pwn 0.5.65 → 0.5.67
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +3 -3
- data/bin/pwn +10 -25
- data/lib/pwn/plugins/ps.rb +21 -0
- data/lib/pwn/plugins/vault.rb +19 -0
- data/lib/pwn/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 8fd794ce6149bca1bcacf6eb83e4116d26dddad3f7007829cec0ff4520eb9f59
|
|
4
|
+
data.tar.gz: 056c7e6727ec6afb5ec98563b912ab65fdca366067296f0aa12501d5d7ae63d1
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 0764f4c9956e10475675ed33769d07b94ba19090c2db59937ff45ed1f110dad1860a6c02b8eaca71d7e5269dacb4c460472777dfb3285d2ec963c4a0c59975e2
|
|
7
|
+
data.tar.gz: 651a021f5476d9e6735c08f126411c23c6cfba3b0d9455ad1561b0fa9a46793f1c1b4bf6025a49f1d0c50f557ed9e150cd339aefed44003298a5f3100fa85e94
|
data/README.md
CHANGED
|
@@ -37,7 +37,7 @@ $ cd /opt/pwn
|
|
|
37
37
|
$ ./install.sh
|
|
38
38
|
$ ./install.sh ruby-gem
|
|
39
39
|
$ pwn
|
|
40
|
-
pwn[v0.5.
|
|
40
|
+
pwn[v0.5.67]:001 >>> PWN.help
|
|
41
41
|
```
|
|
42
42
|
|
|
43
43
|
[](https://youtu.be/G7iLUY4FzsI)
|
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.3.0@pwn
|
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
|
53
53
|
$ gem install --verbose pwn
|
|
54
54
|
$ pwn
|
|
55
|
-
pwn[v0.5.
|
|
55
|
+
pwn[v0.5.67]:001 >>> PWN.help
|
|
56
56
|
```
|
|
57
57
|
|
|
58
58
|
If you're using a multi-user install of RVM do:
|
|
@@ -62,7 +62,7 @@ $ rvm use ruby-3.3.0@pwn
|
|
|
62
62
|
$ rvmsudo gem uninstall --all --executables pwn
|
|
63
63
|
$ rvmsudo gem install --verbose pwn
|
|
64
64
|
$ pwn
|
|
65
|
-
pwn[v0.5.
|
|
65
|
+
pwn[v0.5.67]:001 >>> PWN.help
|
|
66
66
|
```
|
|
67
67
|
|
|
68
68
|
PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
|
data/bin/pwn
CHANGED
|
@@ -1,7 +1,6 @@
|
|
|
1
1
|
#!/usr/bin/env ruby
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
|
-
require 'base64'
|
|
5
4
|
require 'optparse'
|
|
6
5
|
require 'pwn'
|
|
7
6
|
require 'pry'
|
|
@@ -32,24 +31,6 @@ OptionParser.new do |options|
|
|
|
32
31
|
end.parse!
|
|
33
32
|
|
|
34
33
|
begin
|
|
35
|
-
def yaml_config_encrypted?(opts = {})
|
|
36
|
-
config = opts[:config]
|
|
37
|
-
|
|
38
|
-
config_contents = File.read(config)
|
|
39
|
-
config_contents.is_a?(String) && Base64.strict_encode64(Base64.decode64(config_contents)) == config_contents
|
|
40
|
-
end
|
|
41
|
-
|
|
42
|
-
def cleanup_pids(opts = {})
|
|
43
|
-
pids_arr = opts[:pids_arr]
|
|
44
|
-
|
|
45
|
-
pids_arr.each do |pid_line|
|
|
46
|
-
pid = pid_line[2].to_i
|
|
47
|
-
Process.kill('TERM', pid)
|
|
48
|
-
rescue Errno::ESRCH
|
|
49
|
-
next
|
|
50
|
-
end
|
|
51
|
-
end
|
|
52
|
-
|
|
53
34
|
def refresh_ps1_proc(opts = {})
|
|
54
35
|
mode = opts[:mode]
|
|
55
36
|
|
|
@@ -90,7 +71,7 @@ begin
|
|
|
90
71
|
end
|
|
91
72
|
end
|
|
92
73
|
|
|
93
|
-
# Pry Monkey Patches \_(
|
|
74
|
+
# Pry Monkey Patches \_(--)_/
|
|
94
75
|
class Pry
|
|
95
76
|
# Overwrite Pry::History.push method in History class to get duplicate history entries
|
|
96
77
|
# in order to properly replay automation in this prototyping driver
|
|
@@ -308,21 +289,25 @@ begin
|
|
|
308
289
|
Pry.config.hooks.add_hook(:before_session, :init_opts) do |_output, _binding, pi|
|
|
309
290
|
if opts[:yaml_config_path] && File.exist?(opts[:yaml_config_path])
|
|
310
291
|
yaml_config_path = opts[:yaml_config_path]
|
|
311
|
-
is_encrypted =
|
|
292
|
+
is_encrypted = PWN::Plugins::Vault.file_encrypted?(file: yaml_config_path)
|
|
312
293
|
|
|
313
294
|
if is_encrypted
|
|
314
295
|
# TODO: Implement "something you know, something you have, && something you are?"
|
|
315
296
|
decryption_file = opts[:decryption_file] ||= "#{Dir.home}/pwn.decryptor.yaml"
|
|
316
297
|
yaml_decryptor = YAML.load_file(decryption_file, symbolize_names: true) if File.exist?(decryption_file)
|
|
298
|
+
|
|
317
299
|
key = opts[:key] ||= yaml_decryptor[:key] ||= ENV.fetch('PWN_DECRYPTOR_KEY')
|
|
300
|
+
key = PWN::Plugins::AuthenticationHelper.mask_password(prompt: 'Decryption Key') if key.nil?
