pwn 0.5.189 → 0.5.191

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +3 -3
  3. data/lib/pwn/plugins/transparent_browser.rb +30 -18
  4. data/lib/pwn/version.rb +1 -1
  5. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 23209b3ae230ac7903981327315c626571dabf4ddb74d3864ca2bd625c3651da
4
- data.tar.gz: e2a378c4ed79978d0a6dd80a761d3dcedb9cbfa5926d0d926b1d248cbeebc974
3
+ metadata.gz: 0a505a20bdb9c9adcd1e006d35bc8b09002c4c98e4dfd43d6e592f381fc39ae0
4
+ data.tar.gz: '05856cfa4c5c3e0d3fb9a807a616f063f4606b09c913b6502e4c354613da321e'
5
5
  SHA512:
6
- metadata.gz: dcfd61071ac2d1f858cb55c23754ba53deae089f828ce0d9f552b6a37e060e90476d5df80c88bcf32b9ecf63bf54b760fe3281cce17ed1a97545563522a21357
7
- data.tar.gz: 67b6242126b03a7ea82c2e002c133b62f93a5f87561549355d27da94a9dbfca9afbec3eaf5256840215e45cdcb6c2077055fd5a4d140ed5fc99dd268f1414d3d
6
+ metadata.gz: a4386feadcc8c56c4de2c8fe323fba7c4b794397cdf4c4a0e3ca661e8126ce8cb07b71aa191d1cc5cf6233bbdc5a0cc5bcf8e4c7b7dfe2bfb824b8fd68db5651
7
+ data.tar.gz: c61ac9fcf9e474fe4b01eaa0fdf0deb03beebd91e4f7cdc340b9b960f9dbcec3b8ffa5fe3562007f0af313ff9ae805e3881bac25bdfbc37db9f94ba9a358e517
data/README.md CHANGED
@@ -37,7 +37,7 @@ $ cd /opt/pwn
37
37
  $ ./install.sh
38
38
  $ ./install.sh ruby-gem
39
39
  $ pwn
40
- pwn[v0.5.189]:001 >>> PWN.help
40
+ pwn[v0.5.191]:001 >>> PWN.help
41
41
  ```
42
42
 
43
43
  [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.3.3@pwn
52
52
  $ gem uninstall --all --executables pwn
53
53
  $ gem install --verbose pwn
54
54
  $ pwn
55
- pwn[v0.5.189]:001 >>> PWN.help
55
+ pwn[v0.5.191]:001 >>> PWN.help
56
56
  ```
57
57
 
58
58
  If you're using a multi-user install of RVM do:
@@ -62,7 +62,7 @@ $ rvm use ruby-3.3.3@pwn
62
62
  $ rvmsudo gem uninstall --all --executables pwn
63
63
  $ rvmsudo gem install --verbose pwn
64
64
  $ pwn
65
- pwn[v0.5.189]:001 >>> PWN.help
65
+ pwn[v0.5.191]:001 >>> PWN.help
66
66
  ```
67
67
 
68
68
  PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
data/lib/pwn/plugins/transparent_browser.rb CHANGED
@@ -41,7 +41,8 @@ module PWN
41
41
  # browser_obj1 = PWN::Plugins::TransparentBrowser.open(
42
42
  # browser_type: 'optional - :firefox|:chrome|:headless|:rest|:websocket (defaults to :chrome)',
43
43
  # proxy: 'optional - scheme://proxy_host:port || tor (defaults to nil)',
44
- # with_devtools: 'optional - boolean (defaults to true)'
44
+ # with_devtools: 'optional - boolean (defaults to true)',
45
+ # url: 'optional - URL to navigate to after opening browser (Defaults to about:about#RANDID)'
45
46
  # )
46
47
 
47
48
  public_class_method def self.open(opts = {})
@@ -62,6 +63,8 @@ module PWN
62
63
  with_devtools = opts[:with_devtools] ||= false
63
64
  with_devtools = true if devtools_supported.include?(browser_type) && with_devtools
64
65
 
66
+ url = opts[:url] ||= "about:about##{SecureRandom.hex(8)}"
67
+
65
68
  # Let's crank up the default timeout from 30 seconds to 15 min for slow sites
66
69
  Watir.default_timeout = 900
67
70
 
@@ -195,9 +198,6 @@ module PWN
195
198
  this_profile['devtools.cache.disabled'] = true
196
199
  this_profile['dom.caches.enabled'] = false
197
200
 
198
- # caps = Selenium::WebDriver::Remote::Capabilities.firefox
199
- # caps[:acceptInsecureCerts] = true
200
-
201
201
  if proxy
202
202
  this_profile['network.proxy.type'] = 1
203
203
  this_profile['network.proxy.allow_hijacking_localhost'] = true
@@ -286,6 +286,7 @@ module PWN
286
286
  if devtools_supported.include?(browser_type)
287
287
  rand_tab = SecureRandom.hex(8)
288
288
  browser_obj[:browser].goto("about:about##{rand_tab}")
289
+ browser_obj[:browser].execute_script("document.title = '#{rand_tab}'")
289
290
 
290
291
  if with_devtools
291
292
  driver = browser_obj[:browser].driver
@@ -307,7 +308,7 @@ module PWN
307
308
 
308
309
  browser_obj[:bidi] = driver.bidi
309
310
 
310
- browser_obj[:browser].body.send_keys(:escape)
311
+ browser_obj[:browser].send_keys(:escape)
311
312
  end
312
313
  end
313
314
 
@@ -497,9 +498,9 @@ module PWN
497
498
  browser.execute_script("document.title = '#{rand_tab}'")
498
499
  end
499
500
  # Open the DevTools for Firefox, Chrome opens them automatically
500
- browser.body.send_keys(:f12) if firefox_types.include?(browser_type)
501
+ browser.send_keys(:f12) if firefox_types.include?(browser_type)
501
502
  # Open Console drawer if DevTools are open
502
- browser.body.send_keys(:escape) unless devtools.nil?
