pwn 0.5.310 → 0.5.311

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 285a68a2cda6bbdd1ae33ec4a3fd37f5831f27780eb55b1b405ac3d01c14cf9d
-  data.tar.gz: 145f7a73a322bd700cd0852c1e35349413ab45ff1e2e71e3895f43c8c0e457a1
+  metadata.gz: cf124a838b0f13e7e6e2ac3d13d354fd885c07f7c71c24e05134cf33dd66ba10
+  data.tar.gz: 0e4413b5365adadf3d7fc688ccf372d6caf8145ba8876bb0c6d65b6145048279
 SHA512:
-  metadata.gz: 212678e418bcf5fe6c4c5d2c6ed9c5ef0ebf31ed526ec72b52a81dacab60d53eff8637631259f0e267c4eb870dbda6de891fa31cf1ed8aca44d44585ec27ac07
-  data.tar.gz: e7bbae0e1600fa8f712c663eb787cc93edfeced5c8324617d616cb6981d881ac0aad6d41f2510ec340891f46d717c8dcb9ac39317512fa1cf28e37c1f389f8fa
+  metadata.gz: caf9d4f9fd676258b3405562f9ece2e85cfedcce57e83360e4b536ab2222c25487ccf19c82d19d3a26f07311d8f635222c9ffd765404cbda42d357593ddbbd18
+  data.tar.gz: 5ff6987e379badb54018ea566e5f288188a7e99e3c40d6fc27b13189cdde1eb9e5d45a42d4b2b510cacb270ee79c0465a21f014903671b317164fb650bb3c3df

data/README.md

@@ -37,7 +37,7 @@ $ cd /opt/pwn
 $ ./install.sh
 $ ./install.sh ruby-gem
 $ pwn
-pwn[v0.5.310]:001 >>> PWN.help
+pwn[v0.5.311]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.4.4@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.5.310]:001 >>> PWN.help
+pwn[v0.5.311]:001 >>> PWN.help
 ```
 
 If you're using a multi-user install of RVM do:
@@ -62,7 +62,7 @@ $ rvm use ruby-3.4.4@pwn
 $ rvmsudo gem uninstall --all --executables pwn
 $ rvmsudo gem install --verbose pwn
 $ pwn
-pwn[v0.5.310]:001 >>> PWN.help
+pwn[v0.5.311]:001 >>> PWN.help
 ```
 
 PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`.  The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:

data/lib/pwn/plugins/transparent_browser.rb

@@ -537,16 +537,20 @@ module PWN
               console.log(`Mutation ${index + 1}:`, mutation.type);
 
               if (mutation.type === 'childList') {
-                // Log added or removed nodes
                 if (mutation.addedNodes.length) {
                   mutation.addedNodes.forEach((node) => {
                     if (node.nodeType === Node.ELEMENT_NODE) {
-                      console.log('Added Element:', {
+                      let logObj = {
                         tagName: node.tagName,
                         id: node.id || 'N/A',
                         classList: node.className || 'N/A',
                         outerHTML: node.outerHTML,
-                      });
+                      };
+                      if (['SCRIPT', 'IFRAME', 'FRAME', 'OBJECT', 'EMBED', 'APPLET'].includes(node.tagName)) {
+                        console.warn('Potential XSS sink: Added', node.tagName, logObj);
+                      } else {
+                        console.log('Added Element:', logObj);
+                      }
                     } else if (node.nodeType === Node.TEXT_NODE) {
                       console.log('Added Text Node:', {
                         textContent: node.textContent,
@@ -573,23 +577,43 @@ module PWN
                   });
                 }
               } else if (mutation.type === 'attributes') {
-                // Log attribute changes
-                console.log(`Attribute "${mutation.attributeName}" modified on`, {
+                let logObj = {
                   element: mutation.target.tagName,
                   id: mutation.target.id || 'N/A',
+                  attribute: mutation.attributeName,
                   oldValue: mutation.oldValue,
                   newValue: mutation.target.getAttribute(mutation.attributeName),
                   outerHTML: mutation.target.outerHTML,
-                });
+                };
+                if (
+                  (mutation.attributeName === 'src' && ['SCRIPT', 'IFRAME', 'FRAME', 'OBJECT', 'EMBED'].includes(mutation.target.tagName)) ||
+                  (mutation.attributeName === 'href' && ['A', 'AREA', 'LINK'].includes(mutation.target.tagName)) ||
+                  (mutation.attributeName === 'action' && mutation.target.tagName === 'FORM') ||
+                  mutation.attributeName.startsWith('on') ||
+                  (mutation.attributeName === 'srcdoc' && mutation.target.tagName === 'IFRAME') ||
+                  (mutation.attributeName === 'data' && mutation.target.tagName === 'OBJECT') ||
+                  (mutation.attributeName === 'codebase' && mutation.target.tagName === 'OBJECT')
+                ) {
+                  console.warn('Potential XSS sink: Attribute change', logObj);
+                } else {
+                  console.log('Attribute changed:', logObj);
+                }
               } else if (mutation.type === 'characterData') {
-                // Log text content changes (e.g., from user input in contenteditable or form fields)
-                console.log('Text Content Changed:', {
-                  element: mutation.target.parentElement?.tagName || 'N/A',
-                  id: mutation.target.parentElement?.id || 'N/A',
-                  oldValue: mutation.oldValue,
-                  newValue: mutation.target.textContent,
-                  innerHTML: mutation.target.parentElement?.innerHTML || 'N/A',
-                });
+                if (mutation.target.parentElement && mutation.target.parentElement.tagName === 'SCRIPT') {
+                  console.warn('Potential XSS sink: Script content changed', {
+                    scriptId: mutation.target.parentElement.id || 'N/A',
+                    oldValue: mutation.oldValue,
+                    newValue: mutation.target.textContent,
+                  });
+                } else {
+                  console.log('Text Content Changed:', {
+                    element: mutation.target.parentElement?.tagName || 'N/A',
+                    id: mutation.target.parentElement?.id || 'N/A',
+                    oldValue: mutation.oldValue,
+                    newValue: mutation.target.textContent,
+                    innerHTML: mutation.target.parentElement?.innerHTML || 'N/A',
+                  });
+                }
               }
             });
             console.groupEnd();
@@ -618,7 +642,7 @@ module PWN
           document.addEventListener('click', logUserInteraction); // For clicks
 
           // Function to stop the observer (run in console when needed)
-          window.stopObserving = () => {
+          window.hide_dom_mutations = () => {
             observer.disconnect();
             document.removeEventListener('input', logUserInteraction);
             document.removeEventListener('click', logUserInteraction);
@@ -626,7 +650,7 @@ module PWN
           };
 
           // Log instructions to console
-          console.log('MutationObserver started. To stop, run: stopObserving()');
+          console.log('MutationObserver started. To stop, run: hide_dom_mutations()');
         JAVASCRIPT
 
         console(browser_obj: browser_obj, js: 'clear();')
@@ -651,11 +675,11 @@ module PWN
         )
 
         js = <<~JAVASCRIPT
-          if (typeof stopObserving === 'function') {
-            stopObserving();
+          if (typeof hide_dom_mutations === 'function') {
+            hide_dom_mutations();
             console.log('DOM mutation observer and event listeners disabled.');
           } else {
-            console.log('Error: stopObserving function not found. DOM mutation observer was not active.');
+            console.log('Error: hide_dom_mutations function not found. DOM mutation observer was not active.');
           }
         JAVASCRIPT
 

data/lib/pwn/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.5.310'
+  VERSION = '0.5.311'
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.5.310
+  version: 0.5.311
 platform: ruby
 authors:
 - 0day Inc.