pwn 0.5.505 → 0.5.506
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.rubocop.yml +1 -1
- data/README.md +3 -3
- data/lib/pwn/plugins/burp_suite.rb +36 -35
- data/lib/pwn/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ff5a5cd8f4d9e0ce9d23468de01cb6c0f685ed4c9541e08af39dcb05b8c50d67
|
|
4
|
+
data.tar.gz: e9afe048562d6d832972c9990a24db2b78a6d5c76e95959079ac4412e959c152
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 30d268063617d51deeed10b035ed8566913eebf114247ea8f4d988347a447faff622105e032f103ece1a56a69145e8ade0a79a6c9b0ec183f075065ca9d25818
|
|
7
|
+
data.tar.gz: 1c8deccd120888637f7a257cd3304374caac61bb9276a6f48b7c20a68e00087a7ec952a2c823745e62aa87c720c478b99f69e367ad95151365d06f644cfd49a0
|
data/.rubocop.yml
CHANGED
data/README.md
CHANGED
|
@@ -37,7 +37,7 @@ $ cd /opt/pwn
|
|
|
37
37
|
$ ./install.sh
|
|
38
38
|
$ ./install.sh ruby-gem
|
|
39
39
|
$ pwn
|
|
40
|
-
pwn[v0.5.
|
|
40
|
+
pwn[v0.5.506]:001 >>> PWN.help
|
|
41
41
|
```
|
|
42
42
|
|
|
43
43
|
[](https://youtu.be/G7iLUY4FzsI)
|
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.4.4@pwn
|
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
|
53
53
|
$ gem install --verbose pwn
|
|
54
54
|
$ pwn
|
|
55
|
-
pwn[v0.5.
|
|
55
|
+
pwn[v0.5.506]:001 >>> PWN.help
|
|
56
56
|
```
|
|
57
57
|
|
|
58
58
|
If you're using a multi-user install of RVM do:
|
|
@@ -62,7 +62,7 @@ $ rvm use ruby-3.4.4@pwn
|
|
|
62
62
|
$ rvmsudo gem uninstall --all --executables pwn
|
|
63
63
|
$ rvmsudo gem install --verbose pwn
|
|
64
64
|
$ pwn
|
|
65
|
-
pwn[v0.5.
|
|
65
|
+
pwn[v0.5.506]:001 >>> PWN.help
|
|
66
66
|
```
|
|
67
67
|
|
|
68
68
|
PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
|
|
@@ -60,7 +60,7 @@ module PWN
|
|
|
60
60
|
burp_obj = opts[:burp_obj]
|
|
61
61
|
raise 'ERROR: burp_obj parameter is required' unless burp_obj.is_a?(Hash)
|
|
62
62
|
|
|
63
|
-
valid_types = %i[sitemap
|
|
63
|
+
valid_types = %i[proxy_history sitemap websocket_history]
|
|
64
64
|
type = opts[:type]
|
|
65
65
|
raise "ERROR: type parameter is required and must be one of: #{valid_types.join(', ')}" unless valid_types.include?(type)
|
|
66
66
|
|
|
@@ -129,10 +129,10 @@ module PWN
|
|
|
129
129
|
# Repeater should analyze the reqesut/response pair and suggest
|
|
130
130
|
# modifications to the request to further probe for vulnerabilities _quickly_.
|
|
131
131
|
case type
|
|
132
|
-
when :
|
|
133
|
-
proxy_history = get_proxy_history(burp_obj: burp_obj)
|
|
132
|
+
when :proxy_history
|
|
134
133
|
sitemap = get_sitemap(burp_obj: burp_obj)
|
|
135
|
-
|
|
134
|
+
proxy_history = get_proxy_history(burp_obj: burp_obj)
|
|
135
|
+
proxy_history.each do |entry|
|
|
136
136
|
next unless entry.key?(:comment) && entry[:comment].to_s.strip.empty?
|
|
137
137
|
|
|
138
138
|
request = entry[:request]
|
|
@@ -142,24 +142,26 @@ module PWN
|
|
|
142
142
|
protocol = entry[:http_service][:protocol]
|
|
143
143
|
next if request.nil? || response.nil? || host.nil? || port.nil? || protocol.nil?
|
|
144
144
|
|
|
145
|
-
|
|
146
|
-
|
|
147
|
-
|
|
148
|
-
|
|
145
|
+
# If sitemap comment and highlight color exists, use that instead of re-analyzing
|
|
146
|
+
sitemap_entry = nil
|
|
147
|
+
if sitemap.any?
|
|
148
|
+
sitemap_entry = sitemap.find do |site|
|
|
149
|
+
next unless site.key?(:http_service) && site.key?(:request)
|
|
149
150
|
|
|
150
|
-
|
|
151
|
-
|
|
152
|
-
|
|
153
|
-
|
|
151
|
+
site[:http_service][:host] == host &&
|
|
152
|
+
site[:http_service][:port] == port &&
|
|
153
|
+
site[:http_service][:protocol] == protocol &&
|
|
154
|
+
site[:request] == entry[:request]
|
|
154
155
|
end
|
|
155
156
|
end
|
|
156
157
|
|
|
157
|
-
if
|
|
158
|
-
entry[:comment] =
|
|
159
|
-
entry[:highlight] =
|
|
158
|
+
if sitemap_entry.is_a?(Hash) && sitemap_entry[:comment].length.positive?
