pwn 0.5.431 → 0.5.433

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 94c2a5850f2c76a8702121a4b2bb47e1f89b0b41dc63246483a650ff55f39c10
-  data.tar.gz: 6d0addc08b3aec4a592e5cac6dbd13e761d3516573313755364289e7b1b4676a
+  metadata.gz: 387bbe4af26b617f25c04626d47edc3a6a939e7c377352a9e03e4036e61ff9b6
+  data.tar.gz: a498482eacaaf46d73f8af584fbfeda222f46089db1360f4dbb28fe83d4a198c
 SHA512:
-  metadata.gz: 3e8106f5103be1f4c1a447929b8f36440c3a37786374f50fcb7b2176d4fb089dc0b2809ba854fb43d0d516a6dd52be8f5d32339da3c4896074e229d278da4ca0
-  data.tar.gz: f5fdf5bbeb05fb798450829d9d2bd09637b4b71c2590f015707d57c9671ea9bbf8f0782f01e7dd5e32382c1a5c8d125f66824bbb3b51e6cd53e9b0057e256332
+  metadata.gz: f656eb703bea4dc1bb679451d0b755c81007eddeda0c2a951f21a8f0bd093bad4edff86ebf17ccde1ec468f3f983c38aecbe6232ffc91448a28e8fa07b46d9b6
+  data.tar.gz: 5a70e26ea3e2c273e5d4a2edd62868799c9aa7dcfa4c8fb8e2f2cc43525234756ae020d63328fde508bf73940712eb828672d7f86bd29c46b3e2a809ce070527

data/Gemfile

@@ -75,7 +75,7 @@ gem 'pry-doc', '1.6.0'
 gem 'rake', '13.3.0'
 gem 'rb-readline', '0.5.5'
 gem 'rbvmomi2', '3.8.0'
-gem 'rdoc', '6.14.2'
+gem 'rdoc', '6.15.0'
 gem 'rest-client', '2.1.0'
 gem 'rex', '2.0.13'
 gem 'rmagick', '6.1.4'

data/README.md

@@ -37,7 +37,7 @@ $ cd /opt/pwn
 $ ./install.sh
 $ ./install.sh ruby-gem
 $ pwn
-pwn[v0.5.431]:001 >>> PWN.help
+pwn[v0.5.433]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.4.4@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.5.431]:001 >>> PWN.help
+pwn[v0.5.433]:001 >>> PWN.help
 ```
 
 If you're using a multi-user install of RVM do:
@@ -62,7 +62,7 @@ $ rvm use ruby-3.4.4@pwn
 $ rvmsudo gem uninstall --all --executables pwn
 $ rvmsudo gem install --verbose pwn
 $ pwn
-pwn[v0.5.431]:001 >>> PWN.help
+pwn[v0.5.433]:001 >>> PWN.help
 ```
 
 PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`.  The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:

data/bin/pwn

@@ -10,12 +10,12 @@ OptionParser.new do |options|
     #{File.basename($PROGRAM_NAME)} [opts]
   "
 
-  options.on('-YPATH', '--pwn-config=PATH', '<Optional - PWN YAML File>') do |p|
-    opts[:pwn_config_path] = p
+  options.on('-YPATH', '--pwn-env=PATH', '<Optional - PWN YAML File>') do |p|
+    opts[:pwn_env_path] = p
   end
 
-  options.on('-ZPATH', '--pwn-decryptor=PATH', '<Optional - Out-of-Band YAML File with :key && :iv>') do |d|
-    opts[:pwn_decryptor_path] = d
+  options.on('-ZPATH', '--pwn-dec=PATH', '<Optional - Out-of-Band YAML File with :key && :iv>') do |d|
+    opts[:pwn_dec_path] = d
   end
 end.parse!
 

data/bin/pwn_sast

@@ -12,12 +12,12 @@ OptionParser.new do |options|
   "
 
   # TODO: HOW TO LOAD THE pwn.yaml CONFIGURATION FILE FOR EVERYTHING UNLESS OVERRIDDEN???
-  options.on('-YPATH', '--pwn-config=PATH', '<Optional - PWN YAML File>') do |p|
-    opts[:pwn_config_path] = p
+  options.on('-YPATH', '--pwn-env=PATH', '<Optional - PWN YAML File>') do |p|
+    opts[:pwn_env_path] = p
   end
 
-  options.on('-ZPATH', '--pwn-decryptor=PATH', '<Optional - Out-of-Band YAML File with :key && :iv>') do |d|
-    opts[:pwn_decryptor_path] = d
+  options.on('-ZPATH', '--pwn-dec=PATH', '<Optional - Out-of-Band YAML File with :key && :iv>') do |d|
+    opts[:pwn_dec_path] = d
   end
 
   options.on('-uGITURI', '--uri-source-root=GITURI', '<Required - HTTP URI of Git Repo Scanned e.g. https://github.com/0dayInc/pwn/tree/master>') do |u|
@@ -57,12 +57,12 @@ end
 begin
   timestamp = Time.now.strftime('%Y-%m-%d_%H:%M:%S%z')
 
