pwn 0.5.503 → 0.5.505
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.rubocop.yml +1 -1
- data/Gemfile +1 -1
- data/README.md +3 -3
- data/lib/pwn/plugins/burp_suite.rb +213 -90
- data/lib/pwn/version.rb +1 -1
- data/third_party/pwn_rdoc.jsonl +8 -3
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: bee5101dd6376bc129ed438a7e5afdf0fb2fb71612ff4663aa9747b9b538c639
|
|
4
|
+
data.tar.gz: ceac8682de6d7347a350ed8fd3598f371c6a4d1df107f471920bfd8ca7da8520
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 4791d10076ceda124e859a7cc92efa78822ede231a3d47acd05e5cd80526aff75d3679f857d2a0c89e52245191fb1f5b211c74e415e3307325f9e8e1f19be331
|
|
7
|
+
data.tar.gz: d039ccf4f5b7ee4fafa39b444fccf29ded52d294d70ef29f4b8df16f170328896885ef9babd5dd0b19588bcbbe24a63bd79f7cab739819e0cad1343e7a2d9d46
|
data/.rubocop.yml
CHANGED
data/Gemfile
CHANGED
data/README.md
CHANGED
|
@@ -37,7 +37,7 @@ $ cd /opt/pwn
|
|
|
37
37
|
$ ./install.sh
|
|
38
38
|
$ ./install.sh ruby-gem
|
|
39
39
|
$ pwn
|
|
40
|
-
pwn[v0.5.
|
|
40
|
+
pwn[v0.5.505]:001 >>> PWN.help
|
|
41
41
|
```
|
|
42
42
|
|
|
43
43
|
[](https://youtu.be/G7iLUY4FzsI)
|
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.4.4@pwn
|
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
|
53
53
|
$ gem install --verbose pwn
|
|
54
54
|
$ pwn
|
|
55
|
-
pwn[v0.5.
|
|
55
|
+
pwn[v0.5.505]:001 >>> PWN.help
|
|
56
56
|
```
|
|
57
57
|
|
|
58
58
|
If you're using a multi-user install of RVM do:
|
|
@@ -62,7 +62,7 @@ $ rvm use ruby-3.4.4@pwn
|
|
|
62
62
|
$ rvmsudo gem uninstall --all --executables pwn
|
|
63
63
|
$ rvmsudo gem install --verbose pwn
|
|
64
64
|
$ pwn
|
|
65
|
-
pwn[v0.5.
|
|
65
|
+
pwn[v0.5.505]:001 >>> PWN.help
|
|
66
66
|
```
|
|
67
67
|
|
|
68
68
|
PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
|
|
@@ -46,7 +46,7 @@ module PWN
|
|
|
46
46
|
# Supported Method Parameters::
|
|
47
47
|
# burp_obj = PWN::Plugins::BurpSuite.init_introspection_thread(
|
|
48
48
|
# burp_obj: 'required - burp_obj returned by #start method',
|
|
49
|
-
#
|
|
49
|
+
# type: 'required - type of history to introspect (:sitemap, :proxy_history, :websocket_history)'
|
|
50
50
|
# )
|
|
51
51
|
private_class_method def self.init_introspection_thread(opts = {})
|
|
52
52
|
# if PWN::Env[:ai][:introspection] is true,
|
|
@@ -60,12 +60,17 @@ module PWN
|
|
|
60
60
|
burp_obj = opts[:burp_obj]
|
|
61
61
|
raise 'ERROR: burp_obj parameter is required' unless burp_obj.is_a?(Hash)
|
|
62
62
|
|
|
63
|
+
valid_types = %i[sitemap proxy_history websocket_history]
|
|
64
|
+
type = opts[:type]
|
|
65
|
+
raise "ERROR: type parameter is required and must be one of: #{valid_types.join(', ')}" unless valid_types.include?(type)
|
|
66
|
+
|
|
63
67
|
if PWN::Env[:ai][:introspection]
|
|
68
|
+
introspection_thread_arr = burp_obj[:introspection_threads] ||= []
|
|
64
69
|
introspection_thread = Thread.new do
|
|
65
70
|
system_role_content = '
|
|
66
|
-
Your expertise lies in dissecting HTTP request/response pairs to identify high-impact vulnerabilities, including but not limited to XSS (reflected, stored, DOM-based), CSRF, SSRF, IDOR, open redirects, CORS misconfigurations, authentication bypasses, SQLi/NoSQLi, command/code injection, business logic flaws, and API abuse. You prioritize zero-days and novel chains, always focusing on exploitability, impact (e.g., account takeover, data exfiltration, RCE), and reproducibility.
|
|
71
|
+
Your expertise lies in dissecting HTTP request/response pairs and WebSocket messages to identify high-impact vulnerabilities, including but not limited to XSS (reflected, stored, DOM-based), CSRF, SSRF, IDOR, open redirects, CORS misconfigurations, authentication bypasses, SQLi/NoSQLi, command/code injection, business logic flaws, race conditions, and API abuse. You prioritize zero-days and novel chains, always focusing on exploitability, impact (e.g., account takeover, data exfiltration, RCE), and reproducibility.
|
|
67
72
|
|
|
68
|
-
|
|
73
|
+
During analysis:
|
|
69
74
|
|
|
70
75
|
1. **Parse and Contextualize Traffic**:
|
|
71
76
|
- Break down every element: HTTP method, URI (path, query parameters), headers (e.g., Host, User-Agent, Cookies, Authorization, Referer, Origin, Content-Type), request body (e.g., form data, JSON payloads), response status code, response headers, and response body (HTML, JSON, XML, etc.).
|
|
@@ -119,95 +124,128 @@ module PWN
|
|
|
119
124
|
highlight_color
|
|
120
125
|
end
|
|
121
126
|
|
|
122
|
-
proxy_history = []
|
|
123
127
|
loop do
|
|
124
|
-
# TODO: Implement
|
|
125
|
-
# Sitemap should work the same as proxy history.
|
|
128
|
+
# TODO: Implement repeater into the loop? This reduces load to LLM but is slooow.
|
|
126
129
|
# Repeater should analyze the reqesut/response pair and suggest
|
|
127
|
-
# modifications to the request to further probe for vulnerabilities.
|
|
128
|
-
|
|
129
|
-
sitemap
|
|
130
|
-
|
|
131
|
-
|
|
132
|
-
|
|
133
|
-
|
|
134
|
-
|
|
135
|
-
|
|
136
|
-
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
|
|
140
|
-
|
|
141
|
-
|
|
142
|
-
|
|
143
|
-
|
|
144
|
-
|
|
145
|
-
proxy_entry
|
|
146
|
-
|
|
147
|
-
proxy_entry[:
|
|
130
|
+
# modifications to the request to further probe for vulnerabilities _quickly_.
|
|
131
|
+
case type
|
|
132
|
+
when :sitemap
|
|
133
|
+
proxy_history = get_proxy_history(burp_obj: burp_obj)
|
|
134
|
+
sitemap = get_sitemap(burp_obj: burp_obj)
|
|
135
|
+
sitemap.each do |entry|
|
|
136
|
+
next unless entry.key?(:comment) && entry[:comment].to_s.strip.empty?
|
|
137
|
+
|
|
138
|
+
request = entry[:request]
|
|
139
|
+
response = entry[:response]
|
|
140
|
+
host = entry[:http_service][:host]
|
|
141
|
+
port = entry[:http_service][:port]
|
|
142
|
+
protocol = entry[:http_service][:protocol]
|
|
143
|
+
next if request.nil? || response.nil? || host.nil? || port.nil? || protocol.nil?
|
|
144
|
+
|
|
145
|
+
proxy_history_entry = nil
|
|
146
|
+
if proxy_history.any?
|
|
147
|
+
proxy_history_entry = proxy_history.find do |proxy_entry|
|
|
148
|
+
next unless proxy_entry.key?(:http_service) && proxy_entry.key?(:request)
|
|
149
|
+
|
|
150
|
+
proxy_entry[:http_service][:host] == host &&
|
|
151
|
+
proxy_entry[:http_service][:port] == port &&
|
|
152
|
+
proxy_entry[:http_service][:protocol] == protocol &&
|
|
153
|
+
proxy_entry[:request] == entry[:request]
|
|
154
|
+
end
|
|
148
155
|
end
|
|
149
|
-
end
|
|
150
156
|
|
|
151
|
-
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
|
|
155
|
-
|
|
156
|
-
|
|
157
|
-
|
|
158
|
-
|
|
159
|
-
|
|
160
|
-
|
|
161
|
-
|
|
157
|
+
if proxy_history_entry.is_a?(Hash) && proxy_history_entry[:comment].length.positive?
|
|
158
|
+
entry[:comment] = proxy_history_entry[:comment]
|
|
159
|
+
entry[:highlight] = proxy_history_entry[:highlight]
|
|
160
|
+
else
|
|
161
|
+
request = Base64.strict_decode64(request)
|
|
162
|
+
response = Base64.strict_decode64(response)
|
|
163
|
+
http_request_response = PWN::Plugins::Char.force_utf8("#{request}\r\n\r\n#{response}")
|
|
164
|
+
ai_analysis = PWN::AI::Introspection.reflect_on(
|
|
165
|
+
system_role_content: system_role_content,
|
|
166
|
+
request: http_request_response,
|
|
167
|
+
suppress_pii_warning: true
|
|
168
|
+
)
|
|
169
|
+
|
|
170
|
+
next if ai_analysis.nil? || ai_analysis.strip.empty?
|
|
171
|
+
|
|
172
|
+
entry[:comment] = ai_analysis
|
|
173
|
+
entry[:highlight] = get_highlight_color.call(ai_analysis: ai_analysis)
|
|
174
|
+
end
|
|
175
|
+
|
|
176
|
+
update_sitemap(
|
|
177
|
+
burp_obj: burp_obj,
|
|
178
|
+
entry: entry
|
|
162
179
|
)
|
|
180
|
+
end
|
|
163
181
|
|
|
164
|
-
|
|
182
|
+
when :proxy_history
|
|
183
|
+
sitemap = get_sitemap(burp_obj: burp_obj)
|
|
184
|
+
proxy_history = get_proxy_history(burp_obj: burp_obj)
|
|
185
|
+
proxy_history.each do |entry|
|
|
186
|
+
next unless entry.key?(:comment) && entry[:comment].to_s.strip.empty?
|
|
187
|
+
|
|
188
|
+
request = entry[:request]
|
|
189
|
+
response = entry[:response]
|
|
190
|
+
host = entry[:http_service][:host]
|
|
191
|
+
port = entry[:http_service][:port]
|
|
192
|
+
protocol = entry[:http_service][:protocol]
|
|
193
|
+
next if request.nil? || response.nil? || host.nil? || port.nil? || protocol.nil?
|
|
194
|
+
|
|
195
|
+
# If sitemap comment and highlight color exists, use that instead of re-analyzing
|
|
196
|
+
sitemap_entry = nil
|
|
197
|
+
if sitemap.any?
