pwn 0.5.451 → 0.5.454

data/lib/pwn/config.rb

@@ -7,8 +7,44 @@ module PWN
   # Used to manage PWN configuration settings within PWN drivers.
   module Config
     # Supported Method Parameters::
-    # env = PWN::Config.minimal_env
-    public_class_method def self.minimal_env(opts = {})
+    # PWN::Config.redact_sensitive_artifacts(
+    #   config: 'optional - Hash to redact sensitive artifacts from.  Defaults to PWN::Env'
+    # )
+    public_class_method def self.redact_sensitive_artifacts(opts = {})
+      config = opts[:config] ||= PWN::Env
+
+      sensitive_keys = %i[api_key key paswword psks token]
+
+      # Transform values at the current level: redact sensitive keys
+      config.transform_values.with_index do |v, k|
+        if sensitive_keys.include?(config.keys[k])
+          '>>> REDACTED >>> USE `pwn-vault` FOR ADMINISTRATION <<< REDACTED <<<'
+        else
+          v.is_a?(Hash) ? redact_sensitive_artifacts(config: v) : v
+        end
+      end
+    rescue StandardError => e
+      raise e
+    end
+
+    # Supported Method Parameters::
+    # env = PWN::Config.init_driver_options
+    public_class_method def self.init_driver_options
+      env = {
+        driver_opts: {
+          pwn_env_path: nil,
+          pwn_dec_path: nil
+        }
+      }
+      PWN.const_set(:Env, env)
+      # puts '[*] Loaded driver options.'
+    rescue StandardError => e
+      raise e
+    end
+
+    # Supported Method Parameters::
+    # env = PWN::Config.default_env
+    public_class_method def self.default_env(opts = {})
       pwn_env_path = opts[:pwn_env_path]
       pwn_dec_path = "#{File.dirname(pwn_env_path)}/pwn.decryptor.yaml"
 
@@ -50,45 +86,47 @@ module PWN
             temp: 'optional - Ollama temperature'
           }
         },
-        asm: { arch: PWN::Plugins::DetectOS.arch, endian: PWN::Plugins::DetectOS.endian },
-        blockchain: {
-          bitcoin: {
-            rpc_host: 'localhost',
-            rpc_port: 8332,
-            rpc_user: 'bitcoin RPC Username',
-            rpc_pass: 'bitcoin RPC Password'
-          }
-        },
-        irc: {
-          ui_nick: '_human_',
-          shared_chan: '#pwn',
-          ai_agent_nicks: {
-            browser: {
-              pwn_rb: '/opt/pwn/lib/pwn/plugins/transparent_browser.rb',
-              system_role_content: 'You are a browser.  You are a web browser that can be controlled by a human or AI agent'
-            },
-            nimjeh: {
-              pwn_rb: '',
-              system_role_content: 'You are a sarcastic hacker.  You find software zero day vulnerabilities. This involves analyzing source code, race conditions, application binaries, and network protocols from an offensive security perspective.'
-            },
-            nmap: {
-              pwn_rb: '/opt/pwn/lib/pwn/plugins/nmap_it.rb',
-              system_role_content: 'You are a network scanner.  You are a network scanner that can be controlled by a human or AI agent'
-            },
-            shodan: {
-              pwn_rb: '/opt/pwn/lib/pwn/plugins/shodan.rb',
-              system_role_content: 'You are a passive reconnaissance agent.  You are a passive reconnaissance agent that can be controlled by a human or AI agent'
+        plugins: {
+          asm: { arch: PWN::Plugins::DetectOS.arch, endian: PWN::Plugins::DetectOS.endian },
+          blockchain: {
+            bitcoin: {
+              rpc_host: 'localhost',
+              rpc_port: 8332,
+              rpc_user: 'bitcoin RPC Username',
+              rpc_pass: 'bitcoin RPC Password'
             }
-          }
-        },
-        hunter: { api_key: 'hunter.how API Key' },
-        meshtastic: {
-          psks: {
-            LongFast: 'AQ==',
-            PWN: 'required - PSK for pwn channel'
-          }
-        },
-        shodan: { api_key: 'SHODAN API Key' }
+          },
+          irc: {
+            ui_nick: '_human_',
+            shared_chan: '#pwn',
+            ai_agent_nicks: {
+              browser: {
+                pwn_rb: '/opt/pwn/lib/pwn/plugins/transparent_browser.rb',
+                system_role_content: 'You are a browser.  You are a web browser that can be controlled by a human or AI agent'
+              },
+              nimjeh: {
+                pwn_rb: '',
+                system_role_content: 'You are a sarcastic hacker.  You find software zero day vulnerabilities. This involves analyzing source code, race conditions, application binaries, and network protocols from an offensive security perspective.'
+              },
+              nmap: {
+                pwn_rb: '/opt/pwn/lib/pwn/plugins/nmap_it.rb',
+                system_role_content: 'You are a network scanner.  You are a network scanner that can be controlled by a human or AI agent'
+              },
+              shodan: {
+                pwn_rb: '/opt/pwn/lib/pwn/plugins/shodan.rb',
+                system_role_content: 'You are a passive reconnaissance agent.  You are a passive reconnaissance agent that can be controlled by a human or AI agent'
+              }
+            }
+          },
+          hunter: { api_key: 'hunter.how API Key' },
+          meshtastic: {
+            psks: {
+              LongFast: 'AQ==',
+              PWN: 'required - PSK for pwn channel'
+            }
+          },
+          shodan: { api_key: 'SHODAN API Key' }
+        }
       }
       # Remove beginning colon from key names
       yaml_env = YAML.dump(env).gsub(/^(\s*):/, '\1')
@@ -122,7 +160,7 @@ module PWN
       FileUtils.mkdir_p(pwn_env_root)
 
