pwn 0.5.66 → 0.5.67

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 9943bae307e743e8dbb7bdb1a1ccdd1c0b61f29e8413bceb25350fc6023fd289
4
- data.tar.gz: 2f32981b889d1e6e21591094b4781162239c36e7b67f7cd0e91eab0c5c400ed1
3
+ metadata.gz: 8fd794ce6149bca1bcacf6eb83e4116d26dddad3f7007829cec0ff4520eb9f59
4
+ data.tar.gz: 056c7e6727ec6afb5ec98563b912ab65fdca366067296f0aa12501d5d7ae63d1
5
5
  SHA512:
6
- metadata.gz: 58eacda5cce4074c84615d5aee751ef4f642185521b641798563bbed6eb7348cf8a6cee5fe261084784b9c646a3c6cdddca8004f8fb157173861c75ea9e3d637
7
- data.tar.gz: 958c25709cc837206df7d2890e06e2604a7d27fd61e97b30a48fe561306aacef3348d4e24f7eb23699ed371019adc28f31d688995f0451d414416b8992109226
6
+ metadata.gz: 0764f4c9956e10475675ed33769d07b94ba19090c2db59937ff45ed1f110dad1860a6c02b8eaca71d7e5269dacb4c460472777dfb3285d2ec963c4a0c59975e2
7
+ data.tar.gz: 651a021f5476d9e6735c08f126411c23c6cfba3b0d9455ad1561b0fa9a46793f1c1b4bf6025a49f1d0c50f557ed9e150cd339aefed44003298a5f3100fa85e94
data/README.md CHANGED
@@ -37,7 +37,7 @@ $ cd /opt/pwn
37
37
  $ ./install.sh
38
38
  $ ./install.sh ruby-gem
39
39
  $ pwn
40
- pwn[v0.5.66]:001 >>> PWN.help
40
+ pwn[v0.5.67]:001 >>> PWN.help
41
41
  ```
42
42
 
43
43
  [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.3.0@pwn
52
52
  $ gem uninstall --all --executables pwn
53
53
  $ gem install --verbose pwn
54
54
  $ pwn
55
- pwn[v0.5.66]:001 >>> PWN.help
55
+ pwn[v0.5.67]:001 >>> PWN.help
56
56
  ```
57
57
 
58
58
  If you're using a multi-user install of RVM do:
@@ -62,7 +62,7 @@ $ rvm use ruby-3.3.0@pwn
62
62
  $ rvmsudo gem uninstall --all --executables pwn
63
63
  $ rvmsudo gem install --verbose pwn
64
64
  $ pwn
65
- pwn[v0.5.66]:001 >>> PWN.help
65
+ pwn[v0.5.67]:001 >>> PWN.help
66
66
  ```
67
67
 
68
68
  PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
data/bin/pwn CHANGED
@@ -1,7 +1,6 @@
1
1
  #!/usr/bin/env ruby
2
2
  # frozen_string_literal: true
3
3
 
4
- require 'base64'
5
4
  require 'optparse'
6
5
  require 'pwn'
7
6
  require 'pry'
@@ -32,24 +31,6 @@ OptionParser.new do |options|
32
31
  end.parse!
33
32
 
34
33
  begin
35
- def yaml_config_encrypted?(opts = {})
36
- config = opts[:config]
37
-
38
- config_contents = File.read(config)
39
- config_contents.is_a?(String) && Base64.strict_encode64(Base64.decode64(config_contents)) == config_contents
40
- end
41
-
42
- def cleanup_pids(opts = {})
43
- pids_arr = opts[:pids_arr]
44
-
45
- pids_arr.each do |pid_line|
46
- pid = pid_line[2].to_i
47
- Process.kill('TERM', pid)
48
- rescue Errno::ESRCH
49
- next
50
- end
51
- end
52
-
53
34
  def refresh_ps1_proc(opts = {})
54
35
  mode = opts[:mode]
55
36
 
@@ -90,7 +71,7 @@ begin
90
71
  end
91
72
  end
92
73
 
93
- # Pry Monkey Patches \_(oo)_/
74
+ # Pry Monkey Patches \_(--)_/
94
75
  class Pry
95
76
  # Overwrite Pry::History.push method in History class to get duplicate history entries
96
77
  # in order to properly replay automation in this prototyping driver
@@ -308,7 +289,7 @@ begin
308
289
  Pry.config.hooks.add_hook(:before_session, :init_opts) do |_output, _binding, pi|
309
290
  if opts[:yaml_config_path] && File.exist?(opts[:yaml_config_path])
310
291
  yaml_config_path = opts[:yaml_config_path]
311
- is_encrypted = yaml_config_encrypted?(config: yaml_config_path)
292
+ is_encrypted = PWN::Plugins::Vault.file_encrypted?(file: yaml_config_path)
312
293
 
