pwn 0.5.167 → 0.5.168

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 11593e950e655277579eec76ad13903d34626a75a3a447aafd510d2ff693d13a
-  data.tar.gz: e73406d33b46258e8fbdf880b89807e3ddd164862a9b2e976778eaca47619654
+  metadata.gz: 2659982911e6ccf3bd88887125f8b6c60d18f45b2fb07add9b280ddf55487a2f
+  data.tar.gz: 81502331d554fbddd5e0269498c79056505f25d75283e848b3473ea33b0b0e2f
 SHA512:
-  metadata.gz: '09e82f98797370ba93ba8e16369ae2949e43e602be4e280796799530960316d83abb4f9fc1945ea80eb6262ebd14d901aed23b99deedb79d26882a9001cf4d43'
-  data.tar.gz: 3a0cd8c796c916a28ca64941aae0cc5832359866b2d49f84422b537012f309c0600deee68235163bb138aa720e23bb234a240fada722b97431ecbf830e3f2176
+  metadata.gz: 6e71dc36e47e9aa24b05841ca39bfcde6cc45514bcb10eb81147b9d2557a761e92e0da45ba52b95cbc143a985da50b89d2cb5dbe54bb4db95a187df010f2f92c
+  data.tar.gz: 95e92a90b168451e82fd796d8c65337096e332935ca924f6d436b8ad35b2cb98fd264a0a860f87cb1fefa5eaae315f141538e26ba00ec216ab75606002acd4c5

data/Gemfile

@@ -17,6 +17,7 @@ gem 'authy', '3.0.1'
 gem 'aws-sdk', '3.2.0'
 # gem 'bettercap', '1.6.2'
 gem 'barby', '0.6.9'
+gem 'base32', '0.3.4'
 gem 'brakeman', '6.1.2'
 gem 'bson', '5.0.0'
 gem 'bundler', '>=2.5.11'
@@ -46,7 +47,7 @@ gem 'jwt', '2.8.1'
 gem 'libusb', '0.7.1'
 gem 'luhn', '1.0.2'
 gem 'mail', '2.8.1'
-gem 'meshtastic', '0.0.69'
+gem 'meshtastic', '0.0.70'
 gem 'metasm', '1.0.5'
 gem 'mongo', '2.20.0'
 gem 'msfrpc-client', '1.1.2'
@@ -78,7 +79,7 @@ gem 'rspec', '3.13.0'
 gem 'rtesseract', '3.1.3'
 gem 'rubocop', '1.64.1'
 gem 'rubocop-rake', '0.6.0'
-gem 'rubocop-rspec', '2.31.0'
+gem 'rubocop-rspec', '3.0.1'
 gem 'ruby-audio', '1.6.1'
 gem 'ruby-nmap', '1.0.3'
 gem 'ruby-saml', '1.16.0'

data/README.md

@@ -37,7 +37,7 @@ $ cd /opt/pwn
 $ ./install.sh
 $ ./install.sh ruby-gem
 $ pwn
-pwn[v0.5.167]:001 >>> PWN.help
+pwn[v0.5.168]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.3.1@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.5.167]:001 >>> PWN.help
+pwn[v0.5.168]:001 >>> PWN.help
 ```
 
 If you're using a multi-user install of RVM do:
@@ -62,7 +62,7 @@ $ rvm use ruby-3.3.1@pwn
 $ rvmsudo gem uninstall --all --executables pwn
 $ rvmsudo gem install --verbose pwn
 $ pwn
-pwn[v0.5.167]:001 >>> PWN.help
+pwn[v0.5.168]:001 >>> PWN.help
 ```
 
 PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`.  The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:

data/lib/pwn/aws/iam.rb

@@ -1,6 +1,8 @@
 # frozen_string_literal: true
 
 require 'aws-sdk'
+require 'base32'
+require 'base64'
 
 module PWN
   module AWS
@@ -44,6 +46,107 @@ module PWN
         raise e
       end
 