|
|
198
|
+
sitemap_entry = sitemap.find do |site|
|
|
199
|
+
next unless site.key?(:http_service) && site.key?(:request)
|
|
200
|
+
|
|
201
|
+
site[:http_service][:host] == host &&
|
|
202
|
+
site[:http_service][:port] == port &&
|
|
203
|
+
site[:http_service][:protocol] == protocol &&
|
|
204
|
+
site[:request] == entry[:request]
|
|
205
|
+
end
|
|
206
|
+
end
|
|
165
207
|
|
|
166
|
-
|
|
167
|
-
|
|
168
|
-
|
|
208
|
+
if sitemap_entry.is_a?(Hash) && sitemap_entry[:comment].length.positive?
|
|
209
|
+
entry[:comment] = sitemap_entry[:comment]
|
|
210
|
+
entry[:highlight] = sitemap_entry[:highlight]
|
|
211
|
+
else
|
|
212
|
+
request = Base64.strict_decode64(request)
|
|
213
|
+
response = Base64.strict_decode64(response)
|
|
169
214
|
|
|
170
|
-
|
|
171
|
-
|
|
172
|
-
|
|
173
|
-
|
|
174
|
-
|
|
215
|
+
http_request_response = PWN::Plugins::Char.force_utf8("#{request}\r\n\r\n#{response}")
|
|
216
|
+
ai_analysis = PWN::AI::Introspection.reflect_on(
|
|
217
|
+
system_role_content: system_role_content,
|
|
218
|
+
request: http_request_response,
|
|
219
|
+
suppress_pii_warning: true
|
|
220
|
+
)
|
|
175
221
|
|
|
176
|
-
|
|
177
|
-
|
|
178
|
-
|
|
179
|
-
|
|
180
|
-
request = entry[:request]
|
|
181
|
-
response = entry[:response]
|
|
182
|
-
host = entry[:http_service][:host]
|
|
183
|
-
port = entry[:http_service][:port]
|
|
184
|
-
protocol = entry[:http_service][:protocol]
|
|
185
|
-
next if request.nil? || response.nil? || host.nil? || port.nil? || protocol.nil?
|
|
186
|
-
|
|
187
|
-
# If sitemap comment and highlight color exists, use that instead of re-analyzing
|
|
188
|
-
sitemap_entry = nil
|
|
189
|
-
if sitemap.any?
|
|
190
|
-
sitemap_entry = sitemap.find do |site|
|
|
191
|
-
next unless site.key?(:http_service) && site.key?(:request)
|
|
192
|
-
|
|
193
|
-
site[:http_service][:host] == host &&
|
|
194
|
-
site[:http_service][:port] == port &&
|
|
195
|
-
site[:http_service][:protocol] == protocol &&
|
|
196
|
-
site[:request] == entry[:request]
|
|
222
|
+
next if ai_analysis.nil? || ai_analysis.strip.empty?
|
|
223
|
+
|
|
224
|
+
entry[:comment] = ai_analysis
|
|
225
|
+
entry[:highlight] = get_highlight_color.call(ai_analysis: ai_analysis)
|
|
197
226
|
end
|
|
227
|
+
|
|
228
|
+
update_proxy_history(
|
|
229
|
+
burp_obj: burp_obj,
|
|
230
|
+
entry: entry
|
|
231
|
+
)
|
|
198
232
|
end
|
|
199
233
|
|
|
200
|
-
|
|
201
|
-
|
|
202
|
-
|
|
203
|
-
|
|
204
|
-
request = Base64.strict_decode64(request)
|
|
205
|
-
response = Base64.strict_decode64(response)
|
|
234
|
+
when :websocket_history
|
|
235
|
+
websocket_history = get_websocket_history(burp_obj: burp_obj)
|
|
236
|
+
websocket_history.each do |entry|
|
|
237
|
+
next unless entry.key?(:comment) && entry[:comment].to_s.strip.empty?
|
|
206
238
|
|
|
207
|
-
|
|
239
|
+
web_socket_id = entry[:web_socket_id]
|
|
240
|
+
direction = entry[:direction]
|
|
241
|
+
payload = entry[:payload]
|
|
242
|
+
next if web_socket_id.nil? || direction.nil? || payload.nil?
|
|
243
|
+
|
|
244
|
+
payload = Base64.strict_decode64(payload)
|
|
245
|
+
websocket_req = PWN::Plugins::Char.force_utf8("WebSocket ID: #{web_socket_id}\nDirection: #{direction}\nPayload:\n#{payload}")
|
|
208
246
|
ai_analysis = PWN::AI::Introspection.reflect_on(
|
|
209
247
|
system_role_content: system_role_content,
|
|
210
|
-
request:
|
|
248
|
+
request: websocket_req,
|
|
211
249
|
suppress_pii_warning: true
|
|
212
250
|
)
|
|
213
251
|
|
|
@@ -215,17 +253,18 @@ module PWN
|
|
|
215
253
|
|
|
216
254
|
entry[:comment] = ai_analysis
|
|
217
255
|
entry[:highlight] = get_highlight_color.call(ai_analysis: ai_analysis)
|
|
218
|
-
end
|
|
219
256
|
|
|
220
|
-
|
|
221
|
-
|
|
222
|
-
|
|
223
|
-
|
|
257
|
+
update_websocket_history(
|
|
258
|
+
burp_obj: burp_obj,
|
|
259
|
+
entry: entry
|
|
260
|
+
)
|
|
261
|
+
end
|
|
224
262
|
end
|
|
225
|
-
|
|
263
|
+
|
|
264
|
+
sleep Random.rand(30..60)
|
|
226
265
|
end
|
|
227
266
|
rescue Errno::ECONNREFUSED
|
|
228
|
-
puts 'Thread Terminating...'
|
|
267
|
+
puts 'BurpSuite AI Introspection Thread >>> Terminating API Calls...'
