pwn 0.5.360 → 0.5.362
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +3 -3
- data/lib/pwn/plugins/burp_suite.rb +10 -3
- data/lib/pwn/reports/fuzz.rb +0 -4
- data/lib/pwn/reports/phone.rb +0 -4
- data/lib/pwn/reports/sast.rb +0 -4
- data/lib/pwn/reports/uri_buster.rb +0 -4
- data/lib/pwn/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f96f7d17fe074a56c13412ad57096f2901637142735e40c6da52a0e1a14ddc99
|
|
4
|
+
data.tar.gz: 2c329e97737723040338d9d3d7031c4e16a25fafc257a51bd82ad8b124d63921
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 23aedc93f01608c45fb762b41fad7adcccb7dda870b7481e8cf02b843c25f56fb626215225eb89e4ceb018b7df597512f579bbc346418ca8ae1e9f22fc50dba6
|
|
7
|
+
data.tar.gz: 689ad410f181f5dce20bca7b5cffad846d8aabaec3f773155ed40dde59bcda773c3265b1aa70327a1ced17bb1294d13707a3ab555353603161cf057d9ba153a6
|
data/README.md
CHANGED
|
@@ -37,7 +37,7 @@ $ cd /opt/pwn
|
|
|
37
37
|
$ ./install.sh
|
|
38
38
|
$ ./install.sh ruby-gem
|
|
39
39
|
$ pwn
|
|
40
|
-
pwn[v0.5.
|
|
40
|
+
pwn[v0.5.362]:001 >>> PWN.help
|
|
41
41
|
```
|
|
42
42
|
|
|
43
43
|
[](https://youtu.be/G7iLUY4FzsI)
|
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.4.4@pwn
|
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
|
53
53
|
$ gem install --verbose pwn
|
|
54
54
|
$ pwn
|
|
55
|
-
pwn[v0.5.
|
|
55
|
+
pwn[v0.5.362]:001 >>> PWN.help
|
|
56
56
|
```
|
|
57
57
|
|
|
58
58
|
If you're using a multi-user install of RVM do:
|
|
@@ -62,7 +62,7 @@ $ rvm use ruby-3.4.4@pwn
|
|
|
62
62
|
$ rvmsudo gem uninstall --all --executables pwn
|
|
63
63
|
$ rvmsudo gem install --verbose pwn
|
|
64
64
|
$ pwn
|
|
65
|
-
pwn[v0.5.
|
|
65
|
+
pwn[v0.5.362]:001 >>> PWN.help
|
|
66
66
|
```
|
|
67
67
|
|
|
68
68
|
PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
|
|
@@ -14,7 +14,8 @@ module PWN
|
|
|
14
14
|
# scheme: 'required - scheme of the URI (http|https)',
|
|
15
15
|
# host: 'required - host of the URI',
|
|
16
16
|
# port: 'optional - port of the URI',
|
|
17
|
-
# path: 'optional - path of the URI'
|
|
17
|
+
# path: 'optional - path of the URI',
|
|
18
|
+
# query: 'optional - query string of the URI'
|
|
18
19
|
# )
|
|
19
20
|
private_class_method def self.format_uri_from_sitemap_resp(opts = {})
|
|
20
21
|
scheme = opts[:scheme]
|
|
@@ -25,6 +26,7 @@ module PWN
|
|
|
25
26
|
|
|
26
27
|
port = opts[:port]
|
|
27
28
|
path = opts[:path]
|
|
29
|
+
query = opts[:query]
|
|
28
30
|
|
|
29
31
|
implicit_http_ports_arr = [
|
|
30
32
|
80,
|
|
@@ -33,6 +35,7 @@ module PWN
|
|
|
33
35
|
|
|
34
36
|
uri = "#{scheme}://#{host}:#{port}#{path}"
|
|
35
37
|
uri = "#{scheme}://#{host}#{path}" if implicit_http_ports_arr.include?(port)
|
|
38
|
+
uri = "#{uri}?#{query}" unless query.nil?
