pwn 0.5.152 → 0.5.153
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile +1 -1
- data/README.md +3 -3
- data/lib/pwn/plugins/ip_info.rb +17 -10
- data/lib/pwn/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 19b5a2c08a7c1a2e6f2d425d684f38dd56d4c8900cd58ed834168b7070d12c09
|
|
4
|
+
data.tar.gz: 47eb458cac4381bfdcf5c2d97172d467d50c5485a0543666d5aeada43a82662a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 37fa4e3f1343a65818901039df701eb05037584111d797fcdfe076d0459a389b2703440f99f326a9a05be9633577423274d6f6931ee932dc4041396710be5bac
|
|
7
|
+
data.tar.gz: 3192b67dbebe9a383575a1877ad0241a4c2d6c7bb0681df65cf97cfc04889bfc6d04278790446bb0f0b81258f9f26a10f6a2f5bffae2ad9cb0fb0cf98966e187
|
data/Gemfile
CHANGED
|
@@ -11,7 +11,7 @@ gemspec
|
|
|
11
11
|
# In some circumstances custom flags are passed to gems in order
|
|
12
12
|
# to build appropriately. Defer to ./reinstall_pwn_gemset.sh
|
|
13
13
|
# to review these custom flags (e.g. pg, serialport, etc).
|
|
14
|
-
gem 'activesupport', '7.1.3.
|
|
14
|
+
gem 'activesupport', '7.1.3.4'
|
|
15
15
|
gem 'anemone', '0.7.2'
|
|
16
16
|
gem 'authy', '3.0.1'
|
|
17
17
|
gem 'aws-sdk', '3.2.0'
|
data/README.md
CHANGED
|
@@ -37,7 +37,7 @@ $ cd /opt/pwn
|
|
|
37
37
|
$ ./install.sh
|
|
38
38
|
$ ./install.sh ruby-gem
|
|
39
39
|
$ pwn
|
|
40
|
-
pwn[v0.5.
|
|
40
|
+
pwn[v0.5.153]:001 >>> PWN.help
|
|
41
41
|
```
|
|
42
42
|
|
|
43
43
|
[](https://youtu.be/G7iLUY4FzsI)
|
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.3.1@pwn
|
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
|
53
53
|
$ gem install --verbose pwn
|
|
54
54
|
$ pwn
|
|
55
|
-
pwn[v0.5.
|
|
55
|
+
pwn[v0.5.153]:001 >>> PWN.help
|
|
56
56
|
```
|
|
57
57
|
|
|
58
58
|
If you're using a multi-user install of RVM do:
|
|
@@ -62,7 +62,7 @@ $ rvm use ruby-3.3.1@pwn
|
|
|
62
62
|
$ rvmsudo gem uninstall --all --executables pwn
|
|
63
63
|
$ rvmsudo gem install --verbose pwn
|
|
64
64
|
$ pwn
|
|
65
|
-
pwn[v0.5.
|
|
65
|
+
pwn[v0.5.153]:001 >>> PWN.help
|
|
66
66
|
```
|
|
67
67
|
|
|
68
68
|
PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
|
data/lib/pwn/plugins/ip_info.rb
CHANGED
|
@@ -72,7 +72,7 @@ module PWN
|
|
|
72
72
|
end
|
|
73
73
|
|
|
74
74
|
ip_resp_hash = ip_info_rest_call(ip: target, proxy: proxy) unless skip_api
|
|
75
|
-
ip_resp_hash[:
|
|
75
|
+
ip_resp_hash[:ip] = target
|
|
76
76
|
ip_info_resp.push(ip_resp_hash) unless target.nil?
