pwn 0.4.544 → 0.4.545

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f8944f6a6ce43d7ce2fe3948eb8bf4b8de7c5accc94d8f37be86b7581cb952e0
-  data.tar.gz: f1ef22cee1d4ab5cacdd64b14245632d19e3c02a67a064d59ab8d3fd0be291ae
+  metadata.gz: a482ad2be090b5fc318d1048fd48f6936906ec7f50ec3e5732c7fbda412f17e0
+  data.tar.gz: 8a5d6ad28f6e45bbcbffe34e29a3f558f142b054c46360a0ebabf3dd8b66b7c0
 SHA512:
-  metadata.gz: c72fd4c00372738bdc81e0f5c5c8525d76a853af4f763dffc56e368acda60cc81558bf2ae0cc6131744605aaeb0ef0f378c9aea253cf7717858ca8b3f39a5982
-  data.tar.gz: 5edcca18466c004b1490dbb8e3ee724f6ea3f1b514cad39db54677bc4cbaa1a6d375f7bc4f190a3115420350ebd77c27382a8f33c409ced50132c5553337ae16
+  metadata.gz: 3557a95e19c60f023ef6099c58351cee88c3e98f675de6c8e3806e360a7c0eeb4a26fcd0b44a6d306829d8460ba604e6b303e1593a6d26c923ea89e60cc1be69
+  data.tar.gz: 1a58439197b28adecbfd79a67922bd39a655df2f6cc1d2a83508c7c47a58bdb77251619ba3bb702f6827c4bd146246d8e2ff9f949b970851748a112f36982660

data/.rubocop_todo.yml

@@ -1,6 +1,6 @@
 # This configuration was generated by
 # `rubocop --auto-gen-config`
-# on 2022-08-29 16:58:30 UTC using RuboCop version 1.35.1.
+# on 2022-09-23 22:54:28 UTC using RuboCop version 1.36.0.
 # The point is for the user to remove these configuration records
 # one by one as the offenses are removed from the code base.
 # Note that changes in the inspected code, or installation of new
@@ -17,51 +17,51 @@ Layout/LineContinuationSpacing:
     - 'packer/provisioners/wpscan.rb'
     - 'vagrant/provisioners/beef.rb'
 
-# Offense count: 264
+# Offense count: 265
 Lint/UselessAssignment:
   Enabled: false
 
-# Offense count: 264
+# Offense count: 266
 # Configuration parameters: AllowedMethods, AllowedPatterns, IgnoredMethods, CountRepeatedAttributes.
 Metrics/AbcSize:
   Max: 328
 
-# Offense count: 68
+# Offense count: 71
 # Configuration parameters: CountComments, CountAsOne, ExcludedMethods, AllowedMethods, AllowedPatterns, IgnoredMethods.
 # AllowedMethods: refine
 Metrics/BlockLength:
   Max: 196
 
-# Offense count: 44
+# Offense count: 46
 # Configuration parameters: CountBlocks.
 Metrics/BlockNesting:
   Max: 5
 
-# Offense count: 94
+# Offense count: 96
 # Configuration parameters: AllowedMethods, AllowedPatterns, IgnoredMethods.
 Metrics/CyclomaticComplexity:
   Max: 231
 
-# Offense count: 482
+# Offense count: 484
 # Configuration parameters: CountComments, CountAsOne, ExcludedMethods, AllowedMethods, AllowedPatterns, IgnoredMethods.
 Metrics/MethodLength:
   Max: 466
 
-# Offense count: 47
+# Offense count: 48
 # Configuration parameters: CountComments, CountAsOne.
 Metrics/ModuleLength:
   Max: 1186
 
-# Offense count: 86
+# Offense count: 88
 # Configuration parameters: AllowedMethods, AllowedPatterns, IgnoredMethods.
 Metrics/PerceivedComplexity:
   Max: 51
 
-# Offense count: 162
+# Offense count: 164
 Style/ClassVars:
   Enabled: false
 
-# Offense count: 284
+# Offense count: 285
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: EnforcedStyle, SingleLineConditionsOnly, IncludeTernaryExpressions.
 # SupportedStyles: assign_to_condition, assign_inside_condition
@@ -74,6 +74,12 @@ Style/ExplicitBlockArgument:
   Exclude:
     - 'lib/pwn/plugins/nmap_it.rb'
 