+      # Supported Method Parameters::
+      # PWN::AWS::IAM.decode_key(
+      #   key: 'required - key to decode',
+      #   key_type: 'optional - key type :access_key_id|:secret_access_key|:sts_session_token (Default: access_key_id)',
+      # )
+      public_class_method def self.decode_key(opts = {})
+        key = opts[:key].to_s.scrub.chomp.strip.upcase
+        raise 'ERROR: Key is required' if key == ''
+
+        key_type = opts[:key_type] || :access_key_id
+        key_type = key_type.to_s.scrub.chomp.strip.to_sym
+
+        decoded_key = {}
+
+        prefix = key[0..3].to_s.downcase.to_sym
+        case prefix
+        when :abia
+          resource_type = 'AWS STS Service Bearer Token'
+          decoded_key[:prefix] = prefix
+        when :acca
+          resource_type = 'Context Specific Credential'
+          decoded_key[:prefix] = prefix
+        when :agpa
+          resource_type = 'Group'
+          decoded_key[:prefix] = prefix
+        when :aida
+          resource_type = 'IAM User'
+          decoded_key[:prefix] = prefix
+        when :aipa
+          resource_type = 'EC2 Instance Profile'
+          decoded_key[:prefix] = prefix
+        when :akia
+          resource_type = 'Access Key'
+          decoded_key[:prefix] = prefix
+        when :anpa
+          resource_type = 'Managed Policy'
+          decoded_key[:prefix] = prefix
+        when :anva
+          resource_type = 'Version in a Managed Policy'
+          decoded_key[:prefix] = prefix
+        when :apka
+          resource_type = 'Public Key'
+          decoded_key[:prefix] = prefix
+        when :aroa
+          resource_type = 'Role'
+          decoded_key[:prefix] = prefix
+        when :asca
+          resource_type = 'Certificate'
+          decoded_key[:prefix] = prefix
+        when :asia
+          resource_type = 'Temporary (AWS STS) Keys'
+          decoded_key[:prefix] = prefix
+        else
+          resource_type = 'Secret Access Key' if key_type == :secret_access_key
+          resource_type = 'STS Session' if key_type == :sts_session_token
+        end
+
+        decoded_key[:resource_type] = resource_type
+
+        case key_type
+        when :access_key_id
+          suffix = key[4..-1]
+          decoded_suffix = Base32.decode(suffix)
+          trimmed_decoded_suffix = decoded_suffix[0..5]
+          z = trimmed_decoded_suffix.bytes.inject { |total, byte| (total << 8) + byte }
+          mask = 0x7FFFFFFFFF80
+          key = (z & mask) >> 7
+          decoded_key[:account_id] = key
+        when :secret_access_key, :sts_session_token
+          decoded_key[:decoded_key] = Base64.strict_decode64(key)
+        else
+          raise "ERROR: Invalid Key Type: #{key_type}.  Valid key types are :access_key_id|:secret_access_key|:sts_session_token"
+        end
+        decoded_key[:key_type] = key_type
+
+        decoded_key
+      rescue StandardError => e
+        raise e
+      end
+
+      # TODO: Implement this method
+      # Supported Method Parameters::
+      # PWN::AWS::IAM.generate_access_key(
+      #   account_id: 'required - AWS Account ID',
+      #   prefix: 'optional - prefix for the key :abia|:acca|:agpa|:aida|:aipa|:akia|:anpa|:anva|:apka|:aroa|:asca|:asia (Default: akia)'
+      # )
+      # public_class_method def self.generate_access_key(opts = {})
+      #   account_id = opts[:account_id].to_i
+      #   raise 'ERROR: Account ID is required and must be an Integer' unless account_id.positive?
+
+      #   prefix = opts[:prefix] ||= :akia
+      #   prefix_str = prefix.to_s.scrub.chomp.strip.upcase
+
+      #   mask = 0x7FFFFFFFFF80
+      #   key = (account_id & mask) << 7
+
+      #   "#{prefix_str}#{encoded_key}"
+      # rescue StandardError => e
+      #   raise e
+      # end
+
       # Supported Method Parameters::
       # PWN::AWS::IAM.disconnect(
       #   iam_obj: 'required - iam_obj returned from #connect method'
@@ -80,6 +183,11 @@ module PWN
           )
           puts iam_obj.public_methods
 
+          decoded_key = #{self}.decode_key(
+            key: 'required - key to decode',
+            key_type: 'optional - key type :access_key_id|:secret_access_key|:sts_session_token (Default: access_key_id
+          )
+
           #{self}.disconnect(
             iam_obj: 'required - iam_obj returned from #connect method'
           )

data/lib/pwn/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.5.167'
+  VERSION = '0.5.168'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.5.167
+  version: 0.5.168
 platform: ruby
 authors:
 - 0day Inc.
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-06-10 00:00:00.000000000 Z
+date: 2024-06-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -80,6 +80,20 @@ dependencies:
     - - '='
       - !ruby/object:Gem::Version
         version: 0.6.9
+- !ruby/object:Gem::Dependency
+  name: base32
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.3.4
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.3.4
 - !ruby/object:Gem::Dependency
   name: brakeman
   requirement: !ruby/object:Gem::Requirement
@@ -478,14 +492,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.0.69
+        version: 0.0.70
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.0.69
+        version: 0.0.70
 - !ruby/object:Gem::Dependency
   name: metasm
   requirement: !ruby/object:Gem::Requirement
@@ -926,14 +940,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.31.0
+        version: 3.0.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.31.0
+        version: 3.0.1
 - !ruby/object:Gem::Dependency
   name: ruby-audio
   requirement: !ruby/object:Gem::Requirement