pwn 0.4.999 → 0.5.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG_BETWEEN_TAGS.txt +156 -13
- data/README.md +3 -3
- data/lib/pwn/plugins/xxd.rb +2 -1
- data/lib/pwn/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 94644faaa467e91df066d60731b8390c0d249db0b1d3c9b8132c6d4cec2d5b18
|
4
|
+
data.tar.gz: 1d0551e2b75afc10db63a25367166bade4a9d5e4d333e5c67a3dc9e0f84badbc
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: ff9956bab45acfadc83e1de4e8dcfcc6f43a1308e24e2c0c06871be4a90020e5211bfd0635d4e48da8ac343b676efad310cd5831bc51809a5368ab947f7fdb1c
|
7
|
+
data.tar.gz: ea6b761dccae45b5f4b49ff0a23bc76fd2680dfb48ad46f3530f4989163a8e575439f9f60e2ca14722d1840126f31c72f56506e7d6fcef2312b5fc286c3e1023
|
data/CHANGELOG_BETWEEN_TAGS.txt
CHANGED
@@ -1,13 +1,156 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
1
|
+
4e36a03 PWN::Plugins::XXD module - break up hex array into one byte per element for easy hex editing #rubocop_fix
|
2
|
+
dc1b690 PWN::Plugins::XXD module - break up hex array into one byte per element for easy hex editing
|
3
|
+
10a34c1 PWN::Plugins::XXD module - #bugfix when space are in a given row and/or last line is shorter than typical length
|
4
|
+
bbb94c9 Merge pull request #495 from ninp0/master
|
5
|
+
977d319 PWN::Plugins::XXD module - implement optional parameter to return a hexdump as a single hash instead of an array of hashes in #dump method #bugfix
|
6
|
+
f1d20fd Merge pull request #494 from ninp0/master
|
7
|
+
5e474b6 PWN::Plugins::XXD module - convert string or hash returned from #dump method to file when calling the #reverse_dump method
|
8
|
+
89929d0 Merge pull request #493 from ninp0/master
|
9
|
+
bbc03f5 PWN::Plugins::XXD module - implement optional parameter to return a hexdump as a single hash instead of an array of hashes in #dump method #rubocop_fixes
|
10
|
+
2e1da09 Merge pull request #492 from ninp0/master
|
11
|
+
aa42a77 PWN::Plugins::XXD module - implement optional parameter to return a hexdump as a single hash instead of an array of hashes in #dump method
|
12
|
+
97e5772 PWN::Plugins::XXD module - implement optional parameter to return a hexdump array (i.e. array containing a hash for each line) in #dump method
|
13
|
+
d4dc1e3 Merge pull request #491 from ninp0/master
|
14
|
+
c94e0c1 PWN::Plugins::BlackDuckBinaryAnalysis module - duplicate behavior or curl when uploading files by not specifying content-type HTTP header and populating the HTTP body with the raw binary contents #bugfix
|
15
|
+
d931efa Merge pull request #490 from ninp0/master
|
16
|
+
41c081e PWN::Plugins::BlackDuckBinaryAnalysis module - duplicate behavior or curl when uploading files by not specifying content-type HTTP header and populating the HTTP body with the raw binary contents
|
17
|
+
37b7968 Merge pull request #489 from ninp0/master
|
18
|
+
9c15b84 Merge branch 'master' of ssh://github.com/ninp0/pwn
|
19
|
+
86764fc PWN::Plugins::XXD module - bugfix in #reverse_dump method #rubocop_fix
|
20
|
+
778b6d6 PWN::Plugins::XXD module - bugfix in #reverse_dump method
|
21
|
+
8f152cd Merge pull request #488 from ninp0/master
|
22
|
+
c225ee4 PWN::Plugins::BlackDuckBinaryAnalysis module - explicitly set the content_type to "multipart/form-data" when http_body.key?(:multipart)
|
23
|
+
618139f Merge pull request #487 from ninp0/master
|
24
|
+
04b7295 PWN::Plugins::BlackDuckBinaryAnalysis module - change default parameter for scan_code_familiarity to false
|
25
|
+
0e90eb4 Merge pull request #486 from ninp0/master
|
26
|
+
994ede8 PWN::Banner::CodeCave module - bit more realistic #rubocop
|
27
|
+
84da860 PWN::Banner::CodeCave module - bit more realistic
|
28
|
+
dbd3818 Merge pull request #485 from ninp0/master
|
29
|
+
59af310 aliases.rb Provisioner for Packer - update to ensure vim is compatible w/ xxd when hex-editing binaries
|
30
|
+
3d82406 Merge pull request #484 from ninp0/master
|
31
|
+
fd6cedb PWN::Banner::JmpEsp module - no nulls
|
32
|
+
91baad5 PWN::Banner modules - add a couple more #bugfixes
|
33
|
+
bdc6427 PWN::Banner modules - add a couple more
|
34
|
+
b2b3768 Merge pull request #483 from ninp0/master
|
35
|
+
6f2355f PWN::Plugins::OpenAI - #bugfix in #chat method when passing in max_tokens
|
36
|
+
3ada78f PWN::Plugins::OpenAI - #bugfix in max_tokens
|
37
|
+
0b03eee Merge pull request #482 from ninp0/master
|
38
|
+
2fb01de PWN::Plugins::OpenAI - #bugfix in max_tokens
|
39
|
+
19b093e PWN::Plugins::OpenAI - #bugfix in max_tokens
|
40
|
+
879488e PWN::Plugins::OpenAI - #bugfix in max_tokens
|
41
|
+
c69ad76 Merge pull request #481 from ninp0/master
|
42
|
+
072f809 PWN::Banner::Cheshire module - initial commit
|
43
|
+
6652474 Merge pull request #480 from ninp0/master
|
44
|
+
885e774 PWN::Banner::Anon module - remove white background
|
45
|
+
9c47423 Merge pull request #479 from ninp0/master
|
46
|
+
176ebd2 PWN::Banner modules - adjust alignment && add Anon
|
47
|
+
6af6a6d Rubocop
|
48
|
+
95771a9 PWN::Banner::DontPanic module - initial commit
|
49
|
+
15223aa PWN::Plugins::OpenAI module - tweak max_tokens to be 4_096 unless response_history is passed as a parameter #bugfix
|
50
|
+
b0d7b89 Merge pull request #478 from ninp0/master
|
51
|
+
ad7d769 PWN::Plugins::OpenAI module - tweak max_tokens to be 8_192 unless response_history is passed as a parameter
|
52
|
+
ddeca39 Merge pull request #477 from ninp0/master
|
53
|
+
36931f3 PWN::Plugins::OpenAI module - support both local images and those found at a given URI
|
54
|
+
ce37bfc Merge pull request #476 from ninp0/master
|
55
|
+
68a332a PWN::Plugins::OpenAI module - #bugfix in initial implementation of #vision method (i.e. analyze images)
|
56
|
+
3e31d00 Merge pull request #475 from ninp0/master
|
57
|
+
756db97 PWN::Plugins::OpenAI module - #bugfix in initial implementation of #vision method (i.e. analyze images)
|
58
|
+
839bc30 PWN::Plugins::OpenAI module - #bugfix in initial implementation of #vision method (i.e. analyze images)
|
59
|
+
92c95aa Merge pull request #474 from ninp0/master
|
60
|
+
7732b1a PWN::Plugins::OpenAI module - initial implementation of #vision method (i.e. analyze images). Additional #bugfix in pwn_simple_http_server driver.
