pwn 0.5.421 → 0.5.423

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +3 -3
  3. data/lib/pwn/plugins/repl.rb +37 -92
  4. data/lib/pwn/plugins/vault.rb +97 -2
  5. data/lib/pwn/version.rb +1 -1
  6. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f3e5df4c5f4c7eab586af5e5024ae1df3c00f2c885e44636e436ae501fce3530
4
- data.tar.gz: 369de672a50ea1efcf94b84290a51698808efa5042d978bcd66061f4e4ba9ec2
3
+ metadata.gz: f8098304b98e5388c044eb9ff8b9a5bee04075d7a5ccadac260f7a974eb55c15
4
+ data.tar.gz: 4f19ff9ea53d7d4114ae6cbfb2a79fd34f1910d3202f209454645998665a7525
5
5
  SHA512:
6
- metadata.gz: a6fef6398ffebead215a4bdafd99691a8a14be0048944e76aa9c6e85f0964749724fbb9d9d8116a57157ef62baebd522ed1eced64d8bf801ed279efd3d92d213
7
- data.tar.gz: 9a8bd528fb55e9ada542ed214697df963c18b12a8d2b831b50ca6c1326f8229478abf3a884db281e30d0234b96c741f2215021e50dba85f3bf3b937de76e84d8
6
+ metadata.gz: 69952d0e0101a72ef4b08f5d6da5b0d9d034d080b7bfafedf751a8c2cbbb1119593dba7162b733652ab7ae5f02585a6a4ae13272905182cf8437adda621f6efc
7
+ data.tar.gz: b7fc21ff696a807e7e65aec231457224eea412620cf3052d6b5233b6618f83c5b3cfebe2ab1341a2072111d5eb97def1d82a6c57aec9da6fc83870ba4dcea2c6
data/README.md CHANGED
@@ -37,7 +37,7 @@ $ cd /opt/pwn
37
37
  $ ./install.sh
38
38
  $ ./install.sh ruby-gem
39
39
  $ pwn
40
- pwn[v0.5.421]:001 >>> PWN.help
40
+ pwn[v0.5.423]:001 >>> PWN.help
41
41
  ```
42
42
 
43
43
  [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.4.4@pwn
52
52
  $ gem uninstall --all --executables pwn
53
53
  $ gem install --verbose pwn
54
54
  $ pwn
55
- pwn[v0.5.421]:001 >>> PWN.help
55
+ pwn[v0.5.423]:001 >>> PWN.help
56
56
  ```
57
57
 
58
58
  If you're using a multi-user install of RVM do:
@@ -62,7 +62,7 @@ $ rvm use ruby-3.4.4@pwn
62
62
  $ rvmsudo gem uninstall --all --executables pwn
63
63
  $ rvmsudo gem install --verbose pwn
64
64
  $ pwn
65
- pwn[v0.5.421]:001 >>> PWN.help
65
+ pwn[v0.5.423]:001 >>> PWN.help
66
66
  ```
67
67
 
68
68
  PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
data/lib/pwn/plugins/repl.rb CHANGED
@@ -8,96 +8,6 @@ module PWN
8
8
  module Plugins
9
9
  # This module contains methods related to the pwn REPL Driver.
10
10
  module REPL
11
- # Supported Method Parameters::
12
- # PWN::Plugins::REPL.load_config(
13
- # pi: 'required - Pry Instance object',
14
- # yaml_config_path: 'required - full path to pwn.yaml file',
15
- # decryption_file: 'optional - full path to decryption YAML file'
16
- # )
17
- public_class_method def self.load_config(opts = {})
18
- yaml_config_path = opts[:yaml_config_path]
19
-
20
- return false unless yaml_config_path
21
-
22
- pi = opts[:pi] ||= Pry
23
- raise "ERROR: #{yaml_config_path} does not exist." unless File.exist?(yaml_config_path)
24
-
25
- is_encrypted = PWN::Plugins::Vault.file_encrypted?(file: yaml_config_path)
26
-
27
- if is_encrypted
28
- # TODO: Implement "something you know, something you have, && something you are?"
29
- decryption_file = opts[:decryption_file] ||= "#{Dir.home}/pwn.decryptor.yaml"
30
- raise "ERROR: #{decryption_file} does not exist." unless File.exist?(decryption_file)
31
-
32
- yaml_decryptor = YAML.load_file(decryption_file, symbolize_names: true)
33
-
34
- key = opts[:key] ||= yaml_decryptor[:key] ||= ENV.fetch('PWN_DECRYPTOR_KEY')
35
- key = PWN::Plugins::AuthenticationHelper.mask_password(prompt: 'Decryption Key') if key.nil?
36
-
37
- iv = opts[:iv] ||= yaml_decryptor[:iv] ||= ENV.fetch('PWN_DECRYPTOR_IV')
38
- iv = PWN::Plugins::AuthenticationHelper.mask_password(prompt: 'Decryption IV') if iv.nil?
39
-
40
- yaml_config = PWN::Plugins::Vault.dump(
41
- file: yaml_config_path,
42
- key: key,
43
- iv: iv
44
- )
45
- else
46
- yaml_config = YAML.load_file(yaml_config_path, symbolize_names: true)
47
- end
48
- pi.config.p = yaml_config
49
- Pry.config.p = yaml_config
50
-
51
- valid_ai_engines = %i[
52
- grok
53
- openai
54
- ollama
55
- ]
56
- ai_engine = yaml_config[:ai_engine].to_s.downcase.to_sym
57
-
58
- raise "ERROR: Unsupported AI Engine: #{ai_engine} in #{yaml_config_path}. Supported AI Engines:\n#{valid_ai_engines.inspect}" unless valid_ai_engines.include?(ai_engine)
59
-
60
- pi.config.pwn_ai_engine = ai_engine
61
- Pry.config.pwn_ai_engine = ai_engine
62
-
63
- pi.config.pwn_ai_base_uri = pi.config.p[ai_engine][:base_uri]
64
- Pry.config.pwn_ai_base_uri = pi.config.pwn_ai_base_uri
65
-
66
- pi.config.pwn_ai_key = pi.config.p[ai_engine][:key]
67
- Pry.config.pwn_ai_key = pi.config.pwn_ai_key
68
-
69
- pi.config.pwn_ai_model = pi.config.p[ai_engine][:model]
70
- Pry.config.pwn_ai_model = pi.config.pwn_ai_model
71
-
72
- pi.config.pwn_ai_system_role_content = pi.config.p[ai_engine][:system_role_content]
73
- Pry.config.pwn_ai_system_role_content = pi.config.pwn_ai_system_role_content
74
-
75
- pi.config.pwn_ai_temp = pi.config.p[ai_engine][:temp]
76
- Pry.config.pwn_ai_temp = pi.config.pwn_ai_temp
77
-
78
- pi.config.pwn_asm_arch = pi.config.p[:asm][:arch]
79
- Pry.config.pwn_asm_arch = pi.config.pwn_asm_arch
80
-
81
- pi.config.pwn_asm_endian = pi.config.p[:asm][:endian]
82
- Pry.config.pwn_asm_endian = pi.config.pwn_asm_endian
83
-
84
- pi.config.pwn_irc = pi.config.p[:irc]
85
- Pry.config.pwn_irc = pi.config.pwn_irc
86
-
87
- pi.config.pwn_hunter = pi.config.p[:hunter][:api_key]
88
- Pry.config.pwn_hunter = pi.config.pwn_hunter
89
-
90
- pi.config.pwn_shodan = pi.config.p[:shodan][:api_key]
91
- Pry.config.pwn_shodan = pi.config.pwn_shodan
92
-
93
- pi.config.reload_config = false
94
- Pry.config.reload_config = false
95
-
96
- true
97
- rescue StandardError => e
98
- raise e
99
- end
100
-
101
11
  # Supported Method Parameters::
102
12
  # PWN::Plugins::REPL.refresh_ps1_proc(
103
13
  # mode: 'required - :splat or nil'
@@ -107,7 +17,7 @@ module PWN
107
17
  mode = opts[:mode]
108
18
 
109
19
  proc do |_target_self, _nest_level, pi|
110
- load_config(opts) if Pry.config.reload_config
20
+ PWN::Plugins::Vault.refresh_config_for_repl(opts) if Pry.config.refresh_config
111
21
 
112
22
  pi.config.pwn_repl_line += 1
113
23
  line_pad = format(
@@ -547,6 +457,36 @@ module PWN
547
457
  end
548
458
  end
549
459
 
460
+ Pry::Commands.create_command 'pwn-vault-edit' do
461
+ description 'Edit the pwn.yaml configuration file.'