|
|
229
268
|
rescue StandardError => e
|
|
230
269
|
puts "BurpSuite AI Introspection Thread Error: #{e}"
|
|
231
270
|
puts e.backtrace
|
|
@@ -234,7 +273,7 @@ module PWN
|
|
|
234
273
|
puts 'BurpSuite AI Introspection Thread >>> Goodbye.'
|
|
235
274
|
end
|
|
236
275
|
|
|
237
|
-
burp_obj[:
|
|
276
|
+
burp_obj[:introspection_threads] = introspection_thread_arr.push(introspection_thread)
|
|
238
277
|
end
|
|
239
278
|
|
|
240
279
|
burp_obj
|
|
@@ -323,7 +362,9 @@ module PWN
|
|
|
323
362
|
enabled: true
|
|
324
363
|
)
|
|
325
364
|
|
|
326
|
-
init_introspection_thread(burp_obj: burp_obj)
|
|
365
|
+
burp_obj = init_introspection_thread(burp_obj: burp_obj, type: :sitemap)
|
|
366
|
+
burp_obj = init_introspection_thread(burp_obj: burp_obj, type: :proxy_history)
|
|
367
|
+
init_introspection_thread(burp_obj: burp_obj, type: :websocket_history)
|
|
327
368
|
rescue StandardError => e
|
|
328
369
|
stop(burp_obj: burp_obj) unless burp_obj.nil?
|
|
329
370
|
raise e
|
|
@@ -586,7 +627,7 @@ module PWN
|
|
|
586
627
|
keyword = opts[:keyword]
|
|
587
628
|
return_as = opts[:return_as] ||= :base64
|
|
588
629
|
|
|
589
|
-
rest_call = "http://#{mitm_rest_api}/
|
|
630
|
+
rest_call = "http://#{mitm_rest_api}/proxy/history"
|
|
590
631
|
|
|
591
632
|
sitemap = rest_browser.get(
|
|
592
633
|
rest_call,
|
|
@@ -780,7 +821,78 @@ module PWN
|
|
|
780
821
|
put_body = entry.to_json
|
|
781
822
|
|
|
782
823
|
proxy_history_resp = rest_browser.put(
|
|
783
|
-
"http://#{mitm_rest_api}/
|
|
824
|
+
"http://#{mitm_rest_api}/proxy/history/#{id}",
|
|
825
|
+
put_body,
|
|
826
|
+
content_type: 'application/json; charset=UTF8'
|
|
827
|
+
)
|
|
828
|
+
|
|
829
|
+
JSON.parse(proxy_history_resp, symbolize_names: true)
|
|
830
|
+
rescue StandardError => e
|
|
831
|
+
raise e
|
|
832
|
+
end
|
|
833
|
+
|
|
834
|
+
# Supported Method Parameters::
|
|
835
|
+
# json_web_socket_history = PWN::Plugins::BurpSuite.get_websocket_history(
|
|
836
|
+
# burp_obj: 'required - burp_obj returned by #start method',
|
|
837
|
+
# keyword: 'optional - keyword to filter websocket history entries (default: nil)'
|
|
838
|
+
# )
|
|
839
|
+
|
|
840
|
+
public_class_method def self.get_websocket_history(opts = {})
|
|
841
|
+
burp_obj = opts[:burp_obj]
|
|
842
|
+
rest_browser = burp_obj[:rest_browser]
|
|
843
|
+
mitm_rest_api = burp_obj[:mitm_rest_api]
|
|
844
|
+
keyword = opts[:keyword]
|
|
845
|
+
|
|
846
|
+
rest_call = "http://#{mitm_rest_api}/websocket/history"
|
|
847
|
+
|
|
848
|
+
sitemap = rest_browser.get(
|
|
849
|
+
rest_call,
|
|
850
|
+
content_type: 'application/json; charset=UTF8'
|
|
851
|
+
)
|
|
852
|
+
|
|
853
|
+
sitemap_arr = JSON.parse(sitemap, symbolize_names: true)
|
|
854
|
+
|
|
855
|
+
if keyword
|
|
856
|
+
sitemap_arr = sitemap_arr.select do |site|
|
|
857
|
+
decoded_request = Base64.strict_decode64(site[:request])
|
|
858
|
+
decoded_request.include?(keyword)
|
|
859
|
+
end
|
|
860
|
+
end
|
|
861
|
+
|
|
862
|
+
sitemap_arr.uniq
|
|
863
|
+
rescue StandardError => e
|
|
864
|
+
stop(burp_obj: burp_obj) unless burp_obj.nil?
|
|
865
|
+
raise e
|
|
866
|
+
end
|
|
867
|
+
|
|
868
|
+
# Supported Method Parameters::
|
|
869
|
+
# json_proxy_history = PWN::Plugins::BurpSuite.update_proxy_history(
|
|
870
|
+
# burp_obj: 'required - burp_obj returned by #start method',
|
|
871
|
+
# entry: 'required - hash of the websocket history entry to update'
|
|
872
|
+
# )
|
|
873
|
+
|
|
874
|
+
public_class_method def self.update_websocket_history(opts = {})
|
|
875
|
+
burp_obj = opts[:burp_obj]
|
|
876
|
+
raise 'ERROR: burp_obj parameter is required' unless burp_obj.is_a?(Hash)
|
|
877
|
+
|
|
878
|
+
entry = opts[:entry]
|
|
879
|
+
raise 'ERROR: entry parameter is required and must be a hash' unless entry.is_a?(Hash)
|
|
880
|
+
|
|
881
|
+
id = entry[:id]
|
|
882
|
+
raise 'ERROR: id key value pair is required within entry hash' if id.nil?