-  pwn_config_path = opts[:pwn_config_path]
-  pwn_decryptor_path = opts[:pwn_decryptor_path]
-  if pwn_config_path
+  pwn_env_path = opts[:pwn_env_path]
+  pwn_dec_path = opts[:pwn_dec_path]
+  if pwn_env_path
     PWN::Config.refresh(
-      pwn_config_path: pwn_config_path,
-      pwn_decryptor_path: pwn_decryptor_path
+      pwn_env_path: pwn_env_path,
+      pwn_dec_path: pwn_dec_path
     )
   end
 

data/lib/pwn/ai/grok.rb

@@ -25,13 +25,6 @@ module PWN
 
       private_class_method def self.grok_rest_call(opts = {})
         token = opts[:token]
-        if token.nil?
-          PWN::Plugins::AuthenticationHelper.mask_password(
-            prompt: 'Grok Key'
-          )
-          PWN::CONFIG[:ai][:grok][:key] = token
-        end
-
         http_method = if opts[:http_method].nil?
                         :get
                       else

data/lib/pwn/ai/introspection.rb

@@ -0,0 +1,80 @@
+# frozen_string_literal: true
+
+require 'json'
+require 'rest-client'
+require 'tty-spinner'
+
+module PWN
+  module AI
+    # This plugin interacts with PWN::Env's `ai` data structure
+    # when `PWN::Env[:ai][:introspection]` is set to `true`.
+    module Introspection
+      # Supported Method Parameters::
+      # response = PWN::AI::Introspection.reflect
+
+      public_class_method def self.reflect
+        engine = PWN::Env[:ai][:active].to_s.downcase.to_sym
+        base_uri = PWN::Env[:ai][engine][:base_uri]
+        model = PWN::Env[:ai][engine][:model]
+        key = PWN::Env[:ai][engine][:key]
+        system_role_content = PWN::Env[:ai][engine][:system_role_content]
+        temp = PWN::Env[:ai][engine][:temp]
+
+        case engine
+        when :grok
+          response = PWN::AI::Grok.chat(
+            base_uri: base_uri,
+            token: key,
+            model: model,
+            system_role_content: system_role_content,
+            temp: temp,
+            request: request.chomp,
+            spinner: false
+          )
+        when :ollama
+          response = PWN::AI::Ollama.chat(
+            base_uri: base_uri,
+            token: key,
+            model: model,
+            system_role_content: system_role_content,
+            temp: temp,
+            request: request.chomp,
+            spinner: false
+          )
+        when :openai
+          response = PWN::AI::OpenAI.chat(
+            base_uri: base_uri,
+            token: key,
+            model: model,
+            system_role_content: system_role_content,
+            temp: temp,
+            request: request.chomp,
+            spinner: false
+          )
+        end
+
+        response
+      rescue StandardError => e
+        raise e
+      end
+
+      # Author(s):: 0day Inc. <support@0dayinc.com>
+
+      public_class_method def self.authors
+        "AUTHOR(S):
+          0day Inc. <support@0dayinc.com>
+        "
+      end
+
+      # Display Usage for this Module
+
+      public_class_method def self.help
+        puts "USAGE:
+          #{self}.reflect
+
+          #{self}.authors
+        "
+      end
+    end
+  end
+end

data/lib/pwn/ai/ollama.rb

@@ -27,13 +27,6 @@ module PWN
       private_class_method def self.ollama_rest_call(opts = {})
         base_uri = opts[:base_uri]
         token = opts[:token]
-        if token.nil?
-          PWN::Plugins::AuthenticationHelper.mask_password(
-            prompt: 'Ollama Key'
-          )
-          PWN::CONFIG[:ai][:ollama][:key] = token
-        end
-
         http_method = if opts[:http_method].nil?
                         :get
                       else

data/lib/pwn/ai/open_ai.rb

@@ -26,13 +26,6 @@ module PWN
 
       private_class_method def self.open_ai_rest_call(opts = {})
         token = opts[:token]
-        if token.nil?
-          PWN::Plugins::AuthenticationHelper.mask_password(
-            prompt: 'OpenAI Key'
-          )
-          PWN::CONFIG[:ai][:openai][:key] = token
-        end
-
         http_method = if opts[:http_method].nil?
                         :get
                       else