462
+
463
+ def process
464
+ pi = pry_instance
465
+ yaml_config_path = pi.config.yaml_config_path ||= "#{Dir.home}/pwn.yaml"
466
+ unless File.exist?(yaml_config_path)
467
+ puts "ERROR: pwn.yaml not found: #{yaml_config_path}"
468
+ return
469
+ end
470
+
471
+ decryption_file = pi.config.decryption_file ||= "#{Dir.home}/pwn.decryptor.yaml"
472
+ unless File.exist?(decryption_file)
473
+ puts "ERROR: pwn.decryptor.yaml not found: #{decryption_file}"
474
+ return
475
+ end
476
+ decryptor = YAML.load_file(decryption_file, symbolize_names: true)
477
+ key = decryptor[:key]
478
+ iv = decryptor[:iv]
479
+
480
+ PWN::Plugins::Vault.edit(
481
+ file: yaml_config_path,
482
+ key: key,
483
+ iv: iv
484
+ )
485
+ rescue StandardError => e
486
+ raise e
487
+ end
488
+ end
489
+
550
490
  Pry::Commands.create_command 'toggle-pwn-ai-debug' do
551
491
  description 'Display the response_history object while using pwn.ai'
552
492
 
@@ -597,7 +537,10 @@ module PWN
597
537
  # Initialize pwn.yaml Configuration using :before_session Hook
598
538
  Pry.config.hooks.add_hook(:before_session, :init_opts) do |_output, _binding, pi|
599
539
  opts[:pi] = pi
600
- load_config(opts)
540
+ Pry.config.yaml_config_path = opts[:yaml_config_path]
541
+ Pry.config.decryption_file = opts[:decryption_file]
542
+
543
+ PWN::Plugins::Vault.refresh_config_for_repl(opts)
601
544
  end
602
545
 
603
546
  Pry.config.hooks.add_hook(:after_read, :pwn_asm_hook) do |request, pi|
@@ -742,6 +685,8 @@ module PWN
742
685
  # Monkey Patch Pry, add commands, && hooks
743
686
  PWN::Plugins::MonkeyPatch.pry
744
687
  add_commands
688
+ opts[:yaml_config_path] ||= "#{Dir.home}/pwn.yaml"
689
+ opts[:decryption_file] ||= "#{Dir.home}/pwn.decryptor.yaml"
745
690
  add_hooks(opts)
746
691
 
747
692
  # Define PS1 Prompt
data/lib/pwn/plugins/vault.rb CHANGED
@@ -172,8 +172,8 @@ module PWN
172
172
  relative_editor = File.basename(editor)
173
173
  system(relative_editor, file)
174
174
 
175
- # If the Pry object exists, set reload_config to true
176
- Pry.config.reload_config = true if defined?(Pry)
175
+ # If the Pry object exists, set refresh_config to true
176
+ Pry.config.refresh_config = true if defined?(Pry)
177
177
 
178
178
  encrypt(
179
179
  file: file,
@@ -234,6 +234,95 @@ module PWN
234
234
  raise e
235
235
  end
236
236
 
237
+ # Supported Method Parameters::
238
+ # PWN::Plugins::Vault.refresh_config_for_repl(
239
+ # yaml_config_path: 'required - full path to pwn.yaml file',
240
+ # pi: 'optional - Pry instance (default: Pry)',
241
+ # decryption_file: 'optional - full path to decryption YAML file'
242
+ # )
243
+ public_class_method def self.refresh_config_for_repl(opts = {})
244
+ yaml_config_path = opts[:yaml_config_path]
245
+
246
+ return false unless yaml_config_path
247
+
248
+ pi = opts[:pi] ||= Pry
249
+ raise "ERROR: #{yaml_config_path} does not exist." unless File.exist?(yaml_config_path)
250
+
251
+ is_encrypted = PWN::Plugins::Vault.file_encrypted?(file: yaml_config_path)
252
+
253
+ if is_encrypted
254
+ # TODO: Implement "something you know, something you have, && something you are?"
255
+ decryption_file = opts[:decryption_file] ||= "#{Dir.home}/pwn.decryptor.yaml"
256
+ raise "ERROR: #{decryption_file} does not exist." unless File.exist?(decryption_file)
257
+
258
+ yaml_decryptor = YAML.load_file(decryption_file, symbolize_names: true)
259
+
260
+ key = opts[:key] ||= yaml_decryptor[:key] ||= ENV.fetch('PWN_DECRYPTOR_KEY')
261
+ key = PWN::Plugins::AuthenticationHelper.mask_password(prompt: 'Decryption Key') if key.nil?
