pwn 0.5.562 → 0.5.587

data/lib/pwn/config.rb

@@ -32,11 +32,20 @@ module PWN
           introspection: false,
           grok: {
             base_uri: 'optional - Base URI for Grok - Use private base OR defaults to https://api.x.ai/v1',
-            key: 'required - OpenAI API Key',
+            key: 'required - xAI Grok API Key',
             model: 'optional - Grok model to use',
-            system_role_content: 'You are an ethically hacking OpenAI agent.',
-            temp: 'optional - OpenAI temperature',
-            max_prompt_length: 256_000
+            system_role_content: 'You are an ethically hacking xAI Grok agent.',
+            temp: 'optional - Grok temperature',
+            max_prompt_length: 256_000,
+            # OAuth support for xAI SuperGrok subscriptions (in addition to API key)
+            # Populate via pwn-vault command (values stored encrypted in ~/.pwn/pwn.yaml)
+            oauth: {
+              client_id: 'optional - xAI SuperGrok OAuth Client ID (for subscriptions without API key)',
+              client_secret: 'optional - xAI SuperGrok OAuth Client Secret',
+              access_token: 'optional - xAI SuperGrok OAuth Access Token (preferred for SuperGrok subs; used as Bearer)',
+              refresh_token: 'optional - xAI SuperGrok OAuth Refresh Token',
+              token_uri: 'optional - OAuth token endpoint (defaults handled in PWN::AI::Grok if needed)'
+            }
           },
           openai: {
             base_uri: 'optional - Base URI for OpenAI - Use private base OR defaults to https://api.openai.com/v1',
@@ -53,6 +62,14 @@ module PWN
             system_role_content: 'You are an ethically hacking Ollama agent.',
             temp: 'optional - Ollama temperature',
             max_prompt_length: 32_000
+          },
+          anthropic: {
+            base_uri: 'optional - Base URI for Anthropic - Use private base OR defaults to https://api.anthropic.com/v1',
+            key: 'required - Anthropic API Key',
+            model: 'optional - Anthropic model to use (e.g. claude-3-5-sonnet-20240620)',
+            system_role_content: 'You are an ethically hacking Anthropic agent.',
+            temp: 'optional - Anthropic temperature',
+            max_prompt_length: 200_000
           }
         },
         plugins: {
@@ -125,15 +142,33 @@ module PWN
             }
           },
           shodan: { api_key: 'SHODAN API Key' }
+        },
+        memory: {
+          enabled: true,
+          provider: 'file' # file | sqlite (future)
+        },
+        sessions: {
+          enabled: true,
+          provider: 'jsonl'
+        },
+        cron: {
+          enabled: true,
+          provider: 'yaml'
         }
       }
 
       # Remove beginning colon from key names
+
       yaml_env = YAML.dump(env).gsub(/^(\s*):/, '\1')
       File.write(pwn_env_path, yaml_env)
       # Change file permission to 600
       File.chmod(0o600, pwn_env_path)
 
+      # Ensure skills dir for pwn-ai agent (in parent of pwn_env_path)
+      pwn_env_root = File.dirname(pwn_env_path)
+      pwn_skills_path = File.join(pwn_env_root, 'skills')
+      FileUtils.mkdir_p(pwn_skills_path)
+
       env[:driver_opts] = {
         pwn_env_path: pwn_env_path,
         pwn_dec_path: pwn_dec_path
@@ -145,7 +180,16 @@ module PWN
       )
 
       Pry.config.refresh_pwn_env = false if defined?(Pry)
+      env[:pwn_skills_path] = pwn_skills_path
+      PWN::Config.load_skills(pwn_skills_path: pwn_skills_path)
+
+      # Hermes-equivalent memory/sessions/cron paths (pwn-ai agent)
+      env[:pwn_memory_path] = PWN::Memory::MEMORY_FILE if defined?(PWN::Memory)
+      env[:pwn_sessions_path] = PWN::Sessions.sessions_dir if defined?(PWN::Sessions)
+      env[:pwn_cron_path] = PWN::Cron.cron_dir if defined?(PWN::Cron)
+
       PWN.send(:remove_const, :Env) if PWN.const_defined?(:Env)
+
       PWN.const_set(:Env, env.freeze)
     rescue StandardError => e
       raise e
@@ -195,9 +239,13 @@ module PWN
 
     public_class_method def self.refresh_env(opts = {})
       pwn_env_root = "#{Dir.home}/.pwn"
+      pwn_env_path = opts[:pwn_env_path] ||= "#{pwn_env_root}/pwn.yaml"
+      pwn_env_root = File.dirname(pwn_env_path)
       FileUtils.mkdir_p(pwn_env_root)
 
