pwn 0.5.164 → 0.5.166

data/lib/pwn/plugins/ip_info.rb

@@ -44,6 +44,8 @@ module PWN
         end
       rescue StandardError => e
         raise e
+      ensure
+        PWN::Plugins::TransparentBrowser.close(browser_obj: browser_obj) if browser_obj
       end
 
       # Supported Method Parameters::

data/lib/pwn/plugins/log.rb

@@ -93,7 +93,9 @@ module PWN
         end
 
         logger.add(logger.level, log_event, which_self)
-      rescue Interrupt, StandardError => e
+      rescue Interrupt
+        puts "\n#{self}.#{__method__} => Goodbye."
+      rescue StandardError => e
         raise e
       end
 

data/lib/pwn/plugins/repl.rb

@@ -488,8 +488,10 @@ module PWN
 
         # Initialize pwn.yaml Configuration using :before_session Hook
         Pry.config.hooks.add_hook(:before_session, :init_opts) do |_output, _binding, pi|
-          if opts[:yaml_config_path] && File.exist?(opts[:yaml_config_path])
+          if opts[:yaml_config_path]
             yaml_config_path = opts[:yaml_config_path]
+            raise "ERROR: #{yaml_config_path} does not exist." unless File.exist?(yaml_config_path)
+
             is_encrypted = PWN::Plugins::Vault.file_encrypted?(file: yaml_config_path)
 
             if is_encrypted

data/lib/pwn/plugins/thread_pool.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-# require 'concurrent-ruby'
+require 'concurrent-ruby'
 
 module PWN
   module Plugins
@@ -22,31 +22,6 @@ module PWN
       #   end
       # end
 
-      # public_class_method def self.fill(opts = {})
-      #   enumerable_array = opts[:enumerable_array]
-      #   max_threads = opts[:max_threads].to_i
-      #   max_threads = 9 if max_threads.zero?
-      #   detach = opts[:detach] ||= false
-
-      #   puts "Initiating Thread Pool of #{max_threads} Worker Threads...."
-      #   pool = Concurrent::FixedThreadPool.new(max_threads)
-
-      #   enumerable_array.each do |this_thread|
-      #     pool.post do
-      #       yield this_thread
-      #     end
-      #   end
-
-      #   pool.shutdown
-      #   pool.wait_for_termination unless detach
-      # rescue Interrupt
-      #   puts "\nGoodbye."
-      # rescue StandardError => e
-      #   puts e.backtrace
-      #   raise e
-      # end
-      # METHOD ABOVE IS SLOWER THAN THE ONE BELOW
-
       public_class_method def self.fill(opts = {})
         enumerable_array = opts[:enumerable_array]
         max_threads = opts[:max_threads].to_i
@@ -54,28 +29,23 @@ module PWN
         detach = opts[:detach] ||= false
 
         puts "Initiating Thread Pool of #{max_threads} Worker Threads...."
-        queue = SizedQueue.new(max_threads)
-        threads = Array.new(max_threads) do
-          Thread.new do
-            until (this_thread = queue.pop) == :POOL_EXHAUSTED
-              yield this_thread
-            end
-          end
-        end
+        pool = Concurrent::FixedThreadPool.new(max_threads)
 
-        enumerable_array.uniq.each do |this_thread|
-          queue << this_thread
-        end
-
-        max_threads.times do
-          queue << :POOL_EXHAUSTED
+        enumerable_array.each do |this_thread|
+          pool.post do
+            yield this_thread
+          end
         end
 
-        threads.each(&:join) unless detach
+        pool.shutdown
+        pool.wait_for_termination unless detach
       rescue Interrupt
-        puts "\nGoodbye."
+        puts "\n#{self}.#{__method__} => Goodbye."
       rescue StandardError => e
+        puts e.backtrace
         raise e
+      ensure
+        pool.kill if pool.running?
       end
 
