pwn 0.5.35 → 0.5.36

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +3 -3
  3. data/lib/pwn/plugins/assembly.rb +24 -9
  4. data/lib/pwn/version.rb +1 -1
  5. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 8f41a4c6cbab245a2f57337769fd1ea372c76c23e4a6201f5537ebe7b0490d11
4
- data.tar.gz: 331cdf2b24514db9a043d86d0694973320fbcebed6b2921e25287ca196c3d9b6
3
+ metadata.gz: 7fc386dcce50c0d17eebb357f6b44360e451c00abf7bfc4178fbc24ff3413054
4
+ data.tar.gz: f561d8b9b85c4ada994325c264fad7535cbac380b711804037b013ea721faab8
5
5
  SHA512:
6
- metadata.gz: 7c3c16d7e8e78092772c587dcb25203d33fc56d055f436e11683c255281ff7c26073d1abf1dde98cb4a89c8f9ca244431d0cf7d740af90e05b2324de274b9b2c
7
- data.tar.gz: 8150d8a01bd4c416a34910e1d52c431362232e1b1f1f22252e60ffbece533ad8809f9e8a4b2b93e607a7ae9c54dd031ab01b38057480c7da3daf07d84062b56b
6
+ metadata.gz: 874c5b729cdc6fd42c3ae9fd8a7c1af238e4676ad06a5770e865096829992e90d87c58bf7f99bec0c84f4747dad5abb2d1177f005a537a73067da3394413fca0
7
+ data.tar.gz: 53df7f807a7aca90c853031ec0cbf708a4397bcf03125535cc98d9f14b15e376e1cc3f38843fc2179ac128e59365a07c64843a30e3132a2aa13f87f3e1165d59
data/README.md CHANGED
@@ -37,7 +37,7 @@ $ cd /opt/pwn
37
37
  $ ./install.sh
38
38
  $ ./install.sh ruby-gem
39
39
  $ pwn
40
- pwn[v0.5.35]:001 >>> PWN.help
40
+ pwn[v0.5.36]:001 >>> PWN.help
41
41
  ```
42
42
 
43
43
  [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.3.0@pwn
52
52
  $ gem uninstall --all --executables pwn
53
53
  $ gem install --verbose pwn
54
54
  $ pwn
55
- pwn[v0.5.35]:001 >>> PWN.help
55
+ pwn[v0.5.36]:001 >>> PWN.help
56
56
  ```
57
57
 
58
58
  If you're using a multi-user install of RVM do:
@@ -62,7 +62,7 @@ $ rvm use ruby-3.3.0@pwn
62
62
  $ rvmsudo gem uninstall --all --executables pwn
63
63
  $ rvmsudo gem install --verbose pwn
64
64
  $ pwn
65
- pwn[v0.5.35]:001 >>> PWN.help
65
+ pwn[v0.5.36]:001 >>> PWN.help
66
66
  ```
67
67
 
68
68
  PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
data/lib/pwn/plugins/assembly.rb CHANGED
@@ -1,6 +1,8 @@
1
1
  # frozen_string_literal: true
2
2
 
3
+ require 'cgi'
3
4
  require 'metasm'
5
+ require 'tempfile'
4
6
 
5
7
  module PWN
6
8
  module Plugins
@@ -33,19 +35,30 @@ module PWN
33
35
  raise "Unsupported architecture: #{arch}"
34
36
  end
35
37
 
36
- # TOOD: Still needs a fix if opcodes is passed in as:
38
+ # TOOD: Still needs a fix if opcodes are passed in as:
37
39
  # '\x90\x90\x90' (not to be confused w/ "\x90\x90\x90")
38
40
  # '909090'
39
41
  opcodes_orig_len = opcodes.length
40
- opcodes = opcodes.map { |code| [code].pack('H*') }.join if opcodes.is_a?(Array)
41
- opcodes.delete!('\x') if opcodes.include?('\x')
42
- opcodes.delete!('"') if opcodes.include?('"')
43
- opcodes.delete!("'") if opcodes.include?("'")
44
- opcodes.delete!(',') if opcodes.include?(',')
45
- opcodes.delete!("\s") if opcodes.include?("\s")
46
-
42
+ opcodes = opcodes.join(',') if opcodes.is_a?(Array)
43
+ opcodes = CGI.escape(opcodes)
44
+ # puts opcodes.inspect
45
+ # Doesnt work with sommething like: "'ff', 'e4'"
46
+ # known to work with:
47
+ # 'ffe4'
48
+ # 'ff,e4'
49
+ # "ff,e4"
50
+ # ['ff', 'e4']
51
+ # ["ff", "e4"]
52
+ # '