pwn 0.4.866 → 0.4.867
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.rubocop_todo.yml +0 -6
- data/README.md +2 -2
- data/lib/pwn/plugins/shodan.rb +16 -30
- data/lib/pwn/version.rb +1 -1
- data/lib/pwn/www/hacker_one.rb +18 -20
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 145befe33721bfed27906af44b0adecb461cc720998bb2b0e67cec388cd09337
|
|
4
|
+
data.tar.gz: d2f13d2a283176bc2f27bc7321265e60b17ee9b0e260a0e5e98409c65cefeac1
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 3a300155409cc978fc05c743d8a5e91261e93d712623c36adb0236d5c7ff718c0279d63e63654b4063ebd04ee4828792b052b5e25f503963142bdb479c2fccc6
|
|
7
|
+
data.tar.gz: ddfd5e53d6879c2747e5e41b39903ec77cdf67a6d391e79ed6b7e4a59e2d42b2a6d5c28386d5a7395ee84de9cf9ee8f696d72964294d8011fd3bdb9ec99fc349
|
data/.rubocop_todo.yml
CHANGED
|
@@ -92,12 +92,6 @@ Style/IfUnlessModifier:
|
|
|
92
92
|
- 'bin/pwn'
|
|
93
93
|
- 'lib/pwn/plugins/baresip.rb'
|
|
94
94
|
|
|
95
|
-
# Offense count: 1
|
|
96
|
-
# This cop supports safe autocorrection (--autocorrect).
|
|
97
|
-
Style/RedundantBegin:
|
|
98
|
-
Exclude:
|
|
99
|
-
- 'lib/pwn/www/hacker_one.rb'
|
|
100
|
-
|
|
101
95
|
# Offense count: 95
|
|
102
96
|
# This cop supports safe autocorrection (--autocorrect).
|
|
103
97
|
Style/RedundantCondition:
|
data/README.md
CHANGED
|
@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
|
37
37
|
$ rvm list gemsets
|
|
38
38
|
$ gem install --verbose pwn
|
|
39
39
|
$ pwn
|
|
40
|
-
pwn[v0.4.
|
|
40
|
+
pwn[v0.4.867]:001 >>> PWN.help
|
|
41
41
|
```
|
|
42
42
|
|
|
43
43
|
[](https://youtu.be/G7iLUY4FzsI)
|
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
|
53
53
|
$ gem install --verbose pwn
|
|
54
54
|
$ pwn
|
|
55
|
-
pwn[v0.4.
|
|
55
|
+
pwn[v0.4.867]:001 >>> PWN.help
|
|
56
56
|
```
|
|
57
57
|
|
|
58
58
|
|
data/lib/pwn/plugins/shodan.rb
CHANGED
|
@@ -104,9 +104,7 @@ module PWN
|
|
|
104
104
|
else
|
|
105
105
|
raise @@logger.error("Unsupported HTTP Method #{http_method} for #{self} Plugin")
|
|
106
106
|
end
|
|
107
|
-
|
|
108
|
-
response.body = response_body_scrubbed
|
|
109
|
-
response
|
|
107
|
+
JSON.parse(response.scrub, symbolize_names: true)
|
|
110
108
|
rescue RestClient::TooManyRequests
|
|
111
109
|
print 'Too many requests. Sleeping 10s...'
|
|
112
110
|
sleep 10
|
|
@@ -138,7 +136,7 @@ module PWN
|
|
|
138
136
|
rest_call: "shodan/host/#{target_ip}",
|
|
139
137
|
params: params
|
|
140
138
|
)
|
|
141
|
-
services_by_ips.push(
|
|
139
|
+
services_by_ips.push(response)
|
|
142
140
|
rescue StandardError => e
|
|
143
141
|
services_by_ips.push(error: e.message)
|
|
144
142
|
next
|
|
@@ -174,12 +172,11 @@ module PWN
|
|
|
174
172
|
}
|
|
175
173
|
end
|
|
176
174
|
|
|
177
|
-
|
|
175
|
+
shodan_rest_call(
|
|
178
176
|
api_key: api_key,
|
|
179
177
|
rest_call: 'shodan/host/count',
|
|
180
178
|
params: params
|
|
181
179
|
)
|
|
182
|
-
JSON.parse(response, symbolize_names: true)
|
|
183
180
|
rescue StandardError => e
|
|
184
181
|
raise e
|
|
185
182
|
end
|
|
@@ -209,12 +206,11 @@ module PWN
|
|
|
209
206
|
}
|
|
210
207
|
end
|
|
211
208
|
|
|
212
|
-
|
|
209
|
+
shodan_rest_call(
|
|
213
210
|
api_key: api_key,
|
|
214
211
|