       # Author(s):: 0day Inc. <support@0dayinc.com>

data/lib/pwn/plugins/tor.rb

@@ -111,6 +111,7 @@ module PWN
         session_log = File.new(session_log_path, 'w')
         session_log.sync = true
         session_log.fsync
+        tor_obj = nil
 
         fork_pid = Process.fork do
           pty = PTY.spawn(
@@ -132,33 +133,52 @@ module PWN
             stdout.each do |line|
               session_log.puts line
             end
+          rescue Interrupt,
+                 Errno::EIO => e
+            puts "\n#{self}.#{__method__}#spawn => Goodbye." if e.is_a?(Interrupt)
+            tor_obj = {
+              parent_pid: fork_pid,
+              child_pid: pid,
+              data_dir: data_dir
+            }
+            stop(tor_obj: tor_obj)
           end
-        rescue StandardError => e
-          puts 'Tor exiting with errors...'
-          FileUtils.rm_rf(data_dir)
-          raise e
+        rescue Interrupt,
+               Errno::EIO => e
+          puts "\n#{self}.#{__method__}#fork => Goodbye." if e.is_a?(Interrupt)
+          tor_obj = {
+            parent_pid: fork_pid,
+            data_dir: data_dir
+          }
+          stop(tor_obj: tor_obj)
         end
+
         Process.detach(fork_pid)
 
         loop do
           pid_ready = File.exist?(pid_file)
           cookie_authn_ready = File.exist?(cookie_authn_file)
-          sleep 0.1
           break if pid_ready && cookie_authn_ready
         end
 
+        child_pid = File.read(pid_file).to_i
         cookie_authn = `hexdump -e '32/1 "%02x"' #{cookie_authn_file}`
+
         tor_obj = {
           parent_pid: fork_pid,
-          child_pid: File.read(pid_file).to_i,
+          child_pid: child_pid,
           ip: ip,
           port: port,
           ctrl_port: ctrl_port,
           data_dir: data_dir,
           cookie_authn: cookie_authn
         }
-      rescue StandardError, SystemExit => e
-        stop(tor_obj) unless tor_obj.nil?
+      rescue Interrupt, SystemExit
+        puts "\n#{self}.#{__method__} => Goodbye."
+        stop(tor_obj: tor_obj) unless tor_obj.nil?
+      rescue StandardError => e
+        puts "\n#{self}.#{__method__} => Goodbye."
+        stop(tor_obj: tor_obj) unless tor_obj.nil?
         raise e
       end
 
@@ -187,11 +207,30 @@ module PWN
 
       public_class_method def self.stop(opts = {})
         tor_obj = opts[:tor_obj]
-        unless tor_obj.nil?
-          FileUtils.rm_rf(tor_obj[:data_dir])
-          Process.kill('TERM', tor_obj[:child_pid])
-          Process.kill('TERM', tor_obj[:parent_pid])
+
+        return nil unless tor_obj.is_a?(Hash)
+
+        child_pid = tor_obj[:child_pid]
+        parent_pid = tor_obj[:parent_pid]
+        data_dir = tor_obj[:data_dir]
+        if child_pid || parent_pid || data_dir
+          proc_list = PWN::Plugins::PS.list
+          find_child_pid = proc_list.find { |arr| arr[2] == child_pid.to_s }
+          find_parent_pid = proc_list.find { |arr| arr[2] == parent_pid.to_s }
+
+          # puts "Killing Tor child PID: #{child_pid}..."
+          Process.kill('SIGKILL', child_pid) if find_child_pid
+
+          # puts "Killing Tor parent PID: #{parent_pid}..."
+          Process.kill('SIGKILL', parent_pid) if find_parent_pid
+
+          # puts "Removing Tor data directory: #{data_dir}..."
+          FileUtils.rm_rf(data_dir)
         end
+
+        nil
+      rescue Errno::ESRCH, Errno::ENOENT => e
+        puts e
       rescue StandardError => e
         raise e
       end

data/lib/pwn/plugins/transparent_browser.rb

@@ -335,6 +335,9 @@ module PWN
 
       public_class_method def self.close(opts = {})
         browser_obj = opts[:browser_obj]
+
+        return nil unless browser_obj.is_a?(Hash)
+
         browser = browser_obj[:browser]
         tor_obj = browser_obj[:tor_obj]
 

data/lib/pwn/plugins/voice.rb

@@ -37,7 +37,7 @@ module PWN
 
         puts "\nGoodbye."
       rescue Interrupt
-        puts "\nGoodbye."
+        puts "\n#{self}.#{__method__} => Goodbye."
       rescue StandardError => e
         raise e
       end
@@ -70,7 +70,7 @@ module PWN
           output_dir
         )
       rescue Interrupt
-        puts "\nGoodbye."
+        puts "\n#{self}.#{__method__} => Goodbye."
       rescue StandardError => e
         raise e
       end
@@ -102,7 +102,7 @@ module PWN
           "(SayText \"#{text_to_say}\")"
         )
       rescue Interrupt
-        puts "\nGoodbye."
+        puts "\n#{self}.#{__method__} => Goodbye."
       rescue StandardError => e
         raise e
       end

