pwn 0.5.23 → 0.5.25
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +1 -0
- data/README.md +3 -3
- data/lib/pwn/plugins/assembly.rb +41 -27
- data/lib/pwn/version.rb +1 -1
- metadata +15 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: dadd39787409b581c7e107e807d9dc488d9ff6f030b3f8267cf97181c076ea94
|
4
|
+
data.tar.gz: cbf8770e949609afa29736c2035aa0d272e2a64c728630a46771767e5c13c2c3
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 9e74854f00d56728fd72baa1129d863e15577c93974b1fc471a57fe81b923badba073f915eb9fe25b3dfa643669166f65df113f5d9015a5698eb2e097ad6fec8
|
7
|
+
data.tar.gz: cfd9e46e1d2dfd58b40d42f0e85807dc37bf204ca642e1533363f2bb816ba792db26f594fbf12eb5251b54e4bade76d1e0eb6f6d4f91e1b4c219dd13183c3ccb
|
data/Gemfile
CHANGED
data/README.md
CHANGED
@@ -37,7 +37,7 @@ $ cd /opt/pwn
|
|
37
37
|
$ ./install.sh
|
38
38
|
$ ./install.sh ruby-gem
|
39
39
|
$ pwn
|
40
|
-
pwn[v0.5.
|
40
|
+
pwn[v0.5.25]:001 >>> PWN.help
|
41
41
|
```
|
42
42
|
|
43
43
|
[![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.3.0@pwn
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
53
53
|
$ gem install --verbose pwn
|
54
54
|
$ pwn
|
55
|
-
pwn[v0.5.
|
55
|
+
pwn[v0.5.25]:001 >>> PWN.help
|
56
56
|
```
|
57
57
|
|
58
58
|
If you're using a multi-user install of RVM do:
|
@@ -62,7 +62,7 @@ $ rvm use ruby-3.3.0@pwn
|
|
62
62
|
$ rvmsudo gem uninstall --all --executables pwn
|
63
63
|
$ rvmsudo gem install --verbose pwn
|
64
64
|
$ pwn
|
65
|
-
pwn[v0.5.
|
65
|
+
pwn[v0.5.25]:001 >>> PWN.help
|
66
66
|
```
|
67
67
|
|
68
68
|
PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
|
data/lib/pwn/plugins/assembly.rb
CHANGED
@@ -1,5 +1,6 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
+
require 'metasm'
|
3
4
|
require 'tempfile'
|
4
5
|
|
5
6
|
module PWN
|
@@ -9,50 +10,61 @@ module PWN
|
|
9
10
|
# Supported Method Parameters::
|
10
11
|
# PWN::Plugins::Assembly.opcodes_to_asm(
|
11
12
|
# opcodes: 'required - hex escaped opcode(s) (e.g. "\x90\x90\x90")',
|
12
|
-
# arch: 'optional - objdump
|
13
|
+
# arch: 'optional - architecture returned from objdump --info (defaults to PWN::Plugins::DetectOS.arch)',
|
14
|
+
# endian: 'optional - endianess (defaults to :little)'
|
13
15
|
# )
|
14
16
|
|
15
17
|
public_class_method def self.opcodes_to_asm(opts = {})
|
16
18
|
opcodes = opts[:opcodes]
|
17
|
-
arch = opts[:arch]
|
19
|
+
arch = opts[:arch] ||= PWN::Plugins::DetectOS.arch
|
20
|
+
endian = opts[:endian] ||= :little
|
18
21
|
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
22
|
+
case arch
|
23
|
+
when 'i386'
|
24
|
+
arch_obj = Metasm::Ia32.new(endian)
|
25
|
+
when 'amd64', 'x86_64'
|
26
|
+
arch_obj = Metasm::X86_64.new(endian)
|
27
|
+
when 'armv71'
|
28
|
+
arch_obj = Metasm::ARM.new(endian)
|
29
|
+
when 'aarch64'
|
30
|
+
arch_obj = Metasm::ARM64.new(endian)
|
31
|
+
else
|
32
|
+
raise "Unsupported architecture: #{arch}"
|
33
|
+
end
|
34
|
+
|
35
|
+
Metasm::Shellcode.disassemble(arch_obj, opcodes).to_s
|
24
36
|
rescue StandardError => e
|
25
37
|
raise e
|
26
|
-
ensure
|
27
|
-
opcodes_tmp.unlink if File.exist?(opcodes_tmp.path)
|
28
38
|
end
|
29
39
|
|
30
40
|
# Supported Method Parameters::
|
31
41
|
# PWN::Plugins::Assembly.asm_to_opcodes(
|
32
42
|
# asm: 'required - assembly instruction(s) (e.g. 'nop\nnop\nnop\njmp rsp\n)',
|