|
61
|
+
675e120 Merge pull request #473 from ninp0/master
|
62
|
+
67687f5 pwn_bdba_scan Driver - #bugfix in target file basename when containing characters in scope for URL encoding
|
63
|
+
b1c97fc pwn_simple_http_server - #bugfix when running w/ no flags
|
64
|
+
bc1add9 Gemfile - comment out sinatra to get thin
|
65
|
+
ca87e31 PWN::Plugins::CreditCard module - configure count parameter to default to 1
|
66
|
+
88ac940 Merge pull request #472 from ninp0/master
|
67
|
+
6094c98 PWN::Plugins::DefectDojo module - set close_old_findings = true if closee_old_findings_product_scope is set to true
|
68
|
+
87a93ac Merge pull request #471 from ninp0/master
|
69
|
+
1559e5f pwn_bdba_scan Driver - work-around for rare race condition in finding product when getting apps by group
|
70
|
+
81da574 Merge pull request #470 from ninp0/master
|
71
|
+
257d25d PWN::WWW::HackerOne module - implement #get_scope_details method #struct_tweak
|
72
|
+
e183149 Merge pull request #469 from ninp0/master
|
73
|
+
90602c5 PWN::WWW::HackerOne module - implement #get_scope_details method
|
74
|
+
407a125 Merge pull request #468 from ninp0/master
|
75
|
+
dd1316a PWN::Banner::WhiteRabbit - knock knock <>...follow the white rabbit. #better
|
76
|
+
7b87b0d Merge pull request #467 from ninp0/master
|
77
|
+
eda1eec PWN::Banner::WhiteRabbit - knock knock <>...follow the white rabbit. #tweak
|
78
|
+
640ebb0 Merge pull request #466 from ninp0/master
|
79
|
+
a2f489d PWN::Banner::WhiteRabbit - knock knock <>...follow the white rabbit. #bugfix
|
80
|
+
58e8e3a PWN::Banner::WhiteRabbit - knock knock <>...follow the white rabbit. #rspec
|
81
|
+
906f298 PWN::Banner::WhiteRabbit - knock knock <>...follow the white rabbit.
|
82
|
+
23fcf53 Merge pull request #465 from ninp0/master
|
83
|
+
4140ba4 PWN::WWW::* modules - update #help method to make the respective modules more clear to use.
|
84
|
+
d699c31 Merge pull request #464 from ninp0/master
|
85
|
+
4b0d1d2 Vagrant pwn.sh Provisioner - add safe.directory for PWN_ROOT
|
86
|
+
2aabb4e Merge pull request #463 from ninp0/master
|
87
|
+
6785669 .ruby-version - bump to 3.3.0
|
88
|
+
bab66ab Merge pull request #462 from ninp0/master
|
89
|
+
177f58d PWN::Plugins::DefectDojo module - add multiple tags to import-scan #workaround
|
90
|
+
81b1d59 Merge pull request #461 from ninp0/master
|
91
|
+
4c51da3 PWN::Plugins::DefectDojo module - remove redundant code #bugfix
|
92
|
+
9a2be13 PWN::Plugins::DefectDojo module - remove redundant code
|
93
|
+
23a612e PWN::Plugins::DefectDojo module - testing tags that are line feed delimited for multipart #try_again
|
94
|
+
f01aee9 Merge pull request #460 from ninp0/master
|
95
|
+
803f33f PWN::Plugins::DefectDojo module - testing tags that are line feed delimited for multipart #try_again
|
96
|
+
36c37f8 Merge pull request #459 from ninp0/master
|
97
|
+
ca7569f PWN::Plugins::DefectDojo module - testing tags that are line feed delimited for multipart #bugfix
|
98
|
+
c417114 Merge pull request #458 from ninp0/master
|
99
|
+
2296148 PWN::Plugins::DefectDojo module - testing http_body.to_json for multipart #nope
|
100
|
+
a79d157 Merge pull request #457 from ninp0/master
|
101
|
+
e801346 PWN::Plugins::DefectDojo module - testing http_body.to_json for multipart #bugfix
|
102
|
+
2f5d836 Merge pull request #456 from ninp0/master