rest_call: 'shodan/host/search',
|
|
215
212
|
params: params
|
|
216
213
|
)
|
|
217
|
-
JSON.parse(response, symbolize_names: true)
|
|
218
214
|
rescue StandardError => e
|
|
219
215
|
raise e
|
|
220
216
|
end
|
|
@@ -234,12 +230,11 @@ module PWN
|
|
|
234
230
|
query: query
|
|
235
231
|
}
|
|
236
232
|
|
|
237
|
-
|
|
233
|
+
shodan_rest_call(
|
|
238
234
|
api_key: api_key,
|
|
239
235
|
rest_call: 'shodan/host/search/tokens',
|
|
240
236
|
params: params
|
|
241
237
|
)
|
|
242
|
-
JSON.parse(response, symbolize_names: true)
|
|
243
238
|
rescue StandardError => e
|
|
244
239
|
raise e
|
|
245
240
|
end
|
|
@@ -253,12 +248,11 @@ module PWN
|
|
|
253
248
|
api_key = opts[:api_key].to_s.scrub
|
|
254
249
|
|
|
255
250
|
params = { key: api_key }
|
|
256
|
-
|
|
251
|
+
shodan_rest_call(
|
|
257
252
|
api_key: api_key,
|
|
258
253
|
rest_call: 'shodan/ports',
|
|
259
254
|
params: params
|
|
260
255
|
)
|
|
261
|
-
JSON.parse(response, symbolize_names: true)
|
|
262
256
|
rescue StandardError => e
|
|
263
257
|
raise e
|
|
264
258
|
end
|
|
@@ -272,12 +266,11 @@ module PWN
|
|
|
272
266
|
api_key = opts[:api_key].to_s.scrub
|
|
273
267
|
|
|
274
268
|
params = { key: api_key }
|
|
275
|
-
|
|
269
|
+
shodan_rest_call(
|
|
276
270
|
api_key: api_key,
|
|
277
271
|
rest_call: 'shodan/protocols',
|
|
278
272
|
params: params
|
|
279
273
|
)
|
|
280
|
-
JSON.parse(response, symbolize_names: true)
|
|
281
274
|
rescue StandardError => e
|
|
282
275
|
raise e
|
|
283
276
|
end
|
|
@@ -294,14 +287,13 @@ module PWN
|
|
|
294
287
|
|
|
295
288
|
params = { key: api_key }
|
|
296
289
|
http_body = "ips=#{target_ips}"
|
|
297
|
-
|
|
290
|
+
shodan_rest_call(
|
|
298
291
|
http_method: :post,
|
|
299
292
|
api_key: api_key,
|
|
300
293
|
rest_call: 'shodan/scan',
|
|
301
294
|
params: params,
|
|
302
295
|
http_body: http_body
|
|
303
296
|
)
|
|
304
|
-
JSON.parse(response, symbolize_names: true)
|
|
305
297
|
rescue StandardError => e
|
|
306
298
|
raise e
|
|
307
299
|
end
|
|
@@ -320,14 +312,13 @@ module PWN
|
|
|
320
312
|
|
|
321
313
|
params = { key: api_key }
|
|
322
314
|
http_body = "port=#{port}&protocol=#{protocol}"
|
|
323
|
-
|
|
315
|
+
shodan_rest_call(
|
|
324
316
|
http_method: :post,
|
|
325
317
|
api_key: api_key,
|
|
326
318
|
rest_call: 'shodan/scan/internet',
|
|
327
319
|
params: params,
|
|
328
320
|
http_body: http_body
|
|
329
321
|
)
|
|
330
|
-
JSON.parse(response, symbolize_names: true)
|
|
331
322
|
rescue StandardError => e
|
|
332
323
|
raise e
|
|
333
324
|
end
|
|
@@ -346,12 +337,11 @@ module PWN
|
|
|
346
337
|
key: api_key
|
|
347
338
|
}
|
|
348
339
|
|
|
349
|
-
|
|
340
|
+
shodan_rest_call(
|
|
350
341
|
api_key: api_key,
|
|
351
342
|
rest_call: "shodan/scan/status/#{scan_id}",
|
|
352
343
|
params: params
|
|
353
344
|
)
|
|
354
|
-
JSON.parse(response, symbolize_names: true)
|
|
355
345
|
rescue StandardError => e
|
|
356
346
|
raise e
|
|
357
347
|
end
|
|
@@ -365,12 +355,11 @@ module PWN
|
|
|
365
355
|
api_key = opts[:api_key].to_s.scrub
|
|
366
356
|
|
|
367
357
|
params = { key: api_key }
|
|
368
|
-
|
|
358
|
+
shodan_rest_call(
|
|
369
359
|
api_key: api_key,
|
|
370
360
|
rest_call: 'shodan/services',
|
