pwn 0.5.34 → 0.5.36

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +3 -3
  3. data/lib/pwn/plugins/assembly.rb +29 -9
  4. data/lib/pwn/version.rb +1 -1
  5. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f879ebdd5ad454c5a57dab480906a255c1a1c9551c33895b346417f26b320784
4
- data.tar.gz: e78218a0680ed4982aad8a13e5368bfac5fc5b04b548a1bd2410389ce2945c0a
3
+ metadata.gz: 7fc386dcce50c0d17eebb357f6b44360e451c00abf7bfc4178fbc24ff3413054
4
+ data.tar.gz: f561d8b9b85c4ada994325c264fad7535cbac380b711804037b013ea721faab8
5
5
  SHA512:
6
- metadata.gz: d94948a701a5716491c3c058168c34ffd16038e07c048a4284f4471c47a00b8a79122c4562e47a068ff249c24fbcd4575bc8df7b81518c589c9648ca2f8d6c03
7
- data.tar.gz: 1b9d36a3f3ee1f4a54a7cb7cce7a40ecbd47eff55593dd38f479604d7ed21c8bc8a17e4fcdd4db1f252b87052d985eac468d31420a14b51df0eb6fae47c7e191
6
+ metadata.gz: 874c5b729cdc6fd42c3ae9fd8a7c1af238e4676ad06a5770e865096829992e90d87c58bf7f99bec0c84f4747dad5abb2d1177f005a537a73067da3394413fca0
7
+ data.tar.gz: 53df7f807a7aca90c853031ec0cbf708a4397bcf03125535cc98d9f14b15e376e1cc3f38843fc2179ac128e59365a07c64843a30e3132a2aa13f87f3e1165d59
data/README.md CHANGED
@@ -37,7 +37,7 @@ $ cd /opt/pwn
37
37
  $ ./install.sh
38
38
  $ ./install.sh ruby-gem
39
39
  $ pwn
40
- pwn[v0.5.34]:001 >>> PWN.help
40
+ pwn[v0.5.36]:001 >>> PWN.help
41
41
  ```
42
42
 
43
43
  [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.3.0@pwn
52
52
  $ gem uninstall --all --executables pwn
53
53
  $ gem install --verbose pwn
54
54
  $ pwn
55
- pwn[v0.5.34]:001 >>> PWN.help
55
+ pwn[v0.5.36]:001 >>> PWN.help
56
56
  ```
57
57
 
58
58
  If you're using a multi-user install of RVM do:
@@ -62,7 +62,7 @@ $ rvm use ruby-3.3.0@pwn
62
62
  $ rvmsudo gem uninstall --all --executables pwn
63
63
  $ rvmsudo gem install --verbose pwn
64
64
  $ pwn
65
- pwn[v0.5.34]:001 >>> PWN.help
65
+ pwn[v0.5.36]:001 >>> PWN.help
66
66
  ```
67
67
 
68
68
  PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
data/lib/pwn/plugins/assembly.rb CHANGED
@@ -1,6 +1,8 @@
1
1
  # frozen_string_literal: true
2
2
 
3
+ require 'cgi'
3
4
  require 'metasm'
5
+ require 'tempfile'
4
6
 
5
7
  module PWN
6
8
  module Plugins
@@ -33,15 +35,31 @@ module PWN
33
35
  raise "Unsupported architecture: #{arch}"
34
36
  end
35
37
 
36
- # TOOD: Fix this
37
- # If opcodes appear to be '"90", "90", "90"' then convert to "\x90\x90\x90"
38
- # opcodes = opcodes.split(',').map { |x| format('\x%02x', x.gsub('"', '').to_i(16)) }.join if opcodes.include?('"') && opcodes.include?(',')
39
-
40
- # If opcodes appear to be '90 90 90' then convert to "\x90\x90\x90"
41
- # opcodes = opcodes.split.map { |x| format('\x%02x', x.to_i(16)) }.join if opcodes.include?(' ')
42
-
43
- # If opcodes appear to be '909090' then convert to "\x90\x90\x90"
44
- # opcodes = opcodes.chars.each_slice(2).map(&:join).map { |x| format('\x%02x', x.to_i(16)) }.join if opcodes.length.even?
38
+ # TOOD: Still needs a fix if opcodes are passed in as:
39
+ # '\x90\x90\x90' (not to be confused w/ "\x90\x90\x90")
40
+ # '909090'
41
+ opcodes_orig_len = opcodes.length
42
+ opcodes = opcodes.join(',') if opcodes.is_a?(Array)
43
+ opcodes = CGI.escape(opcodes)
44
+ # puts opcodes.inspect
45
+ # Doesnt work with sommething like: "'ff', 'e4'"
46
+ # known to work with:
47
+ # 'ffe4'
48
+ # 'ff,e4'
49
+ # "ff,e4"
50
+ # ['ff', 'e4']
51
+ # ["ff", "e4"]
52
+ # '\xff\xe4'
53
+ # "\xff\xe4"
54
+ opcodes.delete!('%5Cx') if opcodes.include?('%5Cx')
55
+ opcodes.delete!('%2C') if opcodes.include?('%2C')
56
+ opcodes.delete!('%22') if opcodes.include?('%22')
57
+ opcodes.delete!('%27') if opcodes.include?('%27')
58
+ opcodes.delete!('+') if opcodes.include?('+')
59
+ opcodes.delete!('%') if opcodes.include?('%')
60
+ # puts opcodes.inspect
61
+ opcodes = [opcodes].pack('H*')
62
+ # puts opcodes.inspect
45
63
 
46
64
  Metasm::Shellcode.disassemble(arch_obj, opcodes).to_s
47
65
  rescue StandardError => e
@@ -60,6 +78,8 @@ module PWN
60
78
  arch = opts[:arch] ||= PWN::Plugins::DetectOS.arch
61
79
  endian = opts[:endian] ||= :little
62
80
 
81
+ asm_tmp = Tempfile.new('pwn_asm')
82
+
63
83
  raise 'ERROR: asm parameter is required.' if asm.nil?
64
84
 
65
85
  case arch
data/lib/pwn/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module PWN
4
- VERSION = '0.5.34'
4
+ VERSION = '0.5.36'
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pwn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.5.34
4
+ version: 0.5.36
5
5
  platform: ruby
6
6
  authors:
7
7
  - 0day Inc.
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-02-25 00:00:00.000000000 Z
11
+ date: 2024-02-26 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport