pwn 0.5.405 → 0.5.407

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a4b31134e90c20f44f69f6b1fbf8b6e4c8e7911bbec857597c729c0801578d5f
-  data.tar.gz: 8774dc902ef4eadf6d32303cac8efe5fea2a909997a4d7d2c0fdb2e8c137e58a
+  metadata.gz: 6cdcedb953c971c8feccabd99bb44f1e229254d4adbaf8f5d06c53416da1d3c7
+  data.tar.gz: 2642aa96456651ef17d042794f21ad69754335e8d3b8d7e3415e311adb1dbd05
 SHA512:
-  metadata.gz: a583c93c1288496cb703e5b4e48a9a70f258c955b05d0dbbf9ffa27b1be25c0d1c2568537379ebe65ae63a423bf31cc022221074e3d8cdbfe100c59739d25099
-  data.tar.gz: b9b3af817aa7ccd08a05cbc6cbe1107c5760db93b6ec9343a01b74d3b7d992d6f72abe4c11ef5d156f96649268a51b3b1177daa97fff2b04d7c759c781a69884
+  metadata.gz: 8041d87f4162ebb4fb28c9b6acc5cfae7394fb4e082cd8a4a99e6ac22f1181701a0e32d28e97593d7e169cadc80ca71c76d0144d7e313e16c8c9b1ee799bd20a
+  data.tar.gz: 0a654b39bf9c3f63b24accc464fd7b8222f060dfd5748118e99771d8ef9897e6551c95e63b40fdd4b0eabfe21694241a448c3a00607e21306b7e64683b871500

data/.rubocop_todo.yml

@@ -1,31 +1,11 @@
 # This configuration was generated by
 # `rubocop --auto-gen-config`
-# on 2025-05-30 23:04:07 UTC using RuboCop version 1.75.8.
+# on 2025-09-11 18:09:38 UTC using RuboCop version 1.80.2.
 # The point is for the user to remove these configuration records
 # one by one as the offenses are removed from the code base.
 # Note that changes in the inspected code, or installation of new
 # versions of RuboCop, may require this file to be generated again.
 
-# Offense count: 24
-# This cop supports safe autocorrection (--autocorrect).
-# Configuration parameters: Max, AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, AllowedPatterns, SplitStrings.
-# URISchemes: http, https
-Layout/LineLength:
-  Exclude:
-    - 'Vagrantfile'
-    - 'bin/pwn_diff_csv_files_w_column_exclude'
-    - 'lib/pwn/banner/jmp_esp.rb'
-    - 'lib/pwn/banner/radare2_ai.rb'
-    - 'lib/pwn/plugins/mail_agent.rb'
-    - 'lib/pwn/plugins/ollama.rb'
-    - 'lib/pwn/plugins/open_ai.rb'
-    - 'lib/pwn/reports/fuzz.rb'
-    - 'lib/pwn/reports/phone.rb'
-    - 'lib/pwn/reports/sast.rb'
-    - 'lib/pwn/reports/uri_buster.rb'
-    - 'lib/pwn/sast/banned_function_calls_c.rb'
-    - 'packer/provisioners/aliases.rb'
-
 # Offense count: 1
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: AllowInHeredoc.
@@ -50,37 +30,18 @@ Lint/RedundantTypeConversion:
     - 'lib/pwn/plugins/jenkins.rb'
     - 'lib/pwn/plugins/repl.rb'
 
-# Offense count: 307
+# Offense count: 320
 # This cop supports safe autocorrection (--autocorrect).
-# Configuration parameters: AutoCorrect.
 Lint/UselessAssignment:
   Enabled: false
 
 # Offense count: 1
 # This cop supports safe autocorrection (--autocorrect).
-# Configuration parameters: AutoCorrect, CheckForMethodsWithNoSideEffects.
+# Configuration parameters: CheckForMethodsWithNoSideEffects.
 Lint/Void:
   Exclude:
     - 'bin/pwn_web_cache_deception'
 
-# Offense count: 5
-# Configuration parameters: CountComments, Max, CountAsOne, AllowedMethods, AllowedPatterns.
-# AllowedMethods: refine
-Metrics/BlockLength:
-  Exclude:
-    - '**/*.gemspec'
-    - 'lib/pwn/plugins/android.rb'
-    - 'lib/pwn/plugins/msr206.rb'
-    - 'lib/pwn/plugins/repl.rb'
-    - 'lib/pwn/sast/banned_function_calls_c.rb'
-
-# Offense count: 2
-# Configuration parameters: CountBlocks, CountModifierForms, Max.
-Metrics/BlockNesting:
-  Exclude:
-    - 'lib/pwn/plugins/son_micro_rfid.rb'
-    - 'lib/pwn/plugins/tor.rb'
-
 # Offense count: 1
 # Configuration parameters: LengthThreshold.
 Metrics/CollectionLiteralLength:
@@ -99,22 +60,13 @@ Metrics/MethodLength:
   Exclude:
     - 'lib/pwn/banner/code_cave.rb'
 