|
103
|
+
b7755a1 PWN::Plugins::DefectDojo module - back to array but not populating despite swagger docs: https://demo.defectdojo.org/api/v2/oa3/swagger-ui/ #bug
|
104
|
+
512bf08 Merge pull request #455 from ninp0/master
|
105
|
+
75420fb PWN::Plugins::DefectDojo module - testing tag array compatibility #bugfix
|
106
|
+
9ac3966 Merge pull request #454 from ninp0/master
|
107
|
+
3027ed0 PWN::Plugins::DefectDojo module - cast comma-delimited string into array #bugfix
|
108
|
+
a66ec1b Merge pull request #453 from ninp0/master
|
109
|
+
513efe1 PWN::Plugins::DefectDojo module / pwn_defectdojo_importscan, pwn_defectdojo_reimportscan Drivers - implement --close_old_findings_product_scope, --close_old_findings, and --push_to_jira options
|
110
|
+
0338b69 Merge pull request #452 from ninp0/master
|
111
|
+
f776bb7 Gemfile - add gruff gem to create line charts for FFT data
|
112
|
+
4ac46d6 Merge pull request #451 from ninp0/master
|
113
|
+
b5c2b73 PWN::Plugins::OpenAI module - update default syatem_role_content
|
114
|
+
249d4ec Merge pull request #450 from ninp0/master
|
115
|
+
bdbdee5 PWN::SAST::PaddingOracle module - Initial Commit
|
116
|
+
c13d34e Merge pull request #449 from ninp0/master
|
117
|
+
c1b8ce9 Gemfile - re-enable credit_card_validations gem
|
118
|
+
996a916 Merge pull request #448 from ninp0/master
|
119
|
+
0587069 PWN::Plugins::OpenAI Module - incorporate a timeout parameter for every method and default Timeout from 60 seconds to 180 seconds (i.e. 1 minute to 3 minutes).
|
120
|
+
0aaf3a1 Merge pull request #447 from ninp0/master
|
121
|
+
712ca6f README.md - update docs to reflect easiest installation leveraging a fresh install of Kali
|
122
|
+
5916b99 Merge pull request #446 from ninp0/master
|
123
|
+
79ed55f pwn_bdba_scan Driver - Reattempt Scan if find_product returns nil
|
124
|
+
86c2dc2 Merge pull request #445 from ninp0/master
|
125
|
+
a454bc0 PWN::SAST::TypeScriptTypeJuggling && PWN::SAST::PHPTypeJuggling modules - #bugfixes
|
126
|
+
714c7ea Merge pull request #444 from ninp0/master
|
127
|
+
8dac465 pwn_sast Driver - Incorporate new SAST module PWN::SAST::TypeScriptTypeJuggling #add_spec
|
128
|
+
80e2639 pwn_sast Driver - Incorporate new SAST module PWN::SAST::TypeScriptTypeJuggling
|
129
|
+
1ce797d Merge pull request #443 from ninp0/master
|
130
|
+
b79e7de pwn_bdba_scan Driver - include RestClient::Exceptions::OpenTimeout in rescue block for reattempts
|
131
|
+
e6131e1 Merge pull request #442 from ninp0/master
|
132
|
+
dfd6c6f Gemfile - disable credit_card_validations until such time didww/credit_card_validations/pull/121 is merged and a new gem version is released #disable_require_in_module
|
133
|
+
0cc90bc pwn_bdba_scan Driver - add --sleep-between-scan-attempts flag with a default of 60 seconds
|
134
|
+
eb2f6b3 Merge pull request #441 from ninp0/master
|
135
|
+
dae6e57 pwn_bdba_scan Driver - include RestClient Exceptions for the --scan-attempts flag as well
|
136
|
+
dcb2432 Merge pull request #440 from ninp0/master
|
137
|
+
13c22cf PWN::Plugins::BlackDuckBinaryAnalysis module - clearer e.response.body data
|
138
|
+
b093f8f Merge pull request #439 from ninp0/master
|
139
|
+
aa27268 PWN::Plugins::BlackDuckBinaryAnalysis module - catch RestClient::ExceptionWithResponse to provide additional context as needed.