data/lib/pwn/ai.rb

@@ -6,6 +6,7 @@ module PWN
   # http://www.rubyinside.com/ruby-techniques-revealed-autoload-1652.html
   module AI
     autoload :Grok, 'pwn/ai/grok'
+    autoload :Introspection, 'pwn/ai/introspection'
     autoload :Ollama, 'pwn/ai/ollama'
     autoload :OpenAI, 'pwn/ai/open_ai'
 

data/lib/pwn/config.rb

@@ -7,25 +7,25 @@ module PWN
   # Used to manage PWN configuration settings within PWN drivers.
   module Config
     # Supported Method Parameters::
-    # PWN::Config.refresh(
-    #   pwn_config_path: 'optional - Path to pwn.yaml file.  Defaults to ~/.pwn/pwn.yaml',
-    #   pwn_decryptor_path: 'optional - Path to pwn.decryptor.yaml file.  Defaults to ~/.pwn/pwn.decryptor.yaml'
+    # PWN::Config.refresh_env(
+    #   pwn_env_path: 'optional - Path to pwn.yaml file.  Defaults to ~/.pwn/pwn.yaml',
+    #   pwn_dec_path: 'optional - Path to pwn.decryptor.yaml file.  Defaults to ~/.pwn/pwn.decryptor.yaml'
     # )
 
-    public_class_method def self.refresh(opts = {})
-      pwn_config_root = "#{Dir.home}/.pwn"
-      FileUtils.mkdir_p(pwn_config_root)
+    public_class_method def self.refresh_env(opts = {})
+      pwn_env_root = "#{Dir.home}/.pwn"
+      FileUtils.mkdir_p(pwn_env_root)
 
-      pwn_config_path = opts[:pwn_config_path] ||= "#{pwn_config_root}/pwn.yaml"
-      return unless File.exist?(pwn_config_path)
+      pwn_env_path = opts[:pwn_env_path] ||= "#{pwn_env_root}/pwn.yaml"
+      return {} unless File.exist?(pwn_env_path)
 
-      is_encrypted = PWN::Plugins::Vault.file_encrypted?(file: pwn_config_path)
+      is_encrypted = PWN::Plugins::Vault.file_encrypted?(file: pwn_env_path)
 
       if is_encrypted
-        pwn_decryptor_path = opts[:pwn_decryptor_path] ||= "#{pwn_config_root}/pwn.decryptor.yaml"
-        raise "PWN Decryptor (#{pwn_decryptor_path}) does not exist!" unless File.exist?(pwn_decryptor_path)
+        pwn_dec_path = opts[:pwn_dec_path] ||= "#{pwn_env_root}/pwn.decryptor.yaml"
+        raise "PWN Decryptor (#{pwn_dec_path}) does not exist!" unless File.exist?(pwn_dec_path)
 
-        pwn_decryptor = YAML.load_file(pwn_decryptor_path, symbolize_names: true)
+        pwn_decryptor = YAML.load_file(pwn_dec_path, symbolize_names: true)
 
         key = opts[:key] ||= pwn_decryptor[:key] ||= ENV.fetch('PWN_DECRYPTOR_KEY')
         key = PWN::Plugins::AuthenticationHelper.mask_password(prompt: 'Decryption Key') if key.nil?
@@ -33,13 +33,13 @@ module PWN
         iv = opts[:iv] ||= pwn_decryptor[:iv] ||= ENV.fetch('PWN_DECRYPTOR_IV')
         iv = PWN::Plugins::AuthenticationHelper.mask_password(prompt: 'Decryption IV') if iv.nil?
 
-        config = PWN::Plugins::Vault.dump(
-          file: pwn_config_path,
+        env = PWN::Plugins::Vault.dump(
+          file: pwn_env_path,
           key: key,
           iv: iv
         )
       else
-        config = YAML.load_file(pwn_config_path, symbolize_names: true)
+        env = YAML.load_file(pwn_env_path, symbolize_names: true)
       end
 
       valid_ai_engines = %i[
@@ -48,14 +48,22 @@ module PWN
         ollama
       ]
 
-      engine = config[:ai][:active].to_s.downcase.to_sym
-      raise "ERROR: Unsupported AI Engine: #{engine} in #{pwn_config_path}.  Supported AI Engines:\n#{valid_ai_engines.inspect}" unless valid_ai_engines.include?(engine)
+      engine = env[:ai][:active].to_s.downcase.to_sym
+      raise "ERROR: Unsupported AI Engine: #{engine} in #{pwn_env_path}.  Supported AI Engines:\n#{valid_ai_engines.inspect}" unless valid_ai_engines.include?(engine)
 
-      model = config[:ai][engine][:model]
-      system_role_content = config[:ai][engine][:system_role_content]
+      key = env[:ai][engine][:key]
+      if key.nil?
+        key = PWN::Plugins::AuthenticationHelper.mask_password(
+          prompt: "#{engine} API Key"
+        )
+        env[:ai][engine][:key] = key
+      end
+
+      model = env[:ai][engine][:model]
+      system_role_content = env[:ai][engine][:system_role_content]
 