-      pwn_env_path = opts[:pwn_env_path] ||= "#{pwn_env_root}/pwn.yaml"
+      pwn_skills_path = File.join(pwn_env_root, 'skills')
+      FileUtils.mkdir_p(pwn_skills_path)
+
       return default_env(pwn_env_path: pwn_env_path) unless File.exist?(pwn_env_path)
 
       is_encrypted = PWN::Plugins::Vault.file_encrypted?(file: pwn_env_path)
@@ -226,9 +274,14 @@ module PWN
       raise "ERROR: Unsupported AI Engine: #{engine} in #{pwn_env_path}.  Supported AI Engines:\n#{valid_ai_engines.inspect}" unless valid_ai_engines.include?(engine)
 
       key = env[:ai][engine][:key]
-      if key.nil?
+      oauth_access = nil
+      if engine == :grok
+        oauth = env[:ai][engine][:oauth] ||= {}
+        oauth_access = oauth[:access_token] if oauth[:access_token] && !oauth[:access_token].to_s.match?(/optional/i) && !oauth[:access_token].to_s.empty?
+      end
+      if key.nil? && oauth_access.nil?
         key = PWN::Plugins::AuthenticationHelper.mask_password(
-          prompt: "#{engine} API Key"
+          prompt: "#{engine} API Key (or configure oauth:access_token in pwn-vault for xAI SuperGrok subscriptions)"
         )
         env[:ai][engine][:key] = key
       end
@@ -256,11 +309,23 @@ module PWN
         pwn_dec_path: pwn_dec_path
       }
 
+      # Make pwn-ai (Hermes agent TUI equiv) aware of skills folder in pwn_env parent (before freeze)
+      env[:pwn_skills_path] = pwn_skills_path if defined?(pwn_skills_path)
+      PWN::Config.load_skills(pwn_skills_path: pwn_skills_path) if defined?(pwn_skills_path)
+
+      # Hermes-equivalent: memory, sessions, cron for pwn-ai agent (before freeze)
+      env[:pwn_memory_path] = PWN::Memory::MEMORY_FILE if defined?(PWN::Memory)
+      PWN::Memory.load if defined?(PWN::Memory)
+      env[:pwn_sessions_path] = PWN::Sessions.sessions_dir if defined?(PWN::Sessions)
+      env[:pwn_cron_path] = PWN::Cron.cron_dir if defined?(PWN::Cron)
+
       # Assign the refreshed env to PWN::Env
+
       PWN.send(:remove_const, :Env) if PWN.const_defined?(:Env)
       PWN.const_set(:Env, env.freeze)
 
       # Redact sensitive artifacts from PWN::Env and store in PWN::EnvRedacted
+
       env_redacted = redact_sensitive_artifacts(config: env)
       PWN.send(:remove_const, :EnvRedacted) if PWN.const_defined?(:EnvRedacted)
       PWN.const_set(:EnvRedacted, env_redacted.freeze)
@@ -272,6 +337,79 @@ module PWN
       raise e
     end
 
+    # Supported Method Parameters::
+    # pwn_skills_path = PWN::Config.pwn_skills_path(
+    #   pwn_env_path: 'optional - Path to pwn.yaml file.  Defaults to ~/.pwn/pwn.yaml'
+    # )
+    public_class_method def self.pwn_skills_path(opts = {})
+      pwn_env_path = opts[:pwn_env_path] ||= "#{Dir.home}/.pwn/pwn.yaml"
+      File.join(File.dirname(pwn_env_path), 'skills')
+    end
+
+    # Supported Method Parameters::
+    # skills = PWN::Config.load_skills(
+    #   pwn_skills_path: 'optional - Path to skills folder.  Defaults to ~/.pwn/skills'
+    # )
+    #
+    # Loads instruction-based skills (.md, .txt, .skill, .yaml) and executable Ruby skills (.rb)
+    # into PWN::Skills constant (hash of basename => {type, path, content, loaded?}).
+    # The pwn-ai command (REPL driver) loads and is aware of this folder to expand
+    # autonomous agent capabilities (equivalent to Hermes agent TUI skills for task execution).
+    public_class_method def self.load_skills(opts = {})
+      pwn_skills_path = opts[:pwn_skills_path] || PWN::Env[:pwn_skills_path] || pwn_skills_path
+      FileUtils.mkdir_p(pwn_skills_path) if pwn_skills_path && !Dir.exist?(pwn_skills_path.to_s)
+
+      skills = {}
+      return skills unless pwn_skills_path && Dir.exist?(pwn_skills_path.to_s)
+
+      Dir.glob(File.join(pwn_skills_path, '*.{rb,md,txt,skill,yml,yaml}')).each do |skill_file|
+        basename = File.basename(skill_file, '.*').to_sym
+        content = File.read(skill_file)
+        ext = File.extname(skill_file).downcase
+
+        if ext == '.rb'
+          begin
+            require skill_file
+            skills[basename] = { type: :ruby, path: skill_file, content: content, loaded: true }
+          rescue StandardError => e
+            skills[basename] = { type: :ruby, path: skill_file, content: content, loaded: false, error: e.message }
+          end
+        else
+          skills[basename] = { type: :instruction, path: skill_file, content: content }
+        end
+      end
+
+      PWN.send(:remove_const, :Skills) if PWN.const_defined?(:Skills)
+      PWN.const_set(:Skills, skills.freeze)
+      skills
+    rescue StandardError => e
+      raise e
+    end
+
+    # Supported Method Parameters::
+    #   path = PWN::Config.pwn_memory_path
+    public_class_method def self.pwn_memory_path
+      defined?(PWN::Memory) ? PWN::Memory::MEMORY_FILE : File.join(Dir.home, '.pwn', 'memory.json')
+    end
+
+    # Supported Method Parameters::
+    #   PWN::Config.load_memory
+    public_class_method def self.load_memory
+      defined?(PWN::Memory) ? PWN::Memory.load : {}
+    end
+
+    # Supported Method Parameters::
+    #   path = PWN::Config.pwn_sessions_path
+    public_class_method def self.pwn_sessions_path
+      defined?(PWN::Sessions) ? PWN::Sessions.sessions_dir : File.join(Dir.home, '.pwn', 'sessions')
+    end
+
+    # Supported Method Parameters::
+    #   path = PWN::Config.pwn_cron_path
+    public_class_method def self.pwn_cron_path
+      defined?(PWN::Cron) ? PWN::Cron.cron_dir : File.join(Dir.home, '.pwn', 'cron')
+    end
+
     # Author(s):: 0day Inc. <support@0dayinc.com>
 
