ninp0/master
|
54
|
+
ca87dec pwn_shodan_search Driver - rescue JSON::Generator error in rare cases #pretty_generate method cant save out results
|
55
|
+
6babce2 Merge pull request #409 from ninp0/master
|
56
|
+
9675c6d PWN::Plugins::BurpSuite module - add #uri_in_scope method to compare URI to URI regexes in / out of scope per burp suite target scope config JSON file, like those produced by H1 (returns boolean)
|
57
|
+
e20e0ee Merge pull request #408 from ninp0/master
|
58
|
+
12ba09b Merge branch 'master' of ssh://github.com/ninp0/pwn
|
59
|
+
f28066d PWN::WWW::TransparentBrowser module - add #find_element_by_text method #bugfix_again
|
60
|
+
cd8db7a Merge pull request #407 from ninp0/master
|
61
|
+
607e1de PWN::WWW::TransparentBrowser module - add #find_element_by_text method #bugfix
|
62
|
+
b191e1c Merge pull request #406 from ninp0/master
|
63
|
+
3a4d68a PWN::WWW::TransparentBrowser module - add #find_element_by_text method
|
64
|
+
e0e7ecc Merge pull request #405 from ninp0/master
|
65
|
+
adaebc5 PWN::WWW::HackerOne module - #slight_tweak to #save_burp_target_config_file method...replace random user_agent w/ fixed known supported user agent
|
66
|
+
bcc814f Merge pull request #404 from ninp0/master
|
67
|
+
9bd7c1b PWN::WWW::HackerOne module - #slight_tweak to #save_burp_target_config_file method...replace random user_agent w/ fixed known supported user agent
|
68
|
+
8dfff4d PWN::WWW::HackerOne module - #slight_tweak to #save_burp_target_config_file method
|
69
|
+
f2b0a55 Merge pull request #403 from ninp0/master
|
70
|
+
48f47ff PWN::Plugins::BurpSuite module && pwn_burp_suite_pro_active_scan Driver - implement target_config capability to consume Burp Suite Pro Target Scope config JSON file
|
71
|
+
e1b9345 PWN::WWW::HackerOne module - add #save_burp_project_file method
|
72
|
+
b33caa7 Merge pull request #402 from ninp0/master
|
73
|
+
7e7942f PWN::WWW::HackerOne module - add burp_project link to object returned from #get_bounty_programs method #bugfix
|
74
|
+
13d3615 PWN::WWW::HackerOne module - add burp_project link to object returned from #get_bounty_programs method #bugfix
|
75
|
+
049681e PWN::WWW::HackerOne module - add burp_project link to object returned from #get_bounty_programs method
|
76
|
+
2f1e787 PWN::WWW::HackerOne module - add policy, scope, hacktivity, thanks, updates, collaborator links to object returned from #get_bounty_programs method / #minor_bugfix / #rubocop_fixes
|
77
|
+
81bb4c3 Merge pull request #401 from ninp0/master
|
78
|
+
cb7e893 PWN::WWW::HackerOne module - implement min_payouts_enabled parameter for #get_bounty_programs method
|
79
|
+
22cff1b Merge pull request #400 from ninp0/master
|
80
|
+
fcafa7e PWN::WWW::HackerOne module - best approarch to snag links after DOM loads #bugfix
|
81
|
+
368a4df PWN::WWW::HackerOne module - best approarch to snag links after DOM loads #again
|
82
|
+
bea57c0 PWN::WWW::HackerOne module - replace brittle sleep with more resilient .div(class: full-width-inner-container).wait_until(&:present?) to snag links after DOM loads #again
|
83
|
+
1617603 PWN::WWW::HackerOne module - replace brittle sleep with more resilient .div(class: full-width-inner-container).wait_until(&:present?) to snag links after DOM loads
|
84
|
+
9386f03 Merge pull request #399 from ninp0/master
|
85
|
+
2058b3c PWN::WWW::HackerOne module - add method to return all bug bounty program links #bugfixes
|
86
|
+
152022c Merge pull request #398 from ninp0/master
|
87
|
+
67fe8a6 PWN::WWW::HackerOne module - add method to return all bug bounty program links #bugfixes