|
|
883
|
+
|
|
884
|
+
rest_browser = burp_obj[:rest_browser]
|
|
885
|
+
mitm_rest_api = burp_obj[:mitm_rest_api]
|
|
886
|
+
|
|
887
|
+
# Only allow updating of comment and highlight fields
|
|
888
|
+
entry.delete(:web_socket_id)
|
|
889
|
+
entry.delete(:direction)
|
|
890
|
+
entry.delete(:payload)
|
|
891
|
+
|
|
892
|
+
put_body = entry.to_json
|
|
893
|
+
|
|
894
|
+
proxy_history_resp = rest_browser.put(
|
|
895
|
+
"http://#{mitm_rest_api}/websocket/history/#{id}",
|
|
784
896
|
put_body,
|
|
785
897
|
content_type: 'application/json; charset=UTF8'
|
|
786
898
|
)
|
|
@@ -1894,8 +2006,9 @@ module PWN
|
|
|
1894
2006
|
browser_obj = burp_obj[:mitm_browser]
|
|
1895
2007
|
rest_browser = burp_obj[:rest_browser]
|
|
1896
2008
|
mitm_rest_api = burp_obj[:mitm_rest_api]
|
|
1897
|
-
|
|
1898
|
-
|
|
2009
|
+
introspection_thread_arr = burp_obj[:introspection_threads]
|
|
2010
|
+
introspection_thread_arr.each(&:kill) if introspection_thread_arr.is_a?(Array) && introspection_thread_arr.any?
|
|
2011
|
+
# introspection_thread.kill unless introspection_thread.nil?
|
|
1899
2012
|
|
|
1900
2013
|
PWN::Plugins::TransparentBrowser.close(browser_obj: browser_obj)
|
|
1901
2014
|
rest_browser.post("http://#{mitm_rest_api}/shutdown", '')
|
|
@@ -1981,6 +2094,16 @@ module PWN
|
|
|
1981
2094
|
entry: 'required - proxy history entry hash to update'
|
|
1982
2095
|
)
|
|
1983
2096
|
|
|
2097
|
+
json_proxy_history = #{self}.get_websocket_history(
|
|
2098
|
+
burp_obj: 'required - burp_obj returned by #start method',
|
|
2099
|
+
keyword: 'optional - keyword to filter websocket history results (default: nil)'
|
|
2100
|
+
)
|
|
2101
|
+
|
|
2102
|
+
json_proxy_history = #{self}.update_websocket_history(
|
|
2103
|
+
burp_obj: 'required - burp_obj returned by #start method',
|
|
2104
|
+
entry: 'required - websocket history entry hash to update'
|
|
2105
|
+
)
|
|
2106
|
+
|
|
1984
2107
|
json_sitemap = #{self}.get_sitemap(
|
|
1985
2108
|
burp_obj: 'required - burp_obj returned by #start method',
|
|
1986
2109
|
keyword: 'optional - keyword to filter sitemap results (default: nil)',
|
data/lib/pwn/version.rb
CHANGED
data/third_party/pwn_rdoc.jsonl
CHANGED
|
@@ -1,15 +1,15 @@
|
|
|
1
1
|
{"messages":[{"role":"user","content":"PWN.help Usage"},{"role":"assistant","content":"`PWN.help`: "}]}
|
|
2
2
|
{"messages":[{"role":"user","content":"PWN::AI.help Usage"},{"role":"assistant","content":"`PWN::AI.help`: "}]}
|
|
3
3
|
{"messages":[{"role":"user","content":"PWN::AI::Grok.authors Usage"},{"role":"assistant","content":"`PWN::AI::Grok.authors`: Author(s)\n\n0day Inc. <support@0dayinc.com>\n"}]}
|
|
4
|
-
{"messages":[{"role":"user","content":"PWN::AI::Grok.chat Usage"},{"role":"assistant","content":"`PWN::AI::Grok.chat`: Supported Method Parameters\n\nresponse = PWN::AI::Grok.chat(\n\nrequest: 'required - message to
|
|
4
|
+
{"messages":[{"role":"user","content":"PWN::AI::Grok.chat Usage"},{"role":"assistant","content":"`PWN::AI::Grok.chat`: Supported Method Parameters\n\nresponse = PWN::AI::Grok.chat(\n\nrequest: 'required - message to Grok'\nmodel: 'optional - model to use for text generation (defaults to PWN::Env[:ai][:grok][:model])',\ntemp: 'optional - creative response float (deafults to PWN::Env[:ai][:grok][:temp])',\nsystem_role_content: 'optional - context to set up the model behavior for conversation (Default: PWN::Env[:ai][:grok][:system_role_content])',\nresponse_history: 'optional - pass response back in to have a conversation',\nspeak_answer: 'optional speak answer using PWN::Plugins::Voice.text_to_speech (Default: nil)',\ntimeout: 'optional timeout in seconds (defaults to 300)',\nspinner: 'optional - display spinner (defaults to false)'\n\n)\n"}]}
|
|
5
5
|
{"messages":[{"role":"user","content":"PWN::AI::Grok.get_models Usage"},{"role":"assistant","content":"`PWN::AI::Grok.get_models`: Supported Method Parameters\n\nmodels = PWN::AI::Grok.get_models\n"}]}
|
|
6
6
|
{"messages":[{"role":"user","content":"PWN::AI::Grok.grok_rest_call Usage"},{"role":"assistant","content":"`PWN::AI::Grok.grok_rest_call`: Supported Method Parameters\n\ngrok_ai_rest_call(\n\ntoken: 'required - grok_ai bearer token',\nhttp_method: 'optional HTTP method (defaults to GET)\nbase_uri: 'optional base grok api URI (defaults to https://api.x.ai/v1)',\nrest_call: 'required rest call to make per the schema',\nparams: 'optional params passed in the URI or HTTP Headers',\nhttp_body: 'optional HTTP body sent in HTTP methods that support it e.g. POST',\ntimeout: 'optional timeout in seconds (defaults to 180)',\nspinner: 'optional - display spinner (defaults to false)'\n\n)\n"}]}
|
|
7
7
|
{"messages":[{"role":"user","content":"PWN::AI::Grok.help Usage"},{"role":"assistant","content":"`PWN::AI::Grok.help`: "}]}
|
|
8
8
|
{"messages":[{"role":"user","content":"PWN::AI::Introspection.authors Usage"},{"role":"assistant","content":"`PWN::AI::Introspection.authors`: Author(s)\n\n0day Inc. <support@0dayinc.com>\n"}]}
|
|
9
9
|
{"messages":[{"role":"user","content":"PWN::AI::Introspection.help Usage"},{"role":"assistant","content":"`PWN::AI::Introspection.help`: "}]}
