pwn 0.5.63 → 0.5.64
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +3 -3
- data/bin/pwn +42 -2
- data/etc/pwn.decryptor.yaml.EXAMPLE +2 -0
- data/etc/pwn.yaml.EXAMPLE +1 -0
- data/lib/pwn/plugins/vault.rb +49 -9
- data/lib/pwn/version.rb +1 -1
- metadata +2 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c42962690f6fcba146756b708712680aa0f82bdcc83085bdb28f004206e069c0
|
|
4
|
+
data.tar.gz: 524d051208dde3344f8878474b36b5418ccbe300547f846398cab16236344c35
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ead15133e412b3bad3871b31fb7fe6db531f9cdb729f83ea46b51d8f5f4311a6394097e6b27352abc1d8755338cb8f78e0abf84aa94ef258973dbc89db355421
|
|
7
|
+
data.tar.gz: 903fbff707e0166a55169ab78d955e42ae0582b48a507893b91ba0ad530bf840e180fc2ac9d06de9cc8f7c2de7f9fdd5d9638735caf3041107875c9602be32b2
|
data/README.md
CHANGED
|
@@ -37,7 +37,7 @@ $ cd /opt/pwn
|
|
|
37
37
|
$ ./install.sh
|
|
38
38
|
$ ./install.sh ruby-gem
|
|
39
39
|
$ pwn
|
|
40
|
-
pwn[v0.5.
|
|
40
|
+
pwn[v0.5.64]:001 >>> PWN.help
|
|
41
41
|
```
|
|
42
42
|
|
|
43
43
|
[](https://youtu.be/G7iLUY4FzsI)
|
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.3.0@pwn
|
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
|
53
53
|
$ gem install --verbose pwn
|
|
54
54
|
$ pwn
|
|
55
|
-
pwn[v0.5.
|
|
55
|
+
pwn[v0.5.64]:001 >>> PWN.help
|
|
56
56
|
```
|
|
57
57
|
|
|
58
58
|
If you're using a multi-user install of RVM do:
|
|
@@ -62,7 +62,7 @@ $ rvm use ruby-3.3.0@pwn
|
|
|
62
62
|
$ rvmsudo gem uninstall --all --executables pwn
|
|
63
63
|
$ rvmsudo gem install --verbose pwn
|
|
64
64
|
$ pwn
|
|
65
|
-
pwn[v0.5.
|
|
65
|
+
pwn[v0.5.64]:001 >>> PWN.help
|
|
66
66
|
```
|
|
67
67
|
|
|
68
68
|
PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
|
data/bin/pwn
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
#!/usr/bin/env ruby
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
|
+
require 'base64'
|
|
4
5
|
require 'optparse'
|
|
5
6
|
require 'pwn'
|
|
6
7
|
require 'pry'
|
|
@@ -13,12 +14,31 @@ OptionParser.new do |options|
|
|
|
13
14
|
#{$PROGRAM_NAME} [opts]
|
|
14
15
|
"
|
|
15
16
|
|
|
16
|
-
options.on('-cPATH', '--yaml-config=PATH', '<Optional -
|
|
17
|
+
options.on('-cPATH', '--yaml-config=PATH', '<Optional - PWN YAML File>') do |p|
|
|
17
18
|
opts[:yaml_config_path] = p
|
|
18
19
|
end
|
|
20
|
+
|
|
21
|
+
options.on('-dPATH', '--decryptor=PATH', '<Optional - File Containing Decryption Key && IV>') do |d|
|
|
22
|
+
opts[:decryption_file] = d
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
options.on('-kKEY', '--decryption-key=KEY', '<Optional - Decryption Key>') do |k|
|
|
26
|
+
opts[:key] = k
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
options.on('-iIV', '--decryption-iv=PATH', '<Optional - Decryption IV>') do |i|
|
|
30
|
+
opts[:iv] = i
|
|
31
|
+
end
|
|
19
32
|
end.parse!
