pwn 0.5.60 → 0.5.62
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +2 -2
- data/README.md +3 -3
- data/bin/pwn +37 -37
- data/bin/pwn_gqrx_scanner +11 -3
- data/etc/pwn.yaml.EXAMPLE +2 -0
- data/lib/pwn/version.rb +1 -1
- metadata +7 -7
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 5b78feca18f7b658c6a1ef4cb65e2f40cab41101e4d31926caac9cdb293b8157
|
4
|
+
data.tar.gz: c3f3333e64e599efccac10eff086b724603afd3a7f966898bb380bbfc6ec4ff0
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: b24ff13b6f0e0437376208e912fe9fd3e2ef967add67f63d437396cb4c705e90f8620259b49d6bbf4af4b2c4b9c0595ff28faf22fac17bc441548bd26f58f32c
|
7
|
+
data.tar.gz: 71bd7188ce6a6390b64b0238f9723f050500c990690e55d60b1fd8e421a8ab0e43d0ef5787dd42f875476a6836961de9d06c80498ced7ef7842bdcfc955524e5
|
data/Gemfile
CHANGED
@@ -19,7 +19,7 @@ gem 'aws-sdk', '3.2.0'
|
|
19
19
|
gem 'barby', '0.6.9'
|
20
20
|
gem 'brakeman', '6.1.2'
|
21
21
|
gem 'bson', '5.0.0'
|
22
|
-
gem 'bundler', '>=2.5.
|
22
|
+
gem 'bundler', '>=2.5.7'
|
23
23
|
gem 'bundler-audit', '0.9.1'
|
24
24
|
gem 'bunny', '2.22.0'
|
25
25
|
gem 'colorize', '1.1.0'
|
@@ -66,7 +66,7 @@ gem 'pry-doc', '1.5.0'
|
|
66
66
|
gem 'rake', '13.1.0'
|
67
67
|
gem 'rb-readline', '0.5.5'
|
68
68
|
gem 'rbvmomi', '3.0.0'
|
69
|
-
gem 'rdoc', '6.6.
|
69
|
+
gem 'rdoc', '6.6.3.1'
|
70
70
|
gem 'rest-client', '2.1.0'
|
71
71
|
gem 'rex', '2.0.13'
|
72
72
|
gem 'rmagick', '5.4.4'
|
data/README.md
CHANGED
@@ -37,7 +37,7 @@ $ cd /opt/pwn
|
|
37
37
|
$ ./install.sh
|
38
38
|
$ ./install.sh ruby-gem
|
39
39
|
$ pwn
|
40
|
-
pwn[v0.5.
|
40
|
+
pwn[v0.5.62]:001 >>> PWN.help
|
41
41
|
```
|
42
42
|
|
43
43
|
[![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.3.0@pwn
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
53
53
|
$ gem install --verbose pwn
|
54
54
|
$ pwn
|
55
|
-
pwn[v0.5.
|
55
|
+
pwn[v0.5.62]:001 >>> PWN.help
|
56
56
|
```
|
57
57
|
|
58
58
|
If you're using a multi-user install of RVM do:
|
@@ -62,7 +62,7 @@ $ rvm use ruby-3.3.0@pwn
|
|
62
62
|
$ rvmsudo gem uninstall --all --executables pwn
|
63
63
|
$ rvmsudo gem install --verbose pwn
|
64
64
|
$ pwn
|
65
|
-
pwn[v0.5.
|
65
|
+
pwn[v0.5.62]:001 >>> PWN.help
|
66
66
|
```
|
67
67
|
|
68
68
|
PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
|
data/bin/pwn
CHANGED
@@ -54,13 +54,13 @@ begin
|
|
54
54
|
dchars = "\001\e[33m\002***\001\e[33m\002" if mode == :splat
|
55
55
|
end
|
56
56
|
|
57
|
-
if pi.config.
|
58
|
-
pi.config.prompt_name = 'pwn.
|
59
|
-
pi.config.prompt_name = 'pwn.
|
57
|
+
if pi.config.pwn_ai
|
58
|
+
pi.config.prompt_name = 'pwn.ai'
|
59
|
+
pi.config.prompt_name = 'pwn.ai.SPEAKING' if pi.config.pwn_ai_speak
|
60
60
|
name = "\001\e[1m\002\001\e[33m\002#{pi.config.prompt_name}\001\e[0m\002"
|
61
61
|
dchars = "\001\e[32m\002>>>\001\e[33m\002"
|
62
62
|
dchars = "\001\e[33m\002***\001\e[33m\002" if mode == :splat
|
63
|
-
if pi.config.
|
63
|
+
if pi.config.pwn_ai_debug
|
64
64
|
dchars = "\001\e[32m\002(DEBUG) >>>\001\e[33m\002"
|
65
65
|
dchars = "\001\e[33m\002(DEBUG) ***\001\e[33m\002" if mode == :splat
|
66
66
|
end
|
@@ -124,8 +124,8 @@ begin
|
|
124
124
|
exec_hook :after_read, eval_string, self
|
125
125
|
|
126
126
|
begin
|
127
|
-
complete_expr = true if config.
|
128
|
-
complete_expr = Pry::Code.complete_expression?(@eval_string) unless config.
|
127
|
+
complete_expr = true if config.pwn_ai || config.pwn_asm
|
128
|
+
complete_expr = Pry::Code.complete_expression?(@eval_string) unless config.pwn_ai || config.pwn_asm
|
129
129
|
rescue SyntaxError => e
|
130
130
|
output.puts e.message.gsub(/^.*syntax error, */, "SyntaxError: ")
|
131
131
|
reset_eval_string
|
@@ -135,7 +135,7 @@ begin
|
|
135
135
|
@suppress_output = true if @eval_string =~ /;\Z/ ||
|
136
136
|
@eval_string.empty? ||
|
137
137
|
@eval_string =~ /\A *#.*\n\z/ ||
|
138
|
-
config.
|
138
|
+
config.pwn_ai ||
|
139
139
|
config.pwn_asm
|
140
140
|
|
141
141
|
# A bug in jruby makes java.lang.Exception not rescued by
|
@@ -158,10 +158,10 @@ begin
|
|
158
158
|
eval_string = @eval_string
|
159
159
|
reset_eval_string
|
160
160
|
|
161
|
-
result = evaluate_ruby(eval_string) unless config.
|
161
|
+
result = evaluate_ruby(eval_string) unless config.pwn_ai ||
|
162
162
|
config.pwn_asm
|
163
163
|
|
164
|
-
result = eval_string if config.
|
164
|
+
result = eval_string if config.pwn_ai ||
|
165
165
|
config.pwn_asm
|
166
166
|
rescue RescuableException, *jruby_exceptions => e
|
167
167
|
# Eliminate following warning:
|
@@ -182,9 +182,9 @@ begin
|
|
182
182
|
throw(:breakout) if current_binding.nil?
|
183
183
|
end
|
184
184
|
|
185
|
-
# Ensure the return value in
|
185
|
+
# Ensure the return value in pwn_ai mode reflects the input
|
186
186
|
def evaluate_ruby(code)
|
187
|
-
# if config.
|
187
|
+
# if config.pwn_ai || config.pwn_asm
|
188
188
|
# result = message = code.to_s
|
189
189
|
# return
|
190
190
|
# end
|
@@ -236,44 +236,44 @@ begin
|
|
236
236
|
end
|
237
237
|
end
|
238
238
|
|
239
|
-
Pry::Commands.create_command 'pwn-
|
240
|
-
description 'Initiate pwn.
|
239
|
+
Pry::Commands.create_command 'pwn-ai' do
|
240
|
+
description 'Initiate pwn.ai chat interface.'
|
241
241
|
|
242
242
|
def process
|
243
243
|
pi = pry_instance
|
244
|
-
pi.config.
|
245
|
-
pi.config.color = false if pi.config.
|
246
|
-
pi.config.color = true unless pi.config.
|
244
|
+
pi.config.pwn_ai = true
|
245
|
+
pi.config.color = false if pi.config.pwn_ai
|
246
|
+
pi.config.color = true unless pi.config.pwn_ai
|
247
247
|
end
|
248
248
|
end
|
249
249
|
|
250
|
-
Pry::Commands.create_command 'toggle-pwn-
|
251
|
-
description 'Display the response_history object while using pwn.
|
250
|
+
Pry::Commands.create_command 'toggle-pwn-ai-debug' do
|
251
|
+
description 'Display the response_history object while using pwn.ai'
|
252
252
|
|
253
253
|
def process
|
254
254
|
pi = pry_instance
|
255
|
-
pi.config.
|
255
|
+
pi.config.pwn_ai_debug ? pi.config.pwn_ai_debug = false : pi.config.pwn_ai_debug = true
|
256
256
|
end
|
257
257
|
end
|
258
258
|
|
259
|
-
Pry::Commands.create_command 'toggle-pwn-
|
260
|
-
description 'Use speech capabilities within pwn.
|
259
|
+
Pry::Commands.create_command 'toggle-pwn-ai-speaks' do
|
260
|
+
description 'Use speech capabilities within pwn.ai to speak answers.'
|
261
261
|
|
262
262
|
def process
|
263
263
|
pi = pry_instance
|
264
|
-
pi.config.
|
264
|
+
pi.config.pwn_ai_speak ? pi.config.pwn_ai_speak = false : pi.config.pwn_ai_speak = true
|
265
265
|
end
|
266
266
|
end
|
267
267
|
|
268
268
|
Pry::Commands.create_command 'back' do
|
269
|
-
description 'Jump back to pwn REPL when in pwn-asm || pwn-
|
269
|
+
description 'Jump back to pwn REPL when in pwn-asm || pwn-ai.'
|
270
270
|
|
271
271
|
def process
|
272
272
|
pi = pry_instance
|
273
273
|
pi.config.pwn_asm = false if pi.config.pwn_asm
|
274
|
-
pi.config.
|
275
|
-
pi.config.
|
276
|
-
pi.config.
|
274
|
+
pi.config.pwn_ai = false if pi.config.pwn_ai
|
275
|
+
pi.config.pwn_ai_debug = false if pi.config.pwn_ai_debug
|
276
|
+
pi.config.pwn_ai_speak = false if pi.config.pwn_ai_speak
|
277
277
|
pi.config.completer = Pry::InputCompleter
|
278
278
|
end
|
279
279
|
end
|
@@ -284,13 +284,13 @@ begin
|
|
284
284
|
output.puts PWN::Banner.welcome
|
285
285
|
end
|
286
286
|
|
287
|
-
# pwn.
|
287
|
+
# pwn.ai Hooks
|
288
288
|
Pry.config.hooks.add_hook(:before_session, :init_opts) do |_output, _binding, pi|
|
289
289
|
if opts[:yaml_config_path] && File.exist?(opts[:yaml_config_path])
|
290
290
|
yaml_config_path = opts[:yaml_config_path]
|
291
291
|
yaml_config = YAML.load_file(yaml_config_path, symbolize_names: true)
|
292
|
-
pi.config.
|
293
|
-
Pry.config.
|
292
|
+
pi.config.pwn_ai_key = yaml_config[:open_ai_key]
|
293
|
+
Pry.config.pwn_ai_key = pi.config.pwn_ai_key
|
294
294
|
end
|
295
295
|
end
|
296
296
|
|
@@ -322,21 +322,21 @@ begin
|
|
322
322
|
end
|
323
323
|
end
|
324
324
|
|
325
|
-
Pry.config.hooks.add_hook(:after_read, :
|
326
|
-
if pi.config.
|
325
|
+
Pry.config.hooks.add_hook(:after_read, :pwn_ai_hook) do |request, pi|
|
326
|
+
if pi.config.pwn_ai && !request.chomp.empty?
|
327
327
|
request = pi.input.line_buffer.to_s
|
328
|
-
debug = pi.config.
|
329
|
-
open_ai_key = pi.config.
|
328
|
+
debug = pi.config.pwn_ai_debug
|
329
|
+
open_ai_key = pi.config.pwn_ai_key
|
330
330
|
open_ai_key ||= ''
|
331
331
|
if open_ai_key.empty?
|
332
332
|
open_ai_key = PWN::Plugins::AuthenticationHelper.mask_password(
|
333
333
|
prompt: 'OpenAI API Key'
|
334
334
|
)
|
335
|
-
pi.config.
|
335
|
+
pi.config.pwn_ai_key = open_ai_key
|
336
336
|
end
|
337
337
|
|
338
|
-
response_history = pi.config.
|
339
|
-
speak_answer = pi.config.
|
338
|
+
response_history = pi.config.pwn_ai_response_history
|
339
|
+
speak_answer = pi.config.pwn_ai_speak
|
340
340
|
response = PWN::Plugins::OpenAI.chat(
|
341
341
|
token: open_ai_key,
|
342
342
|
request: request.chomp,
|
@@ -360,7 +360,7 @@ begin
|
|
360
360
|
pp response_history
|
361
361
|
puts "\nresponse_history[:choices] Length: #{response_history[:choices].length}\n" unless response_history.nil?
|
362
362
|
end
|
363
|
-
pi.config.
|
363
|
+
pi.config.pwn_ai_response_history = response_history
|
364
364
|
end
|
365
365
|
end
|
366
366
|
|
data/bin/pwn_gqrx_scanner
CHANGED
@@ -183,6 +183,14 @@ def gqrx_cmd(opts = {})
|
|
183
183
|
# puts response.length
|
184
184
|
|
185
185
|
response
|
186
|
+
rescue RuntimeError => e
|
187
|
+
puts 'WARNING: RF Gain is not supported by the radio backend.' if e.message.include?('Command: L RF_GAIN')
|
188
|
+
puts 'WARNING: Intermediate Gain is not supported by the radio backend.' if e.message.include?('Command: L IF_GAIN')
|
189
|
+
puts 'WARNING: Baseband Gain is not supported by the radio backend.' if e.message.include?('Command: L BB_GAIN')
|
190
|
+
|
191
|
+
raise e unless e.message.include?('Command: L RF_GAIN') ||
|
192
|
+
e.message.include?('Command: L IF_GAIN') ||
|
193
|
+
e.message.include?('Command: L BB_GAIN')
|
186
194
|
end
|
187
195
|
|
188
196
|
def init_freq(opts = {})
|
@@ -403,7 +411,7 @@ begin
|
|
403
411
|
|
404
412
|
rf_gain = opts[:rf_gain] ||= 0.0
|
405
413
|
rf_gain = rf_gain.to_f
|
406
|
-
|
414
|
+
rf_gain_resp = gqrx_cmd(
|
407
415
|
gqrx_sock: gqrx_sock,
|
408
416
|
cmd: "L RF_GAIN #{rf_gain}",
|
409
417
|
resp_ok: 'RPRT 0'
|
@@ -411,7 +419,7 @@ begin
|
|
411
419
|
|
412
420
|
intermediate_gain = opts[:intermediate_gain] ||= 32.0
|
413
421
|
intermediate_gain = intermediate_gain.to_f
|
414
|
-
|
422
|
+
intermediate_resp = gqrx_cmd(
|
415
423
|
gqrx_sock: gqrx_sock,
|
416
424
|
cmd: "L IF_GAIN #{intermediate_gain}",
|
417
425
|
resp_ok: 'RPRT 0'
|
@@ -419,7 +427,7 @@ begin
|
|
419
427
|
|
420
428
|
baseband_gain = opts[:baseband_gain] ||= 10.0
|
421
429
|
baseband_gain = baseband_gain.to_f
|
422
|
-
|
430
|
+
baseband_resp = gqrx_cmd(
|
423
431
|
gqrx_sock: gqrx_sock,
|
424
432
|
cmd: "L BB_GAIN #{baseband_gain}",
|
425
433
|
resp_ok: 'RPRT 0'
|
data/etc/pwn.yaml.EXAMPLE
CHANGED
data/lib/pwn/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: pwn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.5.
|
4
|
+
version: 0.5.62
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- 0day Inc.
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2024-03-
|
11
|
+
date: 2024-03-25 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|
@@ -114,14 +114,14 @@ dependencies:
|
|
114
114
|
requirements:
|
115
115
|
- - ">="
|
116
116
|
- !ruby/object:Gem::Version
|
117
|
-
version: 2.5.
|
117
|
+
version: 2.5.7
|
118
118
|
type: :development
|
119
119
|
prerelease: false
|
120
120
|
version_requirements: !ruby/object:Gem::Requirement
|
121
121
|
requirements:
|
122
122
|
- - ">="
|
123
123
|
- !ruby/object:Gem::Version
|
124
|
-
version: 2.5.
|
124
|
+
version: 2.5.7
|
125
125
|
- !ruby/object:Gem::Dependency
|
126
126
|
name: bundler-audit
|
127
127
|
requirement: !ruby/object:Gem::Requirement
|
@@ -758,14 +758,14 @@ dependencies:
|
|
758
758
|
requirements:
|
759
759
|
- - '='
|
760
760
|
- !ruby/object:Gem::Version
|
761
|
-
version: 6.6.
|
761
|
+
version: 6.6.3.1
|
762
762
|
type: :development
|
763
763
|
prerelease: false
|
764
764
|
version_requirements: !ruby/object:Gem::Requirement
|
765
765
|
requirements:
|
766
766
|
- - '='
|
767
767
|
- !ruby/object:Gem::Version
|
768
|
-
version: 6.6.
|
768
|
+
version: 6.6.3.1
|
769
769
|
- !ruby/object:Gem::Dependency
|
770
770
|
name: rest-client
|
771
771
|
requirement: !ruby/object:Gem::Requirement
|
@@ -2252,7 +2252,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
2252
2252
|
- !ruby/object:Gem::Version
|
2253
2253
|
version: '0'
|
2254
2254
|
requirements: []
|
2255
|
-
rubygems_version: 3.5.
|
2255
|
+
rubygems_version: 3.5.7
|
2256
2256
|
signing_key:
|
2257
2257
|
specification_version: 4
|
2258
2258
|
summary: Automated Security Testing for CI/CD Pipelines & Beyond
|