-      # Reset the ai response history on config refresh
-      config[:ai][engine][:response_history] = {
+      # Reset the ai response history on env refresh
+      env[:ai][engine][:response_history] = {
         id: '',
         object: '',
         model: model,
@@ -69,13 +77,36 @@ module PWN
       }
 
       # These two lines should be immutable for the session
-      config[:pwn_config_path] = pwn_config_path
-      config[:pwn_decryptor_path] = pwn_decryptor_path if is_encrypted
+      env[:pwn_env_path] = pwn_env_path
+      env[:pwn_dec_path] = pwn_dec_path if is_encrypted
 
       Pry.config.refresh = false if defined?(Pry)
 
-      PWN.send(:remove_const, :CONFIG) if PWN.const_defined?(:CONFIG)
-      PWN.const_set(:CONFIG, config)
+      PWN.send(:remove_const, :Env) if PWN.const_defined?(:Env)
+      PWN.const_set(:Env, env.freeze)
+    rescue StandardError => e
+      raise e
+    end
+
+    # Author(s):: 0day Inc. <support@0dayinc.com>
+
+    public_class_method def self.authors
+      "AUTHOR(S):
+        0day Inc. <support@0dayinc.com>
+      "
+    end
+
+    # Display Usage for this Module
+
+    public_class_method def self.help
+      puts "USAGE:
+        #{self}.refresh_env(
+          pwn_env_path: 'optional - Path to pwn.yaml file.  Defaults to ~/.pwn/pwn.yaml',
+          pwn_dec_path: 'optional - Path to pwn.decryptor.yaml file.  Defaults to ~/.pwn/pwn.decryptor.yaml'
+        )
+
+        #{self}.authors
+      "
     end
   end
 end

data/lib/pwn/plugins/repl.rb

@@ -18,7 +18,7 @@ module PWN
         mode = opts[:mode]
 
         proc do |_target_self, _nest_level, pi|
-          pi.config.pwn = PWN::Config.refresh(opts) if Pry.config.refresh
+          PWN::Config.refresh_env(opts) if Pry.config.refresh
 
           pi.config.pwn_repl_line += 1
           line_pad = format(
@@ -34,8 +34,8 @@ module PWN
           dchars = "\001\e[33m\002***\001\e[0m\002" if mode == :splat
 
           if pi.config.pwn_asm
-            arch = pi.config.pwn[:asm][:arch] ||= PWN::Plugins::DetectOS.arch
-            endian = pi.config.pwn[:asm][:endian] ||= PWN::Plugins::DetectOS.endian
+            arch = PWN::Env[:asm][:arch] ||= PWN::Plugins::DetectOS.arch
+            endian = PWN::Env[:asm][:endian] ||= PWN::Plugins::DetectOS.endian
 
             pi.config.prompt_name = "pwn.asm:#{arch}/#{endian}"
             name = "\001\e[1m\002\001\e[37m\002#{pi.config.prompt_name}\001\e[0m\002"
@@ -44,10 +44,10 @@ module PWN
           end
 
           if pi.config.pwn_ai
-            engine = pi.config.pwn[:ai][:active].to_s.downcase.to_sym
-            model = pi.config.pwn[:ai][engine][:model]
-            system_role_content = pi.config.pwn[:ai][engine][:system_role_content]
-            temp = pi.config.pwn[:ai][engine][:temp]
+            engine = PWN::Env[:ai][:active].to_s.downcase.to_sym
+            model = PWN::Env[:ai][engine][:model]
+            system_role_content = PWN::Env[:ai][engine][:system_role_content]
+            temp = PWN::Env[:ai][engine][:temp]
             pname = "pwn.ai:#{engine}"
             pname = "pwn.ai:#{engine}/#{model}" if model
             pname = "pwn.ai:#{engine}/#{model}.SPEAK" if pi.config.pwn_ai_speak
@@ -173,10 +173,10 @@ module PWN
 
             reply = nil
             response_history = nil
-            shared_chan = pi.config.pwn[:irc][:shared_chan]
+            shared_chan = PWN::Env[:irc][:shared_chan]
             mem_chan = '#mem'
-            ai_agents = pi.config.pwn[:irc][:ai_agent_nicks]
-            ai_agents_arr = pi.config.pwn[:irc][:ai_agent_nicks].keys
+            ai_agents = PWN::Env[:irc][:ai_agent_nicks]
+            ai_agents_arr = PWN::Env[:irc][:ai_agent_nicks].keys
             total_ai_agents = ai_agents_arr.length
             mutex = Mutex.new
             PWN::Plugins::ThreadPool.fill(
@@ -302,12 +302,12 @@ module PWN
                         next unless dm_agent == nick
 