|
|
10
|
-
{"messages":[{"role":"user","content":"PWN::AI::Introspection.reflect_on Usage"},{"role":"assistant","content":"`PWN::AI::Introspection.reflect_on`: Supported Method Parameters\n\nresponse = PWN::AI::Introspection.reflect_on(\n\nrequest: 'required - String - What you want the AI to reflect on',\nsystem_role_content: 'optional - context to set up the model behavior for reflection',\nspinner: 'optional - Boolean - Display spinner during operation (default: false)'\n\n)\n"}]}
|
|
10
|
+
{"messages":[{"role":"user","content":"PWN::AI::Introspection.reflect_on Usage"},{"role":"assistant","content":"`PWN::AI::Introspection.reflect_on`: Supported Method Parameters\n\nresponse = PWN::AI::Introspection.reflect_on(\n\nrequest: 'required - String - What you want the AI to reflect on',\nsystem_role_content: 'optional - context to set up the model behavior for reflection',\nspinner: 'optional - Boolean - Display spinner during operation (default: false)',\nsuppress_pii_warning: 'optional - Boolean - Suppress PII Warnings (default: false)'\n\n)\n"}]}
|
|
11
11
|
{"messages":[{"role":"user","content":"PWN::AI::Ollama.authors Usage"},{"role":"assistant","content":"`PWN::AI::Ollama.authors`: Author(s)\n\n0day Inc. <support@0dayinc.com>\n"}]}
|
|
12
|
-
{"messages":[{"role":"user","content":"PWN::AI::Ollama.chat Usage"},{"role":"assistant","content":"`PWN::AI::Ollama.chat`: Supported Method Parameters\n\nresponse = PWN::AI::Ollama.chat(\n\nrequest: 'required - message to
|
|
12
|
+
{"messages":[{"role":"user","content":"PWN::AI::Ollama.chat Usage"},{"role":"assistant","content":"`PWN::AI::Ollama.chat`: Supported Method Parameters\n\nresponse = PWN::AI::Ollama.chat(\n\nrequest: 'required - message to Ollama'\nmodel: 'optional - model to use for text generation (defaults to PWN::Env[:ai][:ollama][:model])',\ntemp: 'optional - creative response float (deafults to PWN::Env[:ai][:ollama][:temp])',\nsystem_role_content: 'optional - context to set up the model behavior for conversation (Default: PWN::Env[:ai][:ollama][:system_role_content])',\nresponse_history: 'optional - pass response back in to have a conversation',\nspeak_answer: 'optional speak answer using PWN::Plugins::Voice.text_to_speech (Default: nil)',\ntimeout: 'optional timeout in seconds (defaults to 300)',\nspinner: 'optional - display spinner (defaults to false)'\n\n)\n"}]}
|
|
13
13
|
{"messages":[{"role":"user","content":"PWN::AI::Ollama.get_models Usage"},{"role":"assistant","content":"`PWN::AI::Ollama.get_models`: Supported Method Parameters\n\nresponse = PWN::AI::Ollama.get_models\n"}]}
|
|
14
14
|
{"messages":[{"role":"user","content":"PWN::AI::Ollama.help Usage"},{"role":"assistant","content":"`PWN::AI::Ollama.help`: "}]}
|
|
15
15
|
{"messages":[{"role":"user","content":"PWN::AI::Ollama.ollama_rest_call Usage"},{"role":"assistant","content":"`PWN::AI::Ollama.ollama_rest_call`: Supported Method Parameters\n\nollama_rest_call(\n\nbase_uri: 'required - base URI for the Ollama API',\ntoken: 'required - ollama bearer token',\nhttp_method: 'optional HTTP method (defaults to GET)\nrest_call: 'required rest call to make per the schema',\nparams: 'optional params passed in the URI or HTTP Headers',\nhttp_body: 'optional HTTP body sent in HTTP methods that support it e.g. POST',\ntimeout: 'optional timeout in seconds (defaults to 300)',\nspinner: 'optional - display spinner (defaults to false)'\n\n)\n"}]}
|
|
@@ -562,6 +562,7 @@
|
|
|
562
562
|
{"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.format_uri_from_sitemap_resp Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.format_uri_from_sitemap_resp`: Supported Method Parameters\n\nuri = PWN::Plugins::BurpSuite.format_uri_from_sitemap_resp(\n\nscheme: 'required - scheme of the URI (http|https)',\nhost: 'required - host of the URI',\nport: 'optional - port of the URI',\npath: 'optional - path of the URI',\nquery: 'optional - query string of the URI'\n\n)\n"}]}
|
|
563
563
|
{"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.generate_scan_report Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.generate_scan_report`: Supported Method Parameters\n\nPWN::Plugins::BurpSuite.generate_scan_report(\n\nburp_obj: 'required - burp_obj returned by #start method',\ntarget_url: 'required - target_url passed to #active_scan method',\noutput_dir: 'required - directory to save the report',\nreport_type: required - <:html|:xml>'\n\n)\n"}]}
|
|
564
564
|
{"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.get_all_repeater_tabs Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.get_all_repeater_tabs`: Supported Method Parameters\n\nrepeater_tabs = PWN::Plugins::BurpSuite.get_all_repeater_tabs(\n\nburp_obj: 'required - burp_obj returned by #start method'\n\n)\n"}]}
|
|
565
|
+
{"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.get_proxy_history Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.get_proxy_history`: Supported Method Parameters\n\njson_proxy_history = PWN::Plugins::BurpSuite.get_proxy_history(\n\nburp_obj: 'required - burp_obj returned by #start method',\nkeyword: 'optional - keyword to filter proxy history entries (default: nil)',\nreturn_as: 'optional - :base64 or :har (defaults to :base64)'\n\n)\n"}]}
