pwn 0.4.514 → 0.4.515
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rubocop_todo.yml +17 -11
- data/Gemfile +8 -7
- data/README.md +2 -2
- data/bin/pwn_fuzz_net_app_proto +4 -1
- data/bin/pwn_phone +124 -0
- data/bin/pwn_sast +7 -2
- data/lib/pwn/plugins/baresip.rb +632 -0
- data/lib/pwn/plugins/serial.rb +1 -1
- data/lib/pwn/plugins/sock.rb +32 -0
- data/lib/pwn/plugins/thread_pool.rb +19 -5
- data/lib/pwn/plugins.rb +1 -0
- data/lib/pwn/reports/phone.rb +294 -0
- data/lib/pwn/reports.rb +1 -0
- data/lib/pwn/version.rb +1 -1
- data/spec/lib/pwn/reports/phone_spec.rb +15 -0
- metadata +35 -16
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: d213bd6069446fabef5447090fc754994f86457556a7d0903d5eabda5109e3d2
|
4
|
+
data.tar.gz: 435746482f7983186fc71e378b7166b8475f0f66c3fd19ad43959f7543612055
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: d87354ab3febe6fa1b849cf0000dc6a615aa11397bd66312c00c89dd5b203a7598b99aa4a14268ccdb0aa330f7c74ca643893a1120b0d54abf8e3bd205311759
|
7
|
+
data.tar.gz: 7d3ac8f14e6cfdf04e719417f151bb114d70e3d78473a4d95fba88ca999cecdb268589441f523d971be6810ddfd170328c3b7c840df9faf896a4106a5c480d3c
|
data/.rubocop_todo.yml
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
# This configuration was generated by
|
2
2
|
# `rubocop --auto-gen-config`
|
3
|
-
# on 2022-07-
|
3
|
+
# on 2022-07-28 21:42:33 UTC using RuboCop version 1.31.2.
|
4
4
|
# The point is for the user to remove these configuration records
|
5
5
|
# one by one as the offenses are removed from the code base.
|
6
6
|
# Note that changes in the inspected code, or installation of new
|
@@ -17,42 +17,48 @@ Layout/LineContinuationSpacing:
|
|
17
17
|
- 'packer/provisioners/wpscan.rb'
|
18
18
|
- 'vagrant/provisioners/beef.rb'
|
19
19
|
|
20
|
-
# Offense count:
|
20
|
+
# Offense count: 1
|
21
|
+
# This cop supports unsafe autocorrection (--autocorrect-all).
|
22
|
+
Lint/NonAtomicFileOperation:
|
23
|
+
Exclude:
|
24
|
+
- 'lib/pwn/plugins/baresip.rb'
|
25
|
+
|
26
|
+
# Offense count: 264
|
21
27
|
Lint/UselessAssignment:
|
22
28
|
Enabled: false
|
23
29
|
|
24
|
-
# Offense count:
|
30
|
+
# Offense count: 263
|
25
31
|
# Configuration parameters: IgnoredMethods, CountRepeatedAttributes.
|
26
32
|
Metrics/AbcSize:
|
27
33
|
Max: 328
|
28
34
|
|
29
|
-
# Offense count:
|
35
|
+
# Offense count: 66
|
30
36
|
# Configuration parameters: CountComments, CountAsOne, ExcludedMethods, IgnoredMethods.
|
31
37
|
# IgnoredMethods: refine
|
32
38
|
Metrics/BlockLength:
|
33
39
|
Max: 196
|
34
40
|
|
35
|
-
# Offense count:
|
41
|
+
# Offense count: 44
|
36
42
|
# Configuration parameters: CountBlocks.
|
37
43
|
Metrics/BlockNesting:
|
38
44
|
Max: 5
|
39
45
|
|
40
|
-
# Offense count:
|
46
|
+
# Offense count: 94
|
41
47
|
# Configuration parameters: IgnoredMethods.
|
42
48
|
Metrics/CyclomaticComplexity:
|
43
49
|
Max: 231
|
44
50
|
|
45
|
-
# Offense count:
|
51
|
+
# Offense count: 481
|
46
52
|
# Configuration parameters: CountComments, CountAsOne, ExcludedMethods, IgnoredMethods.
|
47
53
|
Metrics/MethodLength:
|
48
54
|
Max: 466
|
49
55
|
|
50
|
-
# Offense count:
|
56
|
+
# Offense count: 44
|
51
57
|
# Configuration parameters: CountComments, CountAsOne.
|
52
58
|
Metrics/ModuleLength:
|
53
59
|
Max: 1186
|
54
60
|
|
55
|
-
# Offense count:
|
61
|
+
# Offense count: 86
|
56
62
|
# Configuration parameters: IgnoredMethods.
|
57
63
|
Metrics/PerceivedComplexity:
|
58
64
|
Max: 51
|
@@ -81,12 +87,12 @@ Style/RedundantCondition:
|
|
81
87
|
- 'bin/pwn_simple_http_server'
|
82
88
|
- 'lib/pwn/plugins/packet.rb'
|
83
89
|
|
84
|
-
# Offense count:
|
90
|
+
# Offense count: 43
|
85
91
|
# This cop supports unsafe autocorrection (--autocorrect-all).
|
86
92
|
Style/SlicingWithRange:
|
87
93
|
Enabled: false
|
88
94
|
|
89
|
-
# Offense count:
|
95
|
+
# Offense count: 564
|
90
96
|
# This cop supports safe autocorrection (--autocorrect).
|
91
97
|
# Configuration parameters: AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, AllowedPatterns, IgnoredPatterns.
|
92
98
|
# URISchemes: http, https
|
data/Gemfile
CHANGED
@@ -18,13 +18,14 @@ gem 'aws-sdk', '3.1.0'
|
|
18
18
|
gem 'bettercap', '1.6.2'
|
19
19
|
gem 'brakeman', '5.2.3'
|
20
20
|
gem 'bson', '4.15.0'
|
21
|
-
gem 'bundler', '>=2.3.
|
21
|
+
gem 'bundler', '>=2.3.19'
|
22
22
|
gem 'bundler-audit', '0.9.1'
|
23
23
|
gem 'bunny', '2.19.0'
|
24
24
|
gem 'colorize', '0.8.1'
|
25
25
|
gem 'credit_card_validations', '5.0.0'
|
26
26
|
gem 'eventmachine', '1.2.7'
|
27
27
|
gem 'faye-websocket', '0.11.1'
|
28
|
+
gem 'fftw3', '0.3'
|
28
29
|
gem 'gdb', '1.0.0'
|
29
30
|
gem 'gist', '6.0.0'
|
30
31
|
gem 'htmlentities', '4.3.4'
|
@@ -36,18 +37,18 @@ gem 'jsonpath', '1.1.2'
|
|
36
37
|
gem 'jwt', '2.4.1'
|
37
38
|
gem 'luhn', '1.0.2'
|
38
39
|
gem 'mail', '2.7.1'
|
39
|
-
gem 'mongo', '2.
|
40
|
+
gem 'mongo', '2.18.1'
|
40
41
|
gem 'msfrpc-client', '1.1.2'
|
41
42
|
gem 'net-ldap', '0.17.1'
|
42
43
|
gem 'net-openvpn', '0.8.7'
|
43
44
|
gem 'net-smtp', '0.3.1'
|
44
45
|
gem 'nexpose', '7.3.0'
|
45
|
-
gem 'nokogiri', '1.13.
|
46
|
+
gem 'nokogiri', '1.13.8'
|
46
47
|
gem 'oily_png', '1.2.1'
|
47
48
|
gem 'os', '1.1.4'
|
48
49
|
gem 'packetfu', '1.1.13'
|
49
50
|
gem 'pdf-reader', '2.10.0'
|
50
|
-
gem 'pg', '1.4.
|
51
|
+
gem 'pg', '1.4.2'
|
51
52
|
gem 'pry', '0.14.1'
|
52
53
|
gem 'pry-doc', '1.3.0'
|
53
54
|
gem 'rake', '13.0.6'
|
@@ -56,10 +57,10 @@ gem 'rbvmomi', '3.0.0'
|
|
56
57
|
gem 'rdoc', '6.4.0'
|
57
58
|
gem 'rest-client', '2.1.0'
|
58
59
|
gem 'rex', '2.0.13'
|
59
|
-
gem 'rmagick', '4.2.
|
60
|
+
gem 'rmagick', '4.2.6'
|
60
61
|
gem 'rspec', '3.11.0'
|
61
62
|
gem 'rtesseract', '3.1.2'
|
62
|
-
gem 'rubocop', '1.
|
63
|
+
gem 'rubocop', '1.32.0'
|
63
64
|
gem 'rubocop-rake', '0.6.0'
|
64
65
|
gem 'rubocop-rspec', '2.12.1'
|
65
66
|
gem 'ruby-audio', '1.6.1'
|
@@ -69,7 +70,7 @@ gem 'rvm', '1.11.3.9'
|
|
69
70
|
gem 'savon', '2.12.1'
|
70
71
|
gem 'selenium-devtools', '0.103.1'
|
71
72
|
gem 'serialport', '1.3.2'
|
72
|
-
gem 'sinatra', '2.2.
|
73
|
+
gem 'sinatra', '2.2.2'
|
73
74
|
gem 'slack-ruby-client', '1.1.0'
|
74
75
|
gem 'socksify', '1.7.1'
|
75
76
|
gem 'spreadsheet', '1.3.0'
|
data/README.md
CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.1.2@pwn
|
|
37
37
|
$ rvm list gemsets
|
38
38
|
$ gem install --verbose pwn
|
39
39
|
$ pwn
|
40
|
-
pwn[v0.4.
|
40
|
+
pwn[v0.4.515]:001 >>> PWN.help
|
41
41
|
```
|
42
42
|
|
43
43
|
[![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.1.2@pwn
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
53
53
|
$ gem install --verbose pwn
|
54
54
|
$ pwn
|
55
|
-
pwn[v0.4.
|
55
|
+
pwn[v0.4.515]:001 >>> PWN.help
|
56
56
|
```
|
57
57
|
|
58
58
|
|
data/bin/pwn_fuzz_net_app_proto
CHANGED
@@ -102,7 +102,10 @@ mutex = Mutex.new
|
|
102
102
|
slice = max_threads * 3
|
103
103
|
File.open(fuzz_file, "rb:#{char_encoding}") do |file|
|
104
104
|
file.each_slice(slice) do |payload_batch_arr|
|
105
|
-
PWN::Plugins::ThreadPool.fill(
|
105
|
+
PWN::Plugins::ThreadPool.fill(
|
106
|
+
enumerable_array: payload_batch_arr,
|
107
|
+
max_threads: max_threads
|
108
|
+
) do |payload|
|
106
109
|
socket_fuzz_results_arr = PWN::Plugins::Fuzz.socket(
|
107
110
|
target: target,
|
108
111
|
port: port,
|
data/bin/pwn_phone
ADDED
@@ -0,0 +1,124 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
require 'pwn'
|
5
|
+
require 'optparse'
|
6
|
+
require 'fileutils'
|
7
|
+
require 'ruby-audio'
|
8
|
+
require 'fftw3'
|
9
|
+
require 'waveform'
|
10
|
+
|
11
|
+
opts = {}
|
12
|
+
OptionParser.new do |options|
|
13
|
+
options.banner = "USAGE:
|
14
|
+
#{$PROGRAM_NAME} [opts]
|
15
|
+
"
|
16
|
+
|
17
|
+
options.on('-tPATH', '--target-file=PATH', '<Required - File Containing List of Targets to Dial>') do |t|
|
18
|
+
opts[:target_file] = t
|
19
|
+
end
|
20
|
+
|
21
|
+
options.on('-sSEC', '--seconds-to-record=SEC', '<Optional - Seconds to Record (Defaults to 60)>') do |s|
|
22
|
+
opts[:seconds_to_record] = s
|
23
|
+
end
|
24
|
+
|
25
|
+
options.on('-TTHREADS', '--max-threads=THREADS', '<Optional # Calls to Run Simultaneously (Defaults to 3 - update "call_max_calls" in ~/.baresip/config if > 4)>') do |t|
|
26
|
+
opts[:max_threads] = t
|
27
|
+
end
|
28
|
+
|
29
|
+
options.on('-bPATH', '--baresip-binary=PATH', '<Optional - Path to baresip Binary (Defaults to /usr/bin/baresip)>') do |bs|
|
30
|
+
opts[:baresip_bin] = bs
|
31
|
+
end
|
32
|
+
|
33
|
+
options.on('-SSOX', '--sox-path=SOX', '<Optional - Path to SoX Binary, the Swiss Army knife of Audio (Defaults to /usr/bin/sox)>') do |sox|
|
34
|
+
opts[:sox_bin] = sox
|
35
|
+
end
|
36
|
+
|
37
|
+
options.on('-rDIR', '--session-root=DIR', '<Optional - Directory to Store Session Files (Defaults to Present Working Directory))>') do |sr|
|
38
|
+
opts[:session_root] = sr
|
39
|
+
end
|
40
|
+
|
41
|
+
options.on('-R', '--[no-]randomize', '<Optional - Randomize Number Range (Defaults to false)>') do |r|
|
42
|
+
opts[:randomize] = r
|
43
|
+
end
|
44
|
+
|
45
|
+
options.on('-h', '--[no-]start-reporting-server', '<Optional - Start Simple HTTP Server for Reporting>') do |s|
|
46
|
+
opts[:start_reporting_server] = s
|
47
|
+
end
|
48
|
+
|
49
|
+
options.on('-xRULES', '--source-num-rules=RULES', '<Optional - Comma-delimited list of rules for src_num format (i.e. self, same_country, same_area, and/or same_prefix [Defaults to random src_num w/ same length as target_num])>') do |x|
|
50
|
+
opts[:src_num_rules] = x
|
51
|
+
end
|
52
|
+
|
53
|
+
# TODO: Add an hours of operation flag.
|
54
|
+
# TODO: Add a resume feature to resume session following an interruption.
|
55
|
+
# TODO: Append results to pwn_phone_results.json as things are running #save_memory.
|
56
|
+
end.parse!