313
294
  if is_encrypted
314
295
  # TODO: Implement "something you know, something you have, && something you are?"
@@ -321,12 +302,12 @@ begin
321
302
  iv = opts[:iv] ||= yaml_decryptor[:iv] ||= ENV.fetch('PWN_DECRYPTOR_IV')
322
303
  iv = PWN::Plugins::AuthenticationHelper.mask_password(prompt: 'Decryption IV') if iv.nil?
323
304
 
324
- encrypted_config_dump = PWN::Plugins::Vault.dump(
305
+ decrypted_yaml_config = PWN::Plugins::Vault.dump(
325
306
  file: yaml_config_path,
326
307
  key: key,
327
308
  iv: iv
328
309
  )
329
- yaml_config = YAML.load(encrypted_config_dump, symbolize_names: true)
310
+ yaml_config = YAML.load(decrypted_yaml_config, symbolize_names: true)
330
311
  else
331
312
  yaml_config = YAML.load_file(yaml_config_path, symbolize_names: true)
332
313
  end
@@ -439,6 +420,6 @@ ensure
439
420
  end
440
421
  # pp grandkid_pids_arr
441
422
 
442
- cleanup_pids(pids_arr: grandkid_pids_arr)
443
- cleanup_pids(pids_arr: kid_pids_arr)
423
+ PWN::Plugins::PS.cleanup_pids(pids_arr: grandkid_pids_arr)
424
+ PWN::Plugins::PS.cleanup_pids(pids_arr: kid_pids_arr)
444
425
  end
@@ -47,6 +47,23 @@ module PWN
47
47
  raise e
48
48
  end
49
49
 
50
+ # Supported Method Parameters::
51
+ # PWN::Plugins::PS.cleanup_pids(
52
+ # pids_arr: 'required - array of pids to kill'
53
+ # )
54
+ public_class_method def self.cleanup_pids(opts = {})
55
+ pids_arr = opts[:pids_arr]
56
+
57
+ pids_arr.each do |pid_line|
58
+ pid = pid_line[2].to_i
59
+ Process.kill('TERM', pid)
60
+ rescue Errno::ESRCH
61
+ next
62
+ end
63
+ rescue StandardError => e
64
+ raise e
65
+ end
66
+
50
67
  # Author(s):: 0day Inc. <request.pentest@0dayinc.com>
51
68
 
52
69
  public_class_method def self.authors
@@ -61,6 +78,10 @@ module PWN
61
78
  puts "USAGE:
62
79
  proc_list_arr = #{self}.list
63
80
 
81
+ #{self}.cleanup_pids(
82
+ pids_arr: 'required - array of pids to kill'
83
+ )
84
+
64
85
  #{self}.authors
65
86
  "
66
87
  end
@@ -184,6 +184,21 @@ module PWN
184
184
  raise e
185
185
  end
186
186
 
187
+ # Supported Method Parameters::
188
+ # PWN::Plugins::Vault.file_encrypted?(
189
+ # file: 'required - file to check if encrypted'
190
+ # )
191
+ public_class_method def self.file_encrypted?(opts = {})
192
+ file = opts[:file].to_s.scrub if File.exist?(opts[:file].to_s.scrub)
193
+
194
+ raise 'ERROR: File does not exist.' unless File.exist?(file)
195
+
196
+ file_contents = File.read(file)
197
+ file_contents.is_a?(String) && Base64.strict_encode64(Base64.strict_decode64(file_contents)) == file_contents
198
+ rescue StandardError => e
199
+ raise e
200
+ end
201
+
187
202
  # Author(s):: 0day Inc. <request.pentest@0dayinc.com>
188
203
 
189
204
  public_class_method def self.authors
@@ -231,6 +246,10 @@ module PWN
231
246
  iv: 'required - iv to decrypt'
232
247
  )
233
248
 
249
+ #{self}.file_encrypted?(
250
+ file: 'required - file to check if encrypted'
251
+ )
252
+
234
253
  #{self}.authors
235
254
  "
236
255
  end
data/lib/pwn/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module PWN
4
- VERSION = '0.5.66'
4
+ VERSION = '0.5.67'
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pwn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.5.66
4
+ version: 0.5.67
5
5
  platform: ruby
6
6
  authors:
7
7
  - 0day Inc.