pwn 0.4.866 → 0.4.867
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rubocop_todo.yml +0 -6
- data/README.md +2 -2
- data/lib/pwn/plugins/shodan.rb +16 -30
- data/lib/pwn/version.rb +1 -1
- data/lib/pwn/www/hacker_one.rb +18 -20
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 145befe33721bfed27906af44b0adecb461cc720998bb2b0e67cec388cd09337
|
|
4
|
+
data.tar.gz: d2f13d2a283176bc2f27bc7321265e60b17ee9b0e260a0e5e98409c65cefeac1
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 3a300155409cc978fc05c743d8a5e91261e93d712623c36adb0236d5c7ff718c0279d63e63654b4063ebd04ee4828792b052b5e25f503963142bdb479c2fccc6
|
|
7
|
+
data.tar.gz: ddfd5e53d6879c2747e5e41b39903ec77cdf67a6d391e79ed6b7e4a59e2d42b2a6d5c28386d5a7395ee84de9cf9ee8f696d72964294d8011fd3bdb9ec99fc349
|
data/.rubocop_todo.yml
CHANGED
|
@@ -92,12 +92,6 @@ Style/IfUnlessModifier:
|
|
|
92
92
|
- 'bin/pwn'
|
|
93
93
|
- 'lib/pwn/plugins/baresip.rb'
|
|
94
94
|
|
|
95
|
-
# Offense count: 1
|
|
96
|
-
# This cop supports safe autocorrection (--autocorrect).
|
|
97
|
-
Style/RedundantBegin:
|
|
98
|
-
Exclude:
|
|
99
|
-
- 'lib/pwn/www/hacker_one.rb'
|
|
100
|
-
|
|
101
95
|
# Offense count: 95
|
|
102
96
|
# This cop supports safe autocorrection (--autocorrect).
|
|
103
97
|
Style/RedundantCondition:
|
data/README.md
CHANGED
|
@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
|
37
37
|
$ rvm list gemsets
|
|
38
38
|
$ gem install --verbose pwn
|
|
39
39
|
$ pwn
|
|
40
|
-
pwn[v0.4.
|
|
40
|
+
pwn[v0.4.867]:001 >>> PWN.help
|
|
41
41
|
```
|
|
42
42
|
|
|
43
43
|
[](https://youtu.be/G7iLUY4FzsI)
|
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
|
53
53
|
$ gem install --verbose pwn
|
|
54
54
|
$ pwn
|
|
55
|
-
pwn[v0.4.
|
|
55
|
+
pwn[v0.4.867]:001 >>> PWN.help
|
|
56
56
|
```
|
|
57
57
|
|
|
58
58
|
|
data/lib/pwn/plugins/shodan.rb
CHANGED
|
@@ -104,9 +104,7 @@ module PWN
|
|
|
104
104
|
else
|
|
105
105
|
raise @@logger.error("Unsupported HTTP Method #{http_method} for #{self} Plugin")
|
|
106
106
|
end
|
|
107
|
-
|
|
108
|
-
response.body = response_body_scrubbed
|
|
109
|
-
response
|
|
107
|
+
JSON.parse(response.scrub, symbolize_names: true)
|
|
110
108
|
rescue RestClient::TooManyRequests
|
|
111
109
|
print 'Too many requests. Sleeping 10s...'
|
|
112
110
|
sleep 10
|
|
@@ -138,7 +136,7 @@ module PWN
|
|
|
138
136
|
rest_call: "shodan/host/#{target_ip}",
|
|
139
137
|
params: params
|
|
140
138
|
)
|
|
141
|
-
services_by_ips.push(
|
|
139
|
+
services_by_ips.push(response)
|
|
142
140
|
rescue StandardError => e
|
|
143
141
|
services_by_ips.push(error: e.message)
|
|
144
142
|
next
|
|
@@ -174,12 +172,11 @@ module PWN
|
|
|
174
172
|
}
|
|
175
173
|
end
|
|
176
174
|
|
|
177
|
-
|
|
175
|
+
shodan_rest_call(
|
|
178
176
|
api_key: api_key,
|
|
179
177
|
rest_call: 'shodan/host/count',
|
|
180
178
|
params: params
|
|
181
179
|
)
|
|
182
|
-
JSON.parse(response, symbolize_names: true)
|
|
183
180
|
rescue StandardError => e
|
|
184
181
|
raise e
|
|
185
182
|
end
|
|
@@ -209,12 +206,11 @@ module PWN
|
|
|
209
206
|
}
|
|
210
207
|
end
|
|
211
208
|
|
|
212
|
-
|
|
209
|
+
shodan_rest_call(
|
|
213
210
|
api_key: api_key,
|
|
214
211
|
