pwn 0.5.63 → 0.5.64
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +3 -3
- data/bin/pwn +42 -2
- data/etc/pwn.decryptor.yaml.EXAMPLE +2 -0
- data/etc/pwn.yaml.EXAMPLE +1 -0
- data/lib/pwn/plugins/vault.rb +49 -9
- data/lib/pwn/version.rb +1 -1
- metadata +2 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c42962690f6fcba146756b708712680aa0f82bdcc83085bdb28f004206e069c0
|
|
4
|
+
data.tar.gz: 524d051208dde3344f8878474b36b5418ccbe300547f846398cab16236344c35
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ead15133e412b3bad3871b31fb7fe6db531f9cdb729f83ea46b51d8f5f4311a6394097e6b27352abc1d8755338cb8f78e0abf84aa94ef258973dbc89db355421
|
|
7
|
+
data.tar.gz: 903fbff707e0166a55169ab78d955e42ae0582b48a507893b91ba0ad530bf840e180fc2ac9d06de9cc8f7c2de7f9fdd5d9638735caf3041107875c9602be32b2
|
data/README.md
CHANGED
|
@@ -37,7 +37,7 @@ $ cd /opt/pwn
|
|
|
37
37
|
$ ./install.sh
|
|
38
38
|
$ ./install.sh ruby-gem
|
|
39
39
|
$ pwn
|
|
40
|
-
pwn[v0.5.
|
|
40
|
+
pwn[v0.5.64]:001 >>> PWN.help
|
|
41
41
|
```
|
|
42
42
|
|
|
43
43
|
[](https://youtu.be/G7iLUY4FzsI)
|
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.3.0@pwn
|
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
|
53
53
|
$ gem install --verbose pwn
|
|
54
54
|
$ pwn
|
|
55
|
-
pwn[v0.5.
|
|
55
|
+
pwn[v0.5.64]:001 >>> PWN.help
|
|
56
56
|
```
|
|
57
57
|
|
|
58
58
|
If you're using a multi-user install of RVM do:
|
|
@@ -62,7 +62,7 @@ $ rvm use ruby-3.3.0@pwn
|
|
|
62
62
|
$ rvmsudo gem uninstall --all --executables pwn
|
|
63
63
|
$ rvmsudo gem install --verbose pwn
|
|
64
64
|
$ pwn
|
|
65
|
-
pwn[v0.5.
|
|
65
|
+
pwn[v0.5.64]:001 >>> PWN.help
|
|
66
66
|
```
|
|
67
67
|
|
|
68
68
|
PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
|
data/bin/pwn
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
#!/usr/bin/env ruby
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
|
+
require 'base64'
|
|
4
5
|
require 'optparse'
|
|
5
6
|
require 'pwn'
|
|
6
7
|
require 'pry'
|
|
@@ -13,12 +14,31 @@ OptionParser.new do |options|
|
|
|
13
14
|
#{$PROGRAM_NAME} [opts]
|
|
14
15
|
"
|
|
15
16
|
|
|
16
|
-
options.on('-cPATH', '--yaml-config=PATH', '<Optional -
|
|
17
|
+
options.on('-cPATH', '--yaml-config=PATH', '<Optional - PWN YAML File>') do |p|
|
|
17
18
|
opts[:yaml_config_path] = p
|
|
18
19
|
end
|
|
20
|
+
|
|
21
|
+
options.on('-dPATH', '--decryptor=PATH', '<Optional - File Containing Decryption Key && IV>') do |d|
|
|
22
|
+
opts[:decryption_file] = d
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
options.on('-kKEY', '--decryption-key=KEY', '<Optional - Decryption Key>') do |k|
|
|
26
|
+
opts[:key] = k
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
options.on('-iIV', '--decryption-iv=PATH', '<Optional - Decryption IV>') do |i|
|
|
30
|
+
opts[:iv] = i
|
|
31
|
+
end
|
|
19
32
|
end.parse!
