pwn 0.4.501 → 0.4.502
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +1 -1
- data/README.md +2 -2
- data/lib/pwn/plugins/github.rb +132 -0
- data/lib/pwn/plugins.rb +1 -0
- data/lib/pwn/version.rb +1 -1
- data/spec/lib/pwn/plugins/github_spec.rb +15 -0
- metadata +6 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 8e6a9cadce0579fb5fae8d210d13e9d3be8693978ed49f309f911e21d2369465
|
4
|
+
data.tar.gz: 25614e923ad9677ba7b281eb6efc4f1b7b5c4bd4fd7eb1d1729665c3cd8f769b
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: d619efe1e91a920ae8f2155ee42627668a9c61b559352e82746a2eced1472e6d5c45304729b9efce166aa0f4e23d1707bb8485903c99c1d791dca2113480b0d4
|
7
|
+
data.tar.gz: 67e549838acfc45e4658e2bcccf030755a7bb9a12201f15fbd94503e1bcbdaa8dfbad333607a80780c462ba6485c698eda4ca272c873e110949466ccedc90901
|
data/Gemfile
CHANGED
data/README.md
CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.1.2@pwn
|
|
37
37
|
$ rvm list gemsets
|
38
38
|
$ gem install --verbose pwn
|
39
39
|
$ pwn
|
40
|
-
pwn[v0.4.
|
40
|
+
pwn[v0.4.502]:001 >>> PWN.help
|
41
41
|
```
|
42
42
|
|
43
43
|
[![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.1.2@pwn
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
53
53
|
$ gem install --verbose pwn
|
54
54
|
$ pwn
|
55
|
-
pwn[v0.4.
|
55
|
+
pwn[v0.4.502]:001 >>> PWN.help
|
56
56
|
```
|
57
57
|
|
58
58
|
|
@@ -0,0 +1,132 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'json'
|
4
|
+
|
5
|
+
module PWN
|
6
|
+
module Plugins
|
7
|
+
# This plugin is used for interacting w/ Github's REST API using
|
8
|
+
# the 'rest' browser type of PWN::Plugins::TransparentBrowser.
|
9
|
+
module Github
|
10
|
+
@@logger = PWN::Plugins::PWNLogger.create
|
11
|
+
|
12
|
+
# Supported Method Parameters::
|
13
|
+
# github_rest_call(
|
14
|
+
# http_method: 'optional HTTP method (defaults to GET)
|
15
|
+
# rest_call: 'required rest call to make per the schema',
|
16
|
+
# params: 'optional params passed in the URI or HTTP Headers',
|
17
|
+
# http_body: 'optional HTTP body sent in HTTP methods that support it e.g. POST'
|
18
|
+
# )
|
19
|
+
|
20
|
+
private_class_method def self.github_rest_call(opts = {})
|
21
|
+
http_method = if opts[:http_method].nil?
|
22
|
+
:get
|
23
|
+
else
|
24
|
+
opts[:http_method].to_s.scrub.to_sym
|
25
|
+
end
|
26
|
+
rest_call = opts[:rest_call].to_s.scrub
|
27
|
+
params = opts[:params]
|
28
|
+
http_body = opts[:http_body].to_s.scrub
|
29
|
+
base_gist_api_uri = 'https://api.github.com'
|
30
|
+
|
31
|
+
rest_client = PWN::Plugins::TransparentBrowser.open(browser_type: :rest)::Request
|
32
|
+
|
33
|
+
case http_method
|
34
|
+
when :get
|
35
|
+
response = rest_client.execute(
|
36
|
+
method: :get,
|
37
|
+
url: "#{base_gist_api_uri}/#{rest_call}",
|
38
|
+
headers: {
|
39
|
+
content_type: 'application/json; charset=UTF-8',
|
40
|
+
params: params
|
41
|
+
},
|
42
|
+
verify_ssl: false
|
43
|
+
)
|
44
|
+
|
45
|
+
when :post
|
46
|
+
response = rest_client.execute(
|
47
|
+
method: :post,
|
48
|
+
url: "#{base_gist_api_uri}/#{rest_call}",
|
49
|
+
headers: {
|
50
|
+
content_type: 'application/json; charset=UTF-8',
|
51
|
+
params: params
|
52
|
+
},
|
53
|
+
payload: http_body,
|
54
|
+
verify_ssl: false
|
55
|
+
)
|
56
|
+
|
57
|
+
else
|
58
|
+
raise @@logger.error("Unsupported HTTP Method #{http_method} for #{self} Plugin")
|
59
|
+
end
|
60
|
+
|
61
|
+
response
|
62
|
+
rescue RestClient::Forbidden
|
63
|
+
raise response
|
64
|
+
rescue RestClient::BadRequest, RestClient::NotFound, StandardError => e
|
65
|
+
raise
|
66
|
+
end
|
67
|
+
|
68
|
+
# Supported Method Parameters::
|
69
|
+
# response_json = PWN::Plugins::Github.download_all_gists(
|
70
|
+
# username: 'required - username of gists to backup',
|
71
|
+
# target_dir: 'required - target directory to save respective gists'
|
72
|
+
# )
|
73
|
+
|
74
|
+
public_class_method def self.download_all_gists(opts = {})
|
75
|
+
username = opts[:username].to_s.scrub
|
76
|
+
target_dir = opts[:target_dir].to_s.scrub
|
77
|
+
|
78
|
+
raise "ERROR: #{target_dir} Does Not Exist." unless Dir.exist?(target_dir)
|
79
|
+
|
80
|
+
params = {}
|
81
|
+
page = 1
|
82
|
+
response_json = [{}]
|
83
|
+
while response_json.any?
