pwn 0.5.190 → 0.5.192

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8f5fb6d75564102eb7ed819f4c3833eefb9c8874fd78a0d0f588e07c74d00b62
-  data.tar.gz: 3fd6332778c90183ea364e2ee899a72beb79a3c8863c855ba669349fedbf2a65
+  metadata.gz: 943acf516461b6defab89c118dce50021fbe4a54149e383cb94be08570cb4735
+  data.tar.gz: 88ed9ddeec7d76c97a0b4665b26d14db609b9a820786905ab81a2d1f9115f65b
 SHA512:
-  metadata.gz: 76cfc601b26f1aa5b095f7b0d12bd32186bcc7ed606738ee2b9aa5890820b254d8496c7814a6228771cd1112dc7628c2bca773438964a6ad5e7a8fe0c0efa2e1
-  data.tar.gz: 823c40899d1f2d899f21f490737138f7870348ef6d7f03e121056024a97c2059b68bb27985b01c40eb4ad89db96a8126ab3b371af34a095b855f0c60800ef28e
+  metadata.gz: 15fea999df3f0b8f05358f285980cf34851d3dde2992e325f8b1cc3d550be9e24a18fe78a7147531d811992f8b15b9ef2e89300cade9d9873534addc513ecd65
+  data.tar.gz: 13f05cebbee3ddd043f8f397a733a78daa7e8aa1efae393659d2e8f9bd493cc940bcea1d953fd2bcebeaece47eb29f9abad9184f41ce5a3b587e6285a981beb0

data/README.md

@@ -37,7 +37,7 @@ $ cd /opt/pwn
 $ ./install.sh
 $ ./install.sh ruby-gem
 $ pwn
-pwn[v0.5.190]:001 >>> PWN.help
+pwn[v0.5.192]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.3.3@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.5.190]:001 >>> PWN.help
+pwn[v0.5.192]:001 >>> PWN.help
 ```
 
 If you're using a multi-user install of RVM do:
@@ -62,7 +62,7 @@ $ rvm use ruby-3.3.3@pwn
 $ rvmsudo gem uninstall --all --executables pwn
 $ rvmsudo gem install --verbose pwn
 $ pwn
-pwn[v0.5.190]:001 >>> PWN.help
+pwn[v0.5.192]:001 >>> PWN.help
 ```
 
 PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`.  The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:

data/lib/pwn/plugins/transparent_browser.rb

@@ -41,7 +41,7 @@ module PWN
       # browser_obj1 = PWN::Plugins::TransparentBrowser.open(
       #   browser_type: 'optional - :firefox|:chrome|:headless|:rest|:websocket (defaults to :chrome)',
       #   proxy: 'optional - scheme://proxy_host:port || tor (defaults to nil)',
-      #   with_devtools: 'optional - boolean (defaults to true)',
+      #   devtools: 'optional - boolean (defaults to true)',
       #   url: 'optional - URL to navigate to after opening browser (Defaults to about:about#RANDID)'
       # )
 
@@ -60,8 +60,8 @@ module PWN
         end
 
         devtools_supported = %i[chrome headless_chrome firefox headless_firefox headless]
-        with_devtools = opts[:with_devtools] ||= false
-        with_devtools = true if devtools_supported.include?(browser_type) && with_devtools
+        devtools = opts[:devtools] ||= false
+        devtools = true if devtools_supported.include?(browser_type) && devtools
 
         url = opts[:url] ||= "about:about##{SecureRandom.hex(8)}"
 
@@ -130,7 +130,7 @@ module PWN
             end
           end
 
-          args.push('--devtools') if with_devtools
+          args.push('--devtools') if devtools
           options = Selenium::WebDriver::Firefox::Options.new(
             args: args,
             accept_insecure_certs: true
@@ -151,7 +151,7 @@ module PWN
             args.push("--proxy-server=#{proxy}")
           end
 
-          if with_devtools
+          if devtools
             args.push('--auto-open-devtools-for-tabs')
             args.push('--disable-hang-monitor')
           end
@@ -198,9 +198,6 @@ module PWN
           this_profile['devtools.cache.disabled'] = true
           this_profile['dom.caches.enabled'] = false
 
