pwn 0.5.411 → 0.5.412

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +3 -3
  3. data/lib/pwn/plugins/burp_suite.rb +13 -36
  4. data/lib/pwn/plugins/zaproxy.rb +66 -83
  5. data/lib/pwn/version.rb +1 -1
  6. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 6e8c4df2a4b02ded646f819e84eb0673aefc4f4a0f7a771ed5213d4d2b6ce3fd
4
- data.tar.gz: ad1e9ad33c95d83bf7128d02600251e9229734d58c905854e29dc12511d23d83
3
+ metadata.gz: 38131db5d063ec6429f21a9705f43f48fee38b9cd62e84e1be7edd61a0bb78cb
4
+ data.tar.gz: 0edffa812c7a3c32909bfa511df313cb4531589a9c4d15bc1ba40376974e27e9
5
5
  SHA512:
6
- metadata.gz: c4e78349fe9c1729a8a3df6bf69a319a4e47c971fbc98791ae7b69da9a93561a6e15bb84c0a64a6f49653278aa42a936f1685fdb480440fe3300589cd1f7877d
7
- data.tar.gz: 3a7ff1c398b1bcc19f4a42e6c9ceea872078e65df1f1b3efddf2d754a93b9086847fe10de27582ed00a22b60615f0c3b9a808e7568d5d7db7895d8f76eb6f32a
6
+ metadata.gz: bbe772b7d7169f3ce683c378ebc68f91ef57a463b99907cca069fe32bd32c77c39af3192bc55e939388bcd215eba7f1f034066901ad9b96271f64e2ee7087c47
7
+ data.tar.gz: 6fad5ffc58148a10b3a5b949d4e28783001ef0daea8b069caad8d38166e6e20bd29f608d05ab2548175a99b62ec55529048ab8ebb738cd6d96ab3b3dcf06e26a
data/README.md CHANGED
@@ -37,7 +37,7 @@ $ cd /opt/pwn
37
37
  $ ./install.sh
38
38
  $ ./install.sh ruby-gem
39
39
  $ pwn
40
- pwn[v0.5.411]:001 >>> PWN.help
40
+ pwn[v0.5.412]:001 >>> PWN.help
41
41
  ```
42
42
 
43
43
  [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.4.4@pwn
52
52
  $ gem uninstall --all --executables pwn
53
53
  $ gem install --verbose pwn
54
54
  $ pwn
55
- pwn[v0.5.411]:001 >>> PWN.help
55
+ pwn[v0.5.412]:001 >>> PWN.help
56
56
  ```
57
57
 
58
58
  If you're using a multi-user install of RVM do:
@@ -62,7 +62,7 @@ $ rvm use ruby-3.4.4@pwn
62
62
  $ rvmsudo gem uninstall --all --executables pwn
63
63
  $ rvmsudo gem install --verbose pwn
64
64
  $ pwn
65
- pwn[v0.5.411]:001 >>> PWN.help
65
+ pwn[v0.5.412]:001 >>> PWN.help
66
66
  ```
67
67
 
68
68
  PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
data/lib/pwn/plugins/burp_suite.rb CHANGED
@@ -360,16 +360,14 @@ module PWN
360
360
  # Supported Method Parameters::
361
361
  # json_sitemap = PWN::Plugins::BurpSuite.get_sitemap(
362
362
  # burp_obj: 'required - burp_obj returned by #start method',
363
- # target_url: 'optional - target URL to filter sitemap results (defaults to entire sitemap)'
363
+ # keyword: 'optional - keyword to filter sitemap entries (default: nil)',
364
364
  # )
365
365
 
366
366
  public_class_method def self.get_sitemap(opts = {})
367
367
  burp_obj = opts[:burp_obj]
368
368
  rest_browser = burp_obj[:rest_browser]
369
369
  mitm_rest_api = burp_obj[:mitm_rest_api]
370
- target_url = opts[:target_url]
371
-
372
- base64_encoded_target_url = Base64.strict_encode64(target_url.to_s.scrub.strip.chomp) if target_url
370
+ keyword = opts[:keyword]
373
371
 
374
372
  rest_call = "http://#{mitm_rest_api}/sitemap"
375
373
  rest_call = "#{rest_call}/#{base64_encoded_target_url}" if target_url
@@ -379,7 +377,16 @@ module PWN
379
377
  content_type: 'application/json; charset=UTF8'
380
378
  )
381
379
 
382
- JSON.parse(sitemap, symbolize_names: true)
380
+ sitemap_arr = JSON.parse(sitemap, symbolize_names: true)
381
+
382
+ if keyword
383
+ sitmap_arr = sitemap_arr.select do |site|
384
+ dec_request = Base64.strict_decode64(site[:request])
385
+ site if dec_request.include?(keyword)
386
+ end
387
+ end
388
+
389
+ sitemap_arr
383
390
  rescue StandardError => e
384
391
  stop(burp_obj: burp_obj) unless burp_obj.nil?
