pwn 0.5.305 → 0.5.307

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +3 -3
  3. data/lib/pwn/plugins/transparent_browser.rb +90 -17
  4. data/lib/pwn/version.rb +1 -1
  5. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 7212f39e5a45f10409275c4a73a5c7adab8792e5cc0e23bd489741193ef7140a
4
- data.tar.gz: 12bdcbd741a7757d8acb612757c7f7eab0aa8bb3f1029f060ce728e44d86c497
3
+ metadata.gz: 84d7508456ef5d3e90206c2c24e4c5cd5b9e00f2d0b73b1e173c9e728d5c73e0
4
+ data.tar.gz: ba77cd727eda78d699d225ed35e42440d33a46163413a98eee8351ba47d0036b
5
5
  SHA512:
6
- metadata.gz: 7cb9c161c8fb78f1e5ce98f722b5b996af9c1500be12938ff7696a76be7fc8b12bc8715143b64d68d53e9ef7b943cdfd15ec26285e07333bdb4a0a88c197b2c9
7
- data.tar.gz: dbe25739420029d73a4bec8d6a4f9a70ae26e355f016862f188683ca126d2496764e49a96751f470c5e043cb498f9aebd1051c05f9ec8ec5281741440857a8dd
6
+ metadata.gz: d5503a807ca026473e5adead9b6e75224eb174851cc7ffda6e449fc6dd924448a9395f11ad4aa4709c58c23a78c9ae2323946d3ef241455ce5e9e2f4b85982ca
7
+ data.tar.gz: 758bc5954f798c8602738c0081aca0e072d670d9e54d95ec3e78ea9c3ea641de0cb2eb6fd261f5462e81814a2b4024daca875e4635fad31f4beee2f53fe24e94
data/README.md CHANGED
@@ -37,7 +37,7 @@ $ cd /opt/pwn
37
37
  $ ./install.sh
38
38
  $ ./install.sh ruby-gem
39
39
  $ pwn
40
- pwn[v0.5.305]:001 >>> PWN.help
40
+ pwn[v0.5.307]:001 >>> PWN.help
41
41
  ```
42
42
 
43
43
  [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.4.4@pwn
52
52
  $ gem uninstall --all --executables pwn
53
53
  $ gem install --verbose pwn
54
54
  $ pwn
55
- pwn[v0.5.305]:001 >>> PWN.help
55
+ pwn[v0.5.307]:001 >>> PWN.help
56
56
  ```
57
57
 
58
58
  If you're using a multi-user install of RVM do:
@@ -62,7 +62,7 @@ $ rvm use ruby-3.4.4@pwn
62
62
  $ rvmsudo gem uninstall --all --executables pwn
63
63
  $ rvmsudo gem install --verbose pwn
64
64
  $ pwn
65
- pwn[v0.5.305]:001 >>> PWN.help
65
+ pwn[v0.5.307]:001 >>> PWN.help
66
66
  ```
67
67
 
68
68
  PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
data/lib/pwn/plugins/transparent_browser.rb CHANGED
@@ -169,7 +169,9 @@ module PWN
169
169
  accept_insecure_certs: true
170
170
  )
171
171
 
172
+ # This is required for BiDi support
172
173
  options.web_socket_url = true
174
+ options.add_preference('remote.active-protocols', 3)
173
175
  options.profile = this_profile
174
176
  driver = Selenium::WebDriver.for(:firefox, options: options)
175
177
  browser_obj[:browser] = Watir::Browser.new(driver)
@@ -196,8 +198,9 @@ module PWN
196
198
  accept_insecure_certs: true
197
199
  )
198
200
 
199
- # This is for bidi, once it's ready
200
- # options.web_socket_url = true
201
+ # This is required for BiDi support
202
+ options.web_socket_url = true
203
+ options.add_preference('remote.active-protocols', 3)
201
204
  options.profile = this_profile
202
205
  driver = Selenium::WebDriver.for(:chrome, options: options)
203
206
  browser_obj[:browser] = Watir::Browser.new(driver)
@@ -259,8 +262,9 @@ module PWN
259
262
  accept_insecure_certs: true
260
263
  )
261
264
 
262
- # This is for bidi, once it's ready
263
- # options.web_socket_url = true
265
+ # This is required for BiDi support
266
+ options.web_socket_url = true
267
+ options.add_preference('remote.active-protocols', 3)
264
268
  options.profile = this_profile
265
269
  driver = Selenium::WebDriver.for(:firefox, options: options)
266
270
  browser_obj[:browser] = Watir::Browser.new(driver)
@@ -283,8 +287,9 @@ module PWN
283
287
  accept_insecure_certs: true
284
288
  )
285
289
 
286
- # This is for bidi, once it's ready
287
- # options.web_socket_url = true
290
+ # This is required for BiDi support
291
+ options.web_socket_url = true
292
+ options.add_preference('remote.active-protocols', 3)
288
293
  options.profile = this_profile
289
294
  driver = Selenium::WebDriver.for(:chrome, options: options)
290
295
  browser_obj[:browser] = Watir::Browser.new(driver)
@@ -327,17 +332,15 @@ module PWN
327
332
  if devtools_supported.include?(browser_type)
328
333
  if devtools
329
334
  driver = browser_obj[:browser].driver
330
- browser_obj[:devtools] = driver.devtools
331
-
332
- browser_obj[:devtools].send_cmd('DOM.enable')
333
- browser_obj[:devtools].send_cmd('Log.enable')
334
- browser_obj[:devtools].send_cmd('Network.enable')
335
- browser_obj[:devtools].send_cmd('Page.enable')
336
- browser_obj[:devtools].send_cmd('Runtime.enable')
337
- browser_obj[:devtools].send_cmd('Security.enable')
338
-
339
335
  chrome_browser_types = %i[chrome headless_chrome]
340
336
  if chrome_browser_types.include?(browser_type)
337
+ browser_obj[:devtools] = driver.devtools
338
+ browser_obj[:devtools].send_cmd('DOM.enable')
339
