pwn 0.4.855 → 0.4.856

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 4b0e26ef8cb906bc4db7adfb5a04669233e68d6d849dda78ea0cdb5e6be8721f
-  data.tar.gz: f912aec9e8a88b0d95af96e1143b6e6e9102d059248f403d393b70db91689cbc
+  metadata.gz: 4f3b58109cad13de02340f5a9c796b51a965f8b18d68e124a29107c3b1de0150
+  data.tar.gz: ef977ebb8a8041f55d27f74c679852bfc8df2f7ce05acdeaaec2ca74b5fcec55
 SHA512:
-  metadata.gz: 1119d402b0f9df3d28297097b59eeebbbf3f561874812261793218af4992fd9357f50cba9e905d0d05f4f992d1fef5448dbd97f5f6dc1e59fdc515607e4a57a8
-  data.tar.gz: 45b3e2debba43dafcc7eeccb856dd6249c39dc48a3ae14a64c0d81ff94500348dd9b1311d056d482ed6359448cd359e5a06cce9079435c041f294bc3f32a2091
+  metadata.gz: 54a6e87acf5e95e78bbfc4a9e59d49ae779ba6b0ac2d80175c841e23815da2eebbbc275143c1422b6f629d7d4211df12c1fa1078097684d7d57001e055a6f7ce
+  data.tar.gz: c89240de42a8023ded9133015c8f556d4af756e255deefa6453b2bf70eb70a9c7ceb0d098df1c6bfeb0fa0d35bdf17ae552efc29771bf96fec6a4dc580c84538

data/.rubocop_todo.yml

@@ -1,6 +1,6 @@
 # This configuration was generated by
 # `rubocop --auto-gen-config`
-# on 2023-07-06 20:02:51 UTC using RuboCop version 1.53.1.
+# on 2023-08-22 17:34:13 UTC using RuboCop version 1.56.1.
 # The point is for the user to remove these configuration records
 # one by one as the offenses are removed from the code base.
 # Note that changes in the inspected code, or installation of new
@@ -17,16 +17,16 @@ Layout/LineContinuationSpacing:
     - 'packer/provisioners/wpscan.rb'
     - 'vagrant/provisioners/beef.rb'
 
-# Offense count: 282
+# Offense count: 284
 # This cop supports unsafe autocorrection (--autocorrect-all).
 Lint/UselessAssignment:
   Enabled: false
 
-# Offense count: 669
+# Offense count: 676
 Lint/UselessRescue:
   Enabled: false
 
-# Offense count: 283
+# Offense count: 286
 # Configuration parameters: AllowedMethods, AllowedPatterns, CountRepeatedAttributes.
 Metrics/AbcSize:
   Max: 328
@@ -48,22 +48,22 @@ Metrics/CollectionLiteralLength:
   Exclude:
     - 'lib/pwn/plugins/uri_scheme.rb'
 
-# Offense count: 108
+# Offense count: 109
 # Configuration parameters: AllowedMethods, AllowedPatterns.
 Metrics/CyclomaticComplexity:
   Max: 231
 
-# Offense count: 518
+# Offense count: 522
 # Configuration parameters: CountComments, CountAsOne, AllowedMethods, AllowedPatterns.
 Metrics/MethodLength:
   Max: 466
 
-# Offense count: 52
+# Offense count: 53
 # Configuration parameters: CountComments, CountAsOne.
 Metrics/ModuleLength:
   Max: 1187
 
-# Offense count: 101
+# Offense count: 102
 # Configuration parameters: AllowedMethods, AllowedPatterns.
 Metrics/PerceivedComplexity:
   Max: 51
@@ -92,6 +92,12 @@ Style/IfUnlessModifier:
     - 'bin/pwn'
     - 'lib/pwn/plugins/baresip.rb'
 
+# Offense count: 1
+# This cop supports safe autocorrection (--autocorrect).
+Style/RedundantBegin:
+  Exclude:
+    - 'lib/pwn/www/hacker_one.rb'
+
 # Offense count: 95
 # This cop supports safe autocorrection (--autocorrect).
 Style/RedundantCondition:
@@ -130,7 +136,7 @@ Style/StringLiterals:
   Exclude:
     - 'bin/pwn'
 