       pwn_env_path = opts[:pwn_env_path] ||= "#{pwn_env_root}/pwn.yaml"
-      return minimal_env(pwn_env_path: pwn_env_path) unless File.exist?(pwn_env_path)
+      return default_env(pwn_env_path: pwn_env_path) unless File.exist?(pwn_env_path)
 
       is_encrypted = PWN::Plugins::Vault.file_encrypted?(file: pwn_env_path)
 
@@ -183,9 +221,18 @@ module PWN
         pwn_dec_path: pwn_dec_path
       }
 
-      Pry.config.refresh_pwn_env = false if defined?(Pry)
+      # Assign the refreshed env to PWN::Env
       PWN.send(:remove_const, :Env) if PWN.const_defined?(:Env)
       PWN.const_set(:Env, env.freeze)
+
+      # Redact sensitive artifacts from PWN::Env and store in PWN::EnvRedacted
+      env_redacted = redact_sensitive_artifacts(config: env)
+      PWN.send(:remove_const, :EnvRedacted) if PWN.const_defined?(:EnvRedacted)
+      PWN.const_set(:EnvRedacted, env_redacted.freeze)
+
+      Pry.config.refresh_pwn_env = false if defined?(Pry)
+
+      puts "[*] PWN::Env loaded via: #{pwn_env_path}\n"
     rescue StandardError => e
       raise e
     end
@@ -202,7 +249,7 @@ module PWN
 
     public_class_method def self.help
       puts "USAGE:
-        #{self}.minimal_env(
+        #{self}.default_env(
           pwn_env_path: 'optional - Path to pwn.yaml file.  Defaults to ~/.pwn/pwn.yaml'
         )
 

