pwn 0.5.62 → 0.5.63

Sign up to get free protection for your applications and to get access to all the features.
Files changed (14) hide show
  1. checksums.yaml +4 -4
  2. data/.rubocop_todo.yml +8 -13
  3. data/Gemfile +1 -1
  4. data/README.md +3 -3
  5. data/bin/pwn +7 -7
  6. data/etc/pwn.yaml.EXAMPLE +1 -1
  7. data/lib/pwn/plugins/ollama.rb +853 -0
  8. data/lib/pwn/plugins/vault.rb +199 -0
  9. data/lib/pwn/plugins.rb +2 -1
  10. data/lib/pwn/version.rb +1 -1
  11. data/spec/lib/pwn/plugins/{ansible_vault_spec.rb → ollama_spec.rb} +3 -3
  12. data/spec/lib/pwn/plugins/vault_spec.rb +15 -0
  13. metadata +8 -6
  14. data/lib/pwn/plugins/ansible_vault.rb +0 -73
data/lib/pwn/plugins/vault.rb ADDED
@@ -0,0 +1,199 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'base64'
4
+ require 'openssl'
5
+ require 'yaml'
6
+
7
+ module PWN
8
+ module Plugins
9
+ # Used to encrypt/decrypt configuration files leveraging AES256
10
+ module Vault
11
+ # Supported Method Parameters::
12
+ # PWN::Plugins::Vault.create(
13
+ # file: 'required - encrypted file to create'
14
+ # )
15
+
16
+ public_class_method def self.create(opts = {})
17
+ file = opts[:file].to_s.scrub if File.exist?(opts[:file].to_s.scrub)
18
+
19
+ cipher = OpenSSL::Cipher.new('aes-256-cbc')
20
+ key = Base64.strict_encode64(cipher.random_key)
21
+ iv = Base64.strict_encode64(cipher.random_iv)
22
+
23
+ puts 'Please store the Key && IV in a secure location as they are required for decryption.'
24
+ puts "Key: #{key}"
25
+ puts "IV: #{iv}"
26
+
27
+ encrypt(
28
+ file: file,
29
+ key: key,
30
+ iv: iv
31
+ )
32
+ rescue StandardError => e
33
+ raise e
34
+ end
35
+
36
+ # Supported Method Parameters::
37
+ # PWN::Plugins::Vault.decrypt(
38
+ # file: 'required - file to encrypt',
39
+ # key: 'required - key to decrypt',
40
+ # iv: 'required - iv to decrypt'
41
+ # )
42
+
43
+ public_class_method def self.decrypt(opts = {})
44
+ file = opts[:file].to_s.scrub if File.exist?(opts[:file].to_s.scrub)
45
+ key = opts[:key]
46
+ iv = opts[:iv]
47
+
48
+ raise 'ERROR: key and iv parameters are required.' if key.nil? || iv.nil?
49
+
50
+ cipher = OpenSSL::Cipher.new('aes-256-cbc')
51
+ cipher.decrypt
52
+ cipher.key = Base64.strict_decode64(key)
53
+ cipher.iv = Base64.strict_decode64(iv)
54
+
55
+ b64_decoded_file_contents = Base64.strict_decode64(File.read(file))
56
+ plain_text = cipher.update(b64_decoded_file_contents) + cipher.final
57
+
58
+ File.write(file, plain_text)
59
+ rescue StandardError => e
60
+ raise e
61
+ end
62
+
63
+ # Supported Method Parameters::
64
+ # PWN::Plugins::Vault.dump(
65
+ # file: 'required - file to encrypt',
66
+ # key: 'required - key to decrypt',
67
+ # iv: 'required - iv to decrypt'
68
+ # )
69
+
70
+ def self.dump(opts = {})
71
+ file = opts[:file].to_s.scrub if File.exist?(opts[:file].to_s.scrub)
72
+ key = opts[:key]
73
+ iv = opts[:iv]
74
+
75
+ decrypt(
76
+ file: file,
77
+ key: key,
78
+ iv: iv
79
+ )
80
+
81
+ puts File.read(file)
82
+
83
+ encrypt(
84
+ file: file,
85
+ key: key,
86
+ iv: iv
87
+ )
88
+ rescue StandardError => e
89
+ raise e
90
+ end
91
+
92
+ # Supported Method Parameters::
93
+ # PWN::Plugins::Vault.edit(
94
+ # file: 'required - file to encrypt',
95
+ # key: 'required - key to decrypt',
96
+ # iv: 'required - iv to decrypt'
97
+ # )
98
+
99
+ def self.edit(opts = {})
100
+ file = opts[:file].to_s.scrub if File.exist?(opts[:file].to_s.scrub)
101
+ key = opts[:key]
102
+ iv = opts[:iv]
103
+ editor = opts[:editor] ||= '/usr/bin/vim'
104
+
105
+ decrypt(
106
+ file: file,
107
+ key: key,
108
+ iv: iv
109
+ )
110
+
111
+ raise 'ERROR: Editor not found.' unless File.exist?(editor)
112
+
113
+ # Get realtive editor in case aliases are used
114
+ relative_editor = File.basename(editor)
115
+ system(relative_editor, file)
116
+
117
+ encrypt(
118
+ file: file,
119
+ key: key,
120
+ iv: iv
121
+ )
122
+ rescue StandardError => e
123
+ raise e
124
+ end
125
+
126
+ # Supported Method Parameters::
127
+ # PWN::Plugins::Vault.encrypt(
128
+ # file: 'required - file to encrypt',
129
+ # key: 'required - key to decrypt',
130
+ # iv: 'required - iv to decrypt'
131
+ # )
132
+
133
+ public_class_method def self.encrypt(opts = {})
134
+ file = opts[:file].to_s.scrub if File.exist?(opts[:file].to_s.scrub)
135
+ key = opts[:key]
136
+ iv = opts[:iv]
137
+
138
+ raise 'ERROR: key and iv parameters are required.' if key.nil? || iv.nil?