262
+
263
+ iv = opts[:iv] ||= yaml_decryptor[:iv] ||= ENV.fetch('PWN_DECRYPTOR_IV')
264
+ iv = PWN::Plugins::AuthenticationHelper.mask_password(prompt: 'Decryption IV') if iv.nil?
265
+
266
+ yaml_config = PWN::Plugins::Vault.dump(
267
+ file: yaml_config_path,
268
+ key: key,
269
+ iv: iv
270
+ )
271
+ else
272
+ yaml_config = YAML.load_file(yaml_config_path, symbolize_names: true)
273
+ end
274
+ pi.config.p = yaml_config
275
+ Pry.config.p = yaml_config
276
+
277
+ valid_ai_engines = %i[
278
+ grok
279
+ openai
280
+ ollama
281
+ ]
282
+ ai_engine = yaml_config[:ai_engine].to_s.downcase.to_sym
283
+
284
+ raise "ERROR: Unsupported AI Engine: #{ai_engine} in #{yaml_config_path}. Supported AI Engines:\n#{valid_ai_engines.inspect}" unless valid_ai_engines.include?(ai_engine)
285
+
286
+ pi.config.pwn_ai_engine = ai_engine
287
+ Pry.config.pwn_ai_engine = ai_engine
288
+
289
+ pi.config.pwn_ai_base_uri = pi.config.p[ai_engine][:base_uri]
290
+ Pry.config.pwn_ai_base_uri = pi.config.pwn_ai_base_uri
291
+
292
+ pi.config.pwn_ai_key = pi.config.p[ai_engine][:key]
293
+ Pry.config.pwn_ai_key = pi.config.pwn_ai_key
294
+
295
+ pi.config.pwn_ai_model = pi.config.p[ai_engine][:model]
296
+ Pry.config.pwn_ai_model = pi.config.pwn_ai_model
297
+
298
+ pi.config.pwn_ai_system_role_content = pi.config.p[ai_engine][:system_role_content]
299
+ Pry.config.pwn_ai_system_role_content = pi.config.pwn_ai_system_role_content
300
+
301
+ pi.config.pwn_ai_temp = pi.config.p[ai_engine][:temp]
302
+ Pry.config.pwn_ai_temp = pi.config.pwn_ai_temp
303
+
304
+ pi.config.pwn_asm_arch = pi.config.p[:asm][:arch]
305
+ Pry.config.pwn_asm_arch = pi.config.pwn_asm_arch
306
+
307
+ pi.config.pwn_asm_endian = pi.config.p[:asm][:endian]
308
+ Pry.config.pwn_asm_endian = pi.config.pwn_asm_endian
309
+
310
+ pi.config.pwn_irc = pi.config.p[:irc]
311
+ Pry.config.pwn_irc = pi.config.pwn_irc
312
+
313
+ pi.config.pwn_hunter = pi.config.p[:hunter][:api_key]
314
+ Pry.config.pwn_hunter = pi.config.pwn_hunter
315
+
316
+ pi.config.pwn_shodan = pi.config.p[:shodan][:api_key]
317
+ Pry.config.pwn_shodan = pi.config.pwn_shodan
318
+
319
+ Pry.config.refresh_config = false
320
+
321
+ true
322
+ rescue StandardError => e
323
+ raise e
324
+ end
325
+
237
326
  # Author(s):: 0day Inc. <support@0dayinc.com>
238
327
 
239
328
  public_class_method def self.authors
@@ -286,6 +375,12 @@ module PWN
286
375
  file: 'required - file to check if encrypted'
287
376
  )
288
377
 
378
+ #{self}.refresh_config_for_repl(
379
+ yaml_config_path: 'required - full path to pwn.yaml file',
380
+ pi: 'optional - Pry instance (default: Pry)',
381
+ decryption_file: 'optional - full path to decryption YAML file'
382
+ )
383
+
289
384
  #{self}.authors
290
385
  "
291
386
  end
data/lib/pwn/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module PWN
4
- VERSION = '0.5.421'
4
+ VERSION = '0.5.423'
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pwn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.5.421
4
+ version: 0.5.423
5
5
  platform: ruby
6
6
  authors:
7
7
  - 0day Inc.