pwn 0.4.986 → 0.4.987
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +1 -1
- data/README.md +3 -3
- data/lib/pwn/plugins/black_duck_binary_analysis.rb +2 -2
- data/lib/pwn/plugins/xxd.rb +89 -0
- data/lib/pwn/plugins.rb +1 -0
- data/lib/pwn/version.rb +1 -1
- data/spec/lib/pwn/plugins/xxd_spec.rb +15 -0
- metadata +6 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: f00d411fb2db8644fbcb1d272a5756e0dce64aeb0233b4be97a62d1fb06d5fb7
|
4
|
+
data.tar.gz: feb58fc5a339d2e37044bd5e39a5f78af087824ccb8745633c22fd129a129b53
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: b6fc47ce9206ea236f6dd44e71cc7201cef36fc3e1f177b6948d6859f1f233652bfcb80e7053fb1699ef4c45bb3f2db1e1bd405cc9acd5fc78600578034af0ce
|
7
|
+
data.tar.gz: 7e08304f736ae875d40fbe982d2589f2ac2a40485d6b44cda2f2c100b6dd426009cb5da8e198713506439d577081930d2f3cbc34b4fec68024479112cc1812f9
|
data/Gemfile
CHANGED
data/README.md
CHANGED
@@ -37,7 +37,7 @@ $ cd /opt/pwn
|
|
37
37
|
$ ./install.sh
|
38
38
|
$ ./install.sh ruby-gem
|
39
39
|
$ pwn
|
40
|
-
pwn[v0.4.
|
40
|
+
pwn[v0.4.987]:001 >>> PWN.help
|
41
41
|
```
|
42
42
|
|
43
43
|
[![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.3.0@pwn
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
53
53
|
$ gem install --verbose pwn
|
54
54
|
$ pwn
|
55
|
-
pwn[v0.4.
|
55
|
+
pwn[v0.4.987]:001 >>> PWN.help
|
56
56
|
```
|
57
57
|
|
58
58
|
If you're using a multi-user install of RVM do:
|
@@ -62,7 +62,7 @@ $ rvm use ruby-3.3.0@pwn
|
|
62
62
|
$ rvmsudo gem uninstall --all --executables pwn
|
63
63
|
$ rvmsudo gem install --verbose pwn
|
64
64
|
$ pwn
|
65
|
-
pwn[v0.4.
|
65
|
+
pwn[v0.4.987]:001 >>> PWN.help
|
66
66
|
```
|
67
67
|
|
68
68
|
PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
|
@@ -60,8 +60,7 @@ module PWN
|
|
60
60
|
|
61
61
|
when :post, :put
|
62
62
|
if http_body.is_a?(Hash)
|
63
|
-
headers[:content_type] =
|
64
|
-
# headers[:content_type] = 'multipart/form-data' if http_body.key?(:multipart)
|
63
|
+
headers[:content_type] = 'multipart/form-data' if http_body.key?(:multipart)
|
65
64
|
http_body = http_body.to_json unless http_body.key?(:multipart)
|
66
65
|
end
|
67
66
|
|
@@ -179,6 +178,7 @@ module PWN
|
|
179
178
|
replace: product_id
|
180
179
|
}
|
181
180
|
|
181
|
+
# file: File.binread(file)
|
182
182
|
http_body = {
|
183
183
|
multipart: true,
|
184
184
|
file: File.new(file, 'rb')
|
@@ -0,0 +1,89 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module PWN
|
4
|
+
module Plugins
|
5
|
+
# This module provides the abilty to dump binaries in hex format
|
6
|
+
module XXD
|
7
|
+
# Supported Method Parameters::
|
8
|
+
# PWN::Plugins::XXD.dump(
|
9
|
+
# file: 'required - path to binary file to dump'
|
10
|
+
# )
|
11
|
+
|
12
|
+
public_class_method def self.dump(opts = {})
|
13
|
+
file = opts[:file]
|
14
|
+
|
15
|
+
raise ArgumentError, 'file is required' if file.nil?
|
16
|
+
|
17
|
+
raise ArgumentError, 'file does not exist' unless File.exist?(file)
|
18
|
+
|
19
|
+
input = File.binread(file)
|
20
|
+
|
21
|
+
io = StringIO.new
|
22
|
+
res = input.bytes.each_slice(2).each_slice(8).with_index do |row, index|
|
23
|
+
io.write(
|
24
|
+
format(
|
25
|
+
"%<s1>07x0: %<s2>-40s %<s3>-16s\n",
|
26
|
+
s1: index,
|
27
|
+
s2: row.map { |pair| pair.map { |b| b.to_s(16).rjust(2, '0') }.join }.join(' '),
|
28
|
+
s3: row.flat_map { |pair| pair.map { |b| (b >= 32 && b < 127 ? b.chr : '.') } }.flatten.join
|
29
|
+
)
|
30
|
+
)
|
31
|
+
end
|
32
|
+
|
33
|
+
io.string
|
34
|
+
rescue StandardError => e
|
35
|
+
raise e
|
36
|
+
end
|
37
|
+
|
38
|
+
# Supported Method Parameters::
|
39
|
+
# PWN::Plugins::XXD.dump(
|
40
|
+
# hexdump: 'required - hexdump string to reverse dump'
|
41
|
+
# file: 'required - path to binary file to dump'
|
42
|
+
# )
|
43
|
+
|
44
|
+
def self.reverse_dump(opts = {})
|
45
|
+
hexdump = opts[:hexdump]
|
46
|
+
file = opts[:file]
|
47
|
+
raise ArgumentError, 'hexdump is required' if hexdump.nil?
