pwn 0.5.169 → 0.5.170
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +2 -2
- data/README.md +3 -3
- data/lib/pwn/plugins/transparent_browser.rb +55 -13
- data/lib/pwn/version.rb +1 -1
- metadata +7 -7
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: ec94369fbeadf39f3526f3e5416570bd17fd654dd063b6f2a768c12db3f9e11d
|
4
|
+
data.tar.gz: 32f5580b118c1b9a091f1b601c1b6bc14c7780e277659a5dd71d46fe9981bf47
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 110864b6f5fb845e160a7d9e0bc9895581f27e114862cd07318b1801227969dd895a0bbacb9cfb814e1cdc8137fe7167bbde74a3486ac6ebbebfdcfda8dfb49f
|
7
|
+
data.tar.gz: d2932152fa9fc13bf13466103fdc42d006a7e0745df2df0d9ce3b7e99944028afe19252e5f40903ac845876da00451da5e577ee9abd23c86c32e99a35477b3ae
|
data/Gemfile
CHANGED
@@ -20,7 +20,7 @@ gem 'barby', '0.6.9'
|
|
20
20
|
gem 'base32', '0.3.4'
|
21
21
|
gem 'brakeman', '6.1.2'
|
22
22
|
gem 'bson', '5.0.0'
|
23
|
-
gem 'bundler', '>=2.5.
|
23
|
+
gem 'bundler', '>=2.5.13'
|
24
24
|
gem 'bundler-audit', '0.9.1'
|
25
25
|
gem 'bunny', '2.22.0'
|
26
26
|
gem 'colorize', '1.1.0'
|
@@ -56,7 +56,7 @@ gem 'net-ldap', '0.19.0'
|
|
56
56
|
gem 'net-openvpn', '0.8.7'
|
57
57
|
gem 'net-smtp', '0.5.0'
|
58
58
|
gem 'nexpose', '7.3.0'
|
59
|
-
gem 'nokogiri', '1.16.
|
59
|
+
gem 'nokogiri', '1.16.6'
|
60
60
|
gem 'nokogiri-diff', '0.3.0'
|
61
61
|
gem 'oily_png', '1.2.1'
|
62
62
|
gem 'open3', '0.2.1'
|
data/README.md
CHANGED
@@ -37,7 +37,7 @@ $ cd /opt/pwn
|
|
37
37
|
$ ./install.sh
|
38
38
|
$ ./install.sh ruby-gem
|
39
39
|
$ pwn
|
40
|
-
pwn[v0.5.
|
40
|
+
pwn[v0.5.170]:001 >>> PWN.help
|
41
41
|
```
|
42
42
|
|
43
43
|
[![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.3.3@pwn
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
53
53
|
$ gem install --verbose pwn
|
54
54
|
$ pwn
|
55
|
-
pwn[v0.5.
|
55
|
+
pwn[v0.5.170]:001 >>> PWN.help
|
56
56
|
```
|
57
57
|
|
58
58
|
If you're using a multi-user install of RVM do:
|
@@ -62,7 +62,7 @@ $ rvm use ruby-3.3.3@pwn
|
|
62
62
|
$ rvmsudo gem uninstall --all --executables pwn
|
63
63
|
$ rvmsudo gem install --verbose pwn
|
64
64
|
$ pwn
|
65
|
-
pwn[v0.5.
|
65
|
+
pwn[v0.5.170]:001 >>> PWN.help
|
66
66
|
```
|
67
67
|
|
68
68
|
PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
|
@@ -22,16 +22,17 @@ module PWN
|
|
22
22
|
|
23
23
|
# Supported Method Parameters::
|
24
24
|
# browser_obj1 = PWN::Plugins::TransparentBrowser.open(
|
25
|
-
# browser_type: :firefox|:chrome|:headless|:rest|:websocket,
|
26
|
-
# proxy: 'optional - scheme://proxy_host:port || tor',
|
27
|
-
# with_devtools: 'optional - boolean (defaults to
|
25
|
+
# browser_type: 'optional - :firefox|:chrome|:headless|:rest|:websocket (defaults to :chrome)',
|
26
|
+
# proxy: 'optional - scheme://proxy_host:port || tor (defaults to nil)',
|
27
|
+
# with_devtools: 'optional - boolean (defaults to true)'
|
28
28
|
# )
|
29
29
|
|
30
30
|
public_class_method def self.open(opts = {})
|
31
|
-
browser_type = opts[:browser_type]
|
31
|
+
browser_type = opts[:browser_type] ||= :chrome
|
32
32
|
proxy = opts[:proxy].to_s unless opts[:proxy].nil?
|
33
33
|
|
34
34
|
browser_obj = {}
|
35
|
+
browser_obj[:type] = browser_type
|
35
36
|
|
36
37
|
tor_obj = nil
|
37
38
|
if opts[:proxy] == 'tor'
|
@@ -40,7 +41,7 @@ module PWN
|
|
40
41
|
browser_obj[:tor_obj] = tor_obj
|
41
42
|
end
|
42
43
|
|
43
|
-
opts[:with_devtools]
|
44
|
+
with_devtools = opts[:with_devtools] ||= true
|
44
45
|
|
45
46
|
# Let's crank up the default timeout from 30 seconds to 15 min for slow sites
|
46
47
|
Watir.default_timeout = 900
|
@@ -265,6 +266,36 @@ module PWN
|
|
265
266
|
raise e
|
266
267
|
end
|
267
268
|
|
269
|
+
# Supported Method Parameters::
|
270
|
+
# console_resp = PWN::Plugins::TransparentBrowser.devtools_console(
|
271
|
+
# browser_obj: browser_obj1,
|
272
|
+
# js: 'required - JavaScript expression to evaluate'
|
273
|
+
# )
|
274
|
+
|
275
|
+
public_class_method def self.devtools_console(opts = {})
|
276
|
+
browser_obj = opts[:browser_obj]
|
277
|
+
browser_type = browser_obj[:type]
|
278
|
+
raise 'Error: sorry, this method only supports browser_obj[:type] == :chrome' unless browser_type == :chrome
|
279
|
+
|
280
|
+
js = opts[:js] ||= "alert('ACK from => #{self}')"
|
281
|
+
|
282
|
+
devtools = browser_obj[:browser].driver.devtools
|
283
|
+
devtools.send_cmd('Runtime.enable')
|
284
|
+
devtools.send_cmd('Console.enable')
|
285
|
+
devtools.send_cmd('DOM.enable')
|
286
|
+
devtools.send_cmd('Page.enable')
|
287
|
+
devtools.send_cmd('Log.enable')
|
288
|
+
devtools.send_cmd('Debugger.enable')
|
289
|
+
|
290
|
+
expression_cmd = {
|
291
|
+
expression: js
|
292
|
+
}
|
293
|
+
|
294
|
+
devtools.send_cmd('Runtime.evaluate', **expression_cmd)
|
295
|
+
rescue StandardError => e
|
296
|
+
raise e
|
297
|
+
end
|
298
|
+
|
268
299
|
# Supported Method Parameters::
|
269
300
|
# browser_obj = PWN::Plugins::TransparentBrowser.linkout(
|
270
301
|
# browser_obj: browser_obj1
|
@@ -364,21 +395,27 @@ module PWN
|
|
364
395
|
public_class_method def self.help
|
365
396
|
puts "USAGE:
|
366
397
|
browser_obj1 = #{self}.open(
|
367
|
-
browser_type: :firefox|:chrome|:
|
368
|
-
proxy: 'optional scheme://proxy_host:port || tor',
|
369
|
-
with_devtools: 'optional - boolean (defaults to
|
398
|
+
browser_type: 'optional - :firefox|:chrome|:headless|:rest|:websocket (defaults to :chrome)',
|
399
|
+
proxy: 'optional scheme://proxy_host:port || tor (defaults to nil)',
|
400
|
+
with_devtools: 'optional - boolean (defaults to true)'
|
370
401
|
)
|
371
|
-
|
402
|
+
browser = browser_obj1[:browser]
|
403
|
+
puts browser.public_methods
|
372
404
|
|
373
405
|
********************************************************
|
374
|
-
* DevTools Interaction
|
406
|
+
* DevTools Interaction
|
375
407
|
* All DevTools Commands can be found here:
|
376
408
|
* https://chromedevtools.github.io/devtools-protocol/
|
377
409
|
* Examples
|
378
|
-
devtools =
|
410
|
+
devtools = browser.driver.devtools
|
379
411
|
puts devtools.public_methods
|
380
412
|
puts devtools.instance_variables
|
381
|
-
puts devtools.instance_variable_get('@
|
413
|
+
puts devtools.instance_variable_get('@session_id')