|
371
361
|
params: params
|
|
372
362
|
)
|
|
373
|
-
JSON.parse(response, symbolize_names: true)
|
|
374
363
|
rescue StandardError => e
|
|
375
364
|
raise e
|
|
376
365
|
end
|
|
@@ -395,12 +384,12 @@ module PWN
|
|
|
395
384
|
sort: sort.to_s,
|
|
396
385
|
order: order.to_s
|
|
397
386
|
}
|
|
398
|
-
|
|
387
|
+
|
|
388
|
+
shodan_rest_call(
|
|
399
389
|
api_key: api_key,
|
|
400
390
|
rest_call: 'shodan/query',
|
|
401
391
|
params: params
|
|
402
392
|
)
|
|
403
|
-
JSON.parse(response, symbolize_names: true)
|
|
404
393
|
rescue StandardError => e
|
|
405
394
|
raise e
|
|
406
395
|
end
|
|
@@ -424,12 +413,11 @@ module PWN
|
|
|
424
413
|
params = { key: api_key }
|
|
425
414
|
end
|
|
426
415
|
|
|
427
|
-
|
|
416
|
+
shodan_rest_call(
|
|
428
417
|
api_key: api_key,
|
|
429
418
|
rest_call: 'shodan/query/tags',
|
|
430
419
|
params: params
|
|
431
420
|
)
|
|
432
|
-
JSON.parse(response, symbolize_names: true)
|
|
433
421
|
rescue StandardError => e
|
|
434
422
|
raise e
|
|
435
423
|
end
|
|
@@ -443,12 +431,11 @@ module PWN
|
|
|
443
431
|
api_key = opts[:api_key].to_s.scrub
|
|
444
432
|
|
|
445
433
|
params = { key: api_key }
|
|
446
|
-
|
|
434
|
+
shodan_rest_call(
|
|
447
435
|
api_key: api_key,
|
|
448
436
|
rest_call: 'account/profile',
|
|
449
437
|
params: params
|
|
450
438
|
)
|
|
451
|
-
JSON.parse(response, symbolize_names: true)
|
|
452
439
|
rescue StandardError => e
|
|
453
440
|
raise e
|
|
454
441
|
end
|
|
@@ -480,12 +467,11 @@ module PWN
|
|
|
480
467
|
api_key = opts[:api_key].to_s.scrub
|
|
481
468
|
|
|
482
469
|
params = { key: api_key }
|
|
483
|
-
|
|
470
|
+
shodan_rest_call(
|
|
484
471
|
api_key: api_key,
|
|
485
472
|
rest_call: 'api-info',
|
|
486
473
|
params: params
|
|
487
474
|
)
|
|
488
|
-
JSON.parse(response, symbolize_names: true)
|
|
489
475
|
rescue StandardError => e
|
|
490
476
|
raise e
|
|
491
477
|
end
|
data/lib/pwn/version.rb
CHANGED
data/lib/pwn/www/hacker_one.rb
CHANGED
|
@@ -119,26 +119,24 @@ module PWN
|
|
|
119
119
|
File.write(path, JSON.pretty_generate(json_resp))
|
|
120
120
|
else
|
|
121
121
|
programs_arr.each do |program|
|
|
122
|
-
|
|
123
|
-
|
|
124
|
-
|
|
125
|
-
|
|
126
|
-
|
|
127
|
-
|
|
128
|
-
|
|
129
|
-
|
|
130
|
-
|
|
131
|
-
|
|
132
|
-
|
|
133
|
-
|
|
134
|
-
|
|
135
|
-
|
|
136
|
-
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
|
|
140
|
-
next
|
|
141
|
-
end
|
|
122
|
+
name = program[:name]
|
|
123
|
+
burp_download_link = program[:burp_target_config]
|
|
124
|
+
path = "./burp_target_config_file-#{name}.json" if opts[:root_dir].nil?
|
|
125
|
+
path = "#{root_dir}/burp_target_config_file-#{name}.json" unless opts[:root_dir].nil?
|
|
126
|
+
|
|
127
|
+
resp = rest_client.execute(
|
|
128
|
+
method: :get,
|
|
129
|
+
headers: { user_agent: user_agent },
|
|
130
|
+
url: burp_download_link
|
|
131
|
+
)
|
|
132
|
+
json_resp = JSON.parse(resp.body)
|
|
133
|
+
|
|
134
|
+
puts "Saving to: #{path}"
|
|
135
|
+
File.write(path, JSON.pretty_generate(json_resp))
|
|
136
|
+
rescue JSON::ParserError,
|
|
137
|
+
RestClient::NotFound
|
|
138
|
+
puts '-'
|
|
139
|
+
next
|
|
142
140
|
end
|
|
143
141
|
end
|
|
144
142
|
puts 'complete.'
|