-          # caps = Selenium::WebDriver::Remote::Capabilities.firefox
-          # caps[:acceptInsecureCerts] = true
-
           if proxy
             this_profile['network.proxy.type'] = 1
             this_profile['network.proxy.allow_hijacking_localhost'] = true
@@ -261,6 +258,7 @@ module PWN
               browser_obj[:browser].proxy = proxy
             end
           end
+          puts browser_obj[:browser].get(url).body if url
 
         when :websocket
           if proxy
@@ -288,10 +286,10 @@ module PWN
 
         if devtools_supported.include?(browser_type)
           rand_tab = SecureRandom.hex(8)
-          browser_obj[:browser].goto("about:about##{rand_tab}")
+          browser_obj[:browser].goto(url)
           browser_obj[:browser].execute_script("document.title = '#{rand_tab}'")
 
-          if with_devtools
+          if devtools
             driver = browser_obj[:browser].driver
             browser_obj[:devtools] = driver.devtools
 
@@ -311,6 +309,7 @@ module PWN
 
             browser_obj[:bidi] = driver.bidi
 
+            jmp_devtools_panel(browser_obj: browser_obj, panel: :elements)
             browser_obj[:browser].send_keys(:escape)
           end
         end
@@ -513,7 +512,7 @@ module PWN
 
       # Supported Method Parameters::
       # tab = PWN::Plugins::TransparentBrowser.close_tab(
-      #   browser_obj: 'required - browser_obj returned from #open method)'
+      #   browser_obj: 'required - browser_obj returned from #open method)',
       #   keyword: 'required - keyword in title or url used to close tabs'
       # )
 
@@ -526,17 +525,26 @@ module PWN
 
         browser = browser_obj[:browser]
         # Switch to an inactive tab before closing the active tab if it's currently active
-        active_tab = list_tabs(browser_obj: browser_obj).find { |tab| tab[:state] == :active }
-        if active_tab[:url] == browser.url
-          inactive_tabs = list_tabs(browser_obj: browser_obj).reject { |tab| tab[:state] == :active }
+        tab_list = list_tabs(browser_obj: browser_obj)
+        active_tab = tab_list.find { |tab| tab[:state] == :active }
+        if active_tab[:url].include?(keyword)
+          inactive_tabs = tab_list.reject { |tab| tab[:url] == browser.url }
           if inactive_tabs.any?
-            keyword = inactive_tabs.last[:url]
-            jmp_tab(browser_obj: browser_obj, keyword: keyword)
+            tab_to_activate = inactive_tabs.last[:url]
+            jmp_tab(browser_obj: browser_obj, keyword: tab_to_activate)
           end
         end
         all_tabs = browser.windows
-        tab_sel = all_tabs.select { |tab| tab.close if tab.title.include?(keyword) || tab.url.include?(keyword) }
-        { title: tab_sel.last.title, url: tab_sel.last.url, state: :closed } if tab_sel.any?
+
+        tabs_to_close = all_tabs.select { |tab| tab.title.include?(keyword) || tab.url.include?(keyword) }
+
+        tabs_closed = tabs_to_close.map do |tab|
+          { title: tab.title, url: tab.url, state: :closed }
+        end
+
+        tabs_to_close.each(&:close)
+
+        tabs_closed
       rescue StandardError => e
         raise e
       end
@@ -697,6 +705,7 @@ module PWN
         end
 
         # Have to call twice for Chrome, otherwise devtools stays closed
+        browser.body.click
         browser.send_keys(hotkey)
         browser.send_keys(hotkey) if chrome_types.include?(browser_type)
       rescue StandardError => e
@@ -741,7 +750,7 @@ module PWN
           browser_obj1 = #{self}.open(
             browser_type: 'optional - :firefox|:chrome|:headless|:rest|:websocket (defaults to :chrome)',
             proxy: 'optional scheme://proxy_host:port || tor (defaults to nil)',
-            with_devtools: 'optional - boolean (defaults to true)'
+            devtools: 'optional - boolean (defaults to true)'
           )
           browser = browser_obj1[:browser]
           puts browser.public_methods

data/lib/pwn/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.5.190'
+  VERSION = '0.5.192'
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.5.190
+  version: 0.5.192
 platform: ruby
 authors:
 - 0day Inc.