|
88
|
+
a18b5ae PWN::WWW::HackerOne module - add method to return all bug bounty program links #bugfixes
|
89
|
+
a688297 Merge pull request #397 from ninp0/master
|
90
|
+
cff4ad0 PWN::WWW::HackerOne module - add method to return all bug bounty program links #bugfixes
|
91
|
+
a3af8cf Merge pull request #396 from ninp0/master
|
92
|
+
055eccb PWN::WWW::HackerOne module - add method to return all bug bounty program links #bugfixes
|
93
|
+
33b3c82 Merge pull request #395 from ninp0/master
|
94
|
+
3c1837b PWN::WWW::HackerOne module - add method to return all bug bounty program links #bugfixes
|
95
|
+
208c8a4 Merge pull request #394 from ninp0/master
|
96
|
+
773ad2f PWN::WWW::HackerOne module - add method to return all bug bounty program links #rubocop_fixes
|
97
|
+
91252c7 Merge pull request #393 from ninp0/master
|
98
|
+
fb80ad0 PWN::WWW::HackerOne module - add method to return all bug bounty program links #rubocop_fixes
|
99
|
+
598aa2b Merge pull request #392 from ninp0/master
|
100
|
+
cabcb83 PWN::WWW::HackerOne module - add method to return all bug bounty program links
|
101
|
+
662e05f PWN::WWW::HackerOne module - add method to return all bug bounty program links
|
102
|
+
94cf6d0 Merge pull request #391 from ninp0/master
|
103
|
+
22a696e PWN::WWW::HackerOne module - add method to return all bug bounty program links
|
104
|
+
69884d7 Merge pull request #390 from ninp0/master
|
105
|
+
51cbfca PWN::Plugins::Shodan module - add #get_uris method to extract URI strings from search results returned from #search method #bugfixes
|
106
|
+
57c18ee Merge pull request #389 from ninp0/master
|
107
|
+
0161122 PWN::Plugins::Shodan module - add #get_uris method to extract URI strings from search results returned from #search method #bugfixes
|
108
|
+
1f63683 Merge pull request #388 from ninp0/master
|
109
|
+
d6e5e41 PWN::Plugins::Shodan module - add #get_uris method to extract URI strings from search results returned from #search method #bugfixes
|
110
|
+
635d7d2 PWN::Plugins::Shodan module - add #get_uris method to extract URI strings from search results returned from #search method #bugfixes #add_usage
|
111
|
+
2691a6f PWN::Plugins::Shodan module - add #get_uris method to extract URI strings from search results returned from #search method
|
112
|
+
b83eed4 Merge pull request #387 from ninp0/master
|
113
|
+
e0d6850 pwn_shodan_search Driver - change default output-results-file to reside in CWD instead of /tmp
|
114
|
+
f19a02f Merge pull request #386 from ninp0/master
|
115
|
+
04d3f97 pwn_shodan_search Driver - implement a --rate-limit flag to allow for customized rate limiting when API gets grumpy
|
116
|
+
cff4d3c Merge pull request #385 from ninp0/master
|
117
|
+
a949aa6 PWN::Plugins::ScannableCodes module - #bugfix in #help method
|
118
|
+
e4b5a19 Merge pull request #384 from ninp0/master
|
119
|
+
216bb34 PWN::Plugins::ScannableCodes module - initial commit
|
120
|
+
04bc64e PWN::Plugins::ScannableCodes module - initial commit
|
121
|
+
ae9ece4 Merge pull request #383 from ninp0/master
|
122
|
+
594808b pwn_www_uri_buster Driver - JSON.pretty_generate(response.headers) #bugfix, cast hash to pretty JSON string
|
123
|
+
810ee16 Merge pull request #382 from ninp0/master
|
124
|
+
0adff45 pwn_www_uri_buster Driver - incorporate randomized user-agent string in HTTP requests
|
125
|
+
b429bca Merge pull request #381 from ninp0/master
|
126
|
+
8afb64a PWN::Reports::SAST module - #bugfix in escaped newline
|
127
|
+
3ac73eb Merge pull request #380 from ninp0/master
|
128