385
392
  raise e
@@ -439,31 +446,6 @@ module PWN
439
446
  raise e
440
447
  end
441
448
 
442
- # Supported Method Parameters::
443
- # repeater_id = PWN::Plugins::BurpSuite.find_sitemap_entries(
444
- # burp_obj: 'required - burp_obj returned by #start method',
445
- # search_string: 'required - string to search for in the sitemap entries'
446
- # )
447
-
448
- public_class_method def self.find_sitemap_entries(opts = {})
449
- burp_obj = opts[:burp_obj]
450
- raise 'ERROR: burp_obj parameter is required' unless burp_obj.is_a?(Hash)
451
-
452
- search_string = opts[:search_string]
453
- raise 'ERROR: search_string parameter is required' if search_string.nil?
454
-
455
- rest_browser = burp_obj[:rest_browser]
456
- mitm_rest_api = burp_obj[:mitm_rest_api]
457
-
458
- json_sitemap = get_sitemap(burp_obj: burp_obj)
459
- matching_entries = json_sitemap.select do |entry|
460
- decoded_request = Base64.strict_decode64(entry[:request])
461
- decoded_request.include?(search_string)
462
- end
463
- rescue StandardError => e
464
- raise e
465
- end
466
-
467
449
  # Supported Method Parameters:
468
450
  # json_sitemap = PWN::Plugins::BurpSuite.import_openapi_to_sitemap(
469
451
  # burp_obj: 'required - burp_obj returned by #start method',
@@ -1376,7 +1358,7 @@ module PWN
1376
1358
 
1377
1359
  json_sitemap = #{self}.get_sitemap(
1378
1360
  burp_obj: 'required - burp_obj returned by #start method',
1379
- target_url: 'optional - target URL to filter sitemap results (defaults to entire sitemap)'
1361
+ keyword: 'optional - keyword to filter sitemap results (default: nil)',
1380
1362
  )
1381
1363
 
1382
1364
  json_sitemap = #{self}.add_to_sitemap(
@@ -1401,11 +1383,6 @@ module PWN
1401
1383
  }
1402
1384
  )
1403
1385
 
1404
- #{self}.find_sitemap_entry(
1405
- burp_obj: 'required - burp_obj returned by #start method',
1406
- search_string: 'required - string to search for in the sitemap entries'
1407
- )
1408
-
1409
1386
  json_sitemap = #{self}.import_openapi_to_sitemap(
1410
1387
  burp_obj: 'required - burp_obj returned by #start method',
1411
1388
  openapi_spec: 'required - path to OpenAPI JSON or YAML specification file',
data/lib/pwn/plugins/zaproxy.rb CHANGED
@@ -197,18 +197,21 @@ module PWN
197
197
  # Supported Method Parameters::
198
198
  # json_sitemap = PWN::Plugins::Zaproxy.get_sitemap(
199
199
  # zap_obj: 'required - zap_obj returned from #open method',
200
+ # keyword: 'optional - string to search for in the sitemap entries (defaults to nil)',
200
201
  # return_as: 'optional - :base64 or :har (defaults to :base64)'
201
202
  # )
202
203
 
203
204
  public_class_method def self.get_sitemap(opts = {})
204
205
  zap_obj = opts[:zap_obj]
205
206
  api_key = zap_obj[:api_key].to_s.scrub
207
+ keyword = opts[:keyword]
206
208
  return_as = opts[:return_as] ||= :base64
207
209
 
208
210
  entries = []
209
211
  start = 0
210
212
  count = 1000
211
213
 
214
+ # Get all entries in sitemap
212
215
  loop do
213
216
  params = { apikey: api_key, start: start, count: count }
214
217
 
@@ -225,59 +228,71 @@ module PWN
225
228
  entries += new_entries
226
229
  start += count
227
230
  end
228
- return entries if return_as == :har
229
-
230
- # Deduplicate entries based on method + url
231
- seen = Set.new
232
- converted_messages = []
233
-
234
- entries.each do |entry|
235
- req = entry[:request]
236
- key = [req[:method], req[:url]]
237
- next if seen.include?(key)
238
-
239
- seen.add(key)
240
-
241
- # Build full request string
242
- req_line = "#{req[:method]} #{req[:url]} #{req[:httpVersion]}\r\n"
243