|
|
565
566
|
{"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.get_proxy_listeners Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.get_proxy_listeners`: Supported Method Parameters\n\njson_proxy_listeners = PWN::Plugins::BurpSuite.get_proxy_listeners(\n\nburp_obj: 'required - burp_obj returned by #start method'\n\n)\n"}]}
|
|
566
567
|
{"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.get_repeater_tab Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.get_repeater_tab`: Supported Method Parameters\n\nrepeater_tab = PWN::Plugins::BurpSuite.get_repeater_tab(\n\nburp_obj: 'required - burp_obj returned by #start method',\nid: 'required - id of the repeater tab to get'\n\n)\n"}]}
|
|
567
568
|
{"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.get_scan_issues Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.get_scan_issues`: Supported Method Parameters\n\njson_scan_issues = PWN::Plugins::BurpSuite.get_scan_issues(\n\nburp_obj: 'required - burp_obj returned by #start method'\n\n)\n"}]}
|
|
@@ -569,13 +570,16 @@
|
|
|
569
570
|
{"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.help Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.help`: "}]}
|
|
570
571
|
{"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.import_openapi_to_sitemap Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.import_openapi_to_sitemap`: "}]}
|
|
571
572
|
{"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.in_scope Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.in_scope`: Supported Method Parameters\n\nuri_in_scope = PWN::Plugins::BurpSuite.in_scope(\n\nburp_obj: 'required - burp_obj returned by #start method',\nuri: 'required - URI to determine if in scope'\n\n)\n"}]}
|
|
573
|
+
{"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.init_introspection_thread Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.init_introspection_thread`: Supported Method Parameters\n\nburp_obj = PWN::Plugins::BurpSuite.init_introspection_thread(\n\nburp_obj: 'required - burp_obj returned by #start method',\nenumerable_array: 'required - array of items to process in the thread'\n\n)\n"}]}
|
|
572
574
|
{"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.send_repeater_request Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.send_repeater_request`: Supported Method Parameters\n\nrepeater_resp = PWN::Plugins::BurpSuite.send_repeater_request(\n\nburp_obj: 'required - burp_obj returned by #start method',\nid: 'required - id of the repeater tab to send'\n\n)\n"}]}
|
|
573
575
|
{"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.spider Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.spider`: Supported Method Parameters\n\njson_spider = PWN::Plugins::BurpSuite.spider(\n\nburp_obj: 'required - burp_obj returned by #start method',\ntarget_url: 'required - target url to add to crawl / spider'\n\n)\n"}]}
|
|
574
576
|
{"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.start Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.start`: Supported Method Parameters\n\nburp_obj1 = PWN::Plugins::BurpSuite.start(\n\nburp_jar_path: 'optional - path of burp suite pro jar file (defaults to /opt/burpsuite/burpsuite_pro.jar)',\nheadless: 'optional - run burp headless if set to true',\nbrowser_type: 'optional - defaults to :firefox. See PWN::Plugins::TransparentBrowser.help for a list of types',\nburp_ip: 'optional - IP address for the Burp proxy (defaults to 127.0.0.1)',\nburp_port: 'optional - port for the Burp proxy (defaults to a random unused port)',\npwn_burp_ip: 'optional - IP address for the PWN Burp API (defaults to 127.0.0.1)',\npwn_burp_port: 'optional - port for the PWN Burp API (defaults to a random unused port)'\n\n)\n"}]}
|
|
575
577
|
{"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.stop Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.stop`: Supported Method Parameters\n\nPWN::Plugins::BurpSuite.stop(\n\nburp_obj: 'required - burp_obj returned by #start method'\n\n)\n"}]}
|
|
576
578
|
{"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.update_burp_jar Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.update_burp_jar`: Supported Method Parameters\n\nPWN::Plugins::BurpSuite.update_burp_jar( )\n"}]}
|
|
579
|
+
{"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.update_proxy_history Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.update_proxy_history`: Supported Method Parameters\n\njson_proxy_history = PWN::Plugins::BurpSuite.update_proxy_history(\n\nburp_obj: 'required - burp_obj returned by #start method',\nentry: 'required - hash of the proxy history entry to update'\n\n)\n"}]}
|
|
577
580
|
{"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.update_proxy_listener Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.update_proxy_listener`: Supported Method Parameters\n\njson_proxy_listener = PWN::Plugins::BurpSuite.update_proxy_listener(\n\nburp_obj: 'required - burp_obj returned by #start method',\nid: 'optional - ID of the proxy listener (defaults to 0)',\nbindAddress: 'optional - bind address for the proxy listener (defaults to value of existing listener)',\nport: 'optional - port for the proxy listener (defaults to value of existing listener)',\nenabled: 'optional - enable or disable the listener (defaults to value of existing listener)'\n\n)\n"}]}