                         response_history = ai_agents[dm_agent.to_sym][:response_history]
-                        engine = pi.config.pwn[:ai][:active].to_s.downcase.to_sym
-                        base_uri = pi.config.pwn[:ai][engine][:base_uri]
-                        key = pi.config.pwn[:ai][engine][:key] ||= ''
-                        temp = pi.config.pwn[:ai][engine][:temp]
-                        model = pi.config.pwn[:ai][engine][:model]
-                        system_role_content = pi.config.pwn[:ai][engine][:system_role_content]
+                        engine = PWN::Env[:ai][:active].to_s.downcase.to_sym
+                        base_uri = PWN::Env[:ai][engine][:base_uri]
+                        key = PWN::Env[:ai][engine][:key] ||= ''
+                        temp = PWN::Env[:ai][engine][:temp]
+                        model = PWN::Env[:ai][engine][:model]
+                        system_role_content = PWN::Env[:ai][engine][:system_role_content]
 
                         users_in_chan = PWN::Plugins::IRC.names(
                           irc_obj: irc_obj,
@@ -431,7 +431,7 @@ module PWN
 
             # TODO: Use TLS for IRC Connections
             # Use an IRC nCurses CLI Client
-            ui_nick = pi.config.pwn[:irc][:ui_nick]
+            ui_nick = PWN::Env[:irc][:ui_nick]
             join_channels = ai_agents_arr.map { |ai_chan| "##{ai_chan}" }.join(',')
 
             cmd0 = "/server add pwn #{host}/#{port} -notls"
@@ -460,24 +460,24 @@ module PWN
 
           def process
             pi = pry_instance
-            pwn_config_path = pi.config.pwn_config_path ||= "#{Dir.home}/.pwn/pwn.yaml"
-            unless File.exist?(pwn_config_path)
-              puts "ERROR: pwn.yaml not found: #{pwn_config_path}"
+            pwn_env_path = PWN::Env[:pwn_env_path] ||= "#{Dir.home}/.pwn/pwn.yaml"
+            unless File.exist?(pwn_env_path)
+              puts "ERROR: pwn environment file not found: #{pwn_env_path}"
               return
             end
 
-            pwn_decryptor_path = pi.config.pwn_decryptor_path ||= "#{Dir.home}/.pwn/pwn.decryptor.yaml"
-            unless File.exist?(pwn_decryptor_path)
-              puts "ERROR: pwn.decryptor.yaml not found: #{pwn_decryptor_path}"
+            pwn_dec_path = PWN::Env[:pwn_dec_path] ||= "#{Dir.home}/.pwn/pwn.decryptor.yaml"
+            unless File.exist?(pwn_dec_path)
+              puts "ERROR: pwn decryptor file not found: #{pwn_dec_path}"
               return
             end
 
-            decryptor = YAML.load_file(pwn_decryptor_path, symbolize_names: true)
+            decryptor = YAML.load_file(pwn_dec_path, symbolize_names: true)
             key = decryptor[:key]
             iv = decryptor[:iv]
 
             PWN::Plugins::Vault.edit(
-              file: pwn_config_path,
+              file: pwn_env_path,
               key: key,
               iv: iv
             )
@@ -530,20 +530,16 @@ module PWN
         # Define REPL Hooks
         # Welcome Banner Hook
         Pry.config.hooks.add_hook(:before_session, :welcome) do |output, _binding, _pi|
+          PWN::Config.refresh_env(opts)
           output.puts PWN::Banner.welcome
         end
 
-        # Initialize pwn.yaml Configuration using :before_session Hook
-        Pry.config.hooks.add_hook(:before_session, :init_opts) do |_output, _binding, pi|
-          pi.config.pwn = PWN::Config.refresh(opts)
-        end
-
         Pry.config.hooks.add_hook(:after_read, :pwn_asm_hook) do |request, pi|
           if pi.config.pwn_asm && !request.chomp.empty?
             request = pi.input.line_buffer
 
-            arch = pi.config.pwn[:asm][:arch]
-            endian = pi.config.pwn[:asm][:endian]
+            arch = PWN::Env[:asm][:arch]
+            endian = PWN::Env[:asm][:endian]
 
