pwn 0.5.308 → 0.5.310
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +3 -3
- data/lib/pwn/plugins/transparent_browser.rb +125 -45
- data/lib/pwn/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 285a68a2cda6bbdd1ae33ec4a3fd37f5831f27780eb55b1b405ac3d01c14cf9d
|
|
4
|
+
data.tar.gz: 145f7a73a322bd700cd0852c1e35349413ab45ff1e2e71e3895f43c8c0e457a1
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 212678e418bcf5fe6c4c5d2c6ed9c5ef0ebf31ed526ec72b52a81dacab60d53eff8637631259f0e267c4eb870dbda6de891fa31cf1ed8aca44d44585ec27ac07
|
|
7
|
+
data.tar.gz: e7bbae0e1600fa8f712c663eb787cc93edfeced5c8324617d616cb6981d881ac0aad6d41f2510ec340891f46d717c8dcb9ac39317512fa1cf28e37c1f389f8fa
|
data/README.md
CHANGED
|
@@ -37,7 +37,7 @@ $ cd /opt/pwn
|
|
|
37
37
|
$ ./install.sh
|
|
38
38
|
$ ./install.sh ruby-gem
|
|
39
39
|
$ pwn
|
|
40
|
-
pwn[v0.5.
|
|
40
|
+
pwn[v0.5.310]:001 >>> PWN.help
|
|
41
41
|
```
|
|
42
42
|
|
|
43
43
|
[](https://youtu.be/G7iLUY4FzsI)
|
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.4.4@pwn
|
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
|
53
53
|
$ gem install --verbose pwn
|
|
54
54
|
$ pwn
|
|
55
|
-
pwn[v0.5.
|
|
55
|
+
pwn[v0.5.310]:001 >>> PWN.help
|
|
56
56
|
```
|
|
57
57
|
|
|
58
58
|
If you're using a multi-user install of RVM do:
|
|
@@ -62,7 +62,7 @@ $ rvm use ruby-3.4.4@pwn
|
|
|
62
62
|
$ rvmsudo gem uninstall --all --executables pwn
|
|
63
63
|
$ rvmsudo gem install --verbose pwn
|
|
64
64
|
$ pwn
|
|
65
|
-
pwn[v0.5.
|
|
65
|
+
pwn[v0.5.310]:001 >>> PWN.help
|
|
66
66
|
```
|
|
67
67
|
|
|
68
68
|
PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
|
|
@@ -461,7 +461,8 @@ module PWN
|
|
|
461
461
|
# Supported Method Parameters::
|
|
462
462
|
# console_resp = PWN::Plugins::TransparentBrowser.console(
|
|
463
463
|
# browser_obj: browser_obj1,
|
|
464
|
-
# js: 'required - JavaScript expression to evaluate'
|
|
464
|
+
# js: 'required - JavaScript expression to evaluate',
|
|
465
|
+
# return_to: 'optional - return to :console or :stdout (defaults to :console)'
|
|
465
466
|
# )
|
|
466
467
|
|
|
467
468
|
public_class_method def self.console(opts = {})
|
|
@@ -469,13 +470,20 @@ module PWN
|
|
|
469
470
|
verify_devtools_browser(browser_obj: browser_obj)
|
|
470
471
|
|
|
471
472
|
js = opts[:js] ||= "alert('ACK from => #{self}')"
|
|
473
|
+
return_to = opts[:return_to] ||= :console
|
|
474
|
+
raise 'ERROR: return_to parameter must be :console or :stdout' unless %i[console stdout].include?(return_to.to_s.downcase.to_sym)
|
|
472
475
|
|
|
473
476
|
browser = browser_obj[:browser]
|
|
474
477
|
case js
|
|
475
478
|
when 'clear', 'clear;', 'clear()', 'clear();'
|
|
476
479
|
script = 'console.clear()'
|
|
477
480
|
else
|
|
478
|
-
|
|
481
|
+
case return_to.to_s.downcase.to_sym
|
|
482
|
+
when :stdout
|
|
483
|
+
script = "return #{js}"
|
|
484
|
+
when :console
|
|
485
|
+
script = "console.log(#{js})"
