RubyGems - pwn - Versions diffs - 0.4.545 → 0.4.546 - Mend

pwn 0.4.545 → 0.4.546

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a482ad2be090b5fc318d1048fd48f6936906ec7f50ec3e5732c7fbda412f17e0
-  data.tar.gz: 8a5d6ad28f6e45bbcbffe34e29a3f558f142b054c46360a0ebabf3dd8b66b7c0
+  metadata.gz: fb5cb201bcb76d6d206fb20e15fe749eb46837aea978fe0480c172a7926ac034
+  data.tar.gz: 7e9e2b80e4762619251c1be2d4cf844c0849f1e71ad5b11e90736324884072a6
 SHA512:
-  metadata.gz: 3557a95e19c60f023ef6099c58351cee88c3e98f675de6c8e3806e360a7c0eeb4a26fcd0b44a6d306829d8460ba604e6b303e1593a6d26c923ea89e60cc1be69
-  data.tar.gz: 1a58439197b28adecbfd79a67922bd39a655df2f6cc1d2a83508c7c47a58bdb77251619ba3bb702f6827c4bd146246d8e2ff9f949b970851748a112f36982660
+  metadata.gz: 06b1809a5b8f8a106c5bf84cda440a3a6943b900c417a6f6994b93727b5314fae5bb89d40a4983307606d853223fdb1b09cc464d54ea12aa5068d70c1bd21a3d
+  data.tar.gz: 36eea59775283c86e6ceda33860ff75c6486a9ed2c0314c632804661d791e6467e00414ae473e275510eb6bc5f3d1554f542273f2594f180fd7adb6eea829f56

data/README.md CHANGED Viewed

@@ -37,7 +37,7 @@ $ rvm use ruby-3.1.2@pwn
 $ rvm list gemsets
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.545]:001 >>> PWN.help
+pwn[v0.4.546]:001 >>> PWN.help
 ```
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.1.2@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.545]:001 >>> PWN.help
+pwn[v0.4.546]:001 >>> PWN.help
 ```

data/bin/pwn_www_uri_buster CHANGED Viewed

@@ -51,6 +51,76 @@ if opts.empty?
   exit 1
 end
+def request_path(opts = {})
+  target_url = opts[:target_url]
+  proxy = opts[:proxy]
+  wordlist_line = opts[:wordlist_line]
+  http_methods = %i[DELETE GET HEAD OPTIONS PATCH POST PUT TRACE]
+  http_methods.each do |http_method|
+    begin
+      print '.'
+      http_uri = "#{target_url}/#{wordlist_line}"
+      rest_client_resp_hash = {}
+      if proxy
+        rest_client = PWN::Plugins::TransparentBrowser.open(
+          browser_type: :rest,
+          proxy: proxy
+        )::Request
+      else
+        rest_client = PWN::Plugins::TransparentBrowser.open(
+          browser_type: :rest
+        )::Request
+      end
+      headers = nil
+      if http_request_headers
+        headers = JSON.parse(
+          http_request_headers,
+          symbolize_names: true
+        )
+      end
+      response = rest_client.execute(
+        method: http_method,
+        url: http_uri,
+        headers: headers,
+        verify_ssl: false
+      )
+      rest_client_resp_hash = {
+        request_timestamp: Time.now.strftime('%Y-%m-%d_%H-%M-%S'),
+        http_uri: http_uri,
+        http_method: http_method,
+        http_resp_code: response.code,
+        http_resp_length: response.body.length,
+        http_resp: "#{response.body[0..300]}..."
+      }
+    rescue RestClient::ExceptionWithResponse,
+           RestClient::ServerBrokeConnection => e
+      rest_client_resp_hash = {
+        request_timestamp: Time.now.strftime('%Y-%m-%d_%H-%M-%S'),
+        http_uri: http_uri,
+        http_method: http_method,
+        http_resp_code: e.response.code,
+        http_resp_length: e.response.body.length,
+        http_resp: "#{e.response.body[0..300]}..."
+      }
+      next
+    rescue URI::InvalidURIError
+      url_encoded_wordlist_arr = []
+      wordlist_line.split('/').each do |path|
+        url_encoded_wordlist_arr.push(CGI.escape(path))
+      end
+      wordlist_line = url_encoded_wordlist_arr.join('/')
+      retry
+    rescue RestClient::TooManyRequests
+      sleep 60
+    end
+  end
+end
 begin
   pwn_provider = ENV.fetch('PWN_PROVIDER') if ENV.fetch('PWN_PROVIDER')
   $stdout.sync = true
@@ -94,73 +164,15 @@ begin
     next if wordlist_line.match?(/^#/)
-    # http_methods = %i[CONNECT DELETE GET HEAD OPTIONS PATCH POST PUT TRACE]
-    http_methods = %i[DELETE GET HEAD OPTIONS PATCH POST PUT TRACE]
-    http_methods.each do |http_method|
-      begin
-        print '.'
-        http_uri = "#{target_url}/#{wordlist_line}"
-        rest_client_resp_hash = {}
-        if proxy
-          rest_client = PWN::Plugins::TransparentBrowser.open(
-            browser_type: :rest,
-            proxy: proxy
-          )::Request
-        else
-          rest_client = PWN::Plugins::TransparentBrowser.open(
-            browser_type: :rest
-          )::Request
-        end
-        headers = nil
-        if http_request_headers
-          headers = JSON.parse(
-            http_request_headers,
-            symbolize_names: true
-          )
-        end
-        response = rest_client.execute(
-          method: http_method,
-          url: http_uri,
-          headers: headers,
-          verify_ssl: false
-        )
+    rest_client_resp_hash = request_path(
+      target_url: target_url,
+      http_request_headers: http_request_headers,
+      proxy: proxy,
+      wordlist_line: wordlist_line
+    )
-        rest_client_resp_hash = {
-          request_timestamp: Time.now.strftime('%Y-%m-%d_%H-%M-%S'),
-          http_uri: http_uri,
-          http_method: http_method,
-          http_resp_code: response.code,
-          http_resp_length: response.body.length,
-          http_resp: "#{response.body[0..300]}..."
-        }
-      rescue RestClient::ExceptionWithResponse,
-             RestClient::ServerBrokeConnection => e
-        rest_client_resp_hash = {
-          request_timestamp: Time.now.strftime('%Y-%m-%d_%H-%M-%S'),
-          http_uri: http_uri,
-          http_method: http_method,
-          http_resp_code: e.response.code,
-          http_resp_length: e.response.body.length,
-          http_resp: "#{e.response.body[0..300]}..."
-        }
-        next
-      rescue URI::InvalidURIError
-        url_encoded_wordlist_arr = []
-        wordlist_line.split('/').each do |path|
-          url_encoded_wordlist_arr.push(CGI.escape(path))
-        end
-        wordlist_line = url_encoded_wordlist_arr.join('/')
-        retry
-      rescue RestClient::TooManyRequests
-        sleep 60
-      ensure
-        mutex.synchronize do
-          results_hash[:data].push(rest_client_resp_hash)
-        end
-      end
+    mutex.synchronize do
+      results_hash[:data].push(rest_client_resp_hash)
     end
   end

data/lib/pwn/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module PWN
-  VERSION = '0.4.545'
+  VERSION = '0.4.546'
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.4.545
+  version: 0.4.546
 platform: ruby
 authors:
 - 0day Inc.
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-09-26 00:00:00.000000000 Z
+date: 2022-09-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport