pwn 0.5.552 → 0.5.554
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +3 -3
- data/lib/pwn/ai/agent/burp_suite.rb +1 -1
- data/lib/pwn/plugins/burp_suite.rb +9 -2
- data/lib/pwn/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 49eb5496957e5c639b18bbbee93a0e8f51516b5c0a8f001b32c7de7ca5e1211b
|
|
4
|
+
data.tar.gz: 872444c1e4c9fb5fb80280d2dd7dc9437a3bfe473711964127a7b519c13b10fc
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 512dbde8dbbdac206c76606f3a0d9900903ed027bbefe8231d26a9c33cac3817bf63a610dfc7196ac7d7ed18e21b168d63f4e64493adda91f4076a356208c39b
|
|
7
|
+
data.tar.gz: 0a135f251ad1076a446d221e10532d97c0a2d43e4c77da18752bd89763a907f03f6717b37ccce982338bf534b6c4c13a39a02227f16e8cc716111ba3e716ddce
|
data/README.md
CHANGED
|
@@ -37,7 +37,7 @@ $ cd /opt/pwn
|
|
|
37
37
|
$ ./install.sh
|
|
38
38
|
$ ./install.sh ruby-gem
|
|
39
39
|
$ pwn
|
|
40
|
-
pwn[v0.5.
|
|
40
|
+
pwn[v0.5.554]:001 >>> PWN.help
|
|
41
41
|
```
|
|
42
42
|
|
|
43
43
|
[](https://youtu.be/G7iLUY4FzsI)
|
|
@@ -52,7 +52,7 @@ $ rvm use ruby-4.0.1@pwn
|
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
|
53
53
|
$ gem install --verbose pwn
|
|
54
54
|
$ pwn
|
|
55
|
-
pwn[v0.5.
|
|
55
|
+
pwn[v0.5.554]:001 >>> PWN.help
|
|
56
56
|
```
|
|
57
57
|
|
|
58
58
|
If you're using a multi-user install of RVM do:
|
|
@@ -62,7 +62,7 @@ $ rvm use ruby-4.0.1@pwn
|
|
|
62
62
|
$ rvmsudo gem uninstall --all --executables pwn
|
|
63
63
|
$ rvmsudo gem install --verbose pwn
|
|
64
64
|
$ pwn
|
|
65
|
-
pwn[v0.5.
|
|
65
|
+
pwn[v0.5.554]:001 >>> PWN.help
|
|
66
66
|
```
|
|
67
67
|
|
|
68
68
|
PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
|
|
@@ -47,7 +47,7 @@ module PWN
|
|
|
47
47
|
4. Risk Score:
|
|
48
48
|
For each analysis generate a risk score between 0% - 100% based on exploitability and impact. This should be reflected as { "risk_score": "nnn%" } in the final output JSON.
|
|
49
49
|
|
|
50
|
-
Analyze provided HTTP request/response pairs methodically: Start with a high-level overview, then dive into specifics, flag potential issues with evidence from the traffic, and end with PoC if applicable. Be verbose in reasoning but concise in output. Prioritize high-severity findings. If data is incomplete, request clarifications.
|
|
50
|
+
Analyze provided HTTP request/response pairs methodically: Start with a high-level overview, then dive into specifics, flag potential issues with evidence from the traffic, and end with PoC if applicable. Be verbose in reasoning but concise in output. Prioritize high-severity findings. If data is incomplete, request clarifications. If analyzing a JavaScript source map file (i.e. .js.map), focus on deobfuscating and identifying any potentially vulnerable code patterns, especially those that could lead to client-side vulnerabilities like DOM XSS, prototype pollution, or insecure deserialization. Look for patterns such as eval, document.write, innerHTML assignments, and event handlers that could be influenced by user input. Provide detailed analysis and PoCs if vulnerabilities are identified.
|
|
51
51
|
'
|
|
52
52
|
|
|
53
53
|
PWN::AI::Introspection.reflect_on(
|
|
@@ -90,10 +90,11 @@ module PWN
|
|
|
90
90
|
end
|
|
91
91
|
|
|
92
92
|
default_http_ports = [80, 443]
|
|
93
|
+
limit = 10
|
|
93
94
|
offset = 0
|
|
94
|
-
limit = 200
|
|
95
95
|
|
|
96
96
|
loop do
|
|
97
|
+
keep_offset = false
|
|
97
98
|
# TODO: Implement repeater into the loop? This reduces load to LLM but is slooow.
|
|
98
99
|
# Repeater should analyze the reqesut/response pair and suggest
|
|
99
100
|
# modifications to the request to further probe for vulnerabilities _quickly_.
|
|
@@ -121,6 +122,8 @@ module PWN
|
|
|
121
122
|
|
|
122
123
|
next unless entry.key?(:comment) && entry[:comment].to_s.strip.empty?
|
|
123
124
|
|
|
125
|
+
keep_offset = true
|
|
126
|
+
|
|
124
127
|
# If sitemap comment and highlight color exists, use that instead of re-analyzing
|
|
125
128
|
sitemap_entry = nil
|
|
126
129
|
sitemap = get_sitemap(burp_obj: burp_obj, uri: uri)
|
|
@@ -182,6 +185,8 @@ module PWN
|
|
|
182
185
|
|
|
183
186
|
next unless entry.key?(:comment) && entry[:comment].to_s.strip.empty?
|
|
184
187
|
|
|
188
|
+
keep_offset = true
|
|
189
|
+
|
|
185
190
|
proxy_history_entry = nil
|
|
186
191
|
proxy_history = get_proxy_history(burp_obj: burp_obj, uri: uri)
|
|
187
192
|
if proxy_history.any?
|
|
@@ -232,6 +237,8 @@ module PWN
|
|
|
232
237
|
|
|
233
238
|
next unless entry.key?(:comment) && entry[:comment].to_s.strip.empty?
|
|
234
239
|
|
|
240
|
+
keep_offset = true
|
|
241
|
+
|
|
235
242
|
web_socket_id = entry[:web_socket_id]
|
|
236
243
|
direction = entry[:direction]
|
|
237
244
|
payload = entry[:payload]
|
|
@@ -255,7 +262,7 @@ module PWN
|
|
|
255
262
|
end
|
|
256
263
|
sleep Random.rand(3..10)
|
|
257
264
|
end
|
|
258
|
-
offset += limit
|
|
265
|
+
offset += limit unless keep_offset
|
|
259
266
|
end
|
|
260
267
|
rescue Errno::ECONNREFUSED
|
|
261
268
|
puts "BurpSuite:#{type} AI Introspection Thread >>> Terminating API Calls..."
|
data/lib/pwn/version.rb
CHANGED