-# Offense count: 601
+# Offense count: 610
 # This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, AllowedPatterns.
 # URISchemes: http, https

data/Gemfile

@@ -11,7 +11,7 @@ gemspec
 # In some circumstances custom flags are passed to gems in order
 # to build appropriately.  Defer to ./reinstall_pwn_gemset.sh
 # to review these custom flags (e.g. pg, serialport, etc).
-gem 'activesupport', '7.0.7'
+gem 'activesupport', '7.0.7.1'
 gem 'anemone', '0.7.2'
 gem 'authy', '3.0.1'
 gem 'aws-sdk', '3.1.0'

data/README.md

@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
 $ rvm list gemsets
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.855]:001 >>> PWN.help
+pwn[v0.4.856]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.855]:001 >>> PWN.help
+pwn[v0.4.856]:001 >>> PWN.help
 ```
 
 

data/lib/pwn/plugins/burp_suite.rb

@@ -12,6 +12,7 @@ module PWN
       #   burp_jar_path: 'required - path of burp suite pro jar file',
       #   headless: 'optional - run burp headless if set to true',
       #   browser_type: 'optional - defaults to :firefox. See PWN::Plugins::TransparentBrowser.help for a list of types',
+      #   target_config: 'optional - path to burp suite pro target config JSON file'
       # )
 
       public_class_method def self.start(opts = {})
@@ -26,6 +27,8 @@ module PWN
                          opts[:browser_type]
                        end
 
+        target_config = opts[:target_config]
+
         if opts[:headless]
           # burp_cmd_string = "java -Xmx4G -Djava.awt.headless=true -classpath #{burp_root}/burpbuddy.jar:#{burp_jar_path} burp.StartBurp"
           burp_cmd_string = "java -Xmx4G -Djava.awt.headless=true -classpath #{burp_root}/burpbuddy.jar -jar #{burp_jar_path}"
@@ -33,6 +36,7 @@ module PWN
           # burp_cmd_string = "java -Xmx4G -classpath #{burp_root}/burpbuddy.jar:#{burp_jar_path} burp.StartBurp"
           burp_cmd_string = "java -Xmx4G -classpath #{burp_root}/burpbuddy.jar -jar #{burp_jar_path}"
         end
+        burp_cmd_string = "#{burp_cmd_string} --config-file #{target_config}" unless target_config.nil?
 
         # Construct burp_obj
         burp_obj = {}

data/lib/pwn/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.4.855'
+  VERSION = '0.4.856'
 end

data/lib/pwn/www/hacker_one.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require 'faker'
+require 'json'
 require 'uri'
 require 'yaml'
 
@@ -25,7 +27,7 @@ module PWN
       end
 
       # Supported Method Parameters::
-      # bb_prograns_arr = PWN::WWW::HackerOne.get_bounty_programs(
+      # programs_arr = PWN::WWW::HackerOne.get_bounty_programs(
       #   browser_obj: 'required - browser_obj returned from #open method',
       #   proxy: 'optional - scheme://proxy_host:port || tor',
       #   min_payouts_enabled: 'optional - only display programs where payouts are > $0.00 (defaults to false)'
@@ -40,7 +42,7 @@ module PWN
         browser.goto('https://hackerone.com/bug-bounty-programs')
         # Wait for JavaScript to load the DOM
 
-        bb_programs_arr = []
+        programs_arr = []
         browser.ul(class: 'program__meta-data').wait_until(&:present?)
         browser.uls(class: 'program__meta-data').each do |ul|
           min_payout = ul.text.split('$').last.split.first.to_f
@@ -53,23 +55,91 @@ module PWN
           scheme = URI.parse(link).scheme
           host = URI.parse(link).host
           path = URI.parse(link).path
-          burp_project = "#{scheme}://#{host}/teams#{path}/assets/download_burp_project_file.json"
+          burp_target_config = "#{scheme}://#{host}/teams#{path}/assets/download_burp_project_file.json"
 
           bounty_program_hash = {
             name: link.split('/').last,
             min_payout: min_payout_fmt,
             policy: "#{link}?view_policy=true",
-            burp_project: burp_project,
+            burp_target_config: burp_target_config,
             scope: "#{link}/policy_scopes",
             hacktivity: "#{link}/hacktivity",
             thanks: "#{link}/thanks",
             updates: "#{link}/updates",
             collaborators: "#{link}/collaborators"
           }
-          bb_programs_arr.push(bounty_program_hash)
+          programs_arr.push(bounty_program_hash)
         end
 
-        bb_programs_arr
