pwn 0.4.888 → 0.4.889
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +2 -2
- data/lib/pwn/plugins/sock.rb +17 -4
- data/lib/pwn/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 69484c812ad4eca31e6d5adbed96aabfb49561bd60488fbac1a3ea0bb78fd49f
|
4
|
+
data.tar.gz: ea49ea2042bffe392f99ac3a7af4be3823db59ad502c1f8a42d885ce3e4b743a
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: e3732f05721c2f8cddf8ffc87f2fdd07106a6cec70bbb721a53e41ae7485efd13598f21f2e77eb70184dea52e8101676da6a406652eb58e6f6bde15c9d3e0f8a
|
7
|
+
data.tar.gz: 1f0a843073ada056e110c321747a684269b830823f20586719995f978f5895d8310802c06a2b9e2b68d86ef98e3fda481ba13d42389cc2c31875043da30dd550
|
data/README.md
CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
37
37
|
$ rvm list gemsets
|
38
38
|
$ gem install --verbose pwn
|
39
39
|
$ pwn
|
40
|
-
pwn[v0.4.
|
40
|
+
pwn[v0.4.889]:001 >>> PWN.help
|
41
41
|
```
|
42
42
|
|
43
43
|
[![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
53
53
|
$ gem install --verbose pwn
|
54
54
|
$ pwn
|
55
|
-
pwn[v0.4.
|
55
|
+
pwn[v0.4.889]:001 >>> PWN.help
|
56
56
|
```
|
57
57
|
|
58
58
|
|
data/lib/pwn/plugins/sock.rb
CHANGED
@@ -26,8 +26,12 @@ module PWN
|
|
26
26
|
|
27
27
|
# TODO: Add proxy support
|
28
28
|
|
29
|
-
|
30
|
-
|
29
|
+
if opts[:tls]
|
30
|
+
tls = true
|
31
|
+
tls_attempt = 1 unless tls_attempt > 1
|
32
|
+
tls_min_version = OpenSSL::SSL::TLS1_VERSION
|
33
|
+
end
|
34
|
+
tls = false unless opts[:tls]
|
31
35
|
|
32
36
|
case protocol
|
33
37
|
when :tcp
|
@@ -35,6 +39,8 @@ module PWN
|
|
35
39
|
sock = TCPSocket.open(target, port)
|
36
40
|
tls_context = OpenSSL::SSL::SSLContext.new
|
37
41
|
tls_context.set_params(verify_mode: OpenSSL::SSL::VERIFY_NONE)
|
42
|
+
tls_context.verify_hostname = false
|
43
|
+
tls_context.min_proto_version = tls_min_version
|
38
44
|
tls_sock = OpenSSL::SSL::SSLSocket.new(sock, tls_context)
|
39
45
|
sock_obj = tls_sock.connect
|
40
46
|
else
|
@@ -48,6 +54,15 @@ module PWN
|
|
48
54
|
end
|
49
55
|
|
50
56
|
sock_obj
|
57
|
+
rescue OpenSSL::SSL::SSLError
|
58
|
+
tls_attempt += 1
|
59
|
+
|
60
|
+
tls_min_version = OpenSSL::SSL::TLS1_1_VERSION if tls_attempt == 2
|
61
|
+
tls_min_version = OpenSSL::SSL::TLS1_2_VERSION if tls_attempt == 3
|
62
|
+
tls_min_version = OpenSSL::SSL::TLS1_3_VERSION if tls_attempt == 4
|
63
|
+
|
64
|
+
retry if tls_attempt < 5
|
65
|
+
raise e if tls_attempt > 4
|
51
66
|
rescue StandardError => e
|
52
67
|
sock_obj = disconnect(sock_obj: sock_obj) unless sock_obj.nil?
|
53
68
|
raise e
|
@@ -188,8 +203,6 @@ module PWN
|
|
188
203
|
)
|
189
204
|
tls_sock_obj.sync_close = true
|
190
205
|
tls_sock_obj.peer_cert
|
191
|
-
rescue OpenSSL::SSL::SSLError
|
192
|
-
false
|
193
206
|
rescue StandardError => e
|
194
207
|
raise e
|
195
208
|
ensure
|
data/lib/pwn/version.rb
CHANGED