pwn 0.4.559 → 0.4.560

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: dc1bffecaf4fc7682d5e860c677d1f5ec6db508bf5bf4a94644fc8adfebe714d
-  data.tar.gz: 358398e2ef22b301167d7de3f368c9ac9e175a280115c1e4f8ec59becf5d3ff6
+  metadata.gz: 141967853c518920147525e9669739c9884959ee8d519f72a1dd7c2dbe15667d
+  data.tar.gz: 05d71ffd4948692045a5bf6d4b89f35b0648e7e3563683a7fee6fc21aec79986
 SHA512:
-  metadata.gz: a3201de6a3afd7fcdf39bd1b9ac197cbbf6fc9a4fc3e507ed0ec97f767d185f0ff2b9ae488de0d163e0b53947f2bcc162b502e0ad7d4573a5a7d012d04ae820b
-  data.tar.gz: b55f2998e04ba8575058cf103f1f166d24e282c8c2a8df00805427349022a09ec4672f7bbfbc877fff948f49c9d60a5fbc6968e5c6d63685a18cbc54d9252cfa
+  metadata.gz: 60ea533b90a1bf27a3a65dc8494febed956ed42f07cb2583b9e71480a3b517c2f54cd3a4f46b215714f028b98d60e9451aecaae2557e01e5bc82099852c58a4f
+  data.tar.gz: ff8488b74b31867a28859f36e967f2df9342594efef304eb76abb960422a0a985567b23da801c81651b1c1edf634dcf1b62dbb3913365e541b1b435bb322390b