rest_call: 'shodan/host/search',
|
|
215
212
|
params: params
|
|
216
213
|
)
|
|
217
|
-
JSON.parse(response, symbolize_names: true)
|
|
218
214
|
rescue StandardError => e
|
|
219
215
|
raise e
|
|
220
216
|
end
|
|
@@ -234,12 +230,11 @@ module PWN
|
|
|
234
230
|
query: query
|
|
235
231
|
}
|
|
236
232
|
|
|
237
|
-
|
|
233
|
+
shodan_rest_call(
|
|
238
234
|
api_key: api_key,
|
|
239
235
|
rest_call: 'shodan/host/search/tokens',
|
|
240
236
|
params: params
|
|
241
237
|
)
|
|
242
|
-
JSON.parse(response, symbolize_names: true)
|
|
243
238
|
rescue StandardError => e
|
|
244
239
|
raise e
|
|
245
240
|
end
|
|
@@ -253,12 +248,11 @@ module PWN
|
|
|
253
248
|
api_key = opts[:api_key].to_s.scrub
|
|
254
249
|
|
|
255
250
|
params = { key: api_key }
|
|
256
|
-
|
|
251
|
+
shodan_rest_call(
|
|
257
252
|
api_key: api_key,
|
|
258
253
|
rest_call: 'shodan/ports',
|
|
259
254
|
params: params
|
|
260
255
|
)
|
|
261
|
-
JSON.parse(response, symbolize_names: true)
|
|
262
256
|
rescue StandardError => e
|
|
263
257
|
raise e
|
|
264
258
|
end
|
|
@@ -272,12 +266,11 @@ module PWN
|
|
|
272
266
|
api_key = opts[:api_key].to_s.scrub
|
|
273
267
|
|
|
274
268
|
params = { key: api_key }
|
|
275
|
-
|
|
269
|
+
shodan_rest_call(
|
|
276
270
|
api_key: api_key,
|
|
277
271
|
rest_call: 'shodan/protocols',
|
|
278
272
|
params: params
|
|
279
273
|
)
|
|
280
|
-
JSON.parse(response, symbolize_names: true)
|
|
281
274
|
rescue StandardError => e
|
|
282
275
|
raise e
|
|
283
276
|
end
|
|
@@ -294,14 +287,13 @@ module PWN
|
|
|
294
287
|
|
|
295
288
|
params = { key: api_key }
|
|
296
289
|
http_body = "ips=#{target_ips}"
|
|
297
|
-
|
|
290
|
+
shodan_rest_call(
|
|
298
291
|
http_method: :post,
|
|
299
292
|
api_key: api_key,
|
|
300
293
|
rest_call: 'shodan/scan',
|
|
301
294
|
params: params,
|
|
302
295
|
http_body: http_body
|
|
303
296
|
)
|
|
304
|
-
JSON.parse(response, symbolize_names: true)
|
|
305
297
|
rescue StandardError => e
|
|
306
298
|
raise e
|
|
307
299
|
end
|
|
@@ -320,14 +312,13 @@ module PWN
|
|
|
320
312
|
|
|
321
313
|
params = { key: api_key }
|
|
322
314
|
http_body = "port=#{port}&protocol=#{protocol}"
|
|
323
|
-
|
|
315
|
+
shodan_rest_call(
|
|
324
316
|
http_method: :post,
|
|
325
317
|
api_key: api_key,
|
|
326
318
|
rest_call: 'shodan/scan/internet',
|
|
327
319
|
params: params,
|
|
328
320
|
http_body: http_body
|
|
329
321
|
)
|
|
330
|
-
JSON.parse(response, symbolize_names: true)
|
|
331
322
|
rescue StandardError => e
|
|
332
323
|
raise e
|
|
333
324
|
end
|
|
@@ -346,12 +337,11 @@ module PWN
|
|
|
346
337
|
key: api_key
|
|
347
338
|
}
|
|
348
339
|
|
|
349
|
-
|
|
340
|
+
shodan_rest_call(
|
|
350
341
|
api_key: api_key,
|
|
351
342
|
rest_call: "shodan/scan/status/#{scan_id}",
|
|
352
343
|
params: params
|
|
353
344
|
)
|
|
354
|
-
JSON.parse(response, symbolize_names: true)
|
|
355
345
|
rescue StandardError => e
|
|
356
346
|
raise e
|
|
357
347
|
end
|
|
@@ -365,12 +355,11 @@ module PWN
|
|
|
365
355
|
api_key = opts[:api_key].to_s.scrub
|
|
366
356
|
|
|
367
357
|
params = { key: api_key }
|
|
368
|
-
|
|
358
|
+
shodan_rest_call(
|
|
369
359
|
api_key: api_key,
|
|
370
360
|
rest_call: 'shodan/services',
|
