pwn 0.5.170 → 0.5.171
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.rubocop_todo.yml +9 -3
- data/README.md +3 -3
- data/lib/pwn/plugins/transparent_browser.rb +53 -24
- data/lib/pwn/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: a0ba45977e6b882046ff2e106aac51f68b2a3b02ca5a7b1f456ca4dba60c700f
|
|
4
|
+
data.tar.gz: d2403e95658aa3a25042090535b37078a8d73e9d856c58328b57607627009c53
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 1f431eeb61b4fa7e462b800c8a540ecf7aeec0b1174773953d0125477d7fe402da5f4a4ec0166f338fe0678ed04e6e0d12351522c5b8fe31fb4a7ecbf49018cd
|
|
7
|
+
data.tar.gz: ce1bff0fae0ad0aa18d2a3f4a5df1d085c248301a5a1fb661818197f175dc42575f87fef6c4dead341c94039002d0f4ec71fac9021c4198c81bc610b4c828e3a
|
data/.rubocop_todo.yml
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# This configuration was generated by
|
|
2
2
|
# `rubocop --auto-gen-config`
|
|
3
|
-
# on 2024-
|
|
3
|
+
# on 2024-06-17 17:41:04 UTC using RuboCop version 1.64.1.
|
|
4
4
|
# The point is for the user to remove these configuration records
|
|
5
5
|
# one by one as the offenses are removed from the code base.
|
|
6
6
|
# Note that changes in the inspected code, or installation of new
|
|
@@ -41,7 +41,7 @@ Lint/NestedMethodDefinition:
|
|
|
41
41
|
Exclude:
|
|
42
42
|
- 'lib/pwn/plugins/repl.rb'
|
|
43
43
|
|
|
44
|
-
# Offense count:
|
|
44
|
+
# Offense count: 307
|
|
45
45
|
# This cop supports unsafe autocorrection (--autocorrect-all).
|
|
46
46
|
# Configuration parameters: AutoCorrect.
|
|
47
47
|
Lint/UselessAssignment:
|
|
@@ -140,6 +140,12 @@ Style/MapIntoArray:
|
|
|
140
140
|
- 'lib/pwn/plugins/credit_card.rb'
|
|
141
141
|
- 'lib/pwn/plugins/nexpose_vuln_scan.rb'
|
|
142
142
|
|
|
143
|
+
# Offense count: 1
|
|
144
|
+
# This cop supports safe autocorrection (--autocorrect).
|
|
145
|
+
Style/RedundantBegin:
|
|
146
|
+
Exclude:
|
|
147
|
+
- 'lib/pwn/plugins/transparent_browser.rb'
|
|
148
|
+
|
|
143
149
|
# Offense count: 94
|
|
144
150
|
# This cop supports safe autocorrection (--autocorrect).
|
|
145
151
|
Style/RedundantCondition:
|
|
@@ -156,7 +162,7 @@ Style/RedundantStringEscape:
|
|
|
156
162
|
- 'lib/pwn/sast/redos.rb'
|
|
157
163
|
- 'vagrant/provisioners/kali_customize.rb'
|
|
158
164
|
|
|
159
|
-
# Offense count:
|
|
165
|
+
# Offense count: 55
|
|
160
166
|
# This cop supports unsafe autocorrection (--autocorrect-all).
|
|
161
167
|
Style/SlicingWithRange:
|
|
162
168
|
Enabled: false
|
data/README.md
CHANGED
|
@@ -37,7 +37,7 @@ $ cd /opt/pwn
|
|
|
37
37
|
$ ./install.sh
|
|
38
38
|
$ ./install.sh ruby-gem
|
|
39
39
|
$ pwn
|
|
40
|
-
pwn[v0.5.
|
|
40
|
+
pwn[v0.5.171]:001 >>> PWN.help
|
|
41
41
|
```
|
|
42
42
|
|
|
43
43
|
[](https://youtu.be/G7iLUY4FzsI)
|
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.3.3@pwn
|
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
|
53
53
|
$ gem install --verbose pwn
|
|
54
54
|
$ pwn
|
|
55
|
-
pwn[v0.5.
