pwn 0.5.242 → 0.5.244
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +3 -3
- data/etc/pwn.yaml.EXAMPLE +1 -2
- data/lib/pwn/plugins/repl.rb +7 -11
- data/lib/pwn/version.rb +1 -1
- data/lib/pwn/www/hacker_one.rb +7 -2
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ee33c6b5d9c89b354d3c125a6e8a913cd73b128d1c8dc5e4972fb209425a4868
|
|
4
|
+
data.tar.gz: 6b93ae56225ea274fa117a9cf510bc9c52294b56448c7ebcfafc38fd9188ebf2
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 4f2ddb254a5e633e7e61dccd336de07bdabfc9530807b22955407b081a3415ce9673bf2a142903757f1f3255fdca19c76658403f3c7d28c68675b7682e4c093e
|
|
7
|
+
data.tar.gz: f61471732dd1826ae52caba8385bb605c14ff2d6c45aa37753793aa721f94dd141aa14080054c56341991232579352a98e55f2b7d09910d6e57c583e4fff8856
|
data/README.md
CHANGED
|
@@ -37,7 +37,7 @@ $ cd /opt/pwn
|
|
|
37
37
|
$ ./install.sh
|
|
38
38
|
$ ./install.sh ruby-gem
|
|
39
39
|
$ pwn
|
|
40
|
-
pwn[v0.5.
|
|
40
|
+
pwn[v0.5.244]:001 >>> PWN.help
|
|
41
41
|
```
|
|
42
42
|
|
|
43
43
|
[](https://youtu.be/G7iLUY4FzsI)
|
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.4.1@pwn
|
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
|
53
53
|
$ gem install --verbose pwn
|
|
54
54
|
$ pwn
|
|
55
|
-
pwn[v0.5.
|
|
55
|
+
pwn[v0.5.244]:001 >>> PWN.help
|
|
56
56
|
```
|
|
57
57
|
|
|
58
58
|
If you're using a multi-user install of RVM do:
|
|
@@ -62,7 +62,7 @@ $ rvm use ruby-3.4.1@pwn
|
|
|
62
62
|
$ rvmsudo gem uninstall --all --executables pwn
|
|
63
63
|
$ rvmsudo gem install --verbose pwn
|
|
64
64
|
$ pwn
|
|
65
|
-
pwn[v0.5.
|
|
65
|
+
pwn[v0.5.244]:001 >>> PWN.help
|
|
66
66
|
```
|
|
67
67
|
|
|
68
68
|
PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
|
data/etc/pwn.yaml.EXAMPLE
CHANGED
|
@@ -27,7 +27,7 @@ irc:
|
|
|
27
27
|
browser:
|
|
28
28
|
pwn_rb: '/opt/pwn/lib/pwn/plugins/transparent_browser.rb'
|
|
29
29
|
system_role_content: 'You are a browser. You are a web browser that can be controlled by a human or AI agent'
|
|
30
|
-
|
|
30
|
+
nimjeh:
|
|
31
31
|
pwn_rb: ''
|
|
32
32
|
system_role_content: 'You are a sarcastic hacker. You find software zero day vulnerabilities. This involves analyzing source code, race conditions, application binaries, and network protocols from an offensive security perspective.'
|
|
33
33
|
nmap:
|
|
@@ -39,7 +39,6 @@ irc:
|
|
|
39
39
|
|
|
40
40
|
meshtastic:
|
|
41
41
|
psks:
|
|
42
|
-
admin: 'required - PSK for admin channel'
|
|
43
42
|
LongFast: 'required - PSK for LongFast channel'
|
|
44
43
|
PWN: 'required - PSK for pwn channel'
|
|
45
44
|
|
data/lib/pwn/plugins/repl.rb
CHANGED
|
@@ -128,18 +128,15 @@ module PWN
|
|
|
128
128
|
suppress_progress: true
|
|
129
129
|
)
|
|
130
130
|
# Top 10 Programs
|
|
131
|
-
|
|
131
|
+
top_program = h1_programs.sort_by { |s| s[:min_payout].delete('$').to_f }.reverse.first
|
|
132
132
|
|
|
133
|
-
|
|
134
|
-
|
|
135
|
-
program_name
|
|
136
|
-
|
|
137
|
-
|
|
138
|
-
)
|
|
139
|
-
h1_scope_details.push(this_h1_scope)
|
|
140
|
-
end
|
|
133
|
+
program_name = top_program[:name]
|
|
134
|
+
h1_scope_details = PWN::WWW::HackerOne.get_scope_details(
|
|
135
|
+
program_name: program_name
|
|
136
|
+
)
|
|
137
|
+
top_program_scope = h1_scope_details[:scope_details][:data][:team][:structured_scopes_search][:nodes]
|
|
141
138
|
|
|
142
|
-
|
|
139
|
+
top_program_scope
|
|
143
140
|
rescue StandardError => e
|
|
144
141
|
raise e
|
|
145
142
|
ensure
|
|
@@ -227,7 +224,6 @@ module PWN
|
|
|
227
224
|
! If PWN_Framework is defined, understand the purpose of the module and how it is used
|
|
228
225
|
! Generate ruby examples using the capabilities of the PWN_Framework if applicable
|
|
229
226
|
! `require 'pwn'` is the gem needed to using the PWN_Framework capabilities
|
|
230
|
-
! Any agents with target_scope defined owns a portion of authorized targets in scope for exploitation
|
|
231
227
|
Your area of expertise is the following:
|
|
232
228
|
#{ai_system_role_content}
|
|
233
229
|
"
|
data/lib/pwn/version.rb
CHANGED
data/lib/pwn/www/hacker_one.rb
CHANGED
|
@@ -195,7 +195,7 @@ module PWN
|
|
|
195
195
|
|
|
196
196
|
json_resp = {
|
|
197
197
|
name: program_name,
|
|
198
|
-
scope_details: json_resp_hash
|
|
198
|
+
scope_details: json_resp_hash
|
|
199
199
|
}
|
|
200
200
|
rescue RestClient::ExceptionWithResponse => e
|
|
201
201
|
if e.response
|
|
@@ -506,7 +506,12 @@ module PWN
|
|
|
506
506
|
suppress_progress: 'optional - suppress output (defaults to false)'
|
|
507
507
|
)
|
|
508
508
|
|
|
509
|
-
scope_details =
|
|
509
|
+
scope_details = #{self}.get_scope_details(
|
|
510
|
+
program_name: 'required - program name from #get_bounty_programs method',
|
|
511
|
+
proxy: 'optional - scheme://proxy_host:port || tor'
|
|
512
|
+
)
|
|
513
|
+
|
|
514
|
+
hacktivity = #{self}.get_hacktivity(
|
|
510
515
|
program_name: 'required - program name from #get_bounty_programs method',
|
|
511
516
|
proxy: 'optional - scheme://proxy_host:port || tor'
|
|
512
517
|
)
|