pwn 0.5.62 → 0.5.64
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rubocop_todo.yml +8 -13
- data/Gemfile +1 -1
- data/README.md +3 -3
- data/bin/pwn +49 -9
- data/etc/pwn.decryptor.yaml.EXAMPLE +2 -0
- data/etc/pwn.yaml.EXAMPLE +2 -1
- data/lib/pwn/plugins/ollama.rb +853 -0
- data/lib/pwn/plugins/vault.rb +239 -0
- data/lib/pwn/plugins.rb +2 -1
- data/lib/pwn/version.rb +1 -1
- data/spec/lib/pwn/plugins/{ansible_vault_spec.rb → ollama_spec.rb} +3 -3
- data/spec/lib/pwn/plugins/vault_spec.rb +15 -0
- metadata +9 -6
- data/lib/pwn/plugins/ansible_vault.rb +0 -73
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: c42962690f6fcba146756b708712680aa0f82bdcc83085bdb28f004206e069c0
|
4
|
+
data.tar.gz: 524d051208dde3344f8878474b36b5418ccbe300547f846398cab16236344c35
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: ead15133e412b3bad3871b31fb7fe6db531f9cdb729f83ea46b51d8f5f4311a6394097e6b27352abc1d8755338cb8f78e0abf84aa94ef258973dbc89db355421
|
7
|
+
data.tar.gz: 903fbff707e0166a55169ab78d955e42ae0582b48a507893b91ba0ad530bf840e180fc2ac9d06de9cc8f7c2de7f9fdd5d9638735caf3041107875c9602be32b2
|
data/.rubocop_todo.yml
CHANGED
@@ -1,18 +1,11 @@
|
|
1
1
|
# This configuration was generated by
|
2
2
|
# `rubocop --auto-gen-config`
|
3
|
-
# on 2024-03-
|
3
|
+
# on 2024-03-25 22:25:57 UTC using RuboCop version 1.62.1.
|
4
4
|
# The point is for the user to remove these configuration records
|
5
5
|
# one by one as the offenses are removed from the code base.
|
6
6
|
# Note that changes in the inspected code, or installation of new
|
7
7
|
# versions of RuboCop, may require this file to be generated again.
|
8
8
|
|
9
|
-
# Offense count: 1
|
10
|
-
# Configuration parameters: Severity, Include.
|
11
|
-
# Include: **/*.gemspec
|
12
|
-
Gemspec/RequiredRubyVersion:
|
13
|
-
Exclude:
|
14
|
-
- 'pwn.gemspec'
|
15
|
-
|
16
9
|
# Offense count: 5
|
17
10
|
# This cop supports safe autocorrection (--autocorrect).
|
18
11
|
# Configuration parameters: EnforcedStyle.
|
@@ -24,7 +17,7 @@ Layout/LineContinuationSpacing:
|
|
24
17
|
- 'packer/provisioners/wpscan.rb'
|
25
18
|
- 'vagrant/provisioners/beef.rb'
|
26
19
|
|
27
|
-
# Offense count:
|
20
|
+
# Offense count: 24
|
28
21
|
# This cop supports safe autocorrection (--autocorrect).
|
29
22
|
# Configuration parameters: Max, AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, AllowedPatterns.
|
30
23
|
# URISchemes: http, https
|
@@ -34,6 +27,7 @@ Layout/LineLength:
|
|
34
27
|
- 'bin/pwn_diff_csv_files_w_column_exclude'
|
35
28
|
- 'lib/pwn/banner/jmp_esp.rb'
|
36
29
|
- 'lib/pwn/plugins/mail_agent.rb'
|
30
|
+
- 'lib/pwn/plugins/ollama.rb'
|
37
31
|
- 'lib/pwn/plugins/open_ai.rb'
|
38
32
|
- 'lib/pwn/reports/fuzz.rb'
|
39
33
|
- 'lib/pwn/reports/phone.rb'
|
@@ -41,7 +35,7 @@ Layout/LineLength:
|
|
41
35
|
- 'lib/pwn/reports/uri_buster.rb'
|
42
36
|
- 'lib/pwn/sast/banned_function_calls_c.rb'