503
+ browser.send_keys(:escape) unless devtools.nil?
503
504
  browser.goto(url) unless url.nil?
504
505
 
505
506
  { title: browser.title, url: browser.url, state: :active }
@@ -509,7 +510,7 @@ module PWN
509
510
 
510
511
  # Supported Method Parameters::
511
512
  # tab = PWN::Plugins::TransparentBrowser.close_tab(
512
- # browser_obj: 'required - browser_obj returned from #open method)'
513
+ # browser_obj: 'required - browser_obj returned from #open method)',
513
514
  # keyword: 'required - keyword in title or url used to close tabs'
514
515
  # )
515
516
 
@@ -522,15 +523,26 @@ module PWN
522
523
 
523
524
  browser = browser_obj[:browser]
524
525
  # Switch to an inactive tab before closing the active tab if it's currently active
525
- active_tab = list_tabs(browser_obj: browser_obj).select { |tab| tab[:state] == :active }
526
- if active_tab.last[:url] == browser.url
527
- inactive_tabs = list_tabs(browser_obj: browser_obj).reject { |tab| tab[:url] == browser.url }
528
- keyword = inactive_tabs.last[:url]
529
- jmp_tab(browser_obj: browser_obj, keyword: keyword)
526
+ tab_list = list_tabs(browser_obj: browser_obj)
527
+ active_tab = tab_list.find { |tab| tab[:state] == :active }
528
+ if active_tab[:url].include?(keyword)
529
+ inactive_tabs = tab_list.reject { |tab| tab[:url] == browser.url }
530
+ if inactive_tabs.any?
531
+ tab_to_activate = inactive_tabs.last[:url]
532
+ jmp_tab(browser_obj: browser_obj, keyword: tab_to_activate)
533
+ end
530
534
  end
531
535
  all_tabs = browser.windows
532
- tab_sel = all_tabs.select { |tab| tab.close if tab.title.include?(keyword) || tab.url.include?(keyword) }
533
- { title: tab_sel.last.title, url: tab_sel.last.url, state: :closed } if tab_sel.any?
536
+
537
+ tabs_to_close = all_tabs.select { |tab| tab.title.include?(keyword) || tab.url.include?(keyword) }
538
+
539
+ tabs_closed = tabs_to_close.map do |tab|
540
+ { title: tab.title, url: tab.url, state: :closed }
541
+ end
542
+
543
+ tabs_to_close.each(&:close)
544
+
545
+ tabs_closed
534
546
  rescue StandardError => e
535
547
  raise e
536
548
  end
@@ -647,7 +659,7 @@ module PWN
647
659
  verify_devtools_browser(browser_obj: browser_obj)
648
660
 
649
661
  browser = browser_obj[:browser]
650
- browser.body.send_keys(:f12)
662
+ browser.send_keys(:f12)
651
663
  rescue StandardError => e
652
664
  raise e
653
665
  end
@@ -691,8 +703,8 @@ module PWN
691
703
  end
692
704
 
693
705
  # Have to call twice for Chrome, otherwise devtools stays closed
694
- browser.body.send_keys(hotkey)
695
- browser.body.send_keys(hotkey) if chrome_types.include?(browser_type)
706
+ browser.send_keys(hotkey)
707
+ browser.send_keys(hotkey) if chrome_types.include?(browser_type)
696
708
  rescue StandardError => e
697
709
  raise e
698
710
  end
data/lib/pwn/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module PWN
4
- VERSION = '0.5.189'
4
+ VERSION = '0.5.191'
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pwn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.5.189
4
+ version: 0.5.191
5
5
  platform: ruby
6
6
  authors:
7
7
  - 0day Inc.