|
|
20
33
|
|
|
21
34
|
begin
|
|
35
|
+
def yaml_config_encrypted?(opts = {})
|
|
36
|
+
config = opts[:config]
|
|
37
|
+
|
|
38
|
+
config_contents = File.read(config)
|
|
39
|
+
config_contents.is_a?(String) && Base64.strict_encode64(Base64.decode64(config_contents)) == config_contents
|
|
40
|
+
end
|
|
41
|
+
|
|
22
42
|
def cleanup_pids(opts = {})
|
|
23
43
|
pids_arr = opts[:pids_arr]
|
|
24
44
|
|
|
@@ -288,7 +308,27 @@ begin
|
|
|
288
308
|
Pry.config.hooks.add_hook(:before_session, :init_opts) do |_output, _binding, pi|
|
|
289
309
|
if opts[:yaml_config_path] && File.exist?(opts[:yaml_config_path])
|
|
290
310
|
yaml_config_path = opts[:yaml_config_path]
|
|
291
|
-
|
|
311
|
+
is_encrypted = yaml_config_encrypted?(config: yaml_config_path)
|
|
312
|
+
|
|
313
|
+
if is_encrypted
|
|
314
|
+
# TODO: Implement "something you know, something you have, && something you are?"
|
|
315
|
+
decryption_file = opts[:decryption_file] ||= "#{ENV.fetch('HOME')}/pwn.decryptor.yaml"
|
|
316
|
+
raise "ERROR: Decryption file not found at #{decryption_file}" unless File.exist?(decryption_file)
|
|
317
|
+
|
|
318
|
+
yaml_decryptor = YAML.load_file(decryption_file, symbolize_names: true)
|
|
319
|
+
key = opts[:key] ||= yaml_decryptor[:key]
|
|
320
|
+
iv = opts[:iv] ||= yaml_decryptor[:iv]
|
|
321
|
+
|
|
322
|
+
encrypted_config_dump = PWN::Plugins::Vault.dump(
|
|
323
|
+
file: yaml_config_path,
|
|
324
|
+
key: key,
|
|
325
|
+
iv: iv
|
|
326
|
+
)
|
|
327
|
+
yaml_config = YAML.load(encrypted_config_dump, symbolize_names: true)
|
|
328
|
+
else
|
|
329
|
+
yaml_config = YAML.load_file(yaml_config_path, symbolize_names: true)
|
|
330
|
+
end
|
|
331
|
+
|
|
292
332
|
pi.config.pwn_ai_key = yaml_config[:ai_key]
|
|
293
333
|
Pry.config.pwn_ai_key = pi.config.pwn_ai_key
|
|
294
334
|
end
|
data/etc/pwn.yaml.EXAMPLE
CHANGED
data/lib/pwn/plugins/vault.rb
CHANGED
|
@@ -8,6 +8,31 @@ module PWN
|
|
|
8
8
|
module Plugins
|
|
9
9
|
# Used to encrypt/decrypt configuration files leveraging AES256
|
|
10
10
|
module Vault
|
|
11
|
+
# Supported Method Parameters::
|
|
12
|
+
# PWN::Plugins::Vault.change_encryption_secrets(
|
|
13
|
+
# file: 'required - file to encrypt with new key and iv',
|
|
14
|
+
# key: 'required - key to decrypt',
|
|
15
|
+
# iv: 'required - iv to decrypt'
|
|
16
|
+
# )
|
|
17
|
+
|
|
18
|
+
def self.change_encryption_secrets(opts = {})
|
|
19
|
+
file = opts[:file].to_s.scrub if File.exist?(opts[:file].to_s.scrub)
|
|
20
|
+
key = opts[:key]
|
|
21
|
+
iv = opts[:iv]
|
|
22
|
+
|
|
23
|
+
decrypt(
|
|
24
|
+
file: file,
|
|
25
|
+
key: key,
|
|
26
|
+
iv: iv
|
|
27
|
+
)
|
|
28
|
+
|
|
29
|
+
create(
|
|
30
|
+
file: file
|
|
31
|
+
)
|
|
32
|
+
rescue StandardError => e
|
|
33
|
+
raise e
|
|
34
|
+
end
|
|
35
|
+
|
|
11
36
|
# Supported Method Parameters::
|
|
12
37
|
# PWN::Plugins::Vault.create(
|
|
13
38
|
# file: 'required - encrypted file to create'
|
|
@@ -35,7 +60,7 @@ module PWN
|
|
|
35
60
|
|
|
36
61
|
# Supported Method Parameters::
|
|
37
62
|
# PWN::Plugins::Vault.decrypt(
|
|
38
|
-
# file: 'required - file to
|
|
63
|
+
# file: 'required - file to decrypt',
|
|
39
64
|
# key: 'required - key to decrypt',
|
|
40
65
|
# iv: 'required - iv to decrypt'
|
|
41
66
|
# )
|
|
@@ -62,15 +87,17 @@ module PWN
|
|
|
62
87
|
|