|
48
|
+
|
49
|
+
raise ArgumentError, 'output file is required' if file.nil?
|
50
|
+
|
51
|
+
# TODO: fix this block as it is not working as expected
|
52
|
+
binary_data = hexdump.lines.map do |line|
|
53
|
+
line.split(':')[1].split[0..15].join.split.map do |hex|
|
54
|
+
[hex].pack('H*')
|
55
|
+
end.join
|
56
|
+
end.join
|
57
|
+
|
58
|
+
File.binwrite(file, binary_data)
|
59
|
+
rescue StandardError => e
|
60
|
+
raise e
|
61
|
+
end
|
62
|
+
|
63
|
+
# Author(s):: 0day Inc. <request.pentest@0dayinc.com>
|
64
|
+
|
65
|
+
public_class_method def self.authors
|
66
|
+
"AUTHOR(S):
|
67
|
+
0day Inc. <request.pentest@0dayinc.com>
|
68
|
+
"
|
69
|
+
end
|
70
|
+
|
71
|
+
# Display Usage for this Module
|
72
|
+
|
73
|
+
public_class_method def self.help
|
74
|
+
puts "USAGE:
|
75
|
+
#{self}.dump(
|
76
|
+
file: 'required - path to binary file to dump'
|
77
|
+
)
|
78
|
+
|
79
|
+
#{self}.reverse_dump(
|
80
|
+
hexdump: 'required - hexdump string to reverse dump',
|
81
|
+
file: 'required - path to binary file to dump'
|
82
|
+
)
|
83
|
+
|
84
|
+
#{self}.authors
|
85
|
+
"
|
86
|
+
end
|
87
|
+
end
|
88
|
+
end
|
89
|
+
end
|
data/lib/pwn/plugins.rb
CHANGED
data/lib/pwn/version.rb
CHANGED
@@ -0,0 +1,15 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'spec_helper'
|
4
|
+
|
5
|
+
describe PWN::Plugins::XXD do
|
6
|
+
it 'should display information for authors' do
|
7
|
+
authors_response = PWN::Plugins::XXD
|
8
|
+
expect(authors_response).to respond_to :authors
|
9
|
+
end
|
10
|
+
|
11
|
+
it 'should display information for existing help method' do
|
12
|
+
help_response = PWN::Plugins::XXD
|
13
|
+
expect(help_response).to respond_to :help
|
14
|
+
end
|
15
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: pwn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.4.
|
4
|
+
version: 0.4.987
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- 0day Inc.
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2024-01-
|
11
|
+
date: 2024-01-24 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|
@@ -856,14 +856,14 @@ dependencies:
|
|
856
856
|
requirements:
|
857
857
|
- - '='
|
858
858
|
- !ruby/object:Gem::Version
|
859
|
-
version: 1.60.
|
859
|
+
version: 1.60.2
|
860
860
|
type: :runtime
|
861
861
|
prerelease: false
|
862
862
|
version_requirements: !ruby/object:Gem::Requirement
|
863
863
|
requirements:
|
864
864
|
- - '='
|
865
865
|
- !ruby/object:Gem::Version
|
866
|
-
version: 1.60.
|
866
|
+
version: 1.60.2
|
867
867
|
- !ruby/object:Gem::Dependency
|
868
868
|
name: rubocop-rake
|
869
869
|
requirement: !ruby/object:Gem::Requirement
|
@@ -1781,6 +1781,7 @@ files:
|
|
1781
1781
|
- lib/pwn/plugins/uri_scheme.rb
|
1782
1782
|
- lib/pwn/plugins/voice.rb
|
1783
1783
|
- lib/pwn/plugins/vsphere.rb
|
1784
|
+
- lib/pwn/plugins/xxd.rb
|
1784
1785
|
- lib/pwn/reports.rb
|
1785
1786
|
- lib/pwn/reports/fuzz.rb
|
1786
1787
|
- lib/pwn/reports/phone.rb
|
@@ -2105,6 +2106,7 @@ files:
|
|
2105
2106
|
- spec/lib/pwn/plugins/uri_scheme_spec.rb
|
2106
2107
|
- spec/lib/pwn/plugins/voice_spec.rb
|
2107
2108
|
- spec/lib/pwn/plugins/vsphere_spec.rb
|
2109
|
+
- spec/lib/pwn/plugins/xxd_spec.rb
|
2108
2110
|
- spec/lib/pwn/plugins_spec.rb
|
2109
2111
|
- spec/lib/pwn/reports/fuzz_spec.rb
|
2110
2112
|
- spec/lib/pwn/reports/phone_spec.rb
|