             # Analyze request to determine if it should be processed as opcodes or asm.
             straight_hex = /^[a-fA-F0-9\s]+$/
@@ -579,14 +575,14 @@ module PWN
           if pi.config.pwn_ai && !request.chomp.empty?
             request = pi.input.line_buffer.to_s
             debug = pi.config.pwn_ai_debug
-            engine = pi.config.pwn[:ai][:active].to_s.downcase.to_sym
-            base_uri = pi.config.pwn[:ai][engine][:base_uri]
-            key = pi.config.pwn[:ai][engine][:key] ||= ''
-            response_history = pi.config.pwn[:ai][engine][:response_history]
+            engine = PWN::Env[:ai][:active].to_s.downcase.to_sym
+            base_uri = PWN::Env[:ai][engine][:base_uri]
+            key = PWN::Env[:ai][engine][:key] ||= ''
+            response_history = PWN::Env[:ai][engine][:response_history]
             speak_answer = pi.config.pwn_ai_speak
-            model = pi.config.pwn[:ai][engine][:model]
-            system_role_content = pi.config.pwn[:ai][engine][:system_role_content]
-            temp = pi.config.pwn[:ai][engine][:temp]
+            model = PWN::Env[:ai][engine][:model]
+            system_role_content = PWN::Env[:ai][engine][:system_role_content]
+            temp = PWN::Env[:ai][engine][:temp]
 
             case engine
             when :grok
@@ -655,7 +651,7 @@ module PWN
               pp response_history
               puts "\nresponse_history[:choices] Length: #{response_history[:choices].length}\n" unless response_history.nil?
             end
-            pi.config.pwn[:ai][engine][:response_history] = response_history
+            PWN::Env[:ai][engine][:response_history] = response_history
           end
         end
       rescue StandardError => e
@@ -670,8 +666,8 @@ module PWN
       public_class_method def self.start(opts = {})
         # Monkey Patch Pry, add commands, && hooks
         PWN::Plugins::MonkeyPatch.pry
-        pwn_config_root = "#{Dir.home}/.pwn"
-        Pry.config.history_file = "#{pwn_config_root}/pwn_history"
+        pwn_env_root = "#{Dir.home}/.pwn"
+        Pry.config.history_file = "#{pwn_env_root}/pwn_history"
 
         add_commands
         add_hooks(opts)

data/lib/pwn/reports/sast.rb

@@ -25,17 +25,8 @@ module PWN
         }
         report_name = opts[:report_name] ||= File.basename(Dir.pwd)
 
-        ai_instrospection = PWN::CONFIG[:ai][:introspection]
-        if ai_instrospection
-          engine = PWN::CONFIG[:ai][:active].to_s.downcase.to_sym
-          base_uri = PWN::CONFIG[:ai][engine][:base_uri]
-          model = PWN::CONFIG[:ai][engine][:model]
-          key = PWN::CONFIG[:ai][engine][:key]
-          system_role_content = PWN::CONFIG[:ai][engine][:system_role_content]
-          temp = PWN::CONFIG[:ai][engine][:temp]
-
-          puts "Analyzing source code using AI engine: #{engine}\nModel: #{model}\nSystem Role Content: #{system_role_content}\nTemperature: #{temp}"
-        end
+        ai_instrospection = PWN::Env[:ai][:introspection]
+        puts "Analyzing source code using AI engine: #{engine}\nModel: #{model}\nSystem Role Content: #{system_role_content}\nTemperature: #{temp}" if ai_instrospection
 
         # Calculate percentage of AI analysis based on the number of entries
         total_entries = results_hash[:data].sum { |entry| entry[:line_no_and_contents].size }
@@ -63,44 +54,11 @@ module PWN
               line: line_no,
               source_code_snippet: source_code_snippet
             }.to_json
-            response = nil
             author = src_detail[:author].to_s.scrub.chomp.strip
 
-            if ai_instrospection
-              case engine
-              when :grok
-                response = PWN::AI::Grok.chat(
-                  base_uri: base_uri,
-                  token: key,
-                  model: model,
-                  system_role_content: system_role_content,
-                  temp: temp,
-                  request: request.chomp,
-                  spinner: false
-                )
-              when :ollama
-                response = PWN::AI::Ollama.chat(
-                  base_uri: base_uri,
-                  token: key,
-                  model: model,
-                  system_role_content: system_role_content,
-                  temp: temp,
-                  request: request.chomp,
-                  spinner: false
-                )
-              when :openai
-                response = PWN::AI::OpenAI.chat(
-                  base_uri: base_uri,
-                  token: key,
-                  model: model,
-                  system_role_content: system_role_content,
-                  temp: temp,
-                  request: request.chomp,
-                  spinner: false
-                )
-              end
-            end
-
+            # TODO: move PWN::AI::Introspection.reflect into each PWN::SAST::* module
+            # This will drastically speed up the overall SAST analysis process
+            response = PWN::AI::Introspection.reflect if ai_instrospection
             ai_analysis = nil
             if response.is_a?(Hash)
               ai_analysis = response[:choices].last[:text] if response[:choices].last.keys.include?(:text)

data/lib/pwn/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.5.431'
+  VERSION = '0.5.433'
 end