|
|
77
77
|
|
|
78
78
|
if proxy.nil? && is_ip
|
|
@@ -129,7 +129,7 @@ module PWN
|
|
|
129
129
|
# parent_domain: 'required - Parent Domain to brute force',
|
|
130
130
|
# dictionary: 'required - Dictionary to use for subdomain brute force',
|
|
131
131
|
# max_threads: 'optional - Maximum number of threads to use (default: 10)',
|
|
132
|
-
# proxy: 'optional - use a proxy'
|
|
132
|
+
# proxy: 'optional - use a proxy',
|
|
133
133
|
# tls_port: 'optional port to check cert for Domain Name (default: 443). Will not execute if proxy parameter is set.',
|
|
134
134
|
# results_file: 'optional - File to write results to (default: /tmp/parent_domain-timestamp-pwn_bruteforce_subdomains.txt)'
|
|
135
135
|
# )
|
|
@@ -142,7 +142,7 @@ module PWN
|
|
|
142
142
|
raise "ERROR: Dictionary file not found: #{dictionary}" unless File.exist?(dictionary)
|
|
143
143
|
|
|
144
144
|
max_threads = opts[:max_threads].to_i
|
|
145
|
-
max_threads =
|
|
145
|
+
max_threads = 8 unless max_threads.positive?
|
|
146
146
|
|
|
147
147
|
proxy = opts[:proxy]
|
|
148
148
|
tls_port = opts[:tls_port]
|
|
@@ -151,12 +151,9 @@ module PWN
|
|
|
151
151
|
|
|
152
152
|
# Break up dictonary file into sublines and process each subline in a thread
|
|
153
153
|
dict_lines = File.readlines(dictionary).shuffle
|
|
154
|
-
lines_per_thread = (dict_lines.size / max_threads.to_f).ceil
|
|
155
|
-
dict_slice = dict_lines.each_slice(lines_per_thread).to_a
|
|
156
|
-
|
|
157
154
|
mutex = Mutex.new
|
|
158
155
|
PWN::Plugins::ThreadPool.fill(
|
|
159
|
-
enumerable_array:
|
|
156
|
+
enumerable_array: dict_lines,
|
|
160
157
|
max_threads: max_threads
|
|
161
158
|
) do |subline|
|
|
162
159
|
subdomain = subline.to_s.scrub.strip.chomp
|
|
@@ -169,8 +166,8 @@ module PWN
|
|
|
169
166
|
tls_port: tls_port,
|
|
170
167
|
skip_api: true
|
|
171
168
|
)
|
|
172
|
-
puts "
|
|
173
|
-
puts "
|
|
169
|
+
puts "SUBD: #{target} RESP: #{ip_info_resp}" if ip_info_resp.empty?
|
|
170
|
+
puts "SUBD: #{target} RESP:\n#{ip_info_resp}" if ip_info_resp.any?
|
|
174
171
|
|
|
175
172
|
mutex.synchronize do
|
|
176
173
|
File.open(results_file, 'a') do |file|
|
|
@@ -197,7 +194,17 @@ module PWN
|
|
|
197
194
|
ip_info_struc = #{self}.get(
|
|
198
195
|
target: 'required - IP or Host to lookup',
|
|
199
196
|
proxy: 'optional - use a proxy',
|
|
200
|
-
tls_port: 'optional port to check cert for Domain Name (default: 443). Will not execute if proxy parameter is set.'
|
|
197
|
+
tls_port: 'optional port to check cert for Domain Name (default: 443). Will not execute if proxy parameter is set.',
|
|
198
|
+
skip_api: 'optional - skip the API call'
|
|
199
|
+
)
|
|
200
|
+
|
|
201
|
+
#{self}.bruteforce_subdomains(
|
|
202
|
+
parent_domain: 'required - Parent Domain to brute force',
|
|
203
|
+
dictionary: 'required - Dictionary to use for subdomain brute force',
|
|
204
|
+
max_threads: 'optional - Maximum number of threads to use (default: 10)',
|
|
205
|
+
proxy: 'optional - use a proxy',
|
|
206
|
+
tls_port: 'optional port to check cert for Domain Name (default: 443). Will not execute if proxy parameter is set.',
|
|
207
|
+
results_file: 'optional - File to write results to (default: /tmp/parent_domain-timestamp-pwn_bruteforce_subdomains.txt)'
|
|
201
208
|
)
|
|
202
209
|
|
|
203
210
|
#{self}.authors
|
data/lib/pwn/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: pwn
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.5.
|
|
4
|
+
version: 0.5.153
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- 0day Inc.
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 7.1.3.
|
|
19
|
+
version: 7.1.3.4
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 7.1.3.
|
|
26
|
+
version: 7.1.3.4
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: anemone
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|