+ browser_obj[:devtools].send_cmd('Log.enable')
340
+ browser_obj[:devtools].send_cmd('Network.enable')
341
+ browser_obj[:devtools].send_cmd('Page.enable')
342
+ browser_obj[:devtools].send_cmd('Runtime.enable')
343
+ browser_obj[:devtools].send_cmd('Security.enable')
341
344
  browser_obj[:devtools].send_cmd('Debugger.enable')
342
345
  browser_obj[:devtools].send_cmd('DOMStorage.enable')
343
346
  browser_obj[:devtools].send_cmd('DOMSnapshot.enable')
@@ -345,6 +348,7 @@ module PWN
345
348
 
346
349
  firefox_browser_types = %i[firefox headless_firefox]
347
350
  if firefox_browser_types.include?(browser_type)
351
+ browser_obj[:devtools] = driver.bidi
348
352
  # browser_obj[:devtools].send_cmd(
349
353
  # 'EventBreakpoints.setInstrumentationBreakpoint',
350
354
  # eventName: 'script'
@@ -352,7 +356,7 @@ module PWN
352
356
  end
353
357
 
354
358
  # Future BiDi API that's more universally supported across browsers
355
- # browser_obj[:bidi] = driver.bidi
359
+ browser_obj[:bidi] = driver.bidi
356
360
 
357
361
  jmp_devtools_panel(browser_obj: browser_obj, panel: :elements)
358
362
  end
@@ -489,6 +493,67 @@ module PWN
489
493
  raise e
490
494
  end
491
495
 
496
+ # Supported Method Parameters::
497
+ # console_resp = PWN::Plugins::TransparentBrowser.enable_dom_mutations(
498
+ # browser_obj: browser_obj1,
499
+ # target: 'optional - target JavaScript node to observe (defaults to document.body)'
500
+ # )
501
+
502
+ public_class_method def self.enable_dom_mutations(opts = {})
503
+ browser_obj = opts[:browser_obj]
504
+ verify_devtools_browser(browser_obj: browser_obj)
505
+
506
+ target = opts[:target] ||= 'document.body'
507
+
508
+ js = "
509
+ // Select the target node to observe
510
+ const targetNode;
511
+ targetNode = document.getElementById('#{target}');
512
+ if (!targetNode) {
513
+ targetNode = document.body; // Fallback to body if target not found
514
+ }
515
+
516
+ // Configuration for observer
517
+ const config = { attributes: true, childList: true, subtree: true };
518
+
519
+ // Callback for mutations
520
+ const callback = (mutationList, observer) => {
521
+ for (const mutation of mutationList) {
522
+ if (mutation.type === 'childList') {
523
+ console.log('Child node added/removed:', mutation);
524
+ } else if (mutation.type === 'attributes') {
525
+ console.log(`Attribute ${mutation.attributeName} modified:`, mutation);
526
+ }
527
+ }
528
+ };
529
+
530
+ // Create and start observer
531
+ const observer = new MutationObserver(callback);
532
+ observer.observe(targetNode, config);
533
+
534
+ // Later, stop observing if needed
535
+ // observer.disconnect();
536
+ "
537
+ console(browser_obj: browser_obj, js: js)
538
+ rescue StandardError => e
539
+ raise e
540
+ end
541
+
542
+ # Supported Method Parameters::
543
+ # console_resp = PWN::Plugins::TransparentBrowser.disable_dom_mutations(
544
+ # browser_obj: browser_obj1
545
+ # )
546
+
547
+ public_class_method def self.disable_dom_mutations(opts = {})
548
+ browser_obj = opts[:browser_obj]
549
+ verify_devtools_browser(browser_obj: browser_obj)
550
+
551
+ js = 'observer.disconnect();'
552
+ console(browser_obj: browser_obj, js: js)
553
+ rescue StandardError => e
554
+ raise e
555
+ end
556
+
492
557
  # Supported Method Parameters::
493
558
  # PWN::Plugins::TransparentBrowser.update_about_config(
494
559
  # browser_obj: browser_obj1,
@@ -981,7 +1046,7 @@ module PWN
981
1046
  * All DevTools Commands can be found here:
982
1047
  * https://chromedevtools.github.io/devtools-protocol/
983
1048
  * Examples
984
- devtools = browser.driver.devtools
1049
+ devtools = browser_obj1[:devtools]
985
1050
  puts devtools.public_methods
986
1051
  puts devtools.instance_variables
987
1052
  puts devtools.instance_variable_get('@session_id')
@@ -1077,6 +1142,14 @@ module PWN
1077
1142
  js: 'required - JavaScript expression to evaluate'
1078
1143
  )
1079
1144
 
1145
+ console_resp = #{self}.enable_dom_mutations(
1146
+ browser_obj: 'required - browser_obj returned from #open method)'
1147
+ )
1148
+
1149
+ console_resp = #{self}.disable_dom_mutations(
1150
+ browser_obj: 'required - browser_obj returned from #open method)'
1151
+ )
1152
+
1080
1153
  #{self}.update_about_config(
1081
1154
  browser_obj: 'required - browser_obj returned from #open method)',
1082
1155
  key: 'required - key to update in about:config',
data/lib/pwn/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module PWN
4
- VERSION = '0.5.305'
4
+ VERSION = '0.5.307'
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pwn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.5.305
4
+ version: 0.5.307
5
5
  platform: ruby
6
6
  authors:
7
7
  - 0day Inc.