|
|
55
|
+
pwn[v0.5.171]:001 >>> PWN.help
|
|
56
56
|
```
|
|
57
57
|
|
|
58
58
|
If you're using a multi-user install of RVM do:
|
|
@@ -62,7 +62,7 @@ $ rvm use ruby-3.3.3@pwn
|
|
|
62
62
|
$ rvmsudo gem uninstall --all --executables pwn
|
|
63
63
|
$ rvmsudo gem install --verbose pwn
|
|
64
64
|
$ pwn
|
|
65
|
-
pwn[v0.5.
|
|
65
|
+
pwn[v0.5.171]:001 >>> PWN.help
|
|
66
66
|
```
|
|
67
67
|
|
|
68
68
|
PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
|
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
|
-
require '
|
|
3
|
+
require 'em/pure_ruby'
|
|
4
|
+
require 'faye/websocket'
|
|
5
|
+
require 'rest-client'
|
|
4
6
|
require 'selenium/webdriver'
|
|
5
7
|
require 'selenium/devtools'
|
|
6
|
-
require 'rest-client'
|
|
7
8
|
require 'socksify'
|
|
8
9
|
require 'openssl'
|
|
9
|
-
require '
|
|
10
|
-
require 'faye/websocket'
|
|
10
|
+
require 'watir'
|
|
11
11
|
|
|
12
12
|
module PWN
|
|
13
13
|
module Plugins
|
|
@@ -261,6 +261,8 @@ module PWN
|
|
|
261
261
|
return nil
|
|
262
262
|
end
|
|
263
263
|
|
|
264
|
+
browser_obj[:devtools] = browser_obj[:browser].driver.devtools if with_devtools && (browser_obj[:type] == :chrome || browser_obj[:type] == :headless_chrome || browser_obj[:type] == :firefox || browser_obj[:type] == :headless_firefox)
|
|
265
|
+
|
|
264
266
|
browser_obj
|
|
265
267
|
rescue StandardError => e
|
|
266
268
|
raise e
|
|
@@ -275,11 +277,13 @@ module PWN
|
|
|
275
277
|
public_class_method def self.devtools_console(opts = {})
|
|
276
278
|
browser_obj = opts[:browser_obj]
|
|
277
279
|
browser_type = browser_obj[:type]
|
|
278
|
-
|
|
280
|
+
|
|
281
|
+
valid_browser_types = %i[chrome headless_chrome firefox headless_firefox]
|
|
282
|
+
raise 'ERROR: browser_type must be :chrome, :headless_chrome, :firefox, or :headless_firefox' unless valid_browser_types.include?(browser_type)
|
|
279
283
|
|
|
280
284
|
js = opts[:js] ||= "alert('ACK from => #{self}')"
|
|
281
285
|
|
|
282
|
-
devtools = browser_obj[:
|
|
286
|
+
devtools = browser_obj[:devtools]
|
|
283
287
|
devtools.send_cmd('Runtime.enable')
|
|
284
288
|
devtools.send_cmd('Console.enable')
|
|
285
289
|
devtools.send_cmd('DOM.enable')
|
|
@@ -287,52 +291,76 @@ module PWN
|
|
|
287
291
|
devtools.send_cmd('Log.enable')
|
|
288
292
|
devtools.send_cmd('Debugger.enable')
|
|
289
293
|
|
|
290
|
-
|
|
294
|
+
js_exp = {
|
|
291
295
|
expression: js
|
|
292
296
|
}
|
|
293
297
|
|
|
294
|
-
devtools.send_cmd('Runtime.evaluate', **
|
|
298
|
+
devtools.send_cmd('Runtime.evaluate', **js_exp)
|
|
295
299
|
rescue StandardError => e
|
|
296
300
|
raise e
|
|
297
301
|
end
|
|
298
302
|
|
|
299
303
|
# Supported Method Parameters::
|
|
300
|
-
# browser_obj = PWN::Plugins::TransparentBrowser.
|
|
304
|
+
# browser_obj = PWN::Plugins::TransparentBrowser.dump_links(
|
|
301
305
|
# browser_obj: browser_obj1
|
|
302
306
|
# )
|
|
303
307
|
|
|
304
|
-
public_class_method def self.