|
140
|
+
36e269f Merge pull request #438 from ninp0/master
|
141
|
+
9e66b99 pwn_bdba_scan Driver - more concise messaging to stdout
|
142
|
+
a90c931 Merge pull request #437 from ninp0/master
|
143
|
+
4a006d2 pwn_bdba_scan Driver - off-by-one on scan-attempts #bugfix
|
144
|
+
e45160e pwn_bdba_scan Driver - #bugfix on abort queued scan reattempts
|
145
|
+
2a94182 Merge pull request #436 from ninp0/master
|
146
|
+
7fa05e1 pwn_bdba_groups Driver - bugfix in casting parent_group_id to integer when filtering group name by parent group id
|
147
|
+
1b1636f Merge pull request #435 from ninp0/master
|
148
|
+
5e02561 pwn_bdba_groups Driver - bugfix in response when passing --list-group flag with --parent-group-id flag
|
149
|
+
e6120e6 Merge pull request #434 from ninp0/master
|
150
|
+
7b4698c pwn_bdba_groups Driver - bugfix in --parent-group-id parameter && pwn_bdba_scan Driver - clearer messaging to STDOUT when queue timeout / scan aborts are triggered
|
151
|
+
d190ee9 README.md - update installation && upgrade procedures if using a multi-user install of RVM
|
152
|
+
6aed9c7 Merge pull request #433 from ninp0/master
|
153
|
+
2e0cdf0 pwn_bdba_scan Driver - add --queue-timeout && --scan-attempts parameters
|
154
|
+
a656fd7 Merge pull request #432 from ninp0/master
|
155
|
+
86aa399 Merge pull request #431 from ninp0/master
|
156
|
+
29ad011 Merge pull request #430 from ninp0/master
|
data/README.md
CHANGED
@@ -37,7 +37,7 @@ $ cd /opt/pwn
|
|
37
37
|
$ ./install.sh
|
38
38
|
$ ./install.sh ruby-gem
|
39
39
|
$ pwn
|
40
|
-
pwn[v0.
|
40
|
+
pwn[v0.5.0]:001 >>> PWN.help
|
41
41
|
```
|
42
42
|
|
43
43
|
[![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.3.0@pwn
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
53
53
|
$ gem install --verbose pwn
|
54
54
|
$ pwn
|
55
|
-
pwn[v0.
|
55
|
+
pwn[v0.5.0]:001 >>> PWN.help
|
56
56
|
```
|
57
57
|
|
58
58
|
If you're using a multi-user install of RVM do:
|
@@ -62,7 +62,7 @@ $ rvm use ruby-3.3.0@pwn
|
|
62
62
|
$ rvmsudo gem uninstall --all --executables pwn
|
63
63
|
$ rvmsudo gem install --verbose pwn
|
64
64
|
$ pwn
|
65
|
-
pwn[v0.
|
65
|
+
pwn[v0.5.0]:001 >>> PWN.help
|
66
66
|
```
|
67
67
|
|
68
68
|
PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
|
data/lib/pwn/plugins/xxd.rb
CHANGED
@@ -75,12 +75,13 @@ module PWN
|
|
75
75
|
if hexdump.is_a?(Hash)
|
76
76
|
hexdump = hexdump.map do |k, v|
|
77
77
|
format(
|
78
|
-
"%<s1>
|
78
|
+
"%<s1>s: %<s2>s %<s3>s\n",
|
79
79
|
s1: k,
|
80
80
|
s2: v[:hex].each_slice(2).map(&:join).join(' '),
|
81
81
|
s3: v[:ascii]
|
82
82
|
)
|
83
83
|
end.join
|
84
|
+
puts k
|
84
85
|
puts hexdump
|
85
86
|
end
|
86
87
|
|
data/lib/pwn/version.rb
CHANGED