|
|
20
33
|
|
|
21
34
|
begin
|
|
35
|
+
def yaml_config_encrypted?(opts = {})
|
|
36
|
+
config = opts[:config]
|
|
37
|
+
|
|
38
|
+
config_contents = File.read(config)
|
|
39
|
+
config_contents.is_a?(String) && Base64.strict_encode64(Base64.decode64(config_contents)) == config_contents
|
|
40
|
+
end
|
|
41
|
+
|
|
22
42
|
def cleanup_pids(opts = {})
|
|
23
43
|
pids_arr = opts[:pids_arr]
|
|
24
44
|
|
|
@@ -288,7 +308,27 @@ begin
|
|
|
288
308
|
Pry.config.hooks.add_hook(:before_session, :init_opts) do |_output, _binding, pi|
|
|
289
309
|
if opts[:yaml_config_path] && File.exist?(opts[:yaml_config_path])
|
|
290
310
|
yaml_config_path = opts[:yaml_config_path]
|
|
291
|
-
|
|
311
|
+
is_encrypted = yaml_config_encrypted?(config: yaml_config_path)
|
|
312
|
+
|
|
313
|
+
if is_encrypted
|
|
314
|
+
# TODO: Implement "something you know, something you have, && something you are?"
|
|
315
|
+
decryption_file = opts[:decryption_file] ||= "#{ENV.fetch('HOME')}/pwn.decryptor.yaml"
|
|
316
|
+
raise "ERROR: Decryption file not found at #{decryption_file}" unless File.exist?(decryption_file)
|
|
317
|
+
|
|
318
|
+
yaml_decryptor = YAML.load_file(decryption_file, symbolize_names: true)
|
|
319
|
+
key = opts[:key] ||= yaml_decryptor[:key]
|
|
320
|
+
iv = opts[:iv] ||= yaml_decryptor[:iv]
|
|
321
|
+
|
|
322
|
+
encrypted_config_dump = PWN::Plugins::Vault.dump(
|
|
323
|
+
file: yaml_config_path,
|
|
324
|
+
key: key,
|
|
325
|
+
iv: iv
|
|
326
|
+
)
|
|
327
|
+
yaml_config = YAML.load(encrypted_config_dump, symbolize_names: true)
|
|
328
|
+
else
|
|
329
|
+
yaml_config = YAML.load_file(yaml_config_path, symbolize_names: true)
|
|
330
|
+
end
|
|
331
|
+
|
|
292
332
|
pi.config.pwn_ai_key = yaml_config[:ai_key]
|
|
293
333
|
Pry.config.pwn_ai_key = pi.config.pwn_ai_key
|
|
294
334
|
end
|
data/etc/pwn.yaml.EXAMPLE
CHANGED
data/lib/pwn/plugins/vault.rb
CHANGED
|
@@ -8,6 +8,31 @@ module PWN
|
|
|
8
8
|
module Plugins
|
|
9
9
|
# Used to encrypt/decrypt configuration files leveraging AES256
|
|
10
10
|
module Vault
|
|
11
|
+
# Supported Method Parameters::
|
|
12
|
+
# PWN::Plugins::Vault.change_encryption_secrets(
|
|
13
|
+
# file: 'required - file to encrypt with new key and iv',
|
|
14
|
+
# key: 'required - key to decrypt',
|
|
15
|
+
# iv: 'required - iv to decrypt'
|
|
16
|
+
# )
|
|
17
|
+
|
|
18
|
+
def self.change_encryption_secrets(opts = {})
|
|
19
|
+
file = opts[:file].to_s.scrub if File.exist?(opts[:file].to_s.scrub)
|
|
20
|
+
key = opts[:key]
|
|
21
|
+
iv = opts[:iv]
|
|
22
|
+
|
|
23
|
+
decrypt(
|
|
24
|
+
file: file,
|
|
25
|
+
key: key,
|
|
26
|
+
iv: iv
|
|
27
|
+
)
|
|
28
|
+
|
|
29
|
+
create(
|
|
30
|
+
file: file
|
|
31
|
+
)
|
|
32
|
+
rescue StandardError => e
|
|
33
|
+
raise e
|
|
34
|
+
end
|
|
35
|
+
|
|
11
36
|
# Supported Method Parameters::
|
|
12
37
|
# PWN::Plugins::Vault.create(
|
|
13
38
|
# file: 'required - encrypted file to create'
|
|
@@ -35,7 +60,7 @@ module PWN
|
|
|
35
60
|
|
|
36
61
|
# Supported Method Parameters::
|
|
37
62
|
# PWN::Plugins::Vault.decrypt(
|
|
38
|
-
# file: 'required - file to
|
|
63
|
+
# file: 'required - file to decrypt',
|
|
39
64
|
# key: 'required - key to decrypt',
|
|
40
65
|
# iv: 'required - iv to decrypt'
|
|
41
66
|
# )
|
|
@@ -62,15 +87,17 @@ module PWN
|
|
|
62
87
|
|