|
43
37
|
|
44
|
-
# Offense count:
|
38
|
+
# Offense count: 311
|
45
39
|
# This cop supports unsafe autocorrection (--autocorrect-all).
|
46
40
|
# Configuration parameters: AutoCorrect.
|
47
41
|
Lint/UselessAssignment:
|
@@ -80,7 +74,7 @@ Metrics/MethodLength:
|
|
80
74
|
Exclude:
|
81
75
|
- 'lib/pwn/banner/code_cave.rb'
|
82
76
|
|
83
|
-
# Offense count:
|
77
|
+
# Offense count: 9
|
84
78
|
# Configuration parameters: CountComments, Max, CountAsOne.
|
85
79
|
Metrics/ModuleLength:
|
86
80
|
Exclude:
|
@@ -90,6 +84,7 @@ Metrics/ModuleLength:
|
|
90
84
|
- 'lib/pwn/plugins/ibm_appscan.rb'
|
91
85
|
- 'lib/pwn/plugins/msr206.rb'
|
92
86
|
- 'lib/pwn/plugins/nessus_cloud.rb'
|
87
|
+
- 'lib/pwn/plugins/ollama.rb'
|
93
88
|
- 'lib/pwn/plugins/open_ai.rb'
|
94
89
|
- 'lib/pwn/plugins/packet.rb'
|
95
90
|
|
@@ -97,7 +92,7 @@ Metrics/ModuleLength:
|
|
97
92
|
Style/ClassVars:
|
98
93
|
Enabled: false
|
99
94
|
|
100
|
-
# Offense count:
|
95
|
+
# Offense count: 278
|
101
96
|
# This cop supports safe autocorrection (--autocorrect).
|
102
97
|
# Configuration parameters: EnforcedStyle, SingleLineConditionsOnly, IncludeTernaryExpressions.
|
103
98
|
# SupportedStyles: assign_to_condition, assign_inside_condition
|
@@ -134,7 +129,7 @@ Style/RedundantStringEscape:
|
|
134
129
|
- 'lib/pwn/sast/redos.rb'
|
135
130
|
- 'vagrant/provisioners/kali_customize.rb'
|
136
131
|
|
137
|
-
# Offense count:
|
132
|
+
# Offense count: 51
|
138
133
|
# This cop supports unsafe autocorrection (--autocorrect-all).
|
139
134
|
Style/SlicingWithRange:
|
140
135
|
Enabled: false
|
data/Gemfile
CHANGED
data/README.md
CHANGED
@@ -37,7 +37,7 @@ $ cd /opt/pwn
|
|
37
37
|
$ ./install.sh
|
38
38
|
$ ./install.sh ruby-gem
|
39
39
|
$ pwn
|
40
|
-
pwn[v0.5.
|
40
|
+
pwn[v0.5.64]:001 >>> PWN.help
|
41
41
|
```
|
42
42
|
|
43
43
|
[![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.3.0@pwn
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
53
53
|
$ gem install --verbose pwn
|
54
54
|
$ pwn
|
55
|
-
pwn[v0.5.
|
55
|
+
pwn[v0.5.64]:001 >>> PWN.help
|
56
56
|
```
|
57
57
|
|
58
58
|
If you're using a multi-user install of RVM do:
|
@@ -62,7 +62,7 @@ $ rvm use ruby-3.3.0@pwn
|
|
62
62
|
$ rvmsudo gem uninstall --all --executables pwn
|
63
63
|
$ rvmsudo gem install --verbose pwn
|
64
64
|
$ pwn
|
65
|
-
pwn[v0.5.
|
65
|
+
pwn[v0.5.64]:001 >>> PWN.help
|
66
66
|
```
|
67
67
|
|
68
68
|
PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
|
data/bin/pwn
CHANGED
@@ -1,6 +1,7 @@
|
|
1
1
|
#!/usr/bin/env ruby
|
2
2
|
# frozen_string_literal: true
|
3
3
|
|
4
|
+
require 'base64'
|
4
5
|
require 'optparse'
|
5
6
|
require 'pwn'
|
6
7
|
require 'pry'
|
@@ -13,12 +14,31 @@ OptionParser.new do |options|
|
|
13
14
|
#{$PROGRAM_NAME} [opts]
|
14
15
|
"
|
15
16
|
|
16
|
-
options.on('-cPATH', '--yaml-config=PATH', '<Optional -
|
17
|
+
options.on('-cPATH', '--yaml-config=PATH', '<Optional - PWN YAML File>') do |p|
|
17
18
|
opts[:yaml_config_path] = p
|
18
19
|
end
|
20
|
+
|
21
|
+
options.on('-dPATH', '--decryptor=PATH', '<Optional - File Containing Decryption Key && IV>') do |d|
|
22
|
+
opts[:decryption_file] = d
|
23
|
+
end
|
24
|
+
|
25
|
+
options.on('-kKEY', '--decryption-key=KEY', '<Optional - Decryption Key>') do |k|
|
26
|
+
opts[:key] = k
|
27
|
+
end
|
28
|
+
|
29
|
+
options.on('-iIV', '--decryption-iv=PATH', '<Optional - Decryption IV>') do |i|
|
30
|
+
opts[:iv] = i
|
31
|
+
end
|
19
32
|
end.parse!