- req_headers = req[:headers].map { |h| "#{h[:name]}: #{h[:value]}\r\n" }.join
244
- req_body = ''
245
- if req[:postData] && req[:postData][:text]
246
- req_body = req[:postData][:text]
247
- req_body = Base64.decode64(req_body) if req[:postData][:encoding] == 'base64'
231
+
232
+ case return_as
233
+ when :har
234
+ if keyword
235
+ entries = har_sitemap.select do |site|
236
+ json_request = site[:request].to_json
237
+ json_request.include?(keyword)
238
+ end
248
239
  end
249
- full_req = "#{req_line}#{req_headers}\r\n#{req_body}".force_encoding('ASCII-8BIT')
250
- encoded_req = Base64.strict_encode64(full_req)
251
-
252
- # Build full response string
253
- res = entry[:response]
254
- res_line = "#{res[:httpVersion]} #{res[:status]} #{res[:statusText]}\r\n"
255
- res_headers = res[:headers].map { |h| "#{h[:name]}: #{h[:value]}\r\n" }.join
256
- res_body = ''
257
- if res[:content] && res[:content][:text]
258
- res_body = res[:content][:text]
259
- res_body = Base64.decode64(res_body) if res[:content][:encoding] == 'base64'
240
+ when :base64
241
+ # Deduplicate entries based on method + url
242
+ entries.each do |entry|
243
+ entry_hash = {}
244
+ req = entry[:request]
245
+ key = [req[:method], req[:url]]
246
+
247
+ # Build full request string
248
+ req_line = "#{req[:method]} #{req[:url]} #{req[:httpVersion]}\r\n"
249
+ req_headers = req[:headers].map { |h| "#{h[:name]}: #{h[:value]}\r\n" }.join
250
+ req_body = ''
251
+ if req[:postData] && req[:postData][:text]
252
+ req_body = req[:postData][:text]
253
+ req_body = Base64.decode64(req_body) if req[:postData][:encoding] == 'base64'
254
+ end
255
+ full_req = "#{req_line}#{req_headers}\r\n#{req_body}".force_encoding('ASCII-8BIT')
256
+ encoded_req = Base64.strict_encode64(full_req)
257
+
258
+ # Build full response string
259
+ res = entry[:response]
260
+ res_line = "#{res[:httpVersion]} #{res[:status]} #{res[:statusText]}\r\n"
261
+ res_headers = res[:headers].map { |h| "#{h[:name]}: #{h[:value]}\r\n" }.join
262
+ res_body = ''
263
+ if res[:content] && res[:content][:text]
264
+ res_body = res[:content][:text]
265
+ res_body = Base64.decode64(res_body) if res[:content][:encoding] == 'base64'
266
+ end
267
+ full_res = "#{res_line}#{res_headers}\r\n#{res_body}".force_encoding('ASCII-8BIT')
268
+ encoded_res = Base64.strict_encode64(full_res)
269
+
270
+ # Extract http_service
271
+ uri = URI.parse(req[:url])
272
+ http_service = {
273
+ host: uri.host,
274
+ port: uri.port,
275
+ protocol: uri.scheme
276
+ }
277
+
278
+ # Add to array
279
+ entry_hash[:request] = encoded_req
280
+ entry_hash[:response] = encoded_res
281
+ entry_hash[:http_service] = http_service
282
+ entries.push(entry_hash)
260
283
  end
261
- full_res = "#{res_line}#{res_headers}\r\n#{res_body}".force_encoding('ASCII-8BIT')
262
- encoded_res = Base64.strict_encode64(full_res)
263
-
264
- # Extract http_service
265
- uri = URI.parse(req[:url])
266
- http_service = {
267
- host: uri.host,
268
- port: uri.port,
269
- protocol: uri.scheme
270
- }
271
284
 
272
- # Add to array
273
- converted_messages << {
274
- request: encoded_req,
275
- response: encoded_res,
276
- http_service: http_service
277
- }
285
+ if keyword
286
+ entries = entries.select do |site|
287
+ deccoded_request = Base64.strict_decode64(site[:request])
288
+ deccoded_request.include?(keyword)
289
+ end
290
+ end
291
+ else
292
+ raise "ERROR: Invalid return_as option #{return_as}. Valid options are :base64 or :har"
278
293
  end
279
294
 
280
- converted_messages
295
+ entries.uniq
281
296
  rescue StandardError, SystemExit, Interrupt => e
282
297
  stop(zap_obj: zap_obj) unless zap_obj.nil?