|
|
486
|
+
end
|
|
479
487
|
end
|
|
480
488
|
|
|
481
489
|
console_resp = nil
|
|
@@ -494,12 +502,12 @@ module PWN
|
|
|
494
502
|
end
|
|
495
503
|
|
|
496
504
|
# Supported Method Parameters::
|
|
497
|
-
# console_resp = PWN::Plugins::TransparentBrowser.
|
|
505
|
+
# console_resp = PWN::Plugins::TransparentBrowser.view_dom_mutations(
|
|
498
506
|
# browser_obj: browser_obj1,
|
|
499
507
|
# target: 'optional - target JavaScript node to observe (defaults to document.body)'
|
|
500
508
|
# )
|
|
501
509
|
|
|
502
|
-
public_class_method def self.
|
|
510
|
+
public_class_method def self.view_dom_mutations(opts = {})
|
|
503
511
|
browser_obj = opts[:browser_obj]
|
|
504
512
|
verify_devtools_browser(browser_obj: browser_obj)
|
|
505
513
|
|
|
@@ -511,29 +519,117 @@ module PWN
|
|
|
511
519
|
)
|
|
512
520
|
|
|
513
521
|
js = <<~JAVASCRIPT
|
|
514
|
-
// Select the target node to observe
|
|
522
|
+
// Select the target node to observe (replace 'target-id' with your element's ID or use document.body)
|
|
515
523
|
const targetNode = document.getElementById(#{target}) || document.body;
|
|
516
524
|
|
|
517
|
-
// Configuration for
|
|
518
|
-
const config = {
|
|
525
|
+
// Configuration for MutationObserver
|
|
526
|
+
const config = {
|
|
527
|
+
attributes: true, // Observe attribute changes
|
|
528
|
+
childList: true, // Observe additions/removals of child nodes
|
|
529
|
+
subtree: true, // Observe descendants
|
|
530
|
+
characterData: true, // Observe text content changes
|
|
531
|
+
};
|
|
519
532
|
|
|
520
|
-
// Callback
|
|
533
|
+
// Callback function to handle mutations
|
|
521
534
|
const callback = (mutationList, observer) => {
|
|
522
|
-
|
|
535
|
+
console.group('DOM Mutation Detected');
|
|
536
|
+
mutationList.forEach((mutation, index) => {
|
|
537
|
+
console.log(`Mutation ${index + 1}:`, mutation.type);
|
|
538
|
+
|
|
523
539
|
if (mutation.type === 'childList') {
|
|
524
|
-
|
|
540
|
+
// Log added or removed nodes
|
|
541
|
+
if (mutation.addedNodes.length) {
|
|
542
|
+
mutation.addedNodes.forEach((node) => {
|
|
543
|
+
if (node.nodeType === Node.ELEMENT_NODE) {
|
|
544
|
+
console.log('Added Element:', {
|
|
545
|
+
tagName: node.tagName,
|
|
546
|
+
id: node.id || 'N/A',
|
|
547
|
+
classList: node.className || 'N/A',
|
|
548
|
+
outerHTML: node.outerHTML,
|
|
549
|
+
});
|
|
550
|
+
} else if (node.nodeType === Node.TEXT_NODE) {
|
|
551
|
+
console.log('Added Text Node:', {
|
|
552
|
+
textContent: node.textContent,
|
|
553
|
+
parentTag: node.parentElement?.tagName || 'N/A',
|
|
554
|
+
});
|
|
555
|
+
}
|
|
556
|
+
});
|
|
557
|
+
}
|
|
558
|
+
if (mutation.removedNodes.length) {
|
|
559
|
+
mutation.removedNodes.forEach((node) => {
|
|
560
|
+
if (node.nodeType === Node.ELEMENT_NODE) {
|
|
561
|
+
console.log('Removed Element:', {
|
|
562
|
+
tagName: node.tagName,
|
|
563
|
+
id: node.id || 'N/A',
|
|
564
|
+
classList: node.className || 'N/A',
|
|
565
|
+
outerHTML: node.outerHTML,
|
|
566
|
+
});
|
|
567
|
+
} else if (node.nodeType === Node.TEXT_NODE) {
|
|
568
|
+
console.log('Removed Text Node:', {
|
|
569
|
+
textContent: node.textContent,
|
|
570
|
+
parentTag: node.parentElement?.tagName || 'N/A',
|
|
571
|
+
});
|
|
572
|
+
}
|
|
573
|
+
});
|
|
574
|
+
}
|
|
525
575
|
} else if (mutation.type === 'attributes') {