data/README.md

@@ -37,7 +37,7 @@ $ rvm use ruby-3.1.2@pwn
 $ rvm list gemsets
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.559]:001 >>> PWN.help
+pwn[v0.4.560]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.1.2@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.559]:001 >>> PWN.help
+pwn[v0.4.560]:001 >>> PWN.help
 ```
 
 

data/bin/pwn_www_uri_buster

@@ -56,70 +56,70 @@ def request_path(opts = {})
   http_request_headers = opts[:http_request_headers]
   proxy = opts[:proxy]
   wordlist_line = opts[:wordlist_line]
+  http_method = opts[:http_method]
+
+  rest_client_resp_hash = {}
+  begin
+    print '.'
+    http_uri = "#{target_url}/#{wordlist_line}"
+    if proxy
+      rest_client = PWN::Plugins::TransparentBrowser.open(
+        browser_type: :rest,
+        proxy: proxy
+      )::Request
+    else
+      rest_client = PWN::Plugins::TransparentBrowser.open(
+        browser_type: :rest
+      )::Request
+    end
 
-  http_methods = %i[DELETE GET HEAD OPTIONS PATCH POST PUT TRACE]
-  http_methods.each do |http_method|
-    begin
-      print '.'
-      http_uri = "#{target_url}/#{wordlist_line}"
-      rest_client_resp_hash = {}
-      if proxy
-        rest_client = PWN::Plugins::TransparentBrowser.open(
-          browser_type: :rest,
-          proxy: proxy
-        )::Request
-      else
-        rest_client = PWN::Plugins::TransparentBrowser.open(
-          browser_type: :rest
-        )::Request
-      end
-
-      headers = nil
-      if http_request_headers
-        headers = JSON.parse(
-          http_request_headers,
-          symbolize_names: true
-        )
-      end
-
-      response = rest_client.execute(
-        method: http_method,
-        url: http_uri,
-        headers: headers,
-        verify_ssl: false
+    headers = nil
+    if http_request_headers
+      headers = JSON.parse(
+        http_request_headers,
+        symbolize_names: true
       )
+    end
 
-      rest_client_resp_hash = {
-        request_timestamp: Time.now.strftime('%Y-%m-%d_%H-%M-%S'),
-        http_uri: http_uri,
-        http_method: http_method,
-        http_resp_code: response.code,
-        http_resp_length: response.body.length,
-        http_resp: "#{response.body[0..300]}..."
-      }
-    rescue RestClient::ExceptionWithResponse,
-           RestClient::ServerBrokeConnection => e
-      rest_client_resp_hash = {
-        request_timestamp: Time.now.strftime('%Y-%m-%d_%H-%M-%S'),
-        http_uri: http_uri,
-        http_method: http_method,
-        http_resp_code: e.response.code,
-        http_resp_length: e.response.body.length,
-        http_resp: "#{e.response.body[0..300]}..."
-      }
-      next
-    rescue URI::InvalidURIError
-      url_encoded_wordlist_arr = []
-      wordlist_line.split('/').each do |path|
-        url_encoded_wordlist_arr.push(CGI.escape(path))
-      end
-      wordlist_line = url_encoded_wordlist_arr.join('/')
+    response = rest_client.execute(
+      method: http_method,
+      url: http_uri,
+      headers: headers,
+      verify_ssl: false
+    )
 
-      retry
-    rescue RestClient::TooManyRequests
-      sleep 60
+    rest_client_resp_hash = {
+      request_timestamp: Time.now.strftime('%Y-%m-%d_%H-%M-%S'),
+      http_uri: http_uri,
+      http_method: http_method,
+      http_resp_code: response.code,
+      http_resp_length: response.body.length,
+      http_resp: "#{response.body[0..300]}..."
+    }
+  rescue RestClient::ExceptionWithResponse,
+         RestClient::ServerBrokeConnection => e
+    rest_client_resp_hash = {
+      request_timestamp: Time.now.strftime('%Y-%m-%d_%H-%M-%S'),
+      http_uri: http_uri,
+      http_method: http_method,
+      http_resp_code: e.response.code,
+      http_resp_length: e.response.body.length,
+      http_resp: "#{e.response.body[0..300]}..."
+    }
+    next
+  rescue URI::InvalidURIError
+    url_encoded_wordlist_arr = []
+    wordlist_line.split('/').each do |path|
+      url_encoded_wordlist_arr.push(CGI.escape(path))
     end
+    wordlist_line = url_encoded_wordlist_arr.join('/')
+
+    retry
+  rescue RestClient::TooManyRequests
+    sleep 60
   end
+
+  rest_client_resp_hash
 end
 
 begin
@@ -166,15 +166,19 @@ begin
 
     next if wordlist_line.match?(/^#/)
 
-    rest_client_resp_hash = request_path(
-      target_url: target_url,
-      http_request_headers: http_request_headers,
-      proxy: proxy,
-      wordlist_line: wordlist_line
-    )
+    http_methods = %i[DELETE GET HEAD OPTIONS PATCH POST PUT TRACE]
+    http_methods.each do |http_method|
+      rest_client_resp_hash = request_path(
+        target_url: target_url,
+        http_request_headers: http_request_headers,
+        proxy: proxy,
+        wordlist_line: wordlist_line,
+        http_method: http_method
+      )
 
-    mutex.synchronize do
-      results_hash[:data].push(rest_client_resp_hash)
+      mutex.synchronize do
+        results_hash[:data].push(rest_client_resp_hash)
+      end
     end
   end
 

data/build_pwn_gem.sh

@@ -24,12 +24,6 @@ if [[ $old_ruby_version == $new_ruby_version ]]; then
   rvmsudo gem rdoc --rdoc --ri --overwrite -V pwn
   echo "Invoking bundle-audit Gemfile Scanner..."
   rvmsudo bundle-audit
-
-  latest_gem=$(ls pkg/*.gem)
-  if [[ $latest_gem != "" ]]; then
-    echo "Pushing ${latest_gem} to RubyGems.org..."
-    rvmsudo gem push $latest_gem --debug
-  fi
 else
   cd $pwn_root && ./upgrade_ruby.sh $new_ruby_version $old_ruby_version
 fi

data/git_commit_test_reinit_gem.sh

@@ -15,6 +15,13 @@ if (( $# == 3 )); then
   pwn_autoinc_version
   git commit -a -S --author="${1} <${2}>" -m "${3}"
   ./update_pwn.sh
+
+  latest_gem=$(ls pkg/*.gem)
+  if [[ $latest_gem != "" ]]; then
+    echo "Pushing ${latest_gem} to RubyGems.org..."
+    rvmsudo gem push $latest_gem --debug
+  fi
+
   # Tag for every 100 commits (i.e. 0.1.100, 0.1.200, etc)
   tag_this_version_bool=`ruby -r 'pwn' -e 'if PWN::VERSION.split(".")[-1].to_i % 100 == 0; then print true; else print false; end'`
   if [[ $tag_this_version_bool == 'true' ]]; then

data/lib/pwn/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.4.559'
+  VERSION = '0.4.560'
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.4.559
+  version: 0.4.560
 platform: ruby
 authors:
 - 0day Inc.