pwn 0.4.863 → 0.4.864
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +2 -2
- data/lib/pwn/plugins/burp_suite.rb +48 -1
- data/lib/pwn/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 33c1ab6f74eec4b541eda25e8c781ec5abdd91f6bf70d48a97e1dbbb00475801
|
4
|
+
data.tar.gz: 64b51527b2b15ea762d52c91c346dbc3c1aa6b14ee16072c5b0c09219e390dd9
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: e26153a1806be58722177c4ad4afedcd0b5bf6aee0a1a4bf715fa8291c66d1689c4c5238ac871fe8f12103f3240fbd462ab3ba33586f381a293546a0ce192187
|
7
|
+
data.tar.gz: 54970b745a9a4af74bd718b0d2a35c96718dbfdb35cc322c1a77ea8ae0e4b6fe099a3e8863968b7fa7b71ac1fae97d6532ce1a715d20387fb1174d661a4ac763
|
data/README.md
CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
37
37
|
$ rvm list gemsets
|
38
38
|
$ gem install --verbose pwn
|
39
39
|
$ pwn
|
40
|
-
pwn[v0.4.
|
40
|
+
pwn[v0.4.864]:001 >>> PWN.help
|
41
41
|
```
|
42
42
|
|
43
43
|
[![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
53
53
|
$ gem install --verbose pwn
|
54
54
|
$ pwn
|
55
|
-
pwn[v0.4.
|
55
|
+
pwn[v0.4.864]:001 >>> PWN.help
|
56
56
|
```
|
57
57
|
|
58
58
|
|
@@ -1,7 +1,9 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
require 'socket'
|
4
3
|
require 'base64'
|
4
|
+
require 'json'
|
5
|
+
require 'socket'
|
6
|
+
require 'uri'
|
5
7
|
|
6
8
|
module PWN
|
7
9
|
module Plugins
|
@@ -76,6 +78,45 @@ module PWN
|
|
76
78
|
raise e
|
77
79
|
end
|
78
80
|
|
81
|
+
# Supported Method Parameters::
|
82
|
+
# uri_in_scope_bool = PWN::Plugins::BurpSuite.uri_in_scope(
|
83
|
+
# target_config: 'required - path to burp suite pro target config JSON file',
|
84
|
+
# uri: 'required - URI to determine if in scope'
|
85
|
+
# )
|
86
|
+
|
87
|
+
public_class_method def self.uri_in_scope(opts = {})
|
88
|
+
target_config = opts[:target_config]
|
89
|
+
raise 'ERROR: target_config does not exist' unless File.exist?(target_config)
|
90
|
+
|
91
|
+
uri = opts[:uri]
|
92
|
+
raise 'ERROR: uri parameter is required' if uri.nil?
|
93
|
+
|
94
|
+
target_config_json = JSON.parse(
|
95
|
+
File.read(target_config),
|
96
|
+
symbolize_names: true
|
97
|
+
)
|
98
|
+
|
99
|
+
out_of_scope = target_config_json[:target][:scope][:exclude]
|
100
|
+
out_of_scope_arr = out_of_scope.select do |os|
|
101
|
+
URI.parse(uri).scheme =~ /#{os[:protocol]}/ &&
|
102
|
+
URI.parse(uri).host =~ /#{os[:host]}/ &&
|
103
|
+
URI.parse(uri).path =~ /#{os[:file]}/
|
104
|
+
end
|
105
|
+
return false unless out_of_scope_arr.empty?
|
106
|
+
|
107
|
+
in_scope = target_config_json[:target][:scope][:include]
|
108
|
+
in_scope_arr = in_scope.select do |is|
|
109
|
+
URI.parse(uri).scheme =~ /#{is[:protocol]}/ &&
|
110
|
+
URI.parse(uri).host =~ /#{is[:host]}/ &&
|
111
|
+
URI.parse(uri).path =~ /#{is[:file]}/
|
112
|
+
end
|
113
|
+
return false if in_scope_arr.empty?
|
114
|
+
|
115
|
+
true
|
116
|
+
rescue StandardError => e
|
117
|
+
raise e
|
118
|
+
end
|
119
|
+
|
79
120
|
# Supported Method Parameters::
|
80
121
|
# PWN::Plugins::BurpSuite.enable_proxy(
|
81
122
|
# burp_obj: 'required - burp_obj returned by #start method'
|
@@ -311,6 +352,12 @@ module PWN
|
|
311
352
|
burp_jar_path: 'required - path of burp suite pro jar file',
|
312
353
|
headless: 'optional - run headless if set to true',
|
313
354
|
browser_type: 'optional - defaults to :firefox. See PWN::Plugins::TransparentBrowser.help for a list of types',
|
355
|
+
target_config: 'optional - path to burp suite pro target config JSON file'
|
356
|
+
)
|
357
|
+
|
358
|
+
uri_in_scope_bool = #{self}.uri_in_scope(
|
359
|
+
target_config: 'required - path to burp suite pro target config JSON file',
|
360
|
+
uri: 'required - URI to determine if in scope'
|
314
361
|
)
|
315
362
|
|
316
363
|
#{self}.enable_proxy(
|
data/lib/pwn/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: pwn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.4.
|
4
|
+
version: 0.4.864
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- 0day Inc.
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-08-
|
11
|
+
date: 2023-08-23 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|