|
|
526
|
-
|
|
576
|
+
// Log attribute changes
|
|
577
|
+
console.log(`Attribute "${mutation.attributeName}" modified on`, {
|
|
578
|
+
element: mutation.target.tagName,
|
|
579
|
+
id: mutation.target.id || 'N/A',
|
|
580
|
+
oldValue: mutation.oldValue,
|
|
581
|
+
newValue: mutation.target.getAttribute(mutation.attributeName),
|
|
582
|
+
outerHTML: mutation.target.outerHTML,
|
|
583
|
+
});
|
|
584
|
+
} else if (mutation.type === 'characterData') {
|
|
585
|
+
// Log text content changes (e.g., from user input in contenteditable or form fields)
|
|
586
|
+
console.log('Text Content Changed:', {
|
|
587
|
+
element: mutation.target.parentElement?.tagName || 'N/A',
|
|
588
|
+
id: mutation.target.parentElement?.id || 'N/A',
|
|
589
|
+
oldValue: mutation.oldValue,
|
|
590
|
+
newValue: mutation.target.textContent,
|
|
591
|
+
innerHTML: mutation.target.parentElement?.innerHTML || 'N/A',
|
|
592
|
+
});
|
|
527
593
|
}
|
|
528
|
-
}
|
|
594
|
+
});
|
|
595
|
+
console.groupEnd();
|
|
529
596
|
};
|
|
530
597
|
|
|
531
|
-
// Create and start
|
|
598
|
+
// Create and start the MutationObserver
|
|
532
599
|
const observer = new MutationObserver(callback);
|
|
533
600
|
observer.observe(targetNode, config);
|
|
601
|
+
|
|
602
|
+
// Optional: Add event listeners to capture user interactions
|
|
603
|
+
const logUserInteraction = (event) => {
|
|
604
|
+
console.group('User Interaction Detected');
|
|
605
|
+
console.log('Event Type:', event.type);
|
|
606
|
+
console.log('Target:', {
|
|
607
|
+
tagName: event.target.tagName,
|
|
608
|
+
id: event.target.id || 'N/A',
|
|
609
|
+
classList: event.target.className || 'N/A',
|
|
610
|
+
value: 'value' in event.target ? event.target.value : 'N/A',
|
|
611
|
+
innerHTML: event.target.innerHTML || 'N/A',
|
|
612
|
+
});
|
|
613
|
+
console.groupEnd();
|
|
614
|
+
};
|
|
615
|
+
|
|
616
|
+
// Attach listeners for keyboard and click events
|
|
617
|
+
document.addEventListener('input', logUserInteraction); // For form inputs, contenteditable
|
|
618
|
+
document.addEventListener('click', logUserInteraction); // For clicks
|
|
619
|
+
|
|
620
|
+
// Function to stop the observer (run in console when needed)
|
|
621
|
+
window.stopObserving = () => {
|
|
622
|
+
observer.disconnect();
|
|
623
|
+
document.removeEventListener('input', logUserInteraction);
|
|
624
|
+
document.removeEventListener('click', logUserInteraction);
|
|
625
|
+
console.log('MutationObserver and event listeners stopped.');
|
|
626
|
+
};
|
|
627
|
+
|
|
628
|
+
// Log instructions to console
|
|
629
|
+
console.log('MutationObserver started. To stop, run: stopObserving()');
|
|
534
630
|
JAVASCRIPT
|
|
535
631
|
|
|
536
|
-
console(browser_obj: browser_obj, js: '
|
|
632
|
+
console(browser_obj: browser_obj, js: 'clear();')
|
|
537
633
|
browser = browser_obj[:browser]
|
|
538
634
|
browser.execute_script(js)
|
|
539
635
|
rescue StandardError => e
|
|
@@ -541,11 +637,11 @@ module PWN
|
|
|
541
637
|
end
|
|
542
638
|
|
|
543
639
|
# Supported Method Parameters::
|
|
544
|
-
# console_resp = PWN::Plugins::TransparentBrowser.
|
|
640
|
+
# console_resp = PWN::Plugins::TransparentBrowser.hide_dom_mutations(
|
|
545
641
|
# browser_obj: browser_obj1
|
|
546
642
|
# )
|
|
547
643
|
|
|
548
|
-
public_class_method def self.