-# Offense count: 12
+# Offense count: 3
 # Configuration parameters: CountComments, Max, CountAsOne.
 Metrics/ModuleLength:
   Exclude:
     - 'lib/pwn/banner/code_cave.rb'
     - 'lib/pwn/plugins/android.rb'
-    - 'lib/pwn/plugins/black_duck_binary_analysis.rb'
-    - 'lib/pwn/plugins/defect_dojo.rb'
-    - 'lib/pwn/plugins/gqrx.rb'
     - 'lib/pwn/plugins/msr206.rb'
-    - 'lib/pwn/plugins/nessus_cloud.rb'
-    - 'lib/pwn/plugins/open_ai.rb'
-    - 'lib/pwn/plugins/packet.rb'
-    - 'lib/pwn/plugins/repl.rb'
-    - 'lib/pwn/plugins/son_micro_rfid.rb'
-    - 'lib/pwn/plugins/transparent_browser.rb'
 
 # Offense count: 2
 Naming/AccessorMethodName:
@@ -133,7 +85,7 @@ Style/Alias:
 Style/ClassVars:
   Enabled: false
 
-# Offense count: 280
+# Offense count: 274
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: EnforcedStyle, SingleLineConditionsOnly, IncludeTernaryExpressions.
 # SupportedStyles: assign_to_condition, assign_inside_condition
@@ -146,12 +98,11 @@ Style/ExplicitBlockArgument:
   Exclude:
     - 'lib/pwn/plugins/nmap_it.rb'
 
-# Offense count: 2
+# Offense count: 1
 # This cop supports safe autocorrection (--autocorrect).
 Style/IfUnlessModifier:
   Exclude:
     - 'lib/pwn/plugins/baresip.rb'
-    - 'lib/pwn/plugins/mail_agent.rb'
 
 # Offense count: 9
 # This cop supports unsafe autocorrection (--autocorrect-all).
@@ -165,7 +116,7 @@ Style/MapIntoArray:
     - 'lib/pwn/plugins/char.rb'
     - 'lib/pwn/plugins/nexpose_vuln_scan.rb'
 
-# Offense count: 9
+# Offense count: 7
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: AllowMethodComparison, ComparisonsThreshold.
 Style/MultipleComparison:
@@ -175,11 +126,15 @@ Style/MultipleComparison:
     - 'lib/pwn/sast/cmd_execution_ruby.rb'
     - 'lib/pwn/sast/deserial_java.rb'
     - 'lib/pwn/sast/factory.rb'
-    - 'lib/pwn/sast/logger.rb'
-    - 'lib/pwn/sast/throw_errors.rb'
     - 'lib/pwn/www/duckduckgo.rb'
     - 'lib/pwn/www/twitter.rb'
 
+# Offense count: 1
+# This cop supports safe autocorrection (--autocorrect).
+Style/RedundantAssignment:
+  Exclude:
+    - 'lib/pwn/plugins/zaproxy.rb'
+
 # Offense count: 1
 # This cop supports safe autocorrection (--autocorrect).
 Style/RedundantBegin:
@@ -222,7 +177,7 @@ Style/RedundantStringEscape:
     - 'lib/pwn/sast/redos.rb'
     - 'vagrant/provisioners/kali_customize.rb'
 
-# Offense count: 58
+# Offense count: 62
 # This cop supports unsafe autocorrection (--autocorrect-all).
 Style/SlicingWithRange:
   Enabled: false

data/README.md

@@ -37,7 +37,7 @@ $ cd /opt/pwn
 $ ./install.sh
 $ ./install.sh ruby-gem
 $ pwn
-pwn[v0.5.405]:001 >>> PWN.help
+pwn[v0.5.407]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.4.4@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.5.405]:001 >>> PWN.help
+pwn[v0.5.407]:001 >>> PWN.help
 ```
 
 If you're using a multi-user install of RVM do:
@@ -62,7 +62,7 @@ $ rvm use ruby-3.4.4@pwn
 $ rvmsudo gem uninstall --all --executables pwn
 $ rvmsudo gem install --verbose pwn
 $ pwn
-pwn[v0.5.405]:001 >>> PWN.help
+pwn[v0.5.407]:001 >>> PWN.help
 ```
 
 PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`.  The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:

data/lib/pwn/plugins/burp_suite.rb

@@ -436,6 +436,31 @@ module PWN
         raise e
       end
 
+      # Supported Method Parameters::
+      # repeater_id = PWN::Plugins::BurpSuite.find_sitemap_entries(
+      #   burp_obj: 'required - burp_obj returned by #start method',
+      #   search_string: 'required - string to search for in the sitemap entries'
+      # )
+
+      public_class_method def self.find_sitemap_entries(opts = {})
+        burp_obj = opts[:burp_obj]
+        raise 'ERROR: burp_obj parameter is required' unless burp_obj.is_a?(Hash)
+
+        search_string = opts[:search_string]
+        raise 'ERROR: search_string parameter is required' if search_string.nil?
+
+        rest_browser = burp_obj[:rest_browser]
+        mitm_rest_api = burp_obj[:mitm_rest_api]
+
+        json_sitemap = get_sitemap(burp_obj: burp_obj)
+        matching_entries = json_sitemap.select do |entry|
+          decoded_request = Base64.strict_decode64(entry[:request])
+          decoded_request.include?(search_string)
+        end
+      rescue StandardError => e
+        raise e
+      end
+
       # Supported Method Parameters:
       # json_sitemap = PWN::Plugins::BurpSuite.import_openapi_to_sitemap(
       #   burp_obj: 'required - burp_obj returned by #start method',
@@ -450,7 +475,7 @@ module PWN
         raise 'ERROR: burp_obj parameter is required' unless burp_obj.is_a?(Hash)
 
         openapi_spec = opts[:openapi_spec]
-        raise 'ERROR: openapi_spec parameter not found' unless File.exist?(openapi_spec)
+        raise 'ERROR: openapi_spec parameter is required' if openapi_spec.nil?
 
         additional_http_headers = opts[:additional_http_headers] ||= {}
         raise 'ERROR: additional_http_headers must be a Hash' unless additional_http_headers.is_a?(Hash)
@@ -1370,6 +1395,11 @@ module PWN
             }
           )
 
+          #{self}.find_sitemap_entry(
+            burp_obj: 'required - burp_obj returned by #start method',
+            search_string: 'required - string to search for in the sitemap entries'
+          )
+
           json_sitemap = #{self}.import_openapi_to_sitemap(
             burp_obj: 'required - burp_obj returned by #start method',
             openapi_spec: 'required - path to OpenAPI JSON or YAML specification file',