     public_class_method def self.authors

data/lib/pwn/cron.rb

@@ -0,0 +1,210 @@
+# frozen_string_literal: true
+
+require 'yaml'
+require 'fileutils'
+require 'time'
+require 'securerandom'
+
+module PWN
+  # PWN::Cron provides cron / scheduled task management for the pwn-ai agent
+  # (equivalent to Hermes cron jobs + scheduler).
+  # Jobs are defined in ~/.pwn/cron/jobs.yml and can be triggered by system
+  # cron, manual run, or from within pwn-ai agent loops.
+  #
+  # Each job can contain a prompt (for pwn-ai), a ruby script snippet, or
+  # reference to external script. Delivery can be 'log' (default), 'email', etc.
+  # (email would require additional plugins).
+  module Cron
+    CRON_DIR = File.join(Dir.home, '.pwn', 'cron')
+    JOBS_FILE = File.join(CRON_DIR, 'jobs.yml')
+
+    # Supported Method Parameters::
+    #   dir = PWN::Cron.cron_dir
+    public_class_method def self.cron_dir
+      FileUtils.mkdir_p(CRON_DIR)
+      CRON_DIR
+    end
+
+    # Supported Method Parameters::
+    #   jobs = PWN::Cron.list
+    public_class_method def self.list
+      load_jobs
+    end
+
+    # Supported Method Parameters::
+    #   job = PWN::Cron.create(
+    #     name: 'optional',
+    #     schedule: 'required e.g. "0 * * * *" or "30m" or "every 2h"',
+    #     prompt: 'optional - pwn-ai prompt to run',
+    #     ruby: 'optional - ruby snippet to eval',
+    #     script: 'optional - path to external script',
+    #     delivery: 'log|stdout (default log)',
+    #     enabled: true
+    #   )
+    public_class_method def self.create(opts = {})
+      jobs = load_jobs
+      id = SecureRandom.hex(6)
+      name = opts[:name] || "job-#{id}"
+      job = {
+        id: id,
+        name: name,
+        schedule: opts[:schedule] || '0 * * * *',
+        prompt: opts[:prompt],
+        ruby: opts[:ruby],
+        script: opts[:script],
+        delivery: opts[:delivery] || 'log',
+        enabled: opts.fetch(:enabled, true),
+        created_at: Time.now.utc.iso8601,
+        last_run: nil,
+        last_status: nil
+      }
+      jobs[id] = job
+      save_jobs(jobs)
+
+      # Optionally install a crontab entry (user must have permission)
+      install_crontab_entry(job) if opts[:install_crontab]
+
+      job
+    end
+
+    # Supported Method Parameters::
+    #   PWN::Cron.run(id: 'required or name')
+    #   Executes the job (for pwn-ai prompt it will use current active AI engine
+    #   via PWN::AI::* but without full REPL hook unless in pwn-ai).
+    public_class_method def self.run(opts = {})
+      id = opts[:id]
+      jobs = load_jobs
+      job = jobs[id] || jobs.values.find { |j| j[:name] == id || j[:id] == id }
+      raise "Job #{id} not found" unless job
+
+      start = Time.now
+      result = nil
+      status = 'success'
+
+      begin
+        if job[:prompt]
+          engine = begin
+            PWN::Env[:ai][:active].to_s.downcase.to_sym
+          rescue StandardError
+            :grok
+          end
+          case engine
+          when :grok
+            result = PWN::AI::Grok.chat(request: job[:prompt], spinner: false)
+          when :ollama
+            result = PWN::AI::Ollama.chat(request: job[:prompt], spinner: false)
+          when :openai
+            result = PWN::AI::OpenAI.chat(request: job[:prompt], spinner: false)
+          when :anthropic
+            result = PWN::AI::Anthropic.chat(request: job[:prompt], spinner: false)
+          end
+          result = begin
+            result[:choices].last[:content]
+          rescue StandardError
+            result.to_s
+          end
+        elsif job[:ruby]
+          result = eval(job[:ruby], TOPLEVEL_BINDING) # rubocop:disable Security/Eval
+        elsif job[:script] && File.exist?(job[:script])
+          result = `#{job[:script]} 2>&1`
+        else
+          result = 'No prompt/ruby/script defined'
+        end
+
+        if job[:delivery] == 'log'
+          log_path = File.join(cron_dir, "#{job[:id]}.log")
+          File.open(log_path, 'a') do |f|
+            f.puts("[#{Time.now}] RUN #{job[:name]} (#{job[:id]})\n#{result}\n---")
+          end
+        end
+      rescue StandardError => e
+        status = 'error'
+        result = "ERROR: #{e.class} - #{e.message}\n#{e.backtrace.first(5).join("\n")}"
+      end
+
+      job[:last_run] = Time.now.utc.iso8601
+      job[:last_status] = status
+      jobs[job[:id]] = job
+      save_jobs(jobs)
+
+      { job: job, result: result, duration: Time.now - start, status: status }
+    end
+
+    # Supported Method Parameters::
+    #   PWN::Cron.remove(id:)
+    public_class_method def self.remove(opts = {}) # rubocop:disable Naming/PredicateMethod
+      id = opts[:id]
+      jobs = load_jobs
+      jobs.delete(id)
+      save_jobs(jobs)
+      true
+    end
+
+    # Supported Method Parameters::
+    #   PWN::Cron.enable/disable(id:)
+    public_class_method def self.enable(opts = {})
+      toggle(opts[:id], true)
+    end
+
+    public_class_method def self.disable(opts = {})
+      toggle(opts[:id], false)
+    end
+
+    # Install a crontab line that invokes this job via pwn
+    # (assumes /opt/pwn and rvm ruby-4.0.1@pwn - user can edit crontab)
+    public_class_method def self.install_crontab_entry(job)
+      cron_line = "#{job[:schedule]} cd /opt/pwn && /usr/local/rvm/bin/rvm ruby-4.0.1@pwn do ruby -I lib -e 'require \"pwn\"; PWN::Cron.run(id: \"#{job[:id]}\")' >> #{File.join(cron_dir, 'cron.log')} 2>&1"
+      # Append to user's crontab (non-destructive)
+      existing = `crontab -l 2>/dev/null || true`
+      unless existing.include?(job[:id])
+        new_cron = existing + "\n# pwn-cron #{job[:name]} (#{job[:id]})\n#{cron_line}\n"
+        IO.popen('crontab -', 'w') { |io| io.write(new_cron) }
+      end
+      cron_line
+    end
+
+    private_class_method def self.load_jobs
+      FileUtils.mkdir_p(cron_dir)
+      return {} unless File.exist?(JOBS_FILE)
+
+      YAML.safe_load_file(JOBS_FILE, symbolize_names: true) || {}
+    rescue StandardError
+      {}
+    end
+
+    private_class_method def self.save_jobs(jobs)
+      File.write(JOBS_FILE, YAML.dump(jobs))
+    end
+
+    private_class_method def self.toggle(id, enabled)
+      jobs = load_jobs
+      if jobs[id]
+        jobs[id][:enabled] = enabled
+        save_jobs(jobs)
+      end
+      jobs[id]
+    end
+
+    # Author(s):: 0day Inc. <support@0dayinc.com>
+
+    public_class_method def self.authors
+      "AUTHOR(S):\n  0day Inc. <support@0dayinc.com>\n"
+    end
+
+    # Display Usage for this Module
+    public_class_method def self.help
+      puts <<~USAGE
+        USAGE:
+          PWN::Cron.create(schedule: '0 * * * *', prompt: 'Run daily recon on target.com using NmapIt and report', name: 'daily-recon')
+          PWN::Cron.list
+          res = PWN::Cron.run(id: 'abc123')
+          PWN::Cron.enable(id: 'abc123')
+          PWN::Cron.disable(id: 'abc123')
+          PWN::Cron.remove(id: 'abc123')
+          # To have system cron call it, use install_crontab_entry or the :install_crontab option on create
+
+          #{self}.authors
+      USAGE
+    end
+  end
+end

data/lib/pwn/driver.rb

@@ -30,6 +30,15 @@ module PWN
         ) do |o|
           @opts[:pwn_dec_path] = o
         end
+
+        on_tail(
+          '-v',
+          '--version',
+          'Print PWN version and exit'
+        ) do
+          puts PWN::VERSION
+          exit 0
+        end
       end
 
       def parse!

data/lib/pwn/memory.rb

@@ -0,0 +1,136 @@
+# frozen_string_literal: true
+
+require 'json'
+require 'fileutils'
+require 'time'
+
+module PWN
+  # PWN::Memory provides persistent cross-session memory for the pwn-ai agent
+  # (equivalent to Hermes agent memory providers). Facts, user preferences,
+  # environment details, lessons learned, and task state are stored in
+  # ~/.pwn/memory.json and survive across REPL restarts / pwn-ai sessions.
+  #
+  # The pwn-ai agent (in agent mode) automatically receives relevant memory
+  # injected into its system prompt. The agent can also call remember/recall
+  # via ruby code blocks during execution loops.
+  module Memory
+    MEMORY_FILE = File.join(Dir.home, '.pwn', 'memory.json')
+
+    # Supported Method Parameters::
+    #   memory = PWN::Memory.load
+    public_class_method def self.load
+      FileUtils.mkdir_p(File.dirname(MEMORY_FILE))
+      return {} unless File.exist?(MEMORY_FILE)
+
+      JSON.parse(File.read(MEMORY_FILE), symbolize_names: true)
+    rescue StandardError
+      {}
+    end
+
+    # Supported Method Parameters::
+    #   PWN::Memory.save(memory_hash)
+    public_class_method def self.save(mem = {})
+      FileUtils.mkdir_p(File.dirname(MEMORY_FILE))
+      File.write(MEMORY_FILE, JSON.pretty_generate(mem))
+      mem
+    end
+
+    # Supported Method Parameters::
+    #   PWN::Memory.remember(
+    #     key: 'required - Symbol or String key for the memory fact',
+    #     value: 'required - The value (any JSON serializable)',
+    #     category: 'optional - e.g. :fact, :preference, :lesson, :env (default: :fact)'
+    #   )
+    public_class_method def self.remember(opts = {})
+      key = opts[:key]
+      value = opts[:value]
+      category = opts[:category] || :fact
+
+      raise 'ERROR: key and value are required' if key.nil? || value.nil?
+
+      mem = load
+      mem[key.to_sym] = {
+        value: value,
+        category: category.to_sym,
+        timestamp: Time.now.utc.iso8601,
+        source: 'pwn-ai'
+      }
+      save(mem)
+      mem[key.to_sym]
+    end
+
+    # Supported Method Parameters::
+    #   results = PWN::Memory.recall(
+    #     query: 'optional - string to search keys/values/categories (simple match)',
+    #     category: 'optional - filter by category',
+    #     limit: 'optional - max results (default 50)'
+    #   )
+    public_class_method def self.recall(opts = {})
+      query = opts[:query].to_s.downcase
+      category = opts[:category]
+      limit = opts[:limit] || 50
+
+      mem = load
+      results = mem.select do |k, v|
+        match = true
+        match &&= k.to_s.downcase.include?(query) || v[:value].to_s.downcase.include?(query) || v[:category].to_s.downcase.include?(query) if query && !query.empty?
+        match &&= (v[:category] == category.to_sym) if category
+        match
+      end
+
+      results.to_a.first(limit).to_h
+    end
+
+    # Supported Method Parameters::
+    #   PWN::Memory.forget(key)
+    public_class_method def self.forget(key) # rubocop:disable Naming/PredicateMethod
+      mem = load
+      mem.delete(key.to_sym)
+      save(mem)
+      true
+    end
+
+    # Supported Method Parameters::
+    #   PWN::Memory.clear
+    public_class_method def self.clear
+      FileUtils.rm_f(MEMORY_FILE)
+      {}
+    end
+
+    # Supported Method Parameters::
+    #   context = PWN::Memory.to_context(limit: 20)
+    #   (used internally by pwn-ai hook to inject into system prompt)
+    public_class_method def self.to_context(opts = {})
+      limit = opts[:limit] || 20
+      mem = recall(limit: limit)
+      return '' if mem.empty?
+
+      ctx = "\n\nPERSISTENT MEMORY (cross-session facts, prefs, lessons - use PWN::Memory.remember to store new ones):\n"
+      mem.each do |k, v|
+        ctx += "- #{k} [#{v[:category]} @ #{v[:timestamp]}]: #{v[:value].to_s[0, 300]}\n"
+      end
+      ctx
+    end
+
+    # Author(s):: 0day Inc. <support@0dayinc.com>
+
+    public_class_method def self.authors
+      "AUTHOR(S):\n  0day Inc. <support@0dayinc.com>\n"
+    end
+
+    # Display Usage for this Module
+    public_class_method def self.help
+      puts <<~USAGE
+        USAGE:
+          mem = PWN::Memory.load
+          PWN::Memory.remember(key: :user_prefers_ruby, value: 'Always prefer pure Ruby + RestClient patterns', category: :preference)
+          facts = PWN::Memory.recall(query: 'recon', category: :fact, limit: 10)
+          PWN::Memory.forget(:some_key)
+          PWN::Memory.clear
+          context_str = PWN::Memory.to_context
+
+          #{self}.authors
+      USAGE
+    end
+  end
+end