|
84
|
+
params[:page] = page
|
85
|
+
response_body = github_rest_call(
|
86
|
+
rest_call: "users/#{username}/gists",
|
87
|
+
params: params
|
88
|
+
).body
|
89
|
+
|
90
|
+
Dir.chdir(target_dir)
|
91
|
+
response_json = JSON.parse(response_body, symbolize_names: true)
|
92
|
+
response_json.each do |gist_hash|
|
93
|
+
clone_dir = gist_hash[:id]
|
94
|
+
clone_uri = gist_hash[:git_pull_url]
|
95
|
+
next if Dir.exist?(clone_dir)
|
96
|
+
|
97
|
+
print "Cloning: #{clone_uri}..."
|
98
|
+
system('git', 'clone', clone_uri)
|
99
|
+
puts 'complete.'
|
100
|
+
end
|
101
|
+
|
102
|
+
page += 1
|
103
|
+
end
|
104
|
+
|
105
|
+
response_json
|
106
|
+
rescue StandardError => e
|
107
|
+
raise e
|
108
|
+
end
|
109
|
+
|
110
|
+
# Author(s):: 0day Inc. <request.pentest@0dayinc.com>
|
111
|
+
|
112
|
+
public_class_method def self.authors
|
113
|
+
"AUTHOR(S):
|
114
|
+
0day Inc. <request.pentest@0dayinc.com>
|
115
|
+
"
|
116
|
+
end
|
117
|
+
|
118
|
+
# Display Usage for this Module
|
119
|
+
|
120
|
+
public_class_method def self.help
|
121
|
+
puts "USAGE:
|
122
|
+
response_json = #{self}.download_all_gists(
|
123
|
+
username: 'required - username of gists to download',
|
124
|
+
target_dir: 'required - target directory to save respective gists'
|
125
|
+
)
|
126
|
+
|
127
|
+
#{self}.authors
|
128
|
+
"
|
129
|
+
end
|
130
|
+
end
|
131
|
+
end
|
132
|
+
end
|
data/lib/pwn/plugins.rb
CHANGED
@@ -25,6 +25,7 @@ module PWN
|
|
25
25
|
autoload :FileFu, 'pwn/plugins/file_fu'
|
26
26
|
autoload :Fuzz, 'pwn/plugins/fuzz'
|
27
27
|
autoload :Git, 'pwn/plugins/git'
|
28
|
+
autoload :Github, 'pwn/plugins/github'
|
28
29
|
autoload :HackerOne, 'pwn/plugins/hacker_one'
|
29
30
|
autoload :IBMAppscan, 'pwn/plugins/ibm_appscan'
|
30
31
|
autoload :IPInfo, 'pwn/plugins/ip_info'
|
data/lib/pwn/version.rb
CHANGED
@@ -0,0 +1,15 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'spec_helper'
|
4
|
+
|
5
|
+
describe PWN::Plugins::Github do
|
6
|
+
it 'should display information for authors' do
|
7
|
+
authors_response = PWN::Plugins::Github
|
8
|
+
expect(authors_response).to respond_to :authors
|
9
|
+
end
|
10
|
+
|
11
|
+
it 'should display information for existing help method' do
|
12
|
+
help_response = PWN::Plugins::Github
|
13
|
+
expect(help_response).to respond_to :help
|
14
|
+
end
|
15
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: pwn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.4.
|
4
|
+
version: 0.4.502
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- 0day Inc.
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-06-
|
11
|
+
date: 2022-06-21 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|
@@ -506,14 +506,14 @@ dependencies:
|
|
506
506
|
requirements:
|
507
507
|
- - '='
|
508
508
|
- !ruby/object:Gem::Version
|
509
|
-
version: 1.
|
509
|
+
version: 1.4.0
|
510
510
|
type: :runtime
|
511
511
|
prerelease: false
|
512
512
|
version_requirements: !ruby/object:Gem::Requirement
|
513
513
|
requirements:
|
514
514
|
- - '='
|
515
515
|
- !ruby/object:Gem::Version
|
516
|
-
version: 1.
|
516
|
+
version: 1.4.0
|
517
517
|
- !ruby/object:Gem::Dependency
|
518
518
|
name: pry
|
519
519
|
requirement: !ruby/object:Gem::Requirement
|
@@ -1558,6 +1558,7 @@ files:
|
|
1558
1558
|
- lib/pwn/plugins/file_fu.rb
|
1559
1559
|
- lib/pwn/plugins/fuzz.rb
|
1560
1560
|
- lib/pwn/plugins/git.rb
|
1561
|
+
- lib/pwn/plugins/github.rb
|
1561
1562
|
- lib/pwn/plugins/hacker_one.rb
|
1562
1563
|
- lib/pwn/plugins/http_intercept_helper.rb
|
1563
1564
|
- lib/pwn/plugins/ibm_appscan.rb
|
@@ -1856,6 +1857,7 @@ files:
|
|
1856
1857
|
- spec/lib/pwn/plugins/file_fu_spec.rb
|
1857
1858
|
- spec/lib/pwn/plugins/fuzz_spec.rb
|
1858
1859
|
- spec/lib/pwn/plugins/git_spec.rb
|
1860
|
+
- spec/lib/pwn/plugins/github_spec.rb
|
1859
1861
|
- spec/lib/pwn/plugins/hacker_one_spec.rb
|
1860
1862
|
- spec/lib/pwn/plugins/ibm_appscan_spec.rb
|
1861
1863
|
- spec/lib/pwn/plugins/ip_info_spec.rb
|