pwn 0.5.64 → 0.5.66
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +3 -3
- data/bin/pwn +7 -5
- data/etc/pwn.decryptor.yaml.EXAMPLE +2 -0
- data/lib/pwn/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 9943bae307e743e8dbb7bdb1a1ccdd1c0b61f29e8413bceb25350fc6023fd289
|
4
|
+
data.tar.gz: 2f32981b889d1e6e21591094b4781162239c36e7b67f7cd0e91eab0c5c400ed1
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 58eacda5cce4074c84615d5aee751ef4f642185521b641798563bbed6eb7348cf8a6cee5fe261084784b9c646a3c6cdddca8004f8fb157173861c75ea9e3d637
|
7
|
+
data.tar.gz: 958c25709cc837206df7d2890e06e2604a7d27fd61e97b30a48fe561306aacef3348d4e24f7eb23699ed371019adc28f31d688995f0451d414416b8992109226
|
data/README.md
CHANGED
@@ -37,7 +37,7 @@ $ cd /opt/pwn
|
|
37
37
|
$ ./install.sh
|
38
38
|
$ ./install.sh ruby-gem
|
39
39
|
$ pwn
|
40
|
-
pwn[v0.5.
|
40
|
+
pwn[v0.5.66]:001 >>> PWN.help
|
41
41
|
```
|
42
42
|
|
43
43
|
[![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.3.0@pwn
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
53
53
|
$ gem install --verbose pwn
|
54
54
|
$ pwn
|
55
|
-
pwn[v0.5.
|
55
|
+
pwn[v0.5.66]:001 >>> PWN.help
|
56
56
|
```
|
57
57
|
|
58
58
|
If you're using a multi-user install of RVM do:
|
@@ -62,7 +62,7 @@ $ rvm use ruby-3.3.0@pwn
|
|
62
62
|
$ rvmsudo gem uninstall --all --executables pwn
|
63
63
|
$ rvmsudo gem install --verbose pwn
|
64
64
|
$ pwn
|
65
|
-
pwn[v0.5.
|
65
|
+
pwn[v0.5.66]:001 >>> PWN.help
|
66
66
|
```
|
67
67
|
|
68
68
|
PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
|
data/bin/pwn
CHANGED
@@ -312,12 +312,14 @@ begin
|
|
312
312
|
|
313
313
|
if is_encrypted
|
314
314
|
# TODO: Implement "something you know, something you have, && something you are?"
|
315
|
-
decryption_file = opts[:decryption_file] ||= "#{
|
316
|
-
|
315
|
+
decryption_file = opts[:decryption_file] ||= "#{Dir.home}/pwn.decryptor.yaml"
|
316
|
+
yaml_decryptor = YAML.load_file(decryption_file, symbolize_names: true) if File.exist?(decryption_file)
|
317
317
|
|
318
|
-
|
319
|
-
key =
|
320
|
-
|
318
|
+
key = opts[:key] ||= yaml_decryptor[:key] ||= ENV.fetch('PWN_DECRYPTOR_KEY')
|
319
|
+
key = PWN::Plugins::AuthenticationHelper.mask_password(prompt: 'Decryption Key') if key.nil?
|
320
|
+
|
321
|
+
iv = opts[:iv] ||= yaml_decryptor[:iv] ||= ENV.fetch('PWN_DECRYPTOR_IV')
|
322
|
+
iv = PWN::Plugins::AuthenticationHelper.mask_password(prompt: 'Decryption IV') if iv.nil?
|
321
323
|
|
322
324
|
encrypted_config_dump = PWN::Plugins::Vault.dump(
|
323
325
|
file: yaml_config_path,
|
@@ -1,2 +1,4 @@
|
|
1
|
+
# If you rely upon this file, it should be out-of-band
|
2
|
+
# (e.g. not available in code repos, permission protected, limited access, etc.)
|
1
3
|
key: 'KEY PROVIDED WHEN USING PWN::Plugins::Vault.create(file: "pwn.yaml") TO ENCRYPT pwn.yaml'
|
2
4
|
iv: 'KEY PROVIDED WHEN USING PWN::Plugins::Vault.create(file: "pwn.yaml") TO ENCRYPT pwn.yaml'
|
data/lib/pwn/version.rb
CHANGED