data/lib/pwn/plugins/zaproxy.rb

@@ -171,147 +171,16 @@ module PWN
         raise e
       end
 
-      # Supported Method Parameters::
-      # PWN::Plugins::Zaproxy.add_to_scope(
-      #   zap_obj: 'required - zap_obj returned from #open method',
-      #   target_regex: 'required - url regex to add to scope (e.g. https://test.domain.local.*)',
-      #   context_name: 'optional - context name to add target_regex to (defaults to Default Context)'
-      # )
-
-      public_class_method def self.add_to_scope(opts = {})
-        zap_obj = opts[:zap_obj]
-        api_key = zap_obj[:api_key].to_s.scrub
-        target_regex = opts[:target_regex]
-        raise 'ERROR: target_url must be provided' if target_regex.nil?
-
-        context_name = opts[:context_name] ||= 'Default Context'
-
-        params = {
-          apikey: api_key,
-          contextName: context_name,
-          regex: target_regex
-        }
-
-        response = zap_rest_call(
-          zap_obj: zap_obj,
-          rest_call: 'JSON/context/action/includeInContext/',
-          params: params
-        )
-
-        JSON.parse(response.body, symbolize_names: true)
-      rescue StandardError, SystemExit, Interrupt => e
-        stop(zap_obj: zap_obj) unless zap_obj.nil?
-        raise e
-      end
-
-      # Supported Method Parameters::
-      # PWN::Plugins::Zaproxy.add_requester_tab(
-      #   zap_obj: 'required - zap_obj returned from #open method',
-      #   request: 'required - base64 encoded HTTP request (e.g. from #get_sitemap method)'
-      # )
-
-      public_class_method def self.add_requester_tab(opts = {})
-        zap_obj = opts[:zap_obj]
-        api_key = zap_obj[:api_key].to_s.scrub
-        request = opts[:request]
-
-        dec_request = Base64.strict_decode64(request).force_encoding('ASCII-8BIT')
-
-        # Parse the full request string
-        parts = dec_request.split("\r\n\r\n", 2)
-        headers_part = parts[0]
-        body = parts[1] || ''
-
-        header_lines = headers_part.split("\r\n")
-        first_line = header_lines.shift
-        method, full_url, http_version = first_line.split
-
-        headers = []
-        header_lines.each do |line|
-          name, value = line.split(': ', 2)
-          headers << { name: name, value: value }
-        end
-
-        # Parse URL for queryString and adjust url
-        uri = URI.parse(full_url)
-        query_string = []
-        if uri.query
-          URI.decode_www_form(uri.query).each do |name, value|
-            query_string << { name: name, value: value }
-          end
-        end
-        url = "#{uri.scheme}://#{uri.host}"
-        url += ":#{uri.port}" if uri.port && uri.port != (uri.scheme == 'https' ? 443 : 80)
-        url += uri.path
-
-        # Determine content-type
-        content_type_header = headers.find { |h| h[:name].downcase == 'content-type' }
-        mime_type = content_type_header ? content_type_header[:value] : 'application/octet-stream'
-
-        # Handle postData
-        post_data = nil
-        methods_with_body = %w[POST PUT PATCH]
-        if methods_with_body.include?(method) && !body.empty?
-          post_data = {
-            mimeType: mime_type,
-            params: [],
-            text: body
-          }
-
-          temp_body = body.dup.force_encoding('UTF-8')
-          if temp_body.valid_encoding?
-            if mime_type.include?('application/x-www-form-urlencoded')
-              URI.decode_www_form(temp_body).each do |name, value|
-                post_data[:params] << { name: name, value: value }
-              end
-            end
-          else
-            post_data[:text] = Base64.encode64(body)
-            post_data[:encoding] = 'base64'
-          end
-        end
-
-        # Construct HAR request
-        har_request = {
-          method: method,
-          url: url,
-          httpVersion: http_version,
-          cookies: [],
-          headers: headers,
-          queryString: query_string,
-          headersSize: -1,
-          bodySize: -1
-        }
-        har_request[:postData] = post_data if post_data
-
-        har_json = JSON.generate(har_request)
-
-        params = {
-          apikey: api_key,
-          request: har_json,
-          followRedirects: 'true'
-        }
-
-        response = zap_rest_call(
-          zap_obj: zap_obj,
-          rest_call: 'OTHER/core/other/sendHarRequest/',
-          params: params
-        )
-
-        JSON.parse(response.body, symbolize_names: true)
-      rescue StandardError, SystemExit, Interrupt => e
-        stop(zap_obj: zap_obj) unless zap_obj.nil?
-        raise e
-      end
-
       # Supported Method Parameters::
       # json_sitemap = PWN::Plugins::Zaproxy.get_sitemap(
-      #   zap_obj: 'required - zap_obj returned from #open method'
+      #   zap_obj: 'required - zap_obj returned from #open method',
+      #   return_as: 'optional - :base64 or :har (defaults to :base64)'
       # )
 
       public_class_method def self.get_sitemap(opts = {})
         zap_obj = opts[:zap_obj]
         api_key = zap_obj[:api_key].to_s.scrub
+        return_as = opts[:return_as] ||= :base64
 
         entries = []
         start = 0
@@ -333,6 +202,7 @@ module PWN
           entries += new_entries
           start += count
         end
+        return entries if return_as == :har
 
         # Deduplicate entries based on method + url
         seen = Set.new
@@ -390,6 +260,102 @@ module PWN
         raise e
       end
 