|
20
33
|
|
21
34
|
begin
|
35
|
+
def yaml_config_encrypted?(opts = {})
|
36
|
+
config = opts[:config]
|
37
|
+
|
38
|
+
config_contents = File.read(config)
|
39
|
+
config_contents.is_a?(String) && Base64.strict_encode64(Base64.decode64(config_contents)) == config_contents
|
40
|
+
end
|
41
|
+
|
22
42
|
def cleanup_pids(opts = {})
|
23
43
|
pids_arr = opts[:pids_arr]
|
24
44
|
|
@@ -288,8 +308,28 @@ begin
|
|
288
308
|
Pry.config.hooks.add_hook(:before_session, :init_opts) do |_output, _binding, pi|
|
289
309
|
if opts[:yaml_config_path] && File.exist?(opts[:yaml_config_path])
|
290
310
|
yaml_config_path = opts[:yaml_config_path]
|
291
|
-
|
292
|
-
|
311
|
+
is_encrypted = yaml_config_encrypted?(config: yaml_config_path)
|
312
|
+
|
313
|
+
if is_encrypted
|
314
|
+
# TODO: Implement "something you know, something you have, && something you are?"
|
315
|
+
decryption_file = opts[:decryption_file] ||= "#{ENV.fetch('HOME')}/pwn.decryptor.yaml"
|
316
|
+
raise "ERROR: Decryption file not found at #{decryption_file}" unless File.exist?(decryption_file)
|
317
|
+
|
318
|
+
yaml_decryptor = YAML.load_file(decryption_file, symbolize_names: true)
|
319
|
+
key = opts[:key] ||= yaml_decryptor[:key]
|
320
|
+
iv = opts[:iv] ||= yaml_decryptor[:iv]
|
321
|
+
|
322
|
+
encrypted_config_dump = PWN::Plugins::Vault.dump(
|
323
|
+
file: yaml_config_path,
|
324
|
+
key: key,
|
325
|
+
iv: iv
|
326
|
+
)
|
327
|
+
yaml_config = YAML.load(encrypted_config_dump, symbolize_names: true)
|
328
|
+
else
|
329
|
+
yaml_config = YAML.load_file(yaml_config_path, symbolize_names: true)
|
330
|
+
end
|
331
|
+
|
332
|
+
pi.config.pwn_ai_key = yaml_config[:ai_key]
|
293
333
|
Pry.config.pwn_ai_key = pi.config.pwn_ai_key
|
294
334
|
end
|
295
335
|
end
|
@@ -326,19 +366,19 @@ begin
|
|
326
366
|
if pi.config.pwn_ai && !request.chomp.empty?
|
327
367
|
request = pi.input.line_buffer.to_s
|
328
368
|
debug = pi.config.pwn_ai_debug
|
329
|
-
|
330
|
-
|
331
|
-
if
|
332
|
-
|
369
|
+
ai_key = pi.config.pwn_ai_key
|
370
|
+
ai_key ||= ''
|
371
|
+
if ai_key.empty?
|
372
|
+
ai_key = PWN::Plugins::AuthenticationHelper.mask_password(
|
333
373
|
prompt: 'OpenAI API Key'
|
334
374
|
)
|
335
|
-
pi.config.pwn_ai_key =
|
375
|
+
pi.config.pwn_ai_key = ai_key
|
336
376
|
end
|
337
377
|
|
338
378
|
response_history = pi.config.pwn_ai_response_history
|
339
379
|
speak_answer = pi.config.pwn_ai_speak
|
340
380
|
response = PWN::Plugins::OpenAI.chat(
|
341
|
-
token:
|
381
|
+
token: ai_key,
|
342
382
|
request: request.chomp,
|
343
383
|
temp: 1,
|
344
384
|
response_history: response_history,
|
data/etc/pwn.yaml.EXAMPLE
CHANGED