|
|
159
|
+
entry[:comment] = sitemap_entry[:comment]
|
|
160
|
+
entry[:highlight] = sitemap_entry[:highlight]
|
|
160
161
|
else
|
|
161
162
|
request = Base64.strict_decode64(request)
|
|
162
163
|
response = Base64.strict_decode64(response)
|
|
164
|
+
|
|
163
165
|
http_request_response = PWN::Plugins::Char.force_utf8("#{request}\r\n\r\n#{response}")
|
|
164
166
|
ai_analysis = PWN::AI::Introspection.reflect_on(
|
|
165
167
|
system_role_content: system_role_content,
|
|
@@ -173,16 +175,17 @@ module PWN
|
|
|
173
175
|
entry[:highlight] = get_highlight_color.call(ai_analysis: ai_analysis)
|
|
174
176
|
end
|
|
175
177
|
|
|
176
|
-
|
|
178
|
+
update_proxy_history(
|
|
177
179
|
burp_obj: burp_obj,
|
|
178
180
|
entry: entry
|
|
179
181
|
)
|
|
180
182
|
end
|
|
183
|
+
sleep Random.rand(30..60)
|
|
181
184
|
|
|
182
|
-
when :
|
|
183
|
-
sitemap = get_sitemap(burp_obj: burp_obj)
|
|
185
|
+
when :sitemap
|
|
184
186
|
proxy_history = get_proxy_history(burp_obj: burp_obj)
|
|
185
|
-
|
|
187
|
+
sitemap = get_sitemap(burp_obj: burp_obj)
|
|
188
|
+
sitemap.each do |entry|
|
|
186
189
|
next unless entry.key?(:comment) && entry[:comment].to_s.strip.empty?
|
|
187
190
|
|
|
188
191
|
request = entry[:request]
|
|
@@ -192,26 +195,24 @@ module PWN
|
|
|
192
195
|
protocol = entry[:http_service][:protocol]
|
|
193
196
|
next if request.nil? || response.nil? || host.nil? || port.nil? || protocol.nil?
|
|
194
197
|
|
|
195
|
-
|
|
196
|
-
|
|
197
|
-
|
|
198
|
-
|
|
199
|
-
next unless site.key?(:http_service) && site.key?(:request)
|
|
198
|
+
proxy_history_entry = nil
|
|
199
|
+
if proxy_history.any?
|
|
200
|
+
proxy_history_entry = proxy_history.find do |proxy_entry|
|
|
201
|
+
next unless proxy_entry.key?(:http_service) && proxy_entry.key?(:request)
|
|
200
202
|
|
|
201
|
-
|
|
202
|
-
|
|
203
|
-
|
|
204
|
-
|
|
203
|
+
proxy_entry[:http_service][:host] == host &&
|
|
204
|
+
proxy_entry[:http_service][:port] == port &&
|
|
205
|
+
proxy_entry[:http_service][:protocol] == protocol &&
|
|
206
|
+
proxy_entry[:request] == entry[:request]
|
|
205
207
|
end
|
|
206
208
|
end
|
|
207
209
|
|
|
208
|
-
if
|
|
209
|
-
entry[:comment] =
|
|
210
|
-
entry[:highlight] =
|
|
210
|
+
if proxy_history_entry.is_a?(Hash) && proxy_history_entry[:comment].length.positive?
|
|
211
|
+
entry[:comment] = proxy_history_entry[:comment]
|
|
212
|
+
entry[:highlight] = proxy_history_entry[:highlight]
|
|
211
213
|
else
|
|
212
214
|
request = Base64.strict_decode64(request)
|
|
213
215
|
response = Base64.strict_decode64(response)
|
|
214
|
-
|
|
215
216
|
http_request_response = PWN::Plugins::Char.force_utf8("#{request}\r\n\r\n#{response}")
|
|
216
217
|
ai_analysis = PWN::AI::Introspection.reflect_on(
|
|
217
218
|
system_role_content: system_role_content,
|
|
@@ -225,11 +226,12 @@ module PWN
|
|
|
225
226
|
entry[:highlight] = get_highlight_color.call(ai_analysis: ai_analysis)
|
|
226
227
|
end
|
|
227
228
|
|
|
228
|
-
|
|
229
|
+
update_sitemap(
|
|
229
230
|
burp_obj: burp_obj,
|
|
230
231
|
entry: entry
|
|
231
232
|
)
|
|
232
233
|
end
|
|
234
|
+
sleep Random.rand(60..90)
|
|
233
235
|
|
|
234
236
|
when :websocket_history
|
|
235
237
|
websocket_history = get_websocket_history(burp_obj: burp_obj)
|
|
@@ -259,9 +261,8 @@ module PWN
|
|
|
259
261
|
entry: entry
|
|
260
262
|
)
|
|
261
263
|
end
|
|
264
|
+
sleep Random.rand(3..10)
|
|
262
265
|
end
|
|
263
|
-
|
|
264
|
-
sleep Random.rand(30..60)
|
|
265
266
|
end
|
|
266
267
|
rescue Errno::ECONNREFUSED
|
|
267
268
|
puts 'BurpSuite AI Introspection Thread >>> Terminating API Calls...'
|
data/lib/pwn/version.rb
CHANGED