data/lib/pwn.rb

@@ -26,8 +26,8 @@ module PWN
   end
 
   # Initialize PWN configuration file
-  # PWN::CONFIG is the constant that stores the configuration data
-  PWN::Config.refresh
+  # PWN::Env is the constant that stores the configuration data
+  PWN::Config.refresh_env
 rescue StandardError => e
   puts e.backtrace
   raise e

data/spec/lib/pwn/ai/introspection_spec.rb

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe PWN::AI::Introspection do
+  it 'should display information for authors' do
+    authors_response = PWN::AI::Introspection
+    expect(authors_response).to respond_to :authors
+  end
+
+  it 'should display information for existing help method' do
+    help_response = PWN::AI::Introspection
+    expect(help_response).to respond_to :help
+  end
+end

data/spec/lib/pwn/config_spec.rb

@@ -7,4 +7,14 @@ describe PWN::Config do
     config_response = PWN::Config.refresh
     expect(config_response).not_to be_nil
   end
+
+  it 'should display information for authors' do
+    authors_response = PWN::Config
+    expect(authors_response).to respond_to :authors
+  end
+
+  it 'should display information for existing help method' do
+    help_response = PWN::Config
+    expect(help_response).to respond_to :help
+  end
 end

data/third_party/pwn_rdoc.jsonl

@@ -449,6 +449,7 @@
 {"messages":[{"role":"user","content":"PWN::Blockchain::ETH.get_block_details Usage"},{"role":"assistant","content":"`PWN::Blockchain::ETH.get_block_details`: Supported Method Parameters\n\nPWN::Blockchain::ETH.get_block_details(\n\nheight: 'required - block height number',\ntoken: 'optional - API token for higher rate limits'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Blockchain::ETH.get_latest_block Usage"},{"role":"assistant","content":"`PWN::Blockchain::ETH.get_latest_block`: Supported Method Parameters\n\nlatest_block = PWN::Blockchain::ETH.get_latest_block(\n\ntoken: 'optional - API token for higher rate limits'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Blockchain::ETH.help Usage"},{"role":"assistant","content":"`PWN::Blockchain::ETH.help`: "}]}
+{"messages":[{"role":"user","content":"PWN::Config.refresh Usage"},{"role":"assistant","content":"`PWN::Config.refresh`: Supported Method Parameters\n\nPWN::Config.refresh(\n\npwn_config_path: 'optional - Path to pwn.yaml file.  Defaults to ~/.pwn/pwn.yaml',\npwn_decryptor_path: 'optional - Path to pwn.decryptor.yaml file.  Defaults to ~/.pwn/pwn.decryptor.yaml'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::FFI.help Usage"},{"role":"assistant","content":"`PWN::FFI.help`: "}]}
 {"messages":[{"role":"user","content":"PWN::FFI::Stdio.authors Usage"},{"role":"assistant","content":"`PWN::FFI::Stdio.authors`: Author(s)\n\n0day Inc. <support@0dayinc.com>\n"}]}
 {"messages":[{"role":"user","content":"PWN::FFI::Stdio.help Usage"},{"role":"assistant","content":"`PWN::FFI::Stdio.help`: "}]}
@@ -1034,7 +1035,6 @@
 {"messages":[{"role":"user","content":"PWN::Plugins::Vault.encrypt Usage"},{"role":"assistant","content":"`PWN::Plugins::Vault.encrypt`: Supported Method Parameters\n\nPWN::Plugins::Vault.encrypt(\n\nfile: 'required - file to encrypt',\nkey: 'required - key to decrypt',\niv: 'required - iv to decrypt'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::Vault.file_encrypted? Usage"},{"role":"assistant","content":"`PWN::Plugins::Vault.file_encrypted?`: Supported Method Parameters\n\nPWN::Plugins::Vault.file_encrypted?(\n\nfile: 'required - file to check if encrypted'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::Vault.help Usage"},{"role":"assistant","content":"`PWN::Plugins::Vault.help`: "}]}
-{"messages":[{"role":"user","content":"PWN::Plugins::Vault.refresh_config_for_repl Usage"},{"role":"assistant","content":"`PWN::Plugins::Vault.refresh_config_for_repl`: Supported Method Parameters\n\nPWN::Plugins::Vault.refresh_config_for_repl(\n\n  yaml_config_path: 'required - full path to pwn.yaml file',\n  pi: 'optional - Pry instance (default: Pry)',\n  yaml_decryptor_path: 'optional - full path to decryption YAML file'\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::Vault.refresh_encryption_secrets Usage"},{"role":"assistant","content":"`PWN::Plugins::Vault.refresh_encryption_secrets`: Supported Method Parameters\n\nPWN::Plugins::Vault.refresh_encryption_secrets(\n\nfile: 'required - file to encrypt with new key and iv',\nkey: 'required - key to decrypt',\niv: 'required - iv to decrypt'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::Voice.authors Usage"},{"role":"assistant","content":"`PWN::Plugins::Voice.authors`: Author(s)\n\n0day Inc. <support@0dayinc.com>\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::Voice.help Usage"},{"role":"assistant","content":"`PWN::Plugins::Voice.help`: "}]}