|
63
88
|
# Supported Method Parameters::
|
|
64
89
|
# PWN::Plugins::Vault.dump(
|
|
65
|
-
# file: 'required - file to
|
|
90
|
+
# file: 'required - file to dump',
|
|
66
91
|
# key: 'required - key to decrypt',
|
|
67
|
-
# iv: 'required - iv to decrypt'
|
|
92
|
+
# iv: 'required - iv to decrypt',
|
|
93
|
+
# search: 'optional - search for a specific string'
|
|
68
94
|
# )
|
|
69
95
|
|
|
70
96
|
def self.dump(opts = {})
|
|
71
97
|
file = opts[:file].to_s.scrub if File.exist?(opts[:file].to_s.scrub)
|
|
72
98
|
key = opts[:key]
|
|
73
99
|
iv = opts[:iv]
|
|
100
|
+
search = opts[:search]
|
|
74
101
|
|
|
75
102
|
decrypt(
|
|
76
103
|
file: file,
|
|
@@ -78,20 +105,26 @@ module PWN
|
|
|
78
105
|
iv: iv
|
|
79
106
|
)
|
|
80
107
|
|
|
81
|
-
|
|
108
|
+
if search
|
|
109
|
+
file_dump = File.readlines(file).grep(/#{search}/)
|
|
110
|
+
else
|
|
111
|
+
file_dump = File.read(file)
|
|
112
|
+
end
|
|
82
113
|
|
|
83
114
|
encrypt(
|
|
84
115
|
file: file,
|
|
85
116
|
key: key,
|
|
86
117
|
iv: iv
|
|
87
118
|
)
|
|
119
|
+
|
|
120
|
+
file_dump
|
|
88
121
|
rescue StandardError => e
|
|
89
122
|
raise e
|
|
90
123
|
end
|
|
91
124
|
|
|
92
125
|
# Supported Method Parameters::
|
|
93
126
|
# PWN::Plugins::Vault.edit(
|
|
94
|
-
# file: 'required - file to
|
|
127
|
+
# file: 'required - file to edit',
|
|
95
128
|
# key: 'required - key to decrypt',
|
|
96
129
|
# iv: 'required - iv to decrypt'
|
|
97
130
|
# )
|
|
@@ -163,24 +196,31 @@ module PWN
|
|
|
163
196
|
|
|
164
197
|
public_class_method def self.help
|
|
165
198
|
puts "USAGE:
|
|
199
|
+
#{self}.change_encryption_secrets(
|
|
200
|
+
file: 'required - file to encrypt with new key and iv',
|
|
201
|
+
key: 'required - key to decrypt',
|
|
202
|
+
iv: 'required - iv to decrypt'
|
|
203
|
+
)
|
|
204
|
+
|
|
166
205
|
#{self}.create(
|
|
167
206
|
file: 'required - file to encrypt'
|
|
168
207
|
)
|
|
169
208
|
|
|
170
209
|
#{self}.decrypt(
|
|
171
|
-
file: 'required - file to
|
|
210
|
+
file: 'required - file to decrypt',
|
|
172
211
|
key: 'required - key to decrypt',
|
|
173
212
|
iv: 'required - iv to decrypt'
|
|
174
213
|
)
|
|
175
214
|
|
|
176
215
|
#{self}.dump(
|
|
177
|
-
file: 'required - file to
|
|
216
|
+
file: 'required - file to dump',
|
|
178
217
|
key: 'required - key to decrypt',
|
|
179
|
-
iv: 'required - iv to decrypt'
|
|
218
|
+
iv: 'required - iv to decrypt',
|
|
219
|
+
# search: 'optional - search for a specific string'
|
|
180
220
|
)
|
|
181
221
|
|
|
182
222
|
#{self}.edit(
|
|
183
|
-
file: 'required - file to
|
|
223
|
+
file: 'required - file to edit',
|
|
184
224
|
key: 'required - key to decrypt',
|
|
185
225
|
iv: 'required - iv to decrypt'
|
|
186
226
|
)
|
data/lib/pwn/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: pwn
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.5.
|
|
4
|
+
version: 0.5.64
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- 0day Inc.
|
|
@@ -1317,6 +1317,7 @@ files:
|
|
|
1317
1317
|
- documentation/pwn_wallpaper.jpg
|
|
1318
1318
|
- documentation/ringing-spectrogram.png
|
|
1319
1319
|
- documentation/ringing-waveform.png
|
|
1320
|
+
- etc/pwn.decryptor.yaml.EXAMPLE
|
|
1320
1321
|
- etc/pwn.yaml.EXAMPLE
|
|
1321
1322
|
- etc/systemd/msfrpcd.service
|
|
1322
1323
|
- etc/systemd/openvas.service
|