|
|
301
|
+
|
|
318
302
|
iv = opts[:iv] ||= yaml_decryptor[:iv] ||= ENV.fetch('PWN_DECRYPTOR_IV')
|
|
303
|
+
iv = PWN::Plugins::AuthenticationHelper.mask_password(prompt: 'Decryption IV') if iv.nil?
|
|
319
304
|
|
|
320
|
-
|
|
305
|
+
decrypted_yaml_config = PWN::Plugins::Vault.dump(
|
|
321
306
|
file: yaml_config_path,
|
|
322
307
|
key: key,
|
|
323
308
|
iv: iv
|
|
324
309
|
)
|
|
325
|
-
yaml_config = YAML.load(
|
|
310
|
+
yaml_config = YAML.load(decrypted_yaml_config, symbolize_names: true)
|
|
326
311
|
else
|
|
327
312
|
yaml_config = YAML.load_file(yaml_config_path, symbolize_names: true)
|
|
328
313
|
end
|
|
@@ -435,6 +420,6 @@ ensure
|
|
|
435
420
|
end
|
|
436
421
|
# pp grandkid_pids_arr
|
|
437
422
|
|
|
438
|
-
cleanup_pids(pids_arr: grandkid_pids_arr)
|
|
439
|
-
cleanup_pids(pids_arr: kid_pids_arr)
|
|
423
|
+
PWN::Plugins::PS.cleanup_pids(pids_arr: grandkid_pids_arr)
|
|
424
|
+
PWN::Plugins::PS.cleanup_pids(pids_arr: kid_pids_arr)
|
|
440
425
|
end
|
data/lib/pwn/plugins/ps.rb
CHANGED
|
@@ -47,6 +47,23 @@ module PWN
|
|
|
47
47
|
raise e
|
|
48
48
|
end
|
|
49
49
|
|
|
50
|
+
# Supported Method Parameters::
|
|
51
|
+
# PWN::Plugins::PS.cleanup_pids(
|
|
52
|
+
# pids_arr: 'required - array of pids to kill'
|
|
53
|
+
# )
|
|
54
|
+
public_class_method def self.cleanup_pids(opts = {})
|
|
55
|
+
pids_arr = opts[:pids_arr]
|
|
56
|
+
|
|
57
|
+
pids_arr.each do |pid_line|
|
|
58
|
+
pid = pid_line[2].to_i
|
|
59
|
+
Process.kill('TERM', pid)
|
|
60
|
+
rescue Errno::ESRCH
|
|
61
|
+
next
|
|
62
|
+
end
|
|
63
|
+
rescue StandardError => e
|
|
64
|
+
raise e
|
|
65
|
+
end
|
|
66
|
+
|
|
50
67
|
# Author(s):: 0day Inc. <request.pentest@0dayinc.com>
|
|
51
68
|
|
|
52
69
|
public_class_method def self.authors
|
|
@@ -61,6 +78,10 @@ module PWN
|
|
|
61
78
|
puts "USAGE:
|
|
62
79
|
proc_list_arr = #{self}.list
|
|
63
80
|
|
|
81
|
+
#{self}.cleanup_pids(
|
|
82
|
+
pids_arr: 'required - array of pids to kill'
|
|
83
|
+
)
|
|
84
|
+
|
|
64
85
|
#{self}.authors
|
|
65
86
|
"
|
|
66
87
|
end
|
data/lib/pwn/plugins/vault.rb
CHANGED
|
@@ -184,6 +184,21 @@ module PWN
|
|
|
184
184
|
raise e
|
|
185
185
|
end
|
|
186
186
|
|
|
187
|
+
# Supported Method Parameters::
|
|
188
|
+
# PWN::Plugins::Vault.file_encrypted?(
|
|
189
|
+
# file: 'required - file to check if encrypted'
|
|
190
|
+
# )
|
|
191
|
+
public_class_method def self.file_encrypted?(opts = {})
|
|
192
|
+
file = opts[:file].to_s.scrub if File.exist?(opts[:file].to_s.scrub)
|
|
193
|
+
|
|
194
|
+
raise 'ERROR: File does not exist.' unless File.exist?(file)
|
|
195
|
+
|
|
196
|
+
file_contents = File.read(file)
|
|
197
|
+
file_contents.is_a?(String) && Base64.strict_encode64(Base64.strict_decode64(file_contents)) == file_contents
|
|
198
|
+
rescue StandardError => e
|
|
199
|
+
raise e
|
|
200
|
+
end
|
|
201
|
+
|
|
187
202
|
# Author(s):: 0day Inc. <request.pentest@0dayinc.com>
|
|
188
203
|
|
|
189
204
|
public_class_method def self.authors
|
|
@@ -231,6 +246,10 @@ module PWN
|
|
|
231
246
|
iv: 'required - iv to decrypt'
|
|
232
247
|
)
|
|
233
248
|
|
|
249
|
+
#{self}.file_encrypted?(
|
|
250
|
+
file: 'required - file to check if encrypted'
|
|
251
|
+
)
|
|
252
|
+
|
|
234
253
|
#{self}.authors
|
|
235
254
|
"
|
|
236
255
|
end
|
data/lib/pwn/version.rb
CHANGED