283
298
  raise e
@@ -316,38 +331,10 @@ module PWN
316
331
  raise e
317
332
  end
318
333
 
319
- # Supported Method Parameters::
320
- # PWN::Plugins::Zaproxy.find_har_entries(
321
- # zap_obj: 'required - zap_obj returned from #open method',
322
- # search_string: 'required - string to search for in the sitemap entries'
323
- # )
324
-
325
- public_class_method def self.find_har_entries(opts = {})
326
- zap_obj = opts[:zap_obj]
327
- api_key = zap_obj[:api_key].to_s.scrub
328
- search_string = opts[:search_string]
329
- raise 'ERROR: search_string must be provided' if search_string.nil?
330
-
331
- har_sitemap = get_sitemap(
332
- zap_obj: zap_obj,
333
- return_as: :har
334
- )
335
-
336
- har_entries = har_sitemap.select do |entry|
337
- json_request = entry[:request].to_json
338
- json_request.include?(search_string)
339
- end
340
-
341
- har_entries
342
- rescue StandardError, SystemExit, Interrupt => e
343
- stop(zap_obj: zap_obj) unless zap_obj.nil?
344
- raise e
345
- end
346
-
347
334
  # Supported Method Parameters::
348
335
  # PWN::Plugins::Zaproxy.requester(
349
336
  # zap_obj: 'required - zap_obj returned from #open method',
350
- # har_entry: 'required - har entry (e.g. from #get_sitemap method or #find_har_entries method)',
337
+ # har_entry: 'required - har entry (e.g. from #get_sitemap method method)',
351
338
  # redirect: 'optional - follow redirects if set to true (defaults to false)'
352
339
  # )
353
340
 
@@ -788,6 +775,7 @@ module PWN
788
775
 
789
776
  #{self}.get_sitemap(
790
777
  zap_obj: 'required - zap_obj returned from #open method',
778
+ keyword: 'optional - string to search for in the sitemap entries (defaults to nil)',
791
779
  return_as: 'optional - :base64 or :har (defaults to :base64)'
792
780
  )
793
781
 
@@ -797,14 +785,9 @@ module PWN
797
785
  context_name: 'optional - context name to add target_regex to (defaults to Default Context)'
798
786
  )
799
787
 
800
- #{self}.find_har_entries(
801
- zap_obj: 'required - zap_obj returned from #open method',
802
- search_string: 'required - string to search for in the sitemap entries'
803
- )
804
-
805
788
  #{self}.requester(
806
789
  zap_obj: 'required - zap_obj returned from #open method',
807
- har_entry: 'required - har entry (e.g. from #get_sitemap method or #find_har_entries method)',
790
+ har_entry: 'required - har entry (e.g. from #get_sitemap method method)',
808
791
  redirect: 'optional - follow redirects if set to true (defaults to true)'
809
792
  )
810
793
 
data/lib/pwn/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module PWN
4
- VERSION = '0.5.411'
4
+ VERSION = '0.5.412'
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pwn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.5.411
4
+ version: 0.5.412
5
5
  platform: ruby
6
6
  authors:
7
7
  - 0day Inc.