|
|
308
|
+
public_class_method def self.dump_links(opts = {})
|
|
305
309
|
browser_obj = opts[:browser_obj]
|
|
306
310
|
|
|
307
|
-
browser_obj[:browser].links
|
|
308
|
-
|
|
311
|
+
links = browser_obj[:browser].links
|
|
312
|
+
|
|
313
|
+
dump_links_arr = []
|
|
314
|
+
links.each do |link|
|
|
315
|
+
link_hash = {}
|
|
316
|
+
|
|
317
|
+
link_hash[:text] = link.text
|
|
318
|
+
link_hash[:href] = link.href
|
|
319
|
+
link_hash[:id] = link.id
|
|
320
|
+
link_hash[:name] = link.name
|
|
321
|
+
link_hash[:class_name] = link.class_name
|
|
322
|
+
link_hash[:html] = link.html
|
|
323
|
+
link_hash[:target] = link.target
|
|
324
|
+
dump_links_arr.push(link_hash)
|
|
325
|
+
|
|
326
|
+
yield link if block_given?
|
|
309
327
|
end
|
|
310
328
|
|
|
311
|
-
|
|
329
|
+
dump_links_arr
|
|
312
330
|
rescue StandardError => e
|
|
313
331
|
raise e
|
|
314
332
|
end
|
|
315
333
|
|
|
316
334
|
# Supported Method Parameters::
|
|
317
|
-
# browser_obj = PWN::Plugins::TransparentBrowser.
|
|
335
|
+
# browser_obj = PWN::Plugins::TransparentBrowser.find_elements_by_text(
|
|
318
336
|
# browser_obj: browser_obj1,
|
|
319
337
|
# text: 'required - text to search for in the DOM'
|
|
320
338
|
# )
|
|
321
339
|
|
|
322
|
-
public_class_method def self.
|
|
340
|
+
public_class_method def self.find_elements_by_text(opts = {})
|
|
323
341
|
browser_obj = opts[:browser_obj]
|
|
324
342
|
text = opts[:text].to_s
|
|
325
343
|
|
|
326
|
-
|
|
327
|
-
|
|
328
|
-
|
|
329
|
-
|
|
330
|
-
|
|
331
|
-
|
|
344
|
+
elements = browser_obj[:browser].elements
|
|
345
|
+
elements_found_arr = []
|
|
346
|
+
elements.each do |element|
|
|
347
|
+
begin
|
|
348
|
+
if element.text == text || element.value == text
|
|
349
|
+
element_hash = {}
|
|
350
|
+
element_hash[:tag_name] = element.tag_name
|
|
351
|
+
element_hash[:html] = element.html
|
|
352
|
+
elements_found_arr.push(element_hash)
|
|
353
|
+
|
|
354
|
+
yield element if block_given?
|
|
355
|
+
end
|
|
356
|
+
rescue NoMethodError
|
|
357
|
+
next
|
|
358
|
+
end
|
|
332
359
|
end
|
|
333
360
|
|
|
334
|
-
|
|
361
|
+
elements_found_arr
|
|
335
362
|
rescue StandardError => e
|
|
363
|
+
puts e.backtrace
|
|
336
364
|
raise e
|
|
337
365
|
end
|
|
338
366
|
|
|
@@ -353,6 +381,7 @@ module PWN
|
|
|
353
381
|
|
|
354
382
|
string.each_char do |char|
|
|
355
383
|
yield char
|
|
384
|
+
|
|
356
385
|
sleep Random.rand(rand_sleep_float)
|
|
357
386
|
end
|
|
358
387
|
rescue StandardError => e
|
|
@@ -489,11 +518,11 @@ module PWN
|
|
|
489
518
|
js: 'required - JavaScript expression to evaluate'
|
|
490
519
|
)
|
|
491
520
|
|
|
492
|
-
browser_obj1 = #{self}.
|
|
521
|
+
browser_obj1 = #{self}.dump_links(
|
|
493
522
|
browser_obj: 'required - browser_obj returned from #open method)'
|
|
494
523
|
)
|
|
495
524
|
|
|
496
|
-
browser_obj1 = #{self}.
|
|
525
|
+
browser_obj1 = #{self}.find_elements_by_text(
|
|
497
526
|
browser_obj: 'required - browser_obj returned from #open method)',
|
|
498
527
|
text: 'required - text to search for in the DOM'
|
|
499
528
|
)
|
data/lib/pwn/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: pwn
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.5.
|
|
4
|
+
version: 0.5.171
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- 0day Inc.
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-06-
|
|
11
|
+
date: 2024-06-17 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activesupport
|