33
|
-
# arch: 'optional - objdump
|
43
|
+
# arch: 'optional - architecture returned from objdump --info (defaults to PWN::Plugins::DetectOS.arch)',
|
44
|
+
# endian: 'optional - endianess (defaults to :little)'
|
34
45
|
# )
|
35
46
|
|
36
47
|
public_class_method def self.asm_to_opcodes(opts = {})
|
37
48
|
asm = opts[:asm]
|
38
|
-
arch = opts[:arch]
|
39
|
-
|
40
|
-
asm_code = ".global _start\n_start:\n#{asm}"
|
49
|
+
arch = opts[:arch] ||= PWN::Plugins::DetectOS.arch
|
50
|
+
endian = opts[:endian] ||= :little
|
41
51
|
|
42
|
-
|
43
|
-
|
44
|
-
|
52
|
+
case arch
|
53
|
+
when 'i386'
|
54
|
+
arch_obj = Metasm::Ia32.new(endian)
|
55
|
+
when 'amd64', 'x86_64'
|
56
|
+
arch_obj = Metasm::X86_64.new(endian)
|
57
|
+
when 'armv71'
|
58
|
+
arch_obj = Metasm::ARM.new(endian)
|
59
|
+
when 'aarch64'
|
60
|
+
arch_obj = Metasm::ARM64.new(endian)
|
61
|
+
else
|
62
|
+
raise "Unsupported architecture: #{arch}"
|
63
|
+
end
|
45
64
|
|
46
|
-
|
47
|
-
# TODO: Implement support for other architectures
|
48
|
-
# for both 32bit and 64bit
|
49
|
-
system('as', '-o', asm_tmp_o, asm_tmp.path)
|
50
|
-
`objdump --disassemble-all #{asm_tmp.path}.o`
|
65
|
+
Metasm::Shellcode.assemble(arch_obj, asm).encode_string
|
51
66
|
rescue StandardError => e
|
52
67
|
raise e
|
53
|
-
ensure
|
54
|
-
files = [asm_tmp.path, asm_tmp_o]
|
55
|
-
FileUtils.rm_f(files) if File.exist?(asm_tmp.path)
|
56
68
|
end
|
57
69
|
|
58
70
|
# Author(s):: 0day Inc. <request.pentest@0dayinc.com>
|
@@ -69,12 +81,14 @@ module PWN
|
|
69
81
|
puts "USAGE:
|
70
82
|
#{self}.opcodes_to_asm(
|
71
83
|
opcodes: 'required - hex escaped opcode(s) (e.g. \"\\x90\\x90\\x90\")',
|
72
|
-
arch: 'optional - objdump
|
84
|
+
arch: 'optional - architecture returned from objdump --info (defaults to PWN::Plugins::DetectOS.arch)',
|
85
|
+
endian: 'optional - endianess (defaults to :little)'
|
73
86
|
)
|
74
87
|
|
75
88
|
#{self}.asm_to_opcodes(
|
76
|
-
asm: 'required - assembly instruction(s) (e.g. '
|
77
|
-
arch: 'optional - objdump
|
89
|
+
asm: 'required - assembly instruction(s) (e.g. 'nop\nnop\nnop\njmp rsp\n)',
|
90
|
+
arch: 'optional - architecture returned from objdump --info (defaults to PWN::Plugins::DetectOS.arch)',
|
91
|
+
endian: 'optional - endianess (defaults to :little)'
|
78
92
|
)
|
79
93
|
|
80
94
|
#{self}.authors
|
data/lib/pwn/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: pwn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.5.
|
4
|
+
version: 0.5.25
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- 0day Inc.
|
@@ -458,6 +458,20 @@ dependencies:
|
|
458
458
|
- - '='
|
459
459
|
- !ruby/object:Gem::Version
|
460
460
|
version: 2.8.1
|
461
|
+
- !ruby/object:Gem::Dependency
|
462
|
+
name: metasm
|
463
|
+
requirement: !ruby/object:Gem::Requirement
|
464
|
+
requirements:
|
465
|
+
- - '='
|
466
|
+
- !ruby/object:Gem::Version
|
467
|
+
version: 1.0.5
|
468
|
+
type: :runtime
|
469
|
+
prerelease: false
|
470
|
+
version_requirements: !ruby/object:Gem::Requirement
|
471
|
+
requirements:
|
472
|
+
- - '='
|
473
|
+
- !ruby/object:Gem::Version
|
474
|
+
version: 1.0.5
|
461
475
|
- !ruby/object:Gem::Dependency
|
462
476
|
name: msfrpc-client
|
463
477
|
requirement: !ruby/object:Gem::Requirement
|