|
+
54e8fe1 PWN::Reports::* - #bufix in "ajax" key where report_name is now dynamic
|
129
|
+
5fb8eb6 pwn_www_uri_buster Driver - #bugfix in retrieving random available ephemeral port via PWN::Plugins::Sock module in #get_random_unused_port method
|
130
|
+
6c0d1be Merge pull request #379 from ninp0/master
|
131
|
+
c3964c0 pwn_www_uri_buster Driver - include HTTP response headers in results && #bugfix
|
132
|
+
1edc9d7 Merge pull request #378 from ninp0/master
|
133
|
+
4cbd086 pwn_www_uri_buster Driver - include HTTP response headers in results && #bugfix when using tor as proxy
|
134
|
+
1d8a60d Merge pull request #377 from ninp0/master
|
135
|
+
4e0f5be pwn_www_uri_buster - implement tor support #more_bugfixes
|
136
|
+
cf1a932 Merge pull request #376 from ninp0/master
|
137
|
+
c845e1f pwn_www_uri_buster - implement tor support #bugfixes
|
138
|
+
0e88ef7 Merge pull request #375 from ninp0/master
|
139
|
+
e2e1de4 pwn_www_uri_buster - implement tor support
|
140
|
+
5f4c2e3 Merge pull request #374 from ninp0/master
|
141
|
+
720eec2 Custom report names for all reports in PWN::Reports namespace #bugfix
|
142
|
+
7a77a69 Merge pull request #373 from ninp0/master
|
143
|
+
61cc8a9 Custom report names for all reports in PWN::Reports namespace #bugfix
|
144
|
+
e45c36e Merge pull request #372 from ninp0/master
|
145
|
+
35b6623 Custom report names for all reports in PWN::Reports namespace
|
146
|
+
c169f48 Merge pull request #371 from ninp0/master
|
147
|
+
eb6de5e pwn_www_uri_buster Driver - add --append parameter to append pattern to end of entries in wordlist
|
148
|
+
8a05fca pwn_www_uri_buster Driver - add --append parameter to append pattern to end of entries in wordlist
|
149
|
+
5d04eab Merge pull request #370 from ninp0/master
|
150
|
+
491898e PWN::Plugins::DetectOS module - #rubocop_fixes
|
151
|
+
c752179 pwn_nmap_discover_tcp_udp Driver - implement --target-file flag (i.e. you can use either --target-file OR --target-range, not both and not neither) / slight discovery tweaks
|
152
|
+
a320df1 Merge pull request #369 from ninp0/master
|
153
|
+
9e16d30 pwn_bdba_scan && pwn_bdba_groups Drivers - change both drivers to support --parent-group-id flow (i.e. to avoid wrong group association when duplicate group names reside under different search-paths) #bugfix2_revert
|
154
|
+
0bc80c1 Merge pull request #368 from ninp0/master
|
155
|
+
1f92631 pwn_bdba_scan && pwn_bdba_groups Drivers - change both drivers to support --parent-group-id flow (i.e. to avoid wrong group association when duplicate group names reside under different search-paths) #bugfix
|
156
|
+
663f3d9 Merge pull request #367 from ninp0/master
|
157
|
+
50a4c48 pwn_bdba_scan && pwn_bdba_groups Drivers - change both drivers to support --parent-group-id flow (i.e. to avoid wrong group association when duplicate group names reside under different search-paths)
|
158
|
+
02432d4 Merge pull request #366 from ninp0/master
|
159
|
+
6afd3fc pwn_bdba_scan Driver - change --parent-group-name parameter to --parent-group-id to avoid wrong group association when duplicate group names reside under different search-paths
|
160
|
+
9517452 Merge pull request #365 from ninp0/master
|
161
|
+
0c326b8 pwn_bdba_scan Driver - incorporate optional --version parameter
|
162
|
+
e96cb62 Merge pull request #364 from ninp0/master
|
163
|
+
5324605 PWN::Plugins::BlackDuckBinaryAnalysis module && pwn_bdba_scans Driver - implement #abort_product_scan method && abort product scan results if they have been sitting in a queue status for more than 90 minutes.