data/lib/pwn/driver.rb

@@ -0,0 +1,85 @@
+# frozen_string_literal: true
+
+require 'optparse'
+
+module PWN
+  # Used to consume options passed into PWN drivers and load PWN::Env
+  class Driver
+    # Add OptionParser options to PWN::Env
+    class Parser < OptionParser
+      attr_accessor :auto_opts_help,
+                    :opts
+
+      def initialize
+        super
+        @opts = PWN::Env[:driver_opts]
+        @auto_opts_help = true
+
+        banner = "USAGE: #{File.basename($PROGRAM_NAME)} [opts]\n"
+        on(
+          '-YPATH',
+          '--pwn_env=PATH',
+          '<Optional - PWN::Env YAML file path (Default: ~/.pwn/pwn.yaml)>'
+        ) do |o|
+          @opts[:pwn_env_path] = o
+        end
+        on(
+          '-ZPATH',
+          '--pwn_dec=PATH',
+          '<Optional - Out-of-Band YAML file path (Default: ~/.pwn/pwn.decryptor.yaml)>'
+        ) do |o|
+          @opts[:pwn_dec_path] = o
+        end
+      end
+
+      def parse!
+        super(ARGV, into: @opts)
+        # puts @opts
+
+        PWN::Config.refresh_env(
+          pwn_env_path: @opts[:pwn_env_path],
+          pwn_dec_path: @opts[:pwn_dec_path]
+        )
+
+        if @auto_opts_help && @opts.keys.join(' ') == 'pwn_env_path pwn_dec_path'
+          puts `#{File.basename($PROGRAM_NAME)} --help`
+          exit 1
+        end
+      end
+    end
+
+    # Author(s):: 0day Inc. <support@0dayinc.com>
+
+    public_class_method def self.authors
+      "AUTHOR(S):
+        0day Inc. <support@0dayinc.com>
+      "
+    end
+
+    # Display Usage for this Module
+
+    public_class_method def self.help
+      puts "USAGE:
+        # Load default driver options into PWN::Env
+        opts = PWN::Env[:driver_opts]
+        #{self}::Parser.new.parse(&:on).parse!
+
+        # Add more options by passing a block to the parser
+        opts = PWN::Env[:driver_opts]
+        #{self}::Parser.new do |options|
+          # Boolean option
+          options.on('-b', '--boolean') do |o|
+            opts[:boolean] = o
+          end
+
+          # String option
+          options.on('-sSTRING', '--string=STRING') do |o|
+            opts[:string] = o
+          end
+        end.parse!
+
+        #{self}.authors
+      "
+    end
+  end
+end

data/lib/pwn/plugins/assembly.rb

@@ -25,6 +25,12 @@ module PWN
 
         raise 'ERROR: opcodes parameter is required.' if opcodes.nil?
 
+        system_role_content = "Analyze the #{endian} endian #{arch} assembly opcodes below and provide a concise summary of their functionality."
+        ai_analysis = PWN::AI::Introspection.reflect_on(
+          request: opcodes,
+          system_role_content: system_role_content
+        )
+
         case arch.to_s.downcase
         when 'i386', 'i686', 'x86'
           arch_obj = Metasm::Ia32.new(endian)
@@ -109,7 +115,7 @@ module PWN
         opcodes = [opcodes].pack('H*')
         # puts opcodes.inspect
 
-        Metasm::Shellcode.disassemble(arch_obj, opcodes).to_s.squeeze("\n")
+        "#{ai_analysis}\n\n* Assembly Instructions >>>#{Metasm::Shellcode.disassemble(arch_obj, opcodes).to_s.squeeze("\n")}\n"
       rescue StandardError => e
         raise e
       end
@@ -131,6 +137,12 @@ module PWN
 
         raise 'ERROR: asm parameter is required.' if asm.nil?
 
+        system_role_content = "Analyze the #{endian} endian #{arch} assembly instructions below and provide a concise summary of their functionality."
+        ai_analysis = PWN::AI::Introspection.reflect_on(
+          request: asm,
+          system_role_content: system_role_content
+        )
+
         case arch.to_s.downcase
         when 'i386', 'i686', 'x86'
           arch_obj = Metasm::Ia32.new(endian)
@@ -175,9 +187,8 @@ module PWN
         end
 
         opcodes = Metasm::Shellcode.assemble(arch_obj, asm).encode_string
-        hex_encoded_opcodes = opcodes.bytes.map { |b| format('\x%02x', b) }.join
 
