pwn 0.4.564 → 0.4.565

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +2 -2
  3. data/bin/pwn_www_uri_buster +20 -9
  4. data/lib/pwn/version.rb +1 -1
  5. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 0e8727f452f14ea8c389c2a31ad2e1c38688fef705e3defd1760524d21b589d2
4
- data.tar.gz: dfd1cdaf5f2023292349a4f2e9a1e651804dac1030c9be78af287037660384fb
3
+ metadata.gz: 7628c99b9233f9d0432a2aecb486056b9f54bbd47d418a56dd28673a76b7e5cb
4
+ data.tar.gz: d7317d4f68e4a2c954b663ea4e953866237a0a7c2a1a4ed1f449f553ef9d64c2
5
5
  SHA512:
6
- metadata.gz: be114735fa769a158cb5fa342ba7ccb723cf92e104822bb0bdf3e961c760a09bc47aec81d62d8a14a097005e66d5fa974a5262c13b9a52db2238cfbb02e0e718
7
- data.tar.gz: 3142bc917c1ca58441ef7d5bf0fc9e4c8d4c6475f71df921f6e17e38100fe37b4f6b3e66eba0458a3fb4043cb687e8db78e93b3cf4844948448d3bf1d14d03af
6
+ metadata.gz: ef9ec95c5312a57a08d85f84d726a0a4eaf6cb1a163fa7eb3d9b963ad4f4f7a677c39b302de4133fc344779ebcbdbdf5fd3847635a96581585feaf8e7664fb0b
7
+ data.tar.gz: 932abad9c6e2610b2fe2a990dfba0122316a5ff1b3c07ae137408fe4a47911cea81a19a97a9d1e9c71097ea936110789029043bed6abf8fd5b11cf50110b74b0
data/README.md CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.1.2@pwn
37
37
  $ rvm list gemsets
38
38
  $ gem install --verbose pwn
39
39
  $ pwn
40
- pwn[v0.4.564]:001 >>> PWN.help
40
+ pwn[v0.4.565]:001 >>> PWN.help
41
41
  ```
42
42
 
43
43
  [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.1.2@pwn
52
52
  $ gem uninstall --all --executables pwn
53
53
  $ gem install --verbose pwn
54
54
  $ pwn
55
- pwn[v0.4.564]:001 >>> PWN.help
55
+ pwn[v0.4.565]:001 >>> PWN.help
56
56
  ```
57
57
 
58
58
 
data/bin/pwn_www_uri_buster CHANGED
@@ -21,10 +21,6 @@ OptionParser.new do |options|
21
21
  opts[:wordlist] = w
22
22
  end
23
23
 
24
- options.on('-rHEADERS', '--request-headers=HEADERS', '<Optional - HTTP Request Headers in JSON Format)>') do |h|
25
- opts[:http_request_headers] = h
26
- end
27
-
28
24
  options.on('-pPROXY', '--proxy=PROXY', '<Optional - Proxy SCHEME://ADDRESS:PORT>') do |p|
29
25
  opts[:proxy] = p
30
26
  end
@@ -33,6 +29,14 @@ OptionParser.new do |options|
33
29
  opts[:max_threads] = t
34
30
  end
35
31
 
32
+ options.on('-rHEADERS', '--request-headers=HEADERS', '<Optional - HTTP Request Headers in JSON Format)>') do |h|
33
+ opts[:http_request_headers] = h
34
+ end
35
+
36
+ options.on('-cCODES', '--only-report-response-codes=CODES', '<Optional - Comma-Delimited List of Response Codes to Only Include in Report)>') do |c|
37
+ opts[:http_response_codes] = c
38
+ end
39
+
36
40
  options.on('-dDIR', '--dir-path=DIR', '<Optional - Report Output Directory (Defaults to ".")>') do |w|
37
41
  opts[:wordlist] = w
38
42
  end
@@ -53,8 +57,8 @@ end
53
57
 
54
58
  def request_path(opts = {})
55
59
  target_url = opts[:target_url]
56
- http_request_headers = opts[:http_request_headers]
57
60
  proxy = opts[:proxy]
61
+ http_request_headers = opts[:http_request_headers]
58
62
  wordlist_line = opts[:wordlist_line]
59
63
  http_method = opts[:http_method]
60
64
 
@@ -132,13 +136,15 @@ begin
132
136
  wordlist = opts[:wordlist]
133
137
  raise "ERROR: #{wordlist} Does Not Exist." unless File.exist?(wordlist)
134
138
 
135
- http_request_headers = opts[:http_request_headers]
136
-
137
139
  proxy = opts[:proxy]
138
140
 
139
141
  max_threads = opts[:max_threads]
140
142
  max_threads ||= 100
141
143
 
144
+ http_request_headers = opts[:http_request_headers]
145
+ http_response_codes = opts[:http_response_codes]
146
+ http_response_codes = http_response_codes.delete("\s").split(',') if http_response_codes
147
+
142
148
  dir_path = opts[:dir_path]
143
149
  dir_path ||= '.'
144
150
 
@@ -169,14 +175,19 @@ begin
169
175
  http_methods.each do |http_method|
170
176
  rest_client_resp_hash = request_path(
171
177
  target_url: target_url,
172
- http_request_headers: http_request_headers,
173
178
  proxy: proxy,
179
+ http_request_headers: http_request_headers,
174
180
  wordlist_line: wordlist_line,
175
181
  http_method: http_method
176
182
  )
177
183
 
178
184
  mutex.synchronize do
179
- results_hash[:data].push(rest_client_resp_hash)
185
+ if http_response_codes.any?
186
+ ret_http_resp_code = rest_client_resp_hash[:http_resp_code]
187
+ results_hash[:data].push(rest_client_resp_hash) if http_response_codes.include?(ret_http_resp_code)
188
+ else
189
+ results_hash[:data].push(rest_client_resp_hash)
190
+ end
180
191
  end
181
192
  end
182
193
  end
data/lib/pwn/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module PWN
4
- VERSION = '0.4.564'
4
+ VERSION = '0.4.565'
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pwn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.564
4
+ version: 0.4.565
5
5
  platform: ruby
6
6
  authors:
7
7
  - 0day Inc.