pwn 0.5.243 → 0.5.245
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile +3 -3
- data/README.md +3 -3
- data/etc/pwn.yaml.EXAMPLE +1 -2
- data/lib/pwn/plugins/repl.rb +9 -13
- data/lib/pwn/version.rb +1 -1
- data/third_party/pwn_rdoc.jsonl +1 -0
- metadata +8 -8
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: e6468d086af61cecc1e9163738374c7a1d49a9c6a27fe8488eea47e6420d4ca2
|
|
4
|
+
data.tar.gz: 773bb98a75a52f8f303ca3fbd7b3205125d55b9d13c19e4e807c810a15e890ac
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 6e7ef591a93a9ff49136941bae7e7334507e65bc5271e0c82216f17d39434c92d6566fd410d70ea446e8b8109f0a9fd317ba673aeb76cb87ed24202af7ff289f
|
|
7
|
+
data.tar.gz: b3229efc4c419ba3d5a0025ee764c122da0557db6c8490918e1dc1b9e8bc06c5805fa87413014d20a3185f472d3fe04701913d1fdba43360e783f580927b1893
|
data/Gemfile
CHANGED
|
@@ -41,13 +41,13 @@ gem 'htmlentities', '4.3.4'
|
|
|
41
41
|
gem 'ipaddress', '0.8.3'
|
|
42
42
|
gem 'jenkins_api_client2', '1.9.0'
|
|
43
43
|
gem 'js-beautify', '0.1.8'
|
|
44
|
-
gem 'json', '2.
|
|
44
|
+
gem 'json', '2.10.1'
|
|
45
45
|
gem 'jsonpath', '1.1.5'
|
|
46
46
|
gem 'jwt', '2.10.1'
|
|
47
47
|
gem 'libusb', '0.7.2'
|
|
48
48
|
gem 'luhn', '1.0.2'
|
|
49
49
|
gem 'mail', '2.8.1'
|
|
50
|
-
gem 'meshtastic', '0.0.
|
|
50
|
+
gem 'meshtastic', '0.0.108'
|
|
51
51
|
gem 'metasm', '1.0.5'
|
|
52
52
|
gem 'mongo', '2.21.0'
|
|
53
53
|
gem 'msfrpc-client', '1.1.2'
|
|
@@ -90,7 +90,7 @@ gem 'savon', '2.15.1'
|
|
|
90
90
|
gem 'selenium-devtools', '0.132.0'
|
|
91
91
|
# gem 'serialport', '1.3.2'
|
|
92
92
|
# gem 'sinatra', '4.0.0'
|
|
93
|
-
gem 'slack-ruby-client', '2.
|
|
93
|
+
gem 'slack-ruby-client', '2.5.1'
|
|
94
94
|
gem 'socksify', '1.7.1'
|
|
95
95
|
gem 'spreadsheet', '1.3.3'
|
|
96
96
|
gem 'sqlite3', '2.5.0'
|
data/README.md
CHANGED
|
@@ -37,7 +37,7 @@ $ cd /opt/pwn
|
|
|
37
37
|
$ ./install.sh
|
|
38
38
|
$ ./install.sh ruby-gem
|
|
39
39
|
$ pwn
|
|
40
|
-
pwn[v0.5.
|
|
40
|
+
pwn[v0.5.245]:001 >>> PWN.help
|
|
41
41
|
```
|
|
42
42
|
|
|
43
43
|
[](https://youtu.be/G7iLUY4FzsI)
|
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.4.1@pwn
|
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
|
53
53
|
$ gem install --verbose pwn
|
|
54
54
|
$ pwn
|
|
55
|
-
pwn[v0.5.
|
|
55
|
+
pwn[v0.5.245]:001 >>> PWN.help
|
|
56
56
|
```
|
|
57
57
|
|
|
58
58
|
If you're using a multi-user install of RVM do:
|
|
@@ -62,7 +62,7 @@ $ rvm use ruby-3.4.1@pwn
|
|
|
62
62
|
$ rvmsudo gem uninstall --all --executables pwn
|
|
63
63
|
$ rvmsudo gem install --verbose pwn
|
|
64
64
|
$ pwn
|
|
65
|
-
pwn[v0.5.
|
|
65
|
+
pwn[v0.5.245]:001 >>> PWN.help
|
|
66
66
|
```
|
|
67
67
|
|
|
68
68
|
PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
|
data/etc/pwn.yaml.EXAMPLE
CHANGED
|
@@ -27,7 +27,7 @@ irc:
|
|
|
27
27
|
browser:
|
|
28
28
|
pwn_rb: '/opt/pwn/lib/pwn/plugins/transparent_browser.rb'
|
|
29
29
|
system_role_content: 'You are a browser. You are a web browser that can be controlled by a human or AI agent'
|
|
30
|
-
|
|
30
|
+
nimjeh:
|
|
31
31
|
pwn_rb: ''
|
|
32
32
|
system_role_content: 'You are a sarcastic hacker. You find software zero day vulnerabilities. This involves analyzing source code, race conditions, application binaries, and network protocols from an offensive security perspective.'
|
|
33
33
|
nmap:
|
|
@@ -39,7 +39,6 @@ irc:
|
|
|
39
39
|
|
|
40
40
|
meshtastic:
|
|
41
41
|
psks:
|
|
42
|
-
admin: 'required - PSK for admin channel'
|
|
43
42
|
LongFast: 'required - PSK for LongFast channel'
|
|
44
43
|
PWN: 'required - PSK for pwn channel'
|
|
45
44
|
|
data/lib/pwn/plugins/repl.rb
CHANGED
|
@@ -120,7 +120,7 @@ module PWN
|
|
|
120
120
|
Pry::Commands.create_command 'pwn-irc' do
|
|
121
121
|
description 'Initiate pwn.irc chat interface.'
|
|
122
122
|
|
|
123
|
-
def
|
|
123
|
+
def top_h1_program_scope
|
|
124
124
|
browser_obj = PWN::WWW::HackerOne.open(browser_type: :headless)
|
|
125
125
|
h1_programs = PWN::WWW::HackerOne.get_bounty_programs(
|
|
126
126
|
browser_obj: browser_obj,
|
|
@@ -128,18 +128,15 @@ module PWN
|
|
|
128
128
|
suppress_progress: true
|
|
129
129
|
)
|
|
130
130
|
# Top 10 Programs
|
|
131
|
-
|
|
131
|
+
top_program = h1_programs.sort_by { |s| s[:min_payout].delete('$').to_f }.reverse.first
|
|
132
132
|
|
|
133
|
-
|
|
134
|
-
|
|
135
|
-
program_name
|
|
136
|
-
|
|
137
|
-
|
|
138
|
-
)
|
|
139
|
-
h1_scope_details.push(this_h1_scope)
|
|
140
|
-
end
|
|
133
|
+
program_name = top_program[:name]
|
|
134
|
+
h1_scope_details = PWN::WWW::HackerOne.get_scope_details(
|
|
135
|
+
program_name: program_name
|
|
136
|
+
)
|
|
137
|
+
top_program_scope = h1_scope_details[:scope_details][:data][:team][:structured_scopes_search][:nodes]
|
|
141
138
|
|
|
142
|
-
|
|
139
|
+
top_program_scope
|
|
143
140
|
rescue StandardError => e
|
|
144
141
|
raise e
|
|
145
142
|
ensure
|
|
@@ -227,14 +224,13 @@ module PWN
|
|
|
227
224
|
! If PWN_Framework is defined, understand the purpose of the module and how it is used
|
|
228
225
|
! Generate ruby examples using the capabilities of the PWN_Framework if applicable
|
|
229
226
|
! `require 'pwn'` is the gem needed to using the PWN_Framework capabilities
|
|
230
|
-
! Any agents with target_scope defined owns a portion of authorized targets in scope for exploitation
|
|
231
227
|
Your area of expertise is the following:
|
|
232
228
|
#{ai_system_role_content}
|
|
233
229
|
"
|
|
234
230
|
|
|
235
231
|
# Convention over Configuration \o/
|
|
236
232
|
if nick == :h1
|
|
237
|
-
h1_scope_details =
|
|
233
|
+
h1_scope_details = top_h1_program_scope
|
|
238
234
|
system_role_content = "
|
|
239
235
|
#{system_role_content}
|
|
240
236
|
target_scope :#{h1_scope_details}
|
data/lib/pwn/version.rb
CHANGED
data/third_party/pwn_rdoc.jsonl
CHANGED
|
@@ -1222,6 +1222,7 @@
|
|
|
1222
1222
|
{"messages":[{"role":"user","content":"PWN::WWW::HackerOne.authors Usage"},{"role":"assistant","content":"`PWN::WWW::HackerOne.authors`: Author(s)\n\n0day Inc. <support@0dayinc.com>\n"}]}
|
|
1223
1223
|
{"messages":[{"role":"user","content":"PWN::WWW::HackerOne.close Usage"},{"role":"assistant","content":"`PWN::WWW::HackerOne.close`: Supported Method Parameters\n\nbrowser_obj = PWN::WWW::HackerOne.close(\n\nbrowser_obj: 'required - browser_obj returned from #open method'\n\n)\n"}]}
|
|
1224
1224
|
{"messages":[{"role":"user","content":"PWN::WWW::HackerOne.get_bounty_programs Usage"},{"role":"assistant","content":"`PWN::WWW::HackerOne.get_bounty_programs`: Supported Method Parameters\n\nprograms_arr = PWN::WWW::HackerOne.get_bounty_programs(\n\nbrowser_obj: 'required - browser_obj returned from #open method',\nproxy: 'optional - scheme://proxy_host:port || tor',\nmin_payouts_enabled: 'optional - only display programs where payouts are > $0.00 (defaults to false)',\nsuppress_progress: 'optional - suppress output (defaults to false)'\n\n)\n"}]}
