pwn 0.4.990 → 0.4.992

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +1 -1
  3. data/README.md +3 -3
  4. data/lib/pwn/plugins/black_duck_binary_analysis.rb +4 -5
  5. data/lib/pwn/plugins/xxd.rb +30 -12
  6. data/lib/pwn/version.rb +1 -1
  7. metadata +4 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: af3ee5fb9ea7c8c0e53013a291f99f22aa3c19b2ff00b72c59acb574d5dfdecd
4
- data.tar.gz: 341d6d21ef6d1476f909404daf0ec259a430cde3598d22185a62e16ac6248fd8
3
+ metadata.gz: c4cfb474de933ef8da17ef86e6277a9591f60e76f61f83da12120ef2a44516f6
4
+ data.tar.gz: 3beeaed5e19e992145068084da485d8155db075326122acd32cb2d4fac48a33f
5
5
  SHA512:
6
- metadata.gz: 9468a3b230402f31fb9caec77acca6dcec10646bab6e350d00e680a68c848524e87dce423c5a21abfb6fcf795ad1c832f189dae8ebd6e7162811aa1851f9fcc3
7
- data.tar.gz: d4359349f2c51cdcfc361de00a069069203cb3c1e53601e311f22e1377039666f1a3dca42ab5267bb7472b4504ebd1294d42611abf1f50af7ce09ae4cd9001cf
6
+ metadata.gz: 23a5a2308ecf58cc24b6ab3a2d64b8dd3ea780541049f80ef28bc0d4c28913db4b482376cbbc1a07cc4f51ab545f4ae562cfe13e3fbc522073322f4e7f34dc3c
7
+ data.tar.gz: 307bec354fe8b1d333b53325d21d28be20f55f2a1a9e077bd84686ec00cb7a711de054807eeca50b11034848eb1d5aad7ceaf79121b5818b405227ef9e3ccc74
data/Gemfile CHANGED
@@ -86,7 +86,7 @@ gem 'serialport', '1.3.2'
86
86
  gem 'slack-ruby-client', '2.2.0'
87
87
  gem 'socksify', '1.7.1'
88
88
  gem 'spreadsheet', '1.3.1'
89
- gem 'sqlite3', '1.7.0'
89
+ gem 'sqlite3', '1.7.1'
90
90
  gem 'thin', '1.8.2'
91
91
  gem 'tty-prompt', '0.23.1'
92
92
  gem 'tty-spinner', '0.9.3'
data/README.md CHANGED
@@ -37,7 +37,7 @@ $ cd /opt/pwn
37
37
  $ ./install.sh
38
38
  $ ./install.sh ruby-gem
39
39
  $ pwn
40
- pwn[v0.4.990]:001 >>> PWN.help
40
+ pwn[v0.4.992]:001 >>> PWN.help
41
41
  ```
42
42
 
43
43
  [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.3.0@pwn
52
52
  $ gem uninstall --all --executables pwn
53
53
  $ gem install --verbose pwn
54
54
  $ pwn
55
- pwn[v0.4.990]:001 >>> PWN.help
55
+ pwn[v0.4.992]:001 >>> PWN.help
56
56
  ```
57
57
 
58
58
  If you're using a multi-user install of RVM do:
@@ -62,7 +62,7 @@ $ rvm use ruby-3.3.0@pwn
62
62
  $ rvmsudo gem uninstall --all --executables pwn
63
63
  $ rvmsudo gem install --verbose pwn
64
64
  $ pwn
65
- pwn[v0.4.990]:001 >>> PWN.help
65
+ pwn[v0.4.992]:001 >>> PWN.help
66
66
  ```
67
67
 
68
68
  PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
data/lib/pwn/plugins/black_duck_binary_analysis.rb CHANGED
@@ -60,14 +60,13 @@ module PWN
60
60
 
61
61
  when :post, :put
62
62
  if http_body.is_a?(Hash)
63
- case http_body.key?
64
- when :multipart
65
- headers[:content_type] = 'multipart/form-data'
66
- when :raw
63
+ if http_body.key?(:raw)
67
64
  headers[:content_type] = nil
68
65
  http_body = http_body[:file]
66
+ elsif http_body.key?(:multipart)
67
+ headers[:content_type] = 'multipart/form-data'
69
68
  else
70
- http_body = http_body.to_json unless http_body.key?(:multipart)
69
+ http_body = http_body.to_json
71
70
  end
72
71
  end
73
72
 
data/lib/pwn/plugins/xxd.rb CHANGED
@@ -6,11 +6,13 @@ module PWN
6
6
  module XXD
7
7
  # Supported Method Parameters::
8
8
  # PWN::Plugins::XXD.dump(
9
- # file: 'required - path to binary file to dump'
9
+ # file: 'required - path to binary file to dump',
10
+ # hexdump_arr: 'optional - return array of hashes instead of string (default: false)'
10
11
  # )
11
12
 
12
13
  public_class_method def self.dump(opts = {})
13
14
  file = opts[:file]
15
+ hexdump_arr = opts[:hexdump_arr] ||= false
14
16
 
15
17
  raise ArgumentError, 'file is required' if file.nil?