|
63
88
|
# Supported Method Parameters::
|
|
64
89
|
# PWN::Plugins::Vault.dump(
|
|
65
|
-
# file: 'required - file to
|
|
90
|
+
# file: 'required - file to dump',
|
|
66
91
|
# key: 'required - key to decrypt',
|
|
67
|
-
# iv: 'required - iv to decrypt'
|
|
92
|
+
# iv: 'required - iv to decrypt',
|
|
93
|
+
# search: 'optional - search for a specific string'
|
|
68
94
|
# )
|
|
69
95
|
|
|
70
96
|
def self.dump(opts = {})
|
|
71
97
|
file = opts[:file].to_s.scrub if File.exist?(opts[:file].to_s.scrub)
|
|
72
98
|
key = opts[:key]
|
|
73
99
|
iv = opts[:iv]
|
|
100
|
+
search = opts[:search]
|
|
74
101
|
|
|
75
102
|
decrypt(
|
|
76
103
|
file: file,
|
|
@@ -78,20 +105,26 @@ module PWN
|
|
|
78
105
|
iv: iv
|
|
79
106
|
)
|
|
80
107
|
|
|
81
|
-
|
|
108
|
+
if search
|
|
109
|
+
file_dump = File.readlines(file).grep(/#{search}/)
|
|
110
|
+
else
|
|
111
|
+
file_dump = File.read(file)
|
|
112
|
+
end
|
|
82
113
|
|
|
83
114
|
encrypt(
|
|
84
115
|
file: file,
|
|
85
116
|
key: key,
|
|
86
117
|
iv: iv
|
|
87
118
|
)
|
|
119
|
+
|
|
120
|
+
file_dump
|
|
88
121
|
rescue StandardError => e
|
|
89
122
|
raise e
|
|
90
123
|
end
|
|
91
124
|
|
|
92
125
|
# Supported Method Parameters::
|
|
93
126
|
# PWN::Plugins::Vault.edit(
|
|
94
|
-
# file: 'required - file to
|
|
127
|
+
# file: 'required - file to edit',
|
|
95
128
|
# key: 'required - key to decrypt',
|
|
96
129
|
# iv: 'required - iv to decrypt'
|
|
97
130
|
# )
|
|
@@ -163,24 +196,31 @@ module PWN
|
|
|
163
196
|
|
|
164
197
|
public_class_method def self.help
|
|
165
198
|
puts "USAGE:
|
|
199
|
+
#{self}.change_encryption_secrets(
|
|
200
|
+
file: 'required - file to encrypt with new key and iv',
|
|
201
|
+
key: 'required - key to decrypt',
|
|
202
|
+
iv: 'required - iv to decrypt'
|
|
203
|
+
)
|
|
204
|
+
|
|
166
205
|
#{self}.create(
|
|
167
206
|
file: 'required - file to encrypt'
|
|
168
207
|
)
|
|
169
208
|
|
|
170
209
|
#{self}.decrypt(
|
|
171
|
-
file: 'required - file to
|
|
210
|
+
file: 'required - file to decrypt',
|
|
172
211
|
key: 'required - key to decrypt',
|
|
173
212
|
iv: 'required - iv to decrypt'
|
|
174
213
|
)
|
|
175
214
|
|
|
176
215
|
#{self}.dump(
|
|
177
|
-
file: 'required - file to
|
|
216
|
+
file: 'required - file to dump',
|
|
178
217
|
key: 'required - key to decrypt',
|
|
179
|
-
iv: 'required - iv to decrypt'
|
|
218
|
+
iv: 'required - iv to decrypt',
|
|
219
|
+
# search: 'optional - search for a specific string'
|
|
180
220
|
)
|
|
181
221
|
|
|
182
222
|
#{self}.edit(
|
|
183
|
-
file: 'required - file to
|
|
223
|
+
file: 'required - file to edit',
|
|
184
224
|
key: 'required - key to decrypt',
|
|
185
225
|
iv: 'required - iv to decrypt'
|
|
186
226
|
)
|
data/lib/pwn/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: pwn
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.5.
|
|
4
|
+
version: 0.5.64
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- 0day Inc.
|
|
@@ -1317,6 +1317,7 @@ files:
|
|
|
1317
1317
|
- documentation/pwn_wallpaper.jpg
|
|
1318
1318
|
- documentation/ringing-spectrogram.png
|
|
1319
1319
|
- documentation/ringing-waveform.png
|
|
1320
|
+
- etc/pwn.decryptor.yaml.EXAMPLE
|
|
1320
1321
|
- etc/pwn.yaml.EXAMPLE
|
|
1321
1322
|
- etc/systemd/msfrpcd.service
|
|
1322
1323
|
- etc/systemd/openvas.service
|