|
|
36
39
|
|
|
37
40
|
uri
|
|
38
41
|
rescue StandardError => e
|
|
@@ -790,6 +793,7 @@ module PWN
|
|
|
790
793
|
json_req = site[:request]
|
|
791
794
|
b64_decoded_req = Base64.strict_decode64(json_req)
|
|
792
795
|
json_path = b64_decoded_req.split[1].to_s.scrub.strip.chomp
|
|
796
|
+
json_query = json_path.split('?')[1].to_s.scrub.strip.chomp
|
|
793
797
|
|
|
794
798
|
json_http_svc = site[:http_service]
|
|
795
799
|
json_protocol = json_http_svc[:protocol]
|
|
@@ -800,7 +804,8 @@ module PWN
|
|
|
800
804
|
scheme: json_protocol,
|
|
801
805
|
host: json_host,
|
|
802
806
|
port: json_port,
|
|
803
|
-
path: json_path
|
|
807
|
+
path: json_path,
|
|
808
|
+
query: json_query
|
|
804
809
|
)
|
|
805
810
|
|
|
806
811
|
uri_in_scope = in_scope(
|
|
@@ -919,12 +924,14 @@ module PWN
|
|
|
919
924
|
host = URI.parse(target_url).host
|
|
920
925
|
port = URI.parse(target_url).port
|
|
921
926
|
path = URI.parse(target_url).path
|
|
927
|
+
query = URI.parse(target_url).query
|
|
922
928
|
|
|
923
929
|
target_domain = format_uri_from_sitemap_resp(
|
|
924
930
|
scheme: scheme,
|
|
925
931
|
host: host,
|
|
926
932
|
port: port,
|
|
927
|
-
path: path
|
|
933
|
+
path: path,
|
|
934
|
+
query: query
|
|
928
935
|
)
|
|
929
936
|
|
|
930
937
|
puts "Generating #{report_type} report for #{target_domain}..."
|
data/lib/pwn/reports/fuzz.rb
CHANGED
|
@@ -277,10 +277,6 @@ module PWN
|
|
|
277
277
|
var selected_data = selectedRows.data().toArray();
|
|
278
278
|
original_json.data = selected_data;
|
|
279
279
|
|
|
280
|
-
if (original_json.report_name) {
|
|
281
|
-
original_json.report_name += '_selected';
|
|
282
|
-
}
|
|
283
|
-
|
|
284
280
|
var json_str = JSON.stringify(original_json, null, 2);
|
|
285
281
|
var blob = new Blob([json_str], { type: 'application/json' });
|
|
286
282
|
var url = URL.createObjectURL(blob);
|
data/lib/pwn/reports/phone.rb
CHANGED
|
@@ -334,10 +334,6 @@ module PWN
|
|
|
334
334
|
var selected_data = selectedRows.data().toArray();
|
|
335
335
|
original_json.data = selected_data;
|
|
336
336
|
|
|
337
|
-
if (original_json.report_name) {
|
|
338
|
-
original_json.report_name += '_selected';
|
|
339
|
-
}
|
|
340
|
-
|
|
341
337
|
var json_str = JSON.stringify(original_json, null, 2);
|
|
342
338
|
var blob = new Blob([json_str], { type: 'application/json' });
|
|
343
339
|
var url = URL.createObjectURL(blob);
|
data/lib/pwn/reports/sast.rb
CHANGED
|
@@ -364,10 +364,6 @@ module PWN
|
|
|
364
364
|
|
|
365
365
|
original_json.data = new_data;
|
|
366
366
|
|
|
367
|
-
if (original_json.report_name) {
|
|
368
|
-
original_json.report_name += '_selected';
|
|
369
|
-
}
|
|
370
|
-
|
|
371
367
|
var json_str = JSON.stringify(original_json, null, 2);
|
|
372
368
|
var blob = new Blob([json_str], { type: 'application/json' });
|
|
373
369
|
var url = URL.createObjectURL(blob);
|
|
@@ -285,10 +285,6 @@ module PWN
|
|
|
285
285
|
var selected_data = selectedRows.data().toArray();
|
|
286
286
|
original_json.data = selected_data;
|
|
287
287
|
|
|
288
|
-
if (original_json.report_name) {
|
|
289
|
-
original_json.report_name += '_selected';
|
|
290
|
-
}
|
|
291
|
-
|
|
292
288
|
var json_str = JSON.stringify(original_json, null, 2);
|
|
293
289
|
var blob = new Blob([json_str], { type: 'application/json' });
|
|
294
290
|
var url = URL.createObjectURL(blob);
|
data/lib/pwn/version.rb
CHANGED