139
+
140
+ cipher = OpenSSL::Cipher.new('aes-256-cbc')
141
+ cipher.encrypt
142
+ cipher.key = Base64.strict_decode64(key)
143
+ cipher.iv = Base64.strict_decode64(iv)
144
+
145
+ data = File.read(file)
146
+ encrypted = cipher.update(data) + cipher.final
147
+ encrypted_string = Base64.strict_encode64(encrypted)
148
+
149
+ File.write(file, encrypted_string)
150
+ rescue StandardError => e
151
+ raise e
152
+ end
153
+
154
+ # Author(s):: 0day Inc. <request.pentest@0dayinc.com>
155
+
156
+ public_class_method def self.authors
157
+ "AUTHOR(S):
158
+ 0day Inc. <request.pentest@0dayinc.com>
159
+ "
160
+ end
161
+
162
+ # Display Usage for this Module
163
+
164
+ public_class_method def self.help
165
+ puts "USAGE:
166
+ #{self}.create(
167
+ file: 'required - file to encrypt'
168
+ )
169
+
170
+ #{self}.decrypt(
171
+ file: 'required - file to encrypt',
172
+ key: 'required - key to decrypt',
173
+ iv: 'required - iv to decrypt'
174
+ )
175
+
176
+ #{self}.dump(
177
+ file: 'required - file to encrypt',
178
+ key: 'required - key to decrypt',
179
+ iv: 'required - iv to decrypt'
180
+ )
181
+
182
+ #{self}.edit(
183
+ file: 'required - file to encrypt',
184
+ key: 'required - key to decrypt',
185
+ iv: 'required - iv to decrypt'
186
+ )
187
+
188
+ #{self}.encrypt(
189
+ file: 'required - file to encrypt',
190
+ key: 'required - key to decrypt',
191
+ iv: 'required - iv to decrypt'
192
+ )
193
+
194
+ #{self}.authors
195
+ "
196
+ end
197
+ end
198
+ end
199
+ end
data/lib/pwn/plugins.rb CHANGED
@@ -6,7 +6,6 @@ module PWN
6
6
  # http://www.rubyinside.com/ruby-techniques-revealed-autoload-1652.html
7
7
  module Plugins
8
8
  autoload :Android, 'pwn/plugins/android'
9
- autoload :AnsibleVault, 'pwn/plugins/ansible_vault'
10
9
  autoload :Assembly, 'pwn/plugins/assembly'
11
10
  autoload :AuthenticationHelper, 'pwn/plugins/authentication_helper'
12
11
  autoload :BareSIP, 'pwn/plugins/baresip'
@@ -44,6 +43,7 @@ module PWN
44
43
  autoload :NmapIt, 'pwn/plugins/nmap_it'
45
44
  autoload :OAuth2, 'pwn/plugins/oauth2'
46
45
  autoload :OCR, 'pwn/plugins/ocr'
46
+ autoload :Ollama, 'pwn/plugins/ollama'
47
47
  autoload :OpenAI, 'pwn/plugins/open_ai'
48
48
  autoload :OpenVAS, 'pwn/plugins/openvas'
49
49
  autoload :OwaspZap, 'pwn/plugins/owasp_zap'
@@ -66,6 +66,7 @@ module PWN
66
66
  autoload :TransparentBrowser, 'pwn/plugins/transparent_browser'
67
67
  autoload :TwitterAPI, 'pwn/plugins/twitter_api'
68
68
  autoload :URIScheme, 'pwn/plugins/uri_scheme'
69
+ autoload :Vault, 'pwn/plugins/vault'
69
70
  autoload :Voice, 'pwn/plugins/voice'
70
71
  autoload :Vsphere, 'pwn/plugins/vsphere'
71
72
  autoload :XXD, 'pwn/plugins/xxd'
data/lib/pwn/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module PWN
4
- VERSION = '0.5.62'
4
+ VERSION = '0.5.63'
5
5
  end
data/spec/lib/pwn/plugins/{ansible_vault_spec.rb → ollama_spec.rb} RENAMED
@@ -2,14 +2,14 @@
2
2
 
3
3
  require 'spec_helper'
4
4
 
5
- describe PWN::Plugins::AnsibleVault do
5
+ describe PWN::Plugins::Ollama do
6
6
  it 'should display information for authors' do
7
- authors_response = PWN::Plugins::AnsibleVault
7
+ authors_response = PWN::Plugins::Ollama
8
8
  expect(authors_response).to respond_to :authors
9
9
  end
10
10
 
11
11
  it 'should display information for existing help method' do
12
- help_response = PWN::Plugins::AnsibleVault
12
+ help_response = PWN::Plugins::Ollama
13
13
  expect(help_response).to respond_to :help
14
14
  end
15
15
  end
data/spec/lib/pwn/plugins/vault_spec.rb ADDED
@@ -0,0 +1,15 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'spec_helper'
4
+
5
+ describe PWN::Plugins::Vault do
6
+ it 'should display information for authors' do
7
+ authors_response = PWN::Plugins::Vault
8
+ expect(authors_response).to respond_to :authors
9
+ end
10
+
11
+ it 'should display information for existing help method' do
12
+ help_response = PWN::Plugins::Vault
13
+ expect(help_response).to respond_to :help
14
+ end
15
+ end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pwn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.5.62
4
+ version: 0.5.63
5
5
  platform: ruby
6
6
  authors:
7
7
  - 0day Inc.
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-03-25 00:00:00.000000000 Z
11
+ date: 2024-03-26 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -212,14 +212,14 @@ dependencies:
212
212
  requirements:
213
213
  - - '='
214
214
  - !ruby/object:Gem::Version
215
- version: 3.2.3
215
+ version: 3.3.0
216
216
  type: :runtime
217
217
  prerelease: false
218
218
  version_requirements: !ruby/object:Gem::Requirement
219
219
  requirements:
220
220
  - - '='
221
221
  - !ruby/object:Gem::Version
222
- version: 3.2.3
222
+ version: 3.3.0
223
223
  - !ruby/object:Gem::Dependency
224
224
  name: faye-websocket
225
225
  requirement: !ruby/object:Gem::Requirement
@@ -1736,7 +1736,6 @@ files:
1736
1736
  - lib/pwn/ffi.rb
1737
1737
  - lib/pwn/plugins.rb
1738
1738
  - lib/pwn/plugins/android.rb
1739
- - lib/pwn/plugins/ansible_vault.rb
1740
1739
  - lib/pwn/plugins/assembly.rb
1741
1740
  - lib/pwn/plugins/authentication_helper.rb
1742
1741
  - lib/pwn/plugins/baresip.rb
@@ -1773,6 +1772,7 @@ files:
1773
1772
  - lib/pwn/plugins/nmap_it.rb
1774
1773
  - lib/pwn/plugins/oauth2.rb
1775
1774
  - lib/pwn/plugins/ocr.rb
1775
+ - lib/pwn/plugins/ollama.rb
1776
1776
  - lib/pwn/plugins/open_ai.rb
1777
1777
  - lib/pwn/plugins/openvas.rb
1778
1778
  - lib/pwn/plugins/owasp_zap.rb
@@ -1796,6 +1796,7 @@ files:
1796
1796
  - lib/pwn/plugins/transparent_browser.rb
1797
1797
  - lib/pwn/plugins/twitter_api.rb
1798
1798
  - lib/pwn/plugins/uri_scheme.rb
1799
+ - lib/pwn/plugins/vault.rb
1799
1800
  - lib/pwn/plugins/voice.rb
1800
1801
  - lib/pwn/plugins/vsphere.rb
1801
1802
  - lib/pwn/plugins/xxd.rb
@@ -2062,7 +2063,6 @@ files:
2062
2063
  - spec/lib/pwn/banner_spec.rb
2063
2064
  - spec/lib/pwn/ffi_spec.rb
2064
2065
  - spec/lib/pwn/plugins/android_spec.rb
2065
- - spec/lib/pwn/plugins/ansible_vault_spec.rb
2066
2066
  - spec/lib/pwn/plugins/assembly_spec.rb
2067
2067
  - spec/lib/pwn/plugins/authentication_helper_spec.rb
2068
2068
  - spec/lib/pwn/plugins/baresip_spec.rb
@@ -2099,6 +2099,7 @@ files:
2099
2099
  - spec/lib/pwn/plugins/nmap_it_spec.rb
2100
2100
  - spec/lib/pwn/plugins/oauth2_spec.rb
2101
2101
  - spec/lib/pwn/plugins/ocr_spec.rb
2102
+ - spec/lib/pwn/plugins/ollama_spec.rb
2102
2103
  - spec/lib/pwn/plugins/open_ai_spec.rb
2103
2104
  - spec/lib/pwn/plugins/openvas_spec.rb
2104
2105
  - spec/lib/pwn/plugins/owasp_zap_spec.rb
@@ -2122,6 +2123,7 @@ files:
2122
2123
  - spec/lib/pwn/plugins/transparent_browser_spec.rb
2123
2124
  - spec/lib/pwn/plugins/twitter_api_spec.rb
2124
2125
  - spec/lib/pwn/plugins/uri_scheme_spec.rb
2126
+ - spec/lib/pwn/plugins/vault_spec.rb
2125
2127
  - spec/lib/pwn/plugins/voice_spec.rb
2126
2128
  - spec/lib/pwn/plugins/vsphere_spec.rb
2127
2129
  - spec/lib/pwn/plugins/xxd_spec.rb
data/lib/pwn/plugins/ansible_vault.rb DELETED
@@ -1,73 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require 'yaml'
4
- module PWN
5
- module Plugins
6
- # Used to encrypt/decrypt configuration files leveraging AES256
7
- # (ansible-vault utility wrapper)
8
- module AnsibleVault
9
- # Supported Method Parameters::
10
- # PWN::Plugins::AnsibleVault.encrypt(
11
- # yaml_config: 'required - yaml config to encrypt',
12
- # vpassfile: 'required - path to anisble-vault pass file'
13
- # )
14
-
15
- public_class_method def self.encrypt(opts = {})
16
- yaml_config = opts[:yaml_config].to_s.scrub if File.exist?(opts[:yaml_config].to_s.scrub)
17
- vpassfile = opts[:vpassfile].to_s.scrub if File.exist?(opts[:vpassfile].to_s.scrub)
18
-
19
- `sudo ansible-vault encrypt #{yaml_config} --vault-password-file #{vpassfile}`
20
- rescue StandardError => e
21
- raise e
22
- end
23
-
24
- # Supported Method Parameters::
25
- # PWN::Plugins::AnsibleVault.decrypt(
26
- # yaml_config: 'required - yaml config to decrypt',
27
- # vpassfile: 'required - path to anisble-vault pass file'
28
- # )
29
-
30
- public_class_method def self.decrypt(opts = {})
31
- yaml_config = opts[:yaml_config].to_s.scrub if File.exist?(opts[:yaml_config].to_s.scrub)
32
- vpassfile = opts[:vpassfile].to_s.scrub if File.exist?(opts[:vpassfile].to_s.scrub)
33
-
34
- if File.extname(yaml_config) == '.yaml'
35
- config_resp = YAML.safe_load(`sudo ansible-vault view #{yaml_config} --vault-password-file #{vpassfile}`)
36
- else
37
- config_resp = `sudo ansible-vault view #{yaml_config} --vault-password-file #{vpassfile}`
38
- end
39
-
40
- config_resp
41
- rescue StandardError => e
42
- raise e
43
- end
44
-
45
- # Author(s):: 0day Inc. <request.pentest@0dayinc.com>
46
-
47
- public_class_method def self.authors
48
- "AUTHOR(S):
49
- 0day Inc. <request.pentest@0dayinc.com>
50
- "
51
- end
52
-
53
- # Display Usage for this Module
54
-
55
- public_class_method def self.help
56
- puts "USAGE:
57
-
58
- #{self}.encrypt(
59
- yaml_config: 'required - yaml config to encrypt',
60
- vpassfile: 'required - path to anisble-vault pass file'
61
- )
62
-
63
- #{self}.decrypt(
64
- yaml_config: 'required - yaml config to decrypt',
65
- vpassfile: 'required - path to anisble-vault pass file'
66
- )
67
-
68
- #{self}.authors
69
- "
70
- end
71
- end
72
- end
73
- end