16
18
 
@@ -19,24 +21,36 @@ module PWN
19
21
  input = File.binread(file)
20
22
 
21
23
  io = StringIO.new
24
+ hex_arr = [] if hexdump_arr
22
25
  res = input.bytes.each_slice(2).each_slice(8).with_index do |row, index|
23
- io.write(
24
- format(
25
- "%<s1>07x0: %<s2>-40s %<s3>-16s\n",
26
- s1: index,
27
- s2: row.map { |pair| pair.map { |b| b.to_s(16).rjust(2, '0') }.join }.join(' '),
28
- s3: row.flat_map { |pair| pair.map { |b| (b >= 32 && b < 127 ? b.chr : '.') } }.flatten.join
29
- )
26
+ fmt_row = format(
27
+ "%<s1>07x0: %<s2>-40s %<s3>-16s\n",
28
+ s1: index,
29
+ s2: row.map { |pair| pair.map { |b| b.to_s(16).rjust(2, '0') }.join }.join(' '),
30
+ s3: row.flat_map { |pair| pair.map { |b| (b >= 32 && b < 127 ? b.chr : '.') } }.flatten.join
30
31
  )
32
+
33
+ io.write(fmt_row)
34
+
35
+ if hexdump_arr
36
+ fmt_row_hash = {
37
+ address: fmt_row.split.first.delete(':'),
38
+ hex: fmt_row.split[1..8],
39
+ ascii: fmt_row.split[9..-1].join
40
+ }
41
+
42
+ hex_arr.push(fmt_row_hash)
43
+ end
31
44
  end
32
45
 
33
- io.string
46
+ hex_arr if hexdump_arr
47
+ io.string unless hexdump_arr
34
48
  rescue StandardError => e
35
49
  raise e
36
50
  end
37
51
 
38
52
  # Supported Method Parameters::
39
- # PWN::Plugins::XXD.dump(
53
+ # PWN::Plugins::XXD.reverse_dump(
40
54
  # hexdump: 'required - hexdump string to reverse dump'
41
55
  # file: 'required - path to binary file to dump'
42
56
  # )
@@ -50,7 +64,10 @@ module PWN
50
64
 
51
65
  # TODO: fix this block as it is not working as expected
52
66
  binary_data = hexdump.lines.map do |line|
53
- line.chars[10..-19].join.split.map do |hex|
67
+ # Works but overly complicated
68
+ # line.chars[10..-19].join.split.map do |hex|
69
+ # More simple better
70
+ line.split[1..8].map do |hex|
54
71
  [hex].pack('H*')
55
72
  end.join
56
73
  end.join
@@ -73,7 +90,8 @@ module PWN
73
90
  public_class_method def self.help
74
91
  puts "USAGE:
75
92
  #{self}.dump(
76
- file: 'required - path to binary file to dump'
93
+ file: 'required - path to binary file to dump',
94
+ hexdump_arr: 'optional - return array of hashes instead of string (default: false)'
77
95
  )
78
96
 
79
97
  #{self}.reverse_dump(
data/lib/pwn/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module PWN
4
- VERSION = '0.4.990'
4
+ VERSION = '0.4.992'
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pwn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.990
4
+ version: 0.4.992
5
5
  platform: ruby
6
6
  authors:
7
7
  - 0day Inc.
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-01-24 00:00:00.000000000 Z
11
+ date: 2024-01-25 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -1038,14 +1038,14 @@ dependencies:
1038
1038
  requirements:
1039
1039
  - - '='
1040
1040
  - !ruby/object:Gem::Version
1041
- version: 1.7.0
1041
+ version: 1.7.1
1042
1042
  type: :runtime
1043
1043
  prerelease: false
1044
1044
  version_requirements: !ruby/object:Gem::Requirement
1045
1045
  requirements:
1046
1046
  - - '='
1047
1047
  - !ruby/object:Gem::Version
1048
- version: 1.7.0
1048
+ version: 1.7.1
1049
1049
  - !ruby/object:Gem::Dependency
1050
1050
  name: thin
1051
1051
  requirement: !ruby/object:Gem::Requirement