@@ -1081,7 +1081,7 @@
 {"messages":[{"role":"user","content":"PWN::Reports::Phone.generate Usage"},{"role":"assistant","content":"`PWN::Reports::Phone.generate`: Supported Method Parameters\n\nPWN::Reports::Phone.generate(\n\ndir_path: dir_path,\nresults_hash: results_hash\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Reports::Phone.help Usage"},{"role":"assistant","content":"`PWN::Reports::Phone.help`: "}]}
 {"messages":[{"role":"user","content":"PWN::Reports::SAST.authors Usage"},{"role":"assistant","content":"`PWN::Reports::SAST.authors`: Author(s)\n\n0day Inc. <support@0dayinc.com>\n"}]}
-{"messages":[{"role":"user","content":"PWN::Reports::SAST.generate Usage"},{"role":"assistant","content":"`PWN::Reports::SAST.generate`: Supported Method Parameters\n\nPWN::Reports::SAST.generate(\n\ndir_path: 'optional - Directory path to save the report (defaults to .)',\nresults_hash: 'optional - Hash containing the results of the SAST analysis (defaults to empty hash structure)',\nreport_name: 'optional - Name of the report file (defaults to current directory name)',\nai_engine: 'optional - AI engine to use for analysis (:grok, :ollama, or :openai)',\nai_model: 'optionnal - AI Model to Use for Respective AI Engine (e.g., grok-4i-0709, chargpt-4o-latest, llama-3.1, etc.)',\nai_key: 'optional -  AI Key/Token for Respective AI Engine',\nai_base_uri: 'optional -  AI FQDN (Only Required for \"ollama\" AI Engine)',\nai_system_role_content: 'optional - AI System Role Content (Defaults to \"Confidence score of 0-10 this is vulnerable (0 being not vulnerable, moving upwards in confidence of exploitation). Provide additional context to assist penetration tester assessment.\")',\nai_temp: 'optional - AI Temperature (Defaults to 0.1)'\n\n)\n"}]}
+{"messages":[{"role":"user","content":"PWN::Reports::SAST.generate Usage"},{"role":"assistant","content":"`PWN::Reports::SAST.generate`: Supported Method Parameters\n\nPWN::Reports::SAST.generate(\n\ndir_path: 'optional - Directory path to save the report (defaults to .)',\nresults_hash: 'optional - Hash containing the results of the SAST analysis (defaults to empty hash structure)',\nreport_name: 'optional - Name of the report file (defaults to current directory name)'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Reports::SAST.help Usage"},{"role":"assistant","content":"`PWN::Reports::SAST.help`: "}]}
 {"messages":[{"role":"user","content":"PWN::Reports::URIBuster.authors Usage"},{"role":"assistant","content":"`PWN::Reports::URIBuster.authors`: Author(s)\n\n0day Inc. <support@0dayinc.com>\n"}]}
 {"messages":[{"role":"user","content":"PWN::Reports::URIBuster.generate Usage"},{"role":"assistant","content":"`PWN::Reports::URIBuster.generate`: Supported Method Parameters\n\nPWN::Reports::URIBuster.generate(\n\ndir_path: dir_path,\nresults_hash: results_hash\n\n)\n"}]}

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.5.431
+  version: 0.5.433
 platform: ruby
 authors:
 - 0day Inc.
@@ -841,14 +841,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 6.14.2
+        version: 6.15.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 6.14.2
+        version: 6.15.0
 - !ruby/object:Gem::Dependency
   name: rest-client
   requirement: !ruby/object:Gem::Requirement
@@ -1720,6 +1720,7 @@ files:
 - lib/pwn.rb
 - lib/pwn/ai.rb
 - lib/pwn/ai/grok.rb
+- lib/pwn/ai/introspection.rb
 - lib/pwn/ai/ollama.rb
 - lib/pwn/ai/open_ai.rb
 - lib/pwn/aws.rb
@@ -2068,6 +2069,7 @@ files:
 - pwn.gemspec
 - reinstall_pwn_gemset.sh
 - spec/lib/pwn/ai/grok_spec.rb
+- spec/lib/pwn/ai/introspection_spec.rb
 - spec/lib/pwn/ai/ollama_spec.rb
 - spec/lib/pwn/ai/open_ai_spec.rb
 - spec/lib/pwn/ai_spec.rb