-        "\n#{hex_encoded_opcodes}\n"
+        "#{ai_analysis}\n\n* Hex-Escaped Opcodes >>>\n#{opcodes.bytes.map { |b| format('\x%02x', b) }.join}\n"
       rescue Metasm::ParseError
         puts "Invalid assembly instruction(s) provided:\n#{asm}"
         # Should we try to call opcode_to_asm here or just raise the error?

data/lib/pwn/plugins/repl.rb

@@ -34,8 +34,8 @@ module PWN
           dchars = "\001\e[33m\002***\001\e[0m\002" if mode == :splat
 
           if pi.config.pwn_asm
-            arch = PWN::Env[:asm][:arch] ||= PWN::Plugins::DetectOS.arch
-            endian = PWN::Env[:asm][:endian] ||= PWN::Plugins::DetectOS.endian
+            arch = PWN::Env[:plugins][:asm][:arch] ||= PWN::Plugins::DetectOS.arch
+            endian = PWN::Env[:plugins][:asm][:endian] ||= PWN::Plugins::DetectOS.endian
 
             pi.config.prompt_name = "pwn.asm:#{arch}/#{endian}"
             name = "\001\e[1m\002\001\e[37m\002#{pi.config.prompt_name}\001\e[0m\002"
@@ -173,10 +173,10 @@ module PWN
 
             reply = nil
             response_history = nil
-            shared_chan = PWN::Env[:irc][:shared_chan]
+            shared_chan = PWN::Env[:plugins][:irc][:shared_chan]
             mem_chan = '#mem'
-            ai_agents = PWN::Env[:irc][:ai_agent_nicks]
-            ai_agents_arr = PWN::Env[:irc][:ai_agent_nicks].keys
+            ai_agents = PWN::Env[:plugins][:irc][:ai_agent_nicks]
+            ai_agents_arr = PWN::Env[:plugins][:irc][:ai_agent_nicks].keys
             total_ai_agents = ai_agents_arr.length
             mutex = Mutex.new
             PWN::Plugins::ThreadPool.fill(
@@ -303,11 +303,6 @@ module PWN
 
                         response_history = ai_agents[dm_agent.to_sym][:response_history]
                         engine = PWN::Env[:ai][:active].to_s.downcase.to_sym
-                        base_uri = PWN::Env[:ai][engine][:base_uri]
-                        key = PWN::Env[:ai][engine][:key] ||= ''
-                        temp = PWN::Env[:ai][engine][:temp]
-                        model = PWN::Env[:ai][engine][:model]
-                        system_role_content = PWN::Env[:ai][engine][:system_role_content]
 
                         users_in_chan = PWN::Plugins::IRC.names(
                           irc_obj: irc_obj,
@@ -319,55 +314,21 @@ module PWN
                           chan: shared_chan
                         )
 
-                        system_role_content = "
-                          #{system_role_content}
-                          You joined the IRC channel #{shared_chan}
-                          with the following users: #{users_in_shared_chan}
-                        "
-
-                        system_role_content = "
-                          #{system_role_content}
-                          You also joined your own IRC channel #{chan}
-                          with the following users: #{users_in_chan}
-                        "
-
-                        system_role_content = "
-                          #{system_role_content}
-                          You can dm/collaborate/speak with users to
-                          achieve your goals using '@<nick>' in your
-                          message.
-                        "
-
                         case engine
                         when :grok
                           response = PWN::AI::Grok.chat(
-                            base_uri: base_uri,
-                            token: key,
-                            model: model,
-                            temp: temp,
-                            system_role_content: system_role_content,
                             request: request,
                             response_history: response_history,
                             spinner: false
                           )
                         when :ollama
                           response = PWN::AI::Ollama.chat(
-                            base_uri: base_uri,
-                            token: key,
-                            model: model,
-                            temp: temp,
-                            system_role_content: system_role_content,
                             request: request,
                             response_history: response_history,
                             spinner: false
                           )
                         when :openai
                           response = PWN::AI::OpenAI.chat(
-                            base_uri: base_uri,
-                            token: key,
-                            model: model,
-                            temp: temp,
-                            system_role_content: system_role_content,
                             request: request,
                             response_history: response_history,
                             spinner: false
@@ -431,7 +392,7 @@ module PWN
 