data/lib/pwn/reports/uri_buster.rb

@@ -96,12 +96,14 @@ module PWN
             <div>
               <b>Toggle Column(s):</b>&nbsp;
               <a class="toggle-vis" data-column="1" href="#">Request Time</a>&nbsp;|&nbsp;
-              <a class="toggle-vis" data-column="2" href="#">URI</a>&nbsp;|&nbsp;
-              <a class="toggle-vis" data-column="3" href="#">HTTP Method</a>&nbsp;|&nbsp;
-              <a class="toggle-vis" data-column="4" href="#">HTTP Response Code</a>&nbsp;|&nbsp;
-              <a class="toggle-vis" data-column="5" href="#">HTTP Response Length</a>&nbsp;|&nbsp;
-              <a class="toggle-vis" data-column="6" href="#">HTTP Response Headers</a>&nbsp;|&nbsp;
-              <a class="toggle-vis" data-column="7" href="#">HTTP Response Body</a>&nbsp;|&nbsp;
+              <a class="toggle-vis" data-column="2" href="#">Response Time</a>&nbsp;|&nbsp;
+              <a class="toggle-vis" data-column="3" href="#">Duration</a>&nbsp;|&nbsp;
+              <a class="toggle-vis" data-column="4" href="#">URI</a>&nbsp;|&nbsp;
+              <a class="toggle-vis" data-column="5" href="#">HTTP Method</a>&nbsp;|&nbsp;
+              <a class="toggle-vis" data-column="6" href="#">HTTP Response Code</a>&nbsp;|&nbsp;
+              <a class="toggle-vis" data-column="7" href="#">HTTP Response Length</a>&nbsp;|&nbsp;
+              <a class="toggle-vis" data-column="8" href="#">HTTP Response Headers</a>&nbsp;|&nbsp;
+              <a class="toggle-vis" data-column="9" href="#">HTTP Response Body</a>&nbsp;|&nbsp;
             </div>
             <br /><br />
 
@@ -111,6 +113,8 @@ module PWN
                   <tr>
                     <th>#</th>
                     <th>Request Time</th>
+                    <th>Response Time</th>
+                    <th>Duration</th>
                     <th>URI</th>
                     <th>HTTP Method</th>
                     <th>HTTP Response Code</th>
@@ -166,6 +170,14 @@ module PWN
                       "data": "request_timestamp",
                       "render": $.fn.dataTable.render.text()
                     },
+                    {
+                      "data": "response_timestamp",
+                      "render": $.fn.dataTable.render.text()
+                    },
+                    {
+                      "data": "duration",
+                      "render": $.fn.dataTable.render.text()
+                    },
                     {
                       "data": "http_uri",
                       "render": function (data, type, row, meta) {

data/lib/pwn/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.5.164'
+  VERSION = '0.5.166'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.5.164
+  version: 0.5.166
 platform: ruby
 authors:
 - 0day Inc.
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-06-06 00:00:00.000000000 Z
+date: 2024-06-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -478,14 +478,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.0.68
+        version: 0.0.69
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.0.68
+        version: 0.0.69
 - !ruby/object:Gem::Dependency
   name: metasm
   requirement: !ruby/object:Gem::Requirement
@@ -926,14 +926,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.30.0
+        version: 2.31.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.30.0
+        version: 2.31.0
 - !ruby/object:Gem::Dependency
   name: ruby-audio
   requirement: !ruby/object:Gem::Requirement
@@ -1245,6 +1245,7 @@ executables:
 - pwn_char_html_entity_encoding
 - pwn_char_unicode_escaped_encoding
 - pwn_char_url_encoding
+- pwn_crt_sh
 - pwn_defectdojo_engagement_create
 - pwn_defectdojo_importscan
 - pwn_defectdojo_reimportscan
@@ -1312,6 +1313,7 @@ files:
 - bin/pwn_char_html_entity_encoding
 - bin/pwn_char_unicode_escaped_encoding
 - bin/pwn_char_url_encoding
+- bin/pwn_crt_sh
 - bin/pwn_defectdojo_engagement_create
 - bin/pwn_defectdojo_importscan
 - bin/pwn_defectdojo_reimportscan