|
|
1225
|
+
{"messages":[{"role":"user","content":"PWN::WWW::HackerOne.get_hacktivity Usage"},{"role":"assistant","content":"`PWN::WWW::HackerOne.get_hacktivity`: Supported Method Parameters\n\nhacktivity = PWN::WWW::HackerOne.get_hacktivity(\n\nprogram_name: 'required - program name from #get_bounty_programs method',\nproxy: 'optional - scheme://proxy_host:port || tor'\n\n)\n"}]}
|
|
1225
1226
|
{"messages":[{"role":"user","content":"PWN::WWW::HackerOne.get_scope_details Usage"},{"role":"assistant","content":"`PWN::WWW::HackerOne.get_scope_details`: Supported Method Parameters\n\nscope_details = PWN::WWW::HackerOne.get_scope_details(\n\nprogram_name: 'required - program name from #get_bounty_programs method',\nproxy: 'optional - scheme://proxy_host:port || tor'\n\n)\n"}]}
|
|
1226
1227
|
{"messages":[{"role":"user","content":"PWN::WWW::HackerOne.help Usage"},{"role":"assistant","content":"`PWN::WWW::HackerOne.help`: "}]}
|
|
1227
1228
|
{"messages":[{"role":"user","content":"PWN::WWW::HackerOne.login Usage"},{"role":"assistant","content":"`PWN::WWW::HackerOne.login`: Supported Method Parameters\n\nbrowser_obj = PWN::WWW::HackerOne.login(\n\nbrowser_obj: 'required - browser_obj returned from #open method',\nusername: 'required - username',\npassword: 'optional - passwd (will prompt if blank)'\n\n)\n"}]}
|
metadata
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: pwn
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.5.
|
|
4
|
+
version: 0.5.245
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- 0day Inc.
|
|
8
8
|
bindir: bin
|
|
9
9
|
cert_chain: []
|
|
10
|
-
date: 2025-02-
|
|
10
|
+
date: 2025-02-13 00:00:00.000000000 Z
|
|
11
11
|
dependencies:
|
|
12
12
|
- !ruby/object:Gem::Dependency
|
|
13
13
|
name: activesupport
|
|
@@ -407,14 +407,14 @@ dependencies:
|
|
|
407
407
|
requirements:
|
|
408
408
|
- - '='
|
|
409
409
|
- !ruby/object:Gem::Version
|
|
410
|
-
version: 2.
|
|
410
|
+
version: 2.10.1
|
|
411
411
|
type: :runtime
|
|
412
412
|
prerelease: false
|
|
413
413
|
version_requirements: !ruby/object:Gem::Requirement
|
|
414
414
|
requirements:
|
|
415
415
|
- - '='
|
|
416
416
|
- !ruby/object:Gem::Version
|
|
417
|
-
version: 2.
|
|
417
|
+
version: 2.10.1
|
|
418
418
|
- !ruby/object:Gem::Dependency
|
|
419
419
|
name: jsonpath
|
|
420
420
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -491,14 +491,14 @@ dependencies:
|
|
|
491
491
|
requirements:
|
|
492
492
|
- - '='
|
|
493
493
|
- !ruby/object:Gem::Version
|
|
494
|
-
version: 0.0.
|
|
494
|
+
version: 0.0.108
|
|
495
495
|
type: :runtime
|
|
496
496
|
prerelease: false
|
|
497
497
|
version_requirements: !ruby/object:Gem::Requirement
|
|
498
498
|
requirements:
|
|
499
499
|
- - '='
|
|
500
500
|
- !ruby/object:Gem::Version
|
|
501
|
-
version: 0.0.
|
|
501
|
+
version: 0.0.108
|
|
502
502
|
- !ruby/object:Gem::Dependency
|
|
503
503
|
name: metasm
|
|
504
504
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -1051,14 +1051,14 @@ dependencies:
|
|
|
1051
1051
|
requirements:
|
|
1052
1052
|
- - '='
|
|
1053
1053
|
- !ruby/object:Gem::Version
|
|
1054
|
-
version: 2.
|
|
1054
|
+
version: 2.5.1
|
|
1055
1055
|
type: :runtime
|
|
1056
1056
|
prerelease: false
|
|
1057
1057
|
version_requirements: !ruby/object:Gem::Requirement
|
|
1058
1058
|
requirements:
|
|
1059
1059
|
- - '='
|
|
1060
1060
|
- !ruby/object:Gem::Version
|
|
1061
|
-
version: 2.
|
|
1061
|
+
version: 2.5.1
|
|
1062
1062
|
- !ruby/object:Gem::Dependency
|
|
1063
1063
|
name: socksify
|
|
1064
1064
|
requirement: !ruby/object:Gem::Requirement
|