|
414
|
+
|
415
|
+
websocket = devtools.instance_variable_get('@ws')
|
416
|
+
puts websocket.public_methods
|
417
|
+
puts websocket.instance_variables
|
418
|
+
puts websocket.instance_variable_get('@messages')
|
382
419
|
|
383
420
|
* Tracing
|
384
421
|
devtools.send_cmd('Tracing.start')
|
@@ -406,7 +443,7 @@ module PWN
|
|
406
443
|
devtools.send_cmd('Console.clearMessages')
|
407
444
|
devtools.send_cmd('Log.clear')
|
408
445
|
console_events = []
|
409
|
-
|
446
|
+
browser.driver.on_log_event(:console) { |event| console_events.push(event) }
|
410
447
|
|
411
448
|
devtools.send_cmd('Debugger.stepInto')
|
412
449
|
puts \"Step: \#{step}\"
|
@@ -447,6 +484,11 @@ module PWN
|
|
447
484
|
* End of DevTools Examples
|
448
485
|
********************************************************
|
449
486
|
|
487
|
+
console_resp = #{self}.devtools_console(
|
488
|
+
browser_obj: 'required - browser_obj returned from #open method)',
|
489
|
+
js: 'required - JavaScript expression to evaluate'
|
490
|
+
)
|
491
|
+
|
450
492
|
browser_obj1 = #{self}.linkout(
|
451
493
|
browser_obj: 'required - browser_obj returned from #open method)'
|
452
494
|
)
|
data/lib/pwn/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: pwn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.5.
|
4
|
+
version: 0.5.170
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- 0day Inc.
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2024-06-
|
11
|
+
date: 2024-06-14 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|
@@ -128,14 +128,14 @@ dependencies:
|
|
128
128
|
requirements:
|
129
129
|
- - ">="
|
130
130
|
- !ruby/object:Gem::Version
|
131
|
-
version: 2.5.
|
131
|
+
version: 2.5.13
|
132
132
|
type: :development
|
133
133
|
prerelease: false
|
134
134
|
version_requirements: !ruby/object:Gem::Requirement
|
135
135
|
requirements:
|
136
136
|
- - ">="
|
137
137
|
- !ruby/object:Gem::Version
|
138
|
-
version: 2.5.
|
138
|
+
version: 2.5.13
|
139
139
|
- !ruby/object:Gem::Dependency
|
140
140
|
name: bundler-audit
|
141
141
|
requirement: !ruby/object:Gem::Requirement
|
@@ -618,14 +618,14 @@ dependencies:
|
|
618
618
|
requirements:
|
619
619
|
- - '='
|
620
620
|
- !ruby/object:Gem::Version
|
621
|
-
version: 1.16.
|
621
|
+
version: 1.16.6
|
622
622
|
type: :runtime
|
623
623
|
prerelease: false
|
624
624
|
version_requirements: !ruby/object:Gem::Requirement
|
625
625
|
requirements:
|
626
626
|
- - '='
|
627
627
|
- !ruby/object:Gem::Version
|
628
|
-
version: 1.16.
|
628
|
+
version: 1.16.6
|
629
629
|
- !ruby/object:Gem::Dependency
|
630
630
|
name: nokogiri-diff
|
631
631
|
requirement: !ruby/object:Gem::Requirement
|
@@ -2320,7 +2320,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
2320
2320
|
- !ruby/object:Gem::Version
|
2321
2321
|
version: '0'
|
2322
2322
|
requirements: []
|
2323
|
-
rubygems_version: 3.5.
|
2323
|
+
rubygems_version: 3.5.13
|
2324
2324
|
signing_key:
|
2325
2325
|
specification_version: 4
|
2326
2326
|
summary: Automated Security Testing for CI/CD Pipelines & Beyond
|