+      # Supported Method Parameters::
+      # PWN::Plugins::Zaproxy.add_to_scope(
+      #   zap_obj: 'required - zap_obj returned from #open method',
+      #   target_regex: 'required - url regex to add to scope (e.g. https://test.domain.local.*)',
+      #   context_name: 'optional - context name to add target_regex to (defaults to Default Context)'
+      # )
+
+      public_class_method def self.add_to_scope(opts = {})
+        zap_obj = opts[:zap_obj]
+        api_key = zap_obj[:api_key].to_s.scrub
+        target_regex = opts[:target_regex]
+        raise 'ERROR: target_url must be provided' if target_regex.nil?
+
+        context_name = opts[:context_name] ||= 'Default Context'
+
+        params = {
+          apikey: api_key,
+          contextName: context_name,
+          regex: target_regex
+        }
+
+        response = zap_rest_call(
+          zap_obj: zap_obj,
+          rest_call: 'JSON/context/action/includeInContext/',
+          params: params
+        )
+
+        JSON.parse(response.body, symbolize_names: true)
+      rescue StandardError, SystemExit, Interrupt => e
+        stop(zap_obj: zap_obj) unless zap_obj.nil?
+        raise e
+      end
+
+      # Supported Method Parameters::
+      # PWN::Plugins::Zaproxy.find_har_entries(
+      #   zap_obj: 'required - zap_obj returned from #open method',
+      #   search_string: 'required - string to search for in the sitemap entries'
+      # )
+
+      public_class_method def self.find_har_entries(opts = {})
+        zap_obj = opts[:zap_obj]
+        api_key = zap_obj[:api_key].to_s.scrub
+        search_string = opts[:search_string]
+        raise 'ERROR: search_string must be provided' if search_string.nil?
+
+        har_sitemap = get_sitemap(
+          zap_obj: zap_obj,
+          return_as: :har
+        )
+
+        har_entries = har_sitemap.select do |entry|
+          json_request = entry[:request].to_json
+          json_request.include?(search_string)
+        end
+
+        har_entries
+      rescue StandardError, SystemExit, Interrupt => e
+        stop(zap_obj: zap_obj) unless zap_obj.nil?
+        raise e
+      end
+
+      # Supported Method Parameters::
+      # PWN::Plugins::Zaproxy.requester(
+      #   zap_obj: 'required - zap_obj returned from #open method',
+      #   har_entry: 'required - har entry (e.g. from #get_sitemap method or #find_har_entries method)',
+      #   redirect: 'optional - follow redirects if set to true (defaults to false)'
+      # )
+
+      public_class_method def self.requester(opts = {})
+        zap_obj = opts[:zap_obj]
+        api_key = zap_obj[:api_key].to_s.scrub
+        har_entry = opts[:har_entry]
+        raise 'ERROR: har_entry must be provided and be a valid HAR entry' unless har_entry.is_a?(Hash) && har_entry.key?(:request) && har_entry.key?(:response)
+
+        redirect = opts[:redirect] || false
+        raise 'ERROR: redirect must be a boolean' unless redirect.is_a?(TrueClass) || redirect.is_a?(FalseClass)
+
+        har_json = har_entry.to_json
+        params = {
+          apikey: api_key,
+          request: har_json,
+          followRedirects: redirect.to_s
+        }
+
+        response = zap_rest_call(
+          zap_obj: zap_obj,
+          rest_call: 'OTHER/exim/other/sendHarRequest/',
+          params: params
+        )
+
+        JSON.parse(response.body, symbolize_names: true)
+      rescue StandardError, SystemExit, Interrupt => e
+        stop(zap_obj: zap_obj) unless zap_obj.nil?
+        raise e
+      end
+
       # Supported Method Parameters::
       # PWN::Plugins::Zaproxy.spider(
       #   zap_obj: 'required - zap_obj returned from #open method',
@@ -785,19 +751,26 @@ module PWN
             openapi_spec: 'required - path to OpenAPI JSON or YAML spec file'
           )
 
+          #{self}.get_sitemap(
+            zap_obj: 'required - zap_obj returned from #open method',
+            return_as: 'optional - :base64 or :har (defaults to :base64)'
+          )
+
           #{self}.add_to_scope(
             zap_obj: 'required - zap_obj returned from #open method',
             target_regex: 'required - url regex to add to scope (e.g. https://test.domain.local.*)',
             context_name: 'optional - context name to add target_regex to (defaults to Default Context)'
           )
 
-          #{self}.add_requester_tab(
+          #{self}.find_har_entries(
             zap_obj: 'required - zap_obj returned from #open method',
-            request: 'required - base64 encoded HTTP request (e.g. from #get_sitemap method)'
+            search_string: 'required - string to search for in the sitemap entries'
           )
 
-          #{self}.get_sitemap(
-            zap_obj: 'required - zap_obj returned from #open method'
+          #{self}.requester(
+            zap_obj: 'required - zap_obj returned from #open method',
+            har_entry: 'required - har entry (e.g. from #get_sitemap method or #find_har_entries method)',
+            redirect: 'optional - follow redirects if set to true (defaults to true)'
           )
 
           json_sitemap = #{self}.spider(

data/lib/pwn/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.5.405'
+  VERSION = '0.5.407'
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.5.405
+  version: 0.5.407
 platform: ruby
 authors:
 - 0day Inc.