|
|
578
581
|
{"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.update_repeater_tab Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.update_repeater_tab`: Supported Method Parameters\n\nrepeater_obj = PWN::Plugins::BurpSuite.update_repeater_tab(\n\nburp_obj: 'required - burp_obj returned by #start method',\nid: 'required - id of the repeater tab to update',\nname: 'required - name of the repeater tab (max 30 characters)',\nrequest: 'required - base64 encoded HTTP request string'\n\n)\n"}]}
|
|
582
|
+
{"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.update_sitemap Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.update_sitemap`: Supported Method Parameters\n\njson_sitemap = PWN::Plugins::BurpSuite.update_sitemap(\n\nburp_obj: 'required - burp_obj returned by #start method',\nentry: 'required - hash of the sitemap entry to update'\n\n)\n"}]}
|
|
579
583
|
{"messages":[{"role":"user","content":"PWN::Plugins::BusPirate.authors Usage"},{"role":"assistant","content":"`PWN::Plugins::BusPirate.authors`: Author(s)\n\n0day Inc. <support@0dayinc.com>\n"}]}
|
|
580
584
|
{"messages":[{"role":"user","content":"PWN::Plugins::BusPirate.connect Usage"},{"role":"assistant","content":"`PWN::Plugins::BusPirate.connect`: Supported Method Parameters\n\nbus_pirate_obj = PWN::Plugins::BusPirate.connect(\n\nblock_dev: 'optional serial block device path (defaults to /dev/ttyUSB0)',\nbaud: 'optional (defaults to 9600)',\ndata_bits: 'optional (defaults to 8)',\nstop_bits: 'optional (defaults to 1)',\nparity: 'optional (defaults to SerialPort::NONE)',\nflow_control: 'optional (defaults to SerialPort::HARD) SerialPort::NONE|SerialPort::SOFT|SerialPort::HARD'\n\n)\n"}]}
|
|
581
585
|
{"messages":[{"role":"user","content":"PWN::Plugins::BusPirate.connect_via_screen Usage"},{"role":"assistant","content":"`PWN::Plugins::BusPirate.connect_via_screen`: Supported Method Parameters\n\nPWN::Plugins::BusPirate.connect_via_screen(\n\nblock_dev: 'optional - serial block device path (defaults to /dev/ttyUSB0)'\n\n)\n"}]}
|
|
@@ -594,6 +598,7 @@
|
|
|
594
598
|
{"messages":[{"role":"user","content":"PWN::Plugins::Char.cyrillic_supplement Usage"},{"role":"assistant","content":"`PWN::Plugins::Char.cyrillic_supplement`: Supported Method Parameters\n\nPWN::Plugins::Char.cyrillic_supplement\n"}]}
|
|
595
599
|
{"messages":[{"role":"user","content":"PWN::Plugins::Char.diacritical_marks Usage"},{"role":"assistant","content":"`PWN::Plugins::Char.diacritical_marks`: Supported Method Parameters\n\nPWN::Plugins::Char.diacritical_marks\n"}]}
|
|
596
600
|
{"messages":[{"role":"user","content":"PWN::Plugins::Char.dingbats Usage"},{"role":"assistant","content":"`PWN::Plugins::Char.dingbats`: Supported Method Parameters\n\nPWN::Plugins::Char.dingbats\n"}]}
|
|
601
|
+
{"messages":[{"role":"user","content":"PWN::Plugins::Char.force_utf8 Usage"},{"role":"assistant","content":"`PWN::Plugins::Char.force_utf8`: Supported Method Parameters\n\nPWN::Plugins::Char.force_utf8(\n\nobj: 'required - object to force to UTF-8'\n)\n"}]}
|
|
597
602
|
{"messages":[{"role":"user","content":"PWN::Plugins::Char.generate_by_range Usage"},{"role":"assistant","content":"`PWN::Plugins::Char.generate_by_range`: Supported Method Parameters\n\nPWN::Plugins::Char.generate_by_range(\n\nfrom: 'required - integer to start from',\nto: 'required - integer to end UTF-8 generation'\n\n)\n"}]}
|
|
598
603
|
{"messages":[{"role":"user","content":"PWN::Plugins::Char.generate_encoded_files Usage"},{"role":"assistant","content":"`PWN::Plugins::Char.generate_encoded_files`: Supported Method Parameters\n\nPWN::Plugins::Char.generate_encoded_files(\n\nfrom: 'required - integer to start from',\nto: 'required - integer to end UTF-8 generation',\noutput_dir: 'required - folder to create files'\n\n)\n"}]}
|
|
599
604
|
{"messages":[{"role":"user","content":"PWN::Plugins::Char.geometric_shapes Usage"},{"role":"assistant","content":"`PWN::Plugins::Char.geometric_shapes`: Supported Method Parameters\n\nPWN::Plugins::Char.geometric_shapes\n"}]}
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: pwn
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.5.
|
|
4
|
+
version: 0.5.505
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- 0day Inc.
|
|
@@ -995,14 +995,14 @@ dependencies:
|
|
|
995
995
|
requirements:
|
|
996
996
|
- - '='
|
|
997
997
|
- !ruby/object:Gem::Version
|
|
998
|
-
version: 3.
|
|
998
|
+
version: 3.8.0
|
|
999
999
|
type: :runtime
|
|
1000
1000
|
prerelease: false
|
|
1001
1001
|
version_requirements: !ruby/object:Gem::Requirement
|
|
1002
1002
|
requirements:
|
|
1003
1003
|
- - '='
|
|
1004
1004
|
- !ruby/object:Gem::Version
|
|
1005
|
-
version: 3.
|
|
1005
|
+
version: 3.8.0
|
|
1006
1006
|
- !ruby/object:Gem::Dependency
|
|
1007
1007
|
name: ruby-audio
|
|
1008
1008
|
requirement: !ruby/object:Gem::Requirement
|