+        programs_arr
+      rescue StandardError => e
+        raise e
+      end
+
+      # Supported Method Parameters::
+      # PWN::WWW::HackerOne.save_burp_target_config_file(
+      #   programs_arr: 'required - array of hashes returned from #get_bounty_programs method',
+      #   browser_opts: 'optional - opts supported by PWN::Plugins::TransparentBrowser.open method',
+      #   name: 'optional - name of burp target config file (defaults to ALL)',
+      #   path: 'optional - path to save burp target config files (defaults to "./burp_target_config_file-NAME.json"))'
+      # )
+
+      public_class_method def self.save_burp_target_config_file(opts = {})
+        programs_arr = opts[:programs_arr]
+        raise 'ERROR: programs_arr should be data returned from #get_bounty_programs' unless programs_arr.any?
+
+        browser_opts = opts[:browser_opts]
+        raise 'ERROR: browser_opts should be a hash' unless browser_opts.nil? ||
+                                                            browser_opts.is_a?(Hash)
+
+        browser_opts ||= {}
+        browser_opts[:browser_type] = :rest
+
+        name = opts[:name]
+        path = opts[:path]
+
+        rest_obj = PWN::Plugins::TransparentBrowser.open(browser_opts)
+        rest_client = rest_obj[:browser]::Request
+
+        if name
+          path = "./burp_target_config_file-#{name}.json" if opts[:path].nil?
+          burp_download_link = programs_arr.select do |program|
+            program[:name] == name
+          end.first[:burp_target_config]
+
+          resp = rest_client.execute(
+            method: :get,
+            headers: { user_agent: Faker::Internet.user_agent },
+            url: burp_download_link
+          )
+          json_resp = JSON.parse(resp.body)
+
+          puts "Saving to: #{path}"
+          File.write(path, JSON.pretty_generate(json_resp))
+        else
+          programs_arr.each do |program|
+            begin
+              name = program[:name]
+              burp_download_link = program[:burp_target_config]
+              path = "./burp_target_config_file-#{name}.json" if opts[:path].nil?
+
+              resp = rest_client.execute(
+                method: :get,
+                headers: { user_agent: Faker::Internet.user_agent },
+                url: burp_download_link
+              )
+              json_resp = JSON.parse(resp.body)
+
+              puts "Saving to: #{path}"
+              File.write(path, JSON.pretty_generate(json_resp))
+              print '.'
+            rescue RestClient::NotFound
+              print '-'
+              next
+            end
+          end
+        end
+        puts 'complete.'
       rescue StandardError => e
         raise e
       end
@@ -155,12 +225,19 @@ module PWN
           browser = browser_obj[:browser]
           puts browser.public_methods
 
-          bb_prograns_arr = #{self}.get_bounty_programs(
+          programs_arr = #{self}.get_bounty_programs(
             browser_obj: 'required - browser_obj returned from #open method',
             proxy: 'optional - scheme://proxy_host:port || tor',
             min_payouts_enabled: 'optional - only display programs where payouts are > $0.00 (defaults to false)'
           )
 
+          #{self}.save_burp_target_config_file(
+            programs_arr: 'required - array of hashes returned from #get_bounty_programs method',
+            browser_opts: 'optional - opts supported by PWN::Plugins::TransparentBrowser.open method',
+            name: 'optional - name of burp target config file (defaults to ALL)',
+            path: 'optional - path to save burp target config files (defaults to \"./burp_target_config_file-NAME.json\"))'
+          )
+
           browser_obj = #{self}.login(
             browser_obj: 'required - browser_obj returned from #open method',
             username: 'required - username',

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.4.855
+  version: 0.4.856
 platform: ruby
 authors:
 - 0day Inc.
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 7.0.7
+        version: 7.0.7.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 7.0.7
+        version: 7.0.7.1
 - !ruby/object:Gem::Dependency
   name: anemone
   requirement: !ruby/object:Gem::Requirement