+# Offense count: 1
+# This cop supports safe autocorrection (--autocorrect).
+Style/IfUnlessModifier:
+  Exclude:
+    - 'lib/pwn/plugins/baresip.rb'
+
 # Offense count: 1
 # This cop supports safe autocorrection (--autocorrect).
 Style/RedundantBegin:
@@ -87,12 +93,12 @@ Style/RedundantCondition:
     - 'bin/pwn_simple_http_server'
     - 'lib/pwn/plugins/packet.rb'
 
-# Offense count: 43
+# Offense count: 45
 # This cop supports unsafe autocorrection (--autocorrect-all).
 Style/SlicingWithRange:
   Enabled: false
 
-# Offense count: 570
+# Offense count: 577
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, AllowedPatterns, IgnoredPatterns.
 # URISchemes: http, https

data/Gemfile

@@ -57,12 +57,12 @@ gem 'rbvmomi', '3.0.0'
 gem 'rdoc', '6.4.0'
 gem 'rest-client', '2.1.0'
 gem 'rex', '2.0.13'
-gem 'rmagick', '4.2.6'
+gem 'rmagick', '4.3.0'
 gem 'rspec', '3.11.0'
 gem 'rtesseract', '3.1.2'
 gem 'rubocop', '1.36.0'
 gem 'rubocop-rake', '0.6.0'
-gem 'rubocop-rspec', '2.13.1'
+gem 'rubocop-rspec', '2.13.2'
 gem 'ruby-audio', '1.6.1'
 gem 'ruby-nmap', '0.10.0'
 gem 'ruby-saml', '1.14.0'
@@ -70,7 +70,7 @@ gem 'rvm', '1.11.3.9'
 gem 'savon', '2.13.1'
 gem 'selenium-devtools', '0.105.0'
 gem 'serialport', '1.3.2'
-gem 'sinatra', '2.2.2'
+gem 'sinatra', '3.0.1'
 gem 'slack-ruby-client', '1.1.0'
 gem 'socksify', '1.7.1'
 gem 'spreadsheet', '1.3.0'