|
164
|
+
f36af42 Merge pull request #363 from ninp0/master
|
165
|
+
f308dba git_commit_test_reinit_gem.sh - #more_tag_bugfixes
|
166
|
+
31e8c06 Merge pull request #362 from ninp0/master
|
167
|
+
38835e3 git_commit_test_reinit_gem.sh - Address off-by-one tagging #bugfix
|
168
|
+
2f31697 Merge pull request #361 from ninp0/master
|
data/README.md
CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
37
37
|
$ rvm list gemsets
|
38
38
|
$ gem install --verbose pwn
|
39
39
|
$ pwn
|
40
|
-
pwn[v0.4.
|
40
|
+
pwn[v0.4.900]:001 >>> PWN.help
|
41
41
|
```
|
42
42
|
|
43
43
|
[![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
53
53
|
$ gem install --verbose pwn
|
54
54
|
$ pwn
|
55
|
-
pwn[v0.4.
|
55
|
+
pwn[v0.4.900]:001 >>> PWN.help
|
56
56
|
```
|
57
57
|
|
58
58
|
|
data/lib/pwn/plugins/sock.rb
CHANGED
@@ -32,7 +32,8 @@ module PWN
|
|
32
32
|
tls_min_version = OpenSSL::SSL::TLS1_VERSION if tls_min_version.nil?
|
33
33
|
# tls_version Values can be Displayed via:
|
34
34
|
# OpenSSL::SSL::SSLContext::METHODS
|
35
|
-
tls_version = '
|
35
|
+
tls_version = 'TLSv1' if tls_version.nil?
|
36
|
+
cipher_tls = 'TLSv1.0' if cipher_tls.nil?
|
36
37
|
|
37
38
|
case protocol
|
38
39
|
when :tcp
|
@@ -43,6 +44,7 @@ module PWN
|
|
43
44
|
tls_context.verify_hostname = false
|
44
45
|
tls_context.ssl_version = tls_version
|
45
46
|
tls_context.min_version = tls_min_version
|
47
|
+
tls_context.ciphers = tls_context.ciphers.select { |c| c[1] == cipher_tls }
|
46
48
|
tls_sock = OpenSSL::SSL::SSLSocket.new(sock, tls_context)
|
47
49
|
sock_obj = tls_sock.connect
|
48
50
|
else
|
@@ -61,13 +63,16 @@ module PWN
|
|
61
63
|
when OpenSSL::SSL::TLS1_VERSION
|
62
64
|
puts 'Attempting OpenSSL::SSL::TLS1_1_VERSION...'
|
63
65
|
tls_version = 'TLSv1_1'
|
66
|
+
cipher_tls = 'TLSv1.0'
|
64
67
|
tls_min_version = OpenSSL::SSL::TLS1_1_VERSION
|
65
68
|
when OpenSSL::SSL::TLS1_1_VERSION
|
66
69
|
puts 'Attempting OpenSSL::SSL::TLS1_2_VERSION...'
|
67
70
|
tls_version = 'TLSv1_2'
|
71
|
+
cipher_tls = 'TLSv1.2'
|
68
72
|
tls_min_version = OpenSSL::SSL::TLS1_2_VERSION
|
69
73
|
when OpenSSL::SSL::TLS1_2_VERSION
|
70
74
|
puts 'Attempting OpenSSL::SSL::TLS1_3_VERSION...'
|
75
|
+
cipher_tls = 'TLSv1.3'
|
71
76
|
tls_min_version = OpenSSL::SSL::TLS1_3_VERSION
|
72
77
|
else
|
73
78
|
tls_min_version = :abort
|
data/lib/pwn/version.rb
CHANGED