|
371
361
|
params: params
|
|
372
362
|
)
|
|
373
|
-
JSON.parse(response, symbolize_names: true)
|
|
374
363
|
rescue StandardError => e
|
|
375
364
|
raise e
|
|
376
365
|
end
|
|
@@ -395,12 +384,12 @@ module PWN
|
|
|
395
384
|
sort: sort.to_s,
|
|
396
385
|
order: order.to_s
|
|
397
386
|
}
|
|
398
|
-
|
|
387
|
+
|
|
388
|
+
shodan_rest_call(
|
|
399
389
|
api_key: api_key,
|
|
400
390
|
rest_call: 'shodan/query',
|
|
401
391
|
params: params
|
|
402
392
|
)
|
|
403
|
-
JSON.parse(response, symbolize_names: true)
|
|
404
393
|
rescue StandardError => e
|
|
405
394
|
raise e
|
|
406
395
|
end
|
|
@@ -424,12 +413,11 @@ module PWN
|
|
|
424
413
|
params = { key: api_key }
|
|
425
414
|
end
|
|
426
415
|
|
|
427
|
-
|
|
416
|
+
shodan_rest_call(
|
|
428
417
|
api_key: api_key,
|
|
429
418
|
rest_call: 'shodan/query/tags',
|
|
430
419
|
params: params
|
|
431
420
|
)
|
|
432
|
-
JSON.parse(response, symbolize_names: true)
|
|
433
421
|
rescue StandardError => e
|
|
434
422
|
raise e
|
|
435
423
|
end
|
|
@@ -443,12 +431,11 @@ module PWN
|
|
|
443
431
|
api_key = opts[:api_key].to_s.scrub
|
|
444
432
|
|
|
445
433
|
params = { key: api_key }
|
|
446
|
-
|
|
434
|
+
shodan_rest_call(
|
|
447
435
|
api_key: api_key,
|
|
448
436
|
rest_call: 'account/profile',
|
|
449
437
|
params: params
|
|
450
438
|
)
|
|
451
|
-
JSON.parse(response, symbolize_names: true)
|
|
452
439
|
rescue StandardError => e
|
|
453
440
|
raise e
|
|
454
441
|
end
|
|
@@ -480,12 +467,11 @@ module PWN
|
|
|
480
467
|
api_key = opts[:api_key].to_s.scrub
|
|
481
468
|
|
|
482
469
|
params = { key: api_key }
|
|
483
|
-
|
|
470
|
+
shodan_rest_call(
|
|
484
471
|
api_key: api_key,
|
|
485
472
|
rest_call: 'api-info',
|
|
486
473
|
params: params
|
|
487
474
|
)
|
|
488
|
-
JSON.parse(response, symbolize_names: true)
|
|
489
475
|
rescue StandardError => e
|
|
490
476
|
raise e
|
|
491
477
|
end
|
data/lib/pwn/version.rb
CHANGED
data/lib/pwn/www/hacker_one.rb
CHANGED
|
@@ -119,26 +119,24 @@ module PWN
|
|
|
119
119
|
File.write(path, JSON.pretty_generate(json_resp))
|
|
120
120
|
else
|
|
121
121
|
programs_arr.each do |program|
|
|
122
|
-
|
|
123
|
-
|
|
124
|
-
|
|
125
|
-
|
|
126
|
-
|
|
127
|
-
|
|
128
|
-
|
|
129
|
-
|
|
130
|
-
|
|
131
|
-
|
|
132
|
-
|
|
133
|
-
|
|
134
|
-
|
|
135
|
-
|
|
136
|
-
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
|
|
140
|
-
next
|
|
141
|
-
end
|
|
122
|
+
name = program[:name]
|
|
123
|
+
burp_download_link = program[:burp_target_config]
|
|
124
|
+
path = "./burp_target_config_file-#{name}.json" if opts[:root_dir].nil?
|
|
125
|
+
path = "#{root_dir}/burp_target_config_file-#{name}.json" unless opts[:root_dir].nil?
|
|
126
|
+
|
|
127
|
+
resp = rest_client.execute(
|
|
128
|
+
method: :get,
|
|
129
|
+
headers: { user_agent: user_agent },
|
|
130
|
+
url: burp_download_link
|
|
131
|
+
)
|
|
132
|
+
json_resp = JSON.parse(resp.body)
|
|
133
|
+
|
|
134
|
+
puts "Saving to: #{path}"
|
|
135
|
+
File.write(path, JSON.pretty_generate(json_resp))
|
|
136
|
+
rescue JSON::ParserError,
|
|
137
|
+
RestClient::NotFound
|
|
138
|
+
puts '-'
|
|
139
|
+
next
|
|
142
140
|
end
|
|
143
141
|
end
|
|
144
142
|
puts 'complete.'
|