data/README.md

@@ -37,7 +37,7 @@ $ rvm use ruby-3.1.2@pwn
 $ rvm list gemsets
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.544]:001 >>> PWN.help
+pwn[v0.4.545]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.1.2@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.544]:001 >>> PWN.help
+pwn[v0.4.545]:001 >>> PWN.help
 ```
 
 

data/bin/pwn_phone

@@ -22,7 +22,7 @@ OptionParser.new do |options|
     opts[:seconds_to_record] = s
   end
 
-  options.on('-TTHREADS', '--max-threads=THREADS', '<Optional # Calls to Run Simultaneously (Defaults to 3 - update "call_max_calls" in ~/.baresip/config if > 4)>') do |t|
+  options.on('-TTHREADS', '--max-threads=THREADS', '<Optional # Calls to Run Simultaneously (Defaults to 3)>') do |t|
     opts[:max_threads] = t
   end
 

data/lib/pwn/plugins/baresip.rb

@@ -17,7 +17,7 @@ module PWN
       private_class_method def self.baresip_http_call(opts = {})
         baresip_obj = opts[:baresip_obj]
         cmd = opts[:cmd]
-        http_listen_ip_port = baresip_obj[:http_listen_ip_port]
+        http_listen_ip_port = opts[:http_listen_ip_port]
         baresip_url = "http://#{http_listen_ip_port}"
 
         max_conn_attempts = 30
@@ -37,7 +37,7 @@ module PWN
           )
 
           Nokogiri::HTML.parse(response)
-        rescue Errno::ECONNREFUSED
+        rescue Errno::ECONNREFUSED => e
           raise e if conn_attempt > max_conn_attempts
 
           sleep 1
@@ -58,6 +58,7 @@ module PWN
       #   baresip_bin: 'Optional path of baresip binary (Defaults to /usr/bin/baresip)',
       #   config_root: 'Optional dir of baresip config (Defaults to ~/.baresip)',
       #   session_root: 'Optional dir of baresip session (Defaults to Dir.pwd)',
+      #   screenlog_path: 'Optional path of screenlog file (Defaults to screenlog.txt)',
       #   screen_session: 'Optional name of screen session (Defaults baresip)'
       # )
 
@@ -69,8 +70,6 @@ module PWN
         )
         baresip_bin ||= '/usr/bin/baresip'
 
-        baresip_obj = {}
-
         session_root = opts[:session_root] if Dir.exist?(opts[:session_root].to_s)
 
         config_root = opts[:config_root] if Dir.exist?(
@@ -84,7 +83,34 @@ module PWN
 
         raise "no http_listen value found in #{config}." if http_list_entry.empty?
 
-        http_listen_ip_port = http_list_entry.last.split.grep(/:/).last
+        # Update http_listen value in respective config with random available port
+        random_port = -1
+        port_in_use = true
+        while port_in_use
+          random_port = Random.rand(1024..65_535)
+          port_in_use = PWN::Plugins::Sock.check_port_in_use(port: random_port)
+        end
+        http_listen_ip_port = "127.0.0.1:#{random_port}"
+
+        updated_config_content = ''
+        File.read(config).each_line do |line|
+          this_config_line = line
+          # Only allow one call per thread.
+          this_config_line = "call_max_calls 1\n" if line.match?(/^call_max_calls\s.+$/)
+
+          # One random HTTP listener / thread
+          if line.match?(/^http_listen\s.+$/)
+            this_config_line = "http_listen #{http_listen_ip_port}\n"
+          end
+          updated_config_content = "#{updated_config_content}#{this_config_line}"
+        end
+        File.write(config, updated_config_content)
+
+        baresip_obj = {}
+
+        screenlog_path = opts[:screenlog_path]
+        screenlog_path ||= "#{session_root}/screenlog.txt"
+        baresip_obj[:screenlog_path] = screenlog_path
 
         screen_session = opts[:screen_session]
         screen_session ||= 'baresip'
@@ -94,9 +120,6 @@ module PWN
         baresip_obj[:session_root] = session_root
         baresip_obj[:screen_session] = screen_session
 
-        screenlog_file = 'screenlog.txt'
-        baresip_obj[:screenlog_file] = screenlog_file
-
         # Prefer running baresip in detached screen vs --daemon mode
         # Since sndfile doesn't produce .wav files in --daemon mode
         system(
@@ -105,7 +128,7 @@ module PWN
           'xterm',
           '-L',
           '-Logfile',
-          screenlog_file,
+          screenlog_path,
           '-S',
           screen_session,
           '-d',
@@ -116,7 +139,8 @@ module PWN
           '-e',
           '/insmod httpd',
           '-e',
-          '/insmod sndfile'
+          '/insmod sndfile',
+          '-v'
         )
 
         baresip_obj[:session_thread] = init_session_thread(
@@ -155,17 +179,15 @@ module PWN
         baresip_obj = opts[:baresip_obj]
 
         session_root = baresip_obj[:session_root]
-        screenlog_file = baresip_obj[:screenlog_file]
-
-        screenlog = "#{session_root}/#{screenlog_file}"
+        screenlog_path = baresip_obj[:screenlog_path]
 
         # Spin up a baresip_obj session_thread
         Thread.new do
           loop do
-            next unless File.exist?(screenlog)
+            next unless File.exist?(screenlog_path)
 
-            # Continuously consume contents of screenlog.0
-            @session_data = File.readlines(screenlog)
+            # Continuously consume contents of screenlog_path
+            @session_data = File.readlines(screenlog_path)
             @session_data.delete_if do |line|
               line.include?('ua: using best effort AF: af=AF_INET')
             end
@@ -203,10 +225,12 @@ module PWN
 
       public_class_method def self.baresip_exec(opts = {})
         baresip_obj = opts[:baresip_obj]
+        http_listen_ip_port = baresip_obj[:http_listen_ip_port]
         cmd = opts[:cmd]
 
         baresip_http_call(
           baresip_obj: baresip_obj,
+          http_listen_ip_port: http_listen_ip_port,
           cmd: cmd
         )
       rescue StandardError => e
@@ -227,15 +251,11 @@ module PWN
 
         session_thread.terminate
 
-        system(
-          'screen',
-          '-X',
-          '-S',
-          screen_session,
-          'quit'
+        puts "STOPPING #{baresip_obj[:screen_session]}"
+        cmd_resp = baresip_exec(
+          baresip_obj: baresip_obj,
+          cmd: "/quit\r\n"
         )
-
-        baresip_obj = nil
       rescue StandardError => e
         raise e
       end
@@ -372,15 +392,11 @@ module PWN
 
       # Supported Method Parameters::
       # PWN::Plugins::BareSIP.recon(
-      #   baresip_obj: 'Required - baresip_obj returned from #start method',
-      #   target_num: 'Required - target destination to recon (i.e. phone number)',
-      #   src_num_rules: 'Optional - Comma-delimited list of rules for src_num format (i.e. self, same_country, same_area, and/or same_prefix [Defaults to random src_num w/ same length as target_num])',
-      #   seconds_to_record: 'Optional - Seconds to Record (Defaults to 60)',
-      #   sox_bin: 'Optional - Path to SoX Binary, the Swiss Army knife of Audio (Defaults to /usr/bin/sox)'
       # )
 
-      public_class_method def self.recon(opts = {})
+      public_class_method def self.dial_target_in_list(opts = {})
         baresip_bin = opts[:baresip_bin]
+        target_num = opts[:target_num]
 
         config_root = opts[:config_root] if Dir.exist?(
           opts[:config_root].to_s
@@ -389,15 +405,16 @@ module PWN
 
         session_root = opts[:session_root]
         session_root ||= Dir.pwd
-        target_file = opts[:target_file]
+
         randomize = opts[:randomize]
         src_num_rules = opts[:src_num_rules]
-        max_threads = opts[:max_threads].to_i
-        max_threads = 3 if max_threads.zero?
+
         seconds_to_record = opts[:seconds_to_record].to_i
         seconds_to_record = 60 if seconds_to_record.zero?
+
         sox_bin = opts[:sox_bin] if File.exist?(opts[:sox_bin].to_s)
         sox_bin ||= '/usr/bin/sox'
+
         waveform_bin = 'waveform'
 
         # Intialize empty baresip obj for ensure block below
@@ -410,222 +427,243 @@ module PWN
         cayan = "\e[36m"
         end_of_color = "\e[0m"
 
-        target_range = parse_target_file(
-          target_file: target_file,
-          randomize: randomize
+        config_root_for_target_num = "#{config_root}-#{target_num}"
+        FileUtils.cp_r(config_root, config_root_for_target_num)
+        src_num = apply_src_num_rules(
+          config_root: config_root_for_target_num,
+          target_num: target_num,
+          src_num_rules: src_num_rules
         )
 
-        results_hash = {
-          session_started: Time.now.strftime('%Y-%m-%d_%H.%M.%S'),
-          data: []
-        }
-
-        # TODO: Multi-thread!
-        # mutex = Mutex.new
-        # PWN::Plugins::ThreadPool.fill(
-        #   enumerable_array: target_range,
-        #   max_threads: max_threads
-        # ) do |target_num|
-        target_range.each_with_index do |target_num, index|
-          call_count = index + 1
-          puts "Call #{call_count} of #{target_range.length}..."
-
-          # Change to session_root _before_ starting to ensure
-          # wav files are stored in the proper location
-          Dir.chdir(session_root)
-
-          src_num = apply_src_num_rules(
-            config_root: config_root,
-            target_num: target_num,
-            src_num_rules: src_num_rules
-          )
-
-          call_info_hash = {}
+        call_resp_hash = {}
+
+        call_started = Time.now.strftime('%Y-%m-%d_%H.%M.%S')
+
+        call_resp_hash[:call_started] = call_started
+        call_resp_hash[:src_num] = src_num
+        call_resp_hash[:src_num_rules] = src_num_rules
+        call_resp_hash[:target_num] = target_num
+        target_num_root = "#{session_root}/#{target_num}-#{call_started}"
+        Dir.mkdir(target_num_root)
+
+        screenlog_path = "#{target_num_root}/screenlog-#{target_num}.txt"
+        screen_session = "#{File.basename($PROGRAM_NAME)}-#{target_num}"
+
+        # Start baresip in detached screen to support commands over HTTP
+        # and call recording to wav files
+        baresip_obj = start(
+          src_num: src_num,
+          baresip_bin: baresip_bin,
+          config_root: config_root_for_target_num,
+          session_root: session_root,
+          screenlog_path: screenlog_path,
+          screen_session: screen_session
+        )
 
-          call_started = Time.now.strftime('%Y-%m-%d_%H.%M.%S')
+        # session_root = baresip_obj[:session_root]
+        config_root = baresip_obj[:config_root]
+        config = "#{config_root}/config"
 
-          call_info_hash[:call_started] = call_started
-          call_info_hash[:src_num] = src_num
-          call_info_hash[:src_num_rules] = src_num_rules
-          call_info_hash[:target_num] = target_num
+        puts "#{green}#{call_started} >>>#{end_of_color}"
+        puts "#{yellow}dialing #{target_num}#{end_of_color}"
 
-          target_num_root = "#{session_root}/#{target_num}-#{call_started}"
+        cmd_resp = baresip_exec(
+          baresip_obj: baresip_obj,
+          cmd: "/dial #{target_num}\r\n"
+        )
+        puts "/dial #{target_num} RESP:"
+        puts cmd_resp.xpath('//pre').text
 
-          # TODO: Determine what to do w/ existing Directory
-          Dir.mkdir(target_num_root)
-          Dir.chdir(target_num_root)
+        cmd_resp = baresip_exec(
+          baresip_obj: baresip_obj,
+          cmd: "/listcalls\r\n"
+        )
+        puts '/listcalls RESP:'
+        puts cmd_resp.xpath('//pre').text
+
+        puts red
+        # Conditions to hangup when less than seconds_to_record
+        terminated = 'terminated (duration:'
+        unavail = '503 Service Unavailable'
+        not_found = 'session closed: 404 Not Found'
+
+        reason = 'recording limit reached'
+        seconds_recorded = 0
+        seconds_to_record.downto(1).each do |countdown|
+          seconds_recorded += 1
+          print "#{seconds_to_record}s to record - remaining: #{format('%-9.9s', countdown)}"
+          print "\r"
+
+          if dump_session_data.select { |s| s.include?(terminated) }.length.positive?
+            reason = 'call terminated by other party'
+            break
+          end
 
-          # Start baresip in detached screen to support commands over HTTP
-          # and call recording to wav files
-          baresip_obj = start(
-            src_num: src_num,
-            baresip_bin: baresip_bin,
-            session_root: target_num_root,
-            screen_session: "#{File.basename($PROGRAM_NAME)}-#{target_num}"
-          )
+          if dump_session_data.select { |s| s.include?(unavail) }.length.positive?
+            reason = 'SIP 503 (service unavailable)'
+            break
+          end
 
-          # session_root = baresip_obj[:session_root]
-          config_root = baresip_obj[:config_root]
-          config = "#{config_root}/config"
+          if dump_session_data.select { |s| s.include?(not_found) }.length.positive?
+            reason = 'SIP 404 (not found)'
+            break
+          end
 
-          puts "#{green}#{call_started} >>>#{end_of_color}"
-          puts "#{yellow}dialing #{target_num}#{end_of_color}"
+          sleep 1
+        end
+        call_resp_hash[:seconds_recorded] = seconds_recorded
+        puts end_of_color
+
+        call_stopped = Time.now.strftime('%Y-%m-%d_%H.%M.%S')
+        puts "\n#{green}#{call_stopped} >>> #{reason} #{target_num}#{end_of_color}"
+        call_resp_hash[:call_stopped] = call_stopped
+        call_resp_hash[:reason] = reason
+        puts "call termination reason: #{reason}"
+
+        stop(baresip_obj: baresip_obj)
+        FileUtils.rm_rf(config_root_for_target_num)
+
+        absolute_recording = ''
+        relative_recording = ''
+        Dir.glob("#{session_root}/dump-*#{target_num}*.wav").each do |path|
+          wav = File.basename(path)
+          File.delete(path) if wav.match(/^dump-.+#{target_num}.+-enc\.wav$/)
+          next unless wav.match(/^dump-.+#{target_num}.+-dec.wav/)
+
+          FileUtils.mv(path, target_num_root)
+          absolute_recording = "#{target_num_root}/#{wav}"
+          relative_recording = "#{target_num}-#{call_started}/#{wav}"
+        end
 
-          cmd_resp = baresip_exec(
-            baresip_obj: baresip_obj,
-            cmd: "/dial #{target_num}\r\n"
+        screenlog_file = File.basename(screenlog_path)
+        relative_screenlog = "#{target_num}-#{call_started}/#{screenlog_file}"
+
+        call_resp_hash[:screenlog] = relative_screenlog
+        call_resp_hash[:recording] = '--'
+        call_resp_hash[:waveform] = '--'
+        call_resp_hash[:spectrogram] = '--'
+
+        unless absolute_recording.empty?
+          puts cayan
+
+          call_resp_hash[:recording] = relative_recording
+
+          absolute_spectrogram = "#{absolute_recording}-spectrogram.png"
+          relative_spectrogram = "#{relative_recording}-spectrogram.png"
+          print "Generating Audio Spectrogram for #{absolute_recording}..."
+          system(
+            sox_bin,
+            '--show-progress',
+            '--type',
+            'sndfile',
+            '--encoding',
+            'signed-integer',
+            '--bits',
+            '16',
+            '--endian',
+            'little',
+            '--channels',
+            '1',
+            '--rate',
+            '8000',
+            absolute_recording,
+            '-n',
+            'spectrogram',
+            '-o',
+            absolute_spectrogram,
+            '-d',
+            seconds_to_record.to_s
           )
-          puts "/dial #{target_num} RESP:"
-          puts cmd_resp.xpath('//pre').text
-
-          cmd_resp = baresip_exec(
-            baresip_obj: baresip_obj,
-            cmd: "/listcalls\r\n"
+          puts 'complete.'
+          call_resp_hash[:spectrogram] = relative_spectrogram
+
+          absolute_waveform = "#{absolute_recording}-waveform.png"
+          relative_waveform = "#{relative_recording}-waveform.png"
+          print "Generating Audio Waveform for #{absolute_recording}..."
+          system(
+            waveform_bin,
+            '--method',
+            'peak',
+            '--color',
+            '#FF0000',
+            '--background',
+            '#000000',
+            '--force',
+            absolute_recording,
+            absolute_waveform
           )
-          puts '/listcalls RESP:'
-          puts cmd_resp.xpath('//pre').text
-
-          puts red
-          # Conditions to proceed less than seconds_to_record
-          terminated = 'terminated (duration:'
-          unavail = '503 Service Unavailable'
-          not_found = 'session closed: 404 Not Found'
-
-          reason = 'recording limit reached'
-          seconds_recorded = 0
-          seconds_to_record.downto(1).each do |countdown|
-            seconds_recorded += 1
-            print "#{seconds_to_record}s to record - remaining: #{format('%-9.9s', countdown)}"
-            print "\r"
-
-            if dump_session_data.select { |s| s.include?(terminated) }.length.positive?
-              reason = 'call terminated by other party'
-              break
-            end
+          puts 'complete.'
+          call_resp_hash[:waveform] = relative_waveform
+          puts end_of_color
+        end
 
-            if dump_session_data.select { |s| s.include?(unavail) }.length.positive?
-              reason = 'SIP 503 (service unavailable)'
-              break
-            end
+        call_resp_hash
+      rescue StandardError => e
+        raise e
+      end
 
-            if dump_session_data.select { |s| s.include?(not_found) }.length.positive?
-              reason = 'SIP 404 (not found)'
-              break
-            end
+      # Supported Method Parameters::
+      # PWN::Plugins::BareSIP.recon(
+      # )
 
-            sleep 1
-          end
-          call_info_hash[:seconds_recorded] = seconds_recorded
-          puts end_of_color
+      public_class_method def self.recon(opts = {})
+        baresip_bin = opts[:baresip_bin]
+        config_root = opts[:config_root] if Dir.exist?(
+          opts[:config_root].to_s
+        )
+        config_root ||= "#{Dir.home}/.baresip"
+        session_root = opts[:session_root]
+        session_root ||= Dir.pwd
+        target_file = opts[:target_file]
+        randomize = opts[:randomize]
+        src_num_rules = opts[:src_num_rules]
+        max_threads = opts[:max_threads].to_i
+        max_threads = 3 if max_threads.zero?
+        seconds_to_record = opts[:seconds_to_record].to_i
+        seconds_to_record = 60 if seconds_to_record.zero?
+        sox_bin = opts[:sox_bin] if File.exist?(opts[:sox_bin].to_s)
+        sox_bin ||= '/usr/bin/sox'
 
-          call_stopped = Time.now.strftime('%Y-%m-%d_%H.%M.%S')
-          puts "\n#{green}#{call_stopped} >>> #{reason} #{target_num}#{end_of_color}"
-          call_info_hash[:call_stopped] = call_stopped
-          call_info_hash[:reason] = reason
-
-          recording = ''
-          # BUGFIX: Sometimes recordings aren't generated
-          # Perhaps because previous session wasn't stopped properly?
-          Dir.entries(target_num_root).each do |entry|
-            recording = entry if entry.match(/^dump-.+-dec.wav/)
-            File.delete(entry) if entry.match(/^dump-.+-enc\.wav$/) && File.exist?(entry)
-          end
+        target_range = parse_target_file(
+          target_file: target_file,
+          randomize: randomize
+        )
 
-          call_info_hash[:recording] = '--'
-          call_info_hash[:waveform] = '--'
-          call_info_hash[:spectrogram] = '--'
-
-          unless recording.empty?
-            puts cayan
-
-            call_info_hash[:recording] = "#{target_num}-#{call_started}/#{recording}"
-
-            spectrogram = "#{recording}-spectrogram.png"
-            print "Generating Audio Spectrogram for #{recording}..."
-            system(
-              sox_bin,
-              '--show-progress',
-              '--type',
-              'sndfile',
-              '--encoding',
-              'signed-integer',
-              '--bits',
-              '16',
-              '--endian',
-              'little',
-              '--channels',
-              '1',
-              '--rate',
-              '8000',
-              recording,
-              '-n',
-              'spectrogram',
-              '-o',
-              spectrogram,
-              '-d',
-              seconds_to_record.to_s
-            )
-            puts 'complete.'
-            call_info_hash[:spectrogram] = "#{target_num}-#{call_started}/#{spectrogram}"
-
-            waveform = "#{recording}-waveform.png"
-            print "Generating Audio Waveform for #{recording}..."
-            system(
-              waveform_bin,
-              '--method',
-              'peak',
-              '--color',
-              '#FF0000',
-              '--background',
-              '#000000',
-              '--force',
-              recording,
-              waveform
-            )
-            puts 'complete.'
-            call_info_hash[:waveform] = "#{target_num}-#{call_started}/#{waveform}"
-            puts end_of_color
-          end
+        results_hash = {
+          session_started: Time.now.strftime('%Y-%m-%d_%H.%M.%S'),
+          data: []
+        }
+
+        # Change to session_root _before_ executing threads
+        Dir.chdir(session_root)
+
+        # Multi-thread calls!
+        mutex = Mutex.new
+        PWN::Plugins::ThreadPool.fill(
+          enumerable_array: target_range,
+          max_threads: max_threads
+        ) do |target_num|
+          call_resp_hash = dial_target_in_list(
+            baresip_bin: baresip_bin,
+            target_num: target_num,
+            config_root: config_root,
+            session_root: session_root,
+            randomize: randomize,
+            src_num_rules: src_num_rules,
+            seconds_to_record: seconds_to_record,
+            sox_bin: sox_bin
+          )
 
           # Push Call Results to results_hash[:data]
-          # mutex.synchronize do
-          #   results_hash[:data].push(call_info_hash)
-          # end
-          results_hash[:data].push(call_info_hash)
-
-          puts "call termination reason: #{reason}"
-          # Stop call to cd into next session root
-          stop(baresip_obj: baresip_obj)
-
-          seconds_to_delay_between_pool_of_calls = Random.rand(1..9)
-          seconds_to_delay_between_pool_of_calls.downto(1).each do |countdown|
-            print "#{red}ZZZ #{seconds_to_delay_between_pool_of_calls}s until next pool of calls: #{format('%-9.9s', countdown)}#{end_of_color}"
-            print "\r"
-            sleep 1
+          mutex.synchronize do
+            results_hash[:data].push(call_resp_hash)
           end
-          puts "\n#{green}waking up for next call \\o/#{end_of_color}"
-          puts "\n\n\n"
         end
         results_hash[:session_ended] = Time.now.strftime('%Y-%m-%d_%H.%M.%S')
 
         results_hash
       rescue StandardError => e
         raise e
-      ensure
-        stop(baresip_obj: baresip_obj) unless baresip_obj.empty?
-      end
-
-      # Supported Method Parameters::
-      # PWN::Plugins::BareSIP.killall
-
-      public_class_method def self.killall
-        system(
-          'killall',
-          '-15',
-          'baresip'
-        )
-      rescue StandardError => e
-        raise e
       end
 
       # Author(s):: 0day Inc. <request.pentest@0dayinc.com>
@@ -641,8 +679,11 @@ module PWN
       public_class_method def self.help
         puts "USAGE:
           baresip_obj = #{self}.start(
-            baresip_bin: 'Optional path of baresip binary (Defaults to /usr/bin/baresip)'
+            src_num: 'Optional source phone number displayed',
+            baresip_bin: 'Optional path of baresip binary (Defaults to /usr/bin/baresip)',
             config_root: 'Optional dir of baresip config (Defaults to ~/.baresip)',
+            session_root: 'Optional dir of baresip session (Defaults to Dir.pwd)',
+            screenlog_path: 'Optional path of screenlog file (Defaults to screenlog.txt)',
             screen_session: 'Optional name of screen session (Defaults baresip)'
           )
 
@@ -657,8 +698,6 @@ module PWN
             screen_session: 'Required - screen session to stop'
           )
 
-          #{self}.killall
-
           #{self}.authors
         "
       end

data/lib/pwn/plugins/sock.rb

@@ -48,20 +48,20 @@ module PWN
       end
 
       # Supported Method Parameters::
-      # PWN::Plugins::Sock.check_port_availability(
+      # PWN::Plugins::Sock.check_port_in_use(
       #   port: 'required - target port',
       #   server_ip: 'optional - target host or ip to check (Defaults to 127.0.0.1)',
       #   protocol: 'optional - :tcp || :udp (defaults to tcp)'
       # )
 
-      public_class_method def self.check_port_availability(opts = {})
+      public_class_method def self.check_port_in_use(opts = {})
         server_ip = opts[:server_ip]
         server_ip ||= '127.0.0.1'
         port = opts[:port]
         protocol = opts[:protocol]
         protocol ||= :tcp
 
-        ct = 0.1
+        ct = 1
         s = Socket.tcp(server_ip, port, connect_timeout: ct) if protocol == :tcp
         s = Socket.udp(server_ip, port, connect_timeout: ct) if protocol == :udp
         s.close

data/lib/pwn/plugins/thread_pool.rb

@@ -14,8 +14,11 @@ module PWN
       #
       # Example:
       # arr = [1, 2, 3, 4, 5, 6, 7, 8, 9]
+      # mutex = Mutex.new
       # PWN::Plugins::ThreadPool.fill(enumerable_array: arr, max_threads: 9) do |integer|
-      #   puts integer
+      #   mutex.synchronize do
+      #     puts integer
+      #   end
       # end
 
       public_class_method def self.fill(opts = {})

data/lib/pwn/reports/phone.rb

@@ -104,9 +104,10 @@ module PWN
               <a class="toggle-vis" data-column="5" href="#">Seconds Recorded</a>&nbsp;|&nbsp;
               <a class="toggle-vis" data-column="6" href="#">Call Stopped</a>
               <a class="toggle-vis" data-column="7" href="#">Reason</a>
-              <a class="toggle-vis" data-column="8" href="#">Recording</a>&nbsp;|&nbsp;
-              <a class="toggle-vis" data-column="9" href="#">Spectrogram</a>&nbsp;|&nbsp;
-              <a class="toggle-vis" data-column="10" href="#">Waveform</a>
+              <a class="toggle-vis" data-column="8" href="#">Screenlog</a>&nbsp;|&nbsp;
+              <a class="toggle-vis" data-column="9" href="#">Recording</a>&nbsp;|&nbsp;
+              <a class="toggle-vis" data-column="10" href="#">Spectrogram</a>&nbsp;|&nbsp;
+              <a class="toggle-vis" data-column="11" href="#">Waveform</a>
             </div>
             <br /><br />
 
@@ -122,6 +123,7 @@ module PWN
                     <th>Seconds Recorded</th>
                     <th>Call Stopped</th>
                     <th>Reason Stopped</th>
+                    <th>Screenlog</th>
                     <th>Recording</th>
                     <th>Spectrogram</th>
                     <th>Waveform</th>
@@ -198,6 +200,13 @@ module PWN
                       "data": "reason",
                       "render": $.fn.dataTable.render.text()
                     },
+                    {
+                      "data": "screenlog",
+                      "render": function (data, type, row, meta) {
+                        var screenlog = htmlEntityEncode(data);
+                        return '<a href="' + screenlog +'" target="_blank">' + screenlog + '</a>';
+                      }
+                    },
                     {
                       "data": "recording",
                       "render": function (data, type, row, meta) {

data/lib/pwn/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.4.544'
+  VERSION = '0.4.545'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.4.544
+  version: 0.4.545
 platform: ruby
 authors:
 - 0day Inc.
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-09-19 00:00:00.000000000 Z
+date: 2022-09-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -646,14 +646,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 4.2.6
+        version: 4.3.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 4.2.6
+        version: 4.3.0
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
@@ -716,14 +716,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.13.1
+        version: 2.13.2
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.13.1
+        version: 2.13.2
 - !ruby/object:Gem::Dependency
   name: ruby-audio
   requirement: !ruby/object:Gem::Requirement
@@ -828,14 +828,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.2.2
+        version: 3.0.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.2.2
+        version: 3.0.1
 - !ruby/object:Gem::Dependency
   name: slack-ruby-client
   requirement: !ruby/object:Gem::Requirement