|
|
644
|
+
public_class_method def self.hide_dom_mutations(opts = {})
|
|
549
645
|
browser_obj = opts[:browser_obj]
|
|
550
646
|
verify_devtools_browser(browser_obj: browser_obj)
|
|
551
647
|
|
|
@@ -555,38 +651,20 @@ module PWN
|
|
|
555
651
|
)
|
|
556
652
|
|
|
557
653
|
js = <<~JAVASCRIPT
|
|
558
|
-
|
|
559
|
-
|
|
560
|
-
|
|
561
|
-
|
|
562
|
-
|
|
563
|
-
|
|
564
|
-
// Callback for mutations
|
|
565
|
-
const callback = (mutationList, observer) => {
|
|
566
|
-
for (const mutation of mutationList) {
|
|
567
|
-
if (mutation.type === 'childList') {
|
|
568
|
-
console.log('Child node added/removed:', mutation);
|
|
569
|
-
} else if (mutation.type === 'attributes') {
|
|
570
|
-
console.log(`Attribute ${mutation.attributeName} modified:`, mutation);
|
|
571
|
-
}
|
|
572
|
-
}
|
|
573
|
-
};
|
|
574
|
-
|
|
575
|
-
// Create and start observer
|
|
576
|
-
const observer = new MutationObserver(callback);
|
|
577
|
-
observer.observe(targetNode, config);
|
|
578
|
-
|
|
579
|
-
// Later, stop observing if needed
|
|
580
|
-
observer.disconnect();
|
|
654
|
+
if (typeof stopObserving === 'function') {
|
|
655
|
+
stopObserving();
|
|
656
|
+
console.log('DOM mutation observer and event listeners disabled.');
|
|
657
|
+
} else {
|
|
658
|
+
console.log('Error: stopObserving function not found. DOM mutation observer was not active.');
|
|
659
|
+
}
|
|
581
660
|
JAVASCRIPT
|
|
582
661
|
|
|
583
|
-
console(browser_obj: browser_obj, js: '
|
|
662
|
+
console(browser_obj: browser_obj, js: 'clear();')
|
|
584
663
|
browser = browser_obj[:browser]
|
|
585
664
|
browser.execute_script(js)
|
|
586
665
|
rescue StandardError => e
|
|
587
666
|
raise e
|
|
588
667
|
end
|
|
589
|
-
|
|
590
668
|
# Supported Method Parameters::
|
|
591
669
|
# PWN::Plugins::TransparentBrowser.update_about_config(
|
|
592
670
|
# browser_obj: browser_obj1,
|
|
@@ -1175,12 +1253,14 @@ module PWN
|
|
|
1175
1253
|
js: 'required - JavaScript expression to evaluate'
|
|
1176
1254
|
)
|
|
1177
1255
|
|
|
1178
|
-
console_resp = #{self}.
|
|
1179
|
-
browser_obj: 'required - browser_obj returned from #open method)'
|
|
1256
|
+
console_resp = #{self}.view_dom_mutations(
|
|
1257
|
+
browser_obj: 'required - browser_obj returned from #open method)',
|
|
1258
|
+
target: 'optional - target JavaScript node to observe (defaults to document.body)'
|
|
1180
1259
|
)
|
|
1181
1260
|
|
|
1182
|
-
console_resp = #{self}.
|
|
1183
|
-
browser_obj: 'required - browser_obj returned from #open method)'
|
|
1261
|
+
console_resp = #{self}.hide_dom_mutations(
|
|
1262
|
+
browser_obj: 'required - browser_obj returned from #open method)',
|
|
1263
|
+
target: 'optional - target JavaScript node to observe (defaults to document.body)'
|
|
1184
1264
|
)
|
|
1185
1265
|
|
|
1186
1266
|
#{self}.update_about_config(
|
data/lib/pwn/version.rb
CHANGED