             # TODO: Use TLS for IRC Connections
             # Use an IRC nCurses CLI Client
-            ui_nick = PWN::Env[:irc][:ui_nick]
+            ui_nick = PWN::Env[:plugins][:irc][:ui_nick]
             join_channels = ai_agents_arr.map { |ai_chan| "##{ai_chan}" }.join(',')
 
             cmd0 = "/server add pwn #{host}/#{port} -notls"
@@ -528,6 +489,7 @@ module PWN
         # Define REPL Hooks
         # Welcome Banner Hook
         Pry.config.hooks.add_hook(:before_session, :welcome) do |output, _binding, _pi|
+          Pry.config.refresh_pwn_env = false
           output.puts PWN::Banner.welcome
         end
 
@@ -535,8 +497,8 @@ module PWN
           if pi.config.pwn_asm && !request.chomp.empty?
             request = pi.input.line_buffer
 
-            arch = PWN::Env[:asm][:arch]
-            endian = PWN::Env[:asm][:endian]
+            arch = PWN::Env[:plugins][:asm][:arch]
+            endian = PWN::Env[:plugins][:asm][:endian]
 
             # Analyze request to determine if it should be processed as opcodes or asm.
             straight_hex = /^[a-fA-F0-9\s]+$/
@@ -573,22 +535,12 @@ module PWN
             request = pi.input.line_buffer.to_s
             debug = pi.config.pwn_ai_debug
             engine = PWN::Env[:ai][:active].to_s.downcase.to_sym
-            base_uri = PWN::Env[:ai][engine][:base_uri]
-            key = PWN::Env[:ai][engine][:key] ||= ''
             response_history = PWN::Env[:ai][engine][:response_history]
             speak_answer = pi.config.pwn_ai_speak
-            model = PWN::Env[:ai][engine][:model]
-            system_role_content = PWN::Env[:ai][engine][:system_role_content]
-            temp = PWN::Env[:ai][engine][:temp]
 
             case engine
             when :grok
               response = PWN::AI::Grok.chat(
-                base_uri: base_uri,
-                token: key,
-                model: model,
-                system_role_content: system_role_content,
-                temp: temp,
                 request: request.chomp,
                 response_history: response_history,
                 speak_answer: speak_answer,
@@ -596,11 +548,6 @@ module PWN
               )
             when :ollama
               response = PWN::AI::Ollama.chat(
-                base_uri: base_uri,
-                token: key,
-                model: model,
-                system_role_content: system_role_content,
-                temp: temp,
                 request: request.chomp,
                 response_history: response_history,
                 speak_answer: speak_answer,
@@ -608,11 +555,6 @@ module PWN
               )
             when :openai
               response = PWN::AI::OpenAI.chat(
-                base_uri: base_uri,
-                token: key,
-                model: model,
-                system_role_content: system_role_content,
-                temp: temp,
                 request: request.chomp,
                 response_history: response_history,
                 speak_answer: speak_answer,
@@ -656,11 +598,11 @@ module PWN
       end
 
       # Supported Method Parameters::
-      # PWN::Plugins::REPL.start(
-      #   opts: 'required - Hash object passed in via pwn OptParser'
-      # )
+      # PWN::Plugins::REPL.start
+
+      public_class_method def self.start
+        opts = PWN::Env[:driver_opts]
 
-      public_class_method def self.start(opts = {})
         # Monkey Patch Pry, add commands, && hooks
         PWN::Plugins::MonkeyPatch.pry
         pwn_env_root = "#{Dir.home}/.pwn"
@@ -705,13 +647,9 @@ module PWN
 
           #{self}.add_commands
 
-          #{self}.add_hooks(
-            opts: 'required - Hash object passed in via pwn OptParser'
-          )
+          #{self}.add_hooks
 
-          #{self}.start(
-            opts: 'required - Hash object passed in via pwn OptParser'
-          )
+          #{self}.start
 
           #{self}.authors
         "