|
57
|
+
|
58
|
+
if opts.empty?
|
59
|
+
puts `#{$PROGRAM_NAME} --help`
|
60
|
+
exit 1
|
61
|
+
end
|
62
|
+
|
63
|
+
begin
|
64
|
+
pwn_provider = ENV.fetch('PWN_PROVIDER') if ENV.fetch('PWN_PROVIDER')
|
65
|
+
$stdout.sync = true
|
66
|
+
|
67
|
+
# Required Flag Variables
|
68
|
+
target_file = opts[:target_file]
|
69
|
+
max_threads = opts[:max_threads]
|
70
|
+
seconds_to_record = opts[:seconds_to_record]
|
71
|
+
baresip_bin = opts[:baresip_bin]
|
72
|
+
sox_bin = opts[:sox_bin]
|
73
|
+
session_root = opts[:session_root]
|
74
|
+
session_root ||= Dir.pwd
|
75
|
+
|
76
|
+
# Optional Flag Variables
|
77
|
+
randomize = opts[:randomize]
|
78
|
+
start_reporting_server = opts[:start_reporting_server]
|
79
|
+
src_num_rules = opts[:src_num_rules]
|
80
|
+
|
81
|
+
# Initiallize Phone Reconaissance
|
82
|
+
results_hash = PWN::Plugins::BareSIP.recon(
|
83
|
+
baresip_bin: baresip_bin,
|
84
|
+
session_root: session_root,
|
85
|
+
target_file: target_file,
|
86
|
+
randomize: randomize,
|
87
|
+
src_num_rules: src_num_rules,
|
88
|
+
seconds_to_record: seconds_to_record,
|
89
|
+
sox_bin: sox_bin
|
90
|
+
)
|
91
|
+
|
92
|
+
# Generate HTML Report
|
93
|
+
print "#{$PROGRAM_NAME} Generating Report..."
|
94
|
+
PWN::Reports::Phone.generate(
|
95
|
+
dir_path: session_root,
|
96
|
+
results_hash: results_hash
|
97
|
+
)
|
98
|
+
puts 'complete.'
|
99
|
+
|
100
|
+
# Start Simple HTTP Server (If Requested)
|
101
|
+
if start_reporting_server
|
102
|
+
listen_port = Random.rand(1_025..65_535).to_s
|
103
|
+
|
104
|
+
if pwn_provider == 'docker'
|
105
|
+
listen_ip = '0.0.0.0'
|
106
|
+
else
|
107
|
+
listen_ip = '127.0.0.1'
|
108
|
+
end
|
109
|
+
|
110
|
+
puts "For Scan Results Navigate to: http://127.0.0.1:#{listen_port}/pwn_phone.html"
|
111
|
+
Dir.chdir(session_root)
|
112
|
+
system(
|
113
|
+
'pwn_simple_http_server',
|
114
|
+
'-i',
|
115
|
+
listen_ip,
|
116
|
+
'-p',
|
117
|
+
listen_port
|
118
|
+
)
|
119
|
+
end
|
120
|
+
rescue StandardError => e
|
121
|
+
raise e.message
|
122
|
+
rescue SystemExit, Interrupt
|
123
|
+
puts "\nGoodbye."
|
124
|
+
end
|
data/bin/pwn_sast
CHANGED
@@ -49,7 +49,9 @@ begin
|
|
49
49
|
green = "\e[32m"
|
50
50
|
end_of_color = "\e[0m"
|
51
51
|
|
52
|
-
dir_path = opts[:dir_path]
|
52
|
+
dir_path = opts[:dir_path]
|
53
|
+
dir_path ||= '.'
|
54
|
+
|
53
55
|
uri_source_root = opts[:uri_source_root].to_s.scrub
|
54
56
|
max_threads = opts[:max_threads]
|
55
57
|
chosen_test_cases = opts[:chosen_test_cases]
|
@@ -121,7 +123,10 @@ begin
|
|
121
123
|
|
122
124
|
mutex = Mutex.new
|
123
125
|
|
124
|
-
PWN::Plugins::ThreadPool.fill(
|
126
|
+
PWN::Plugins::ThreadPool.fill(
|
127
|
+
enumerable_array: test_cases,
|
128
|
+
max_threads: max_threads
|
129
|
+
) do |test_case|
|
125
130
|
sca_arr = PWN::SAST.const_get(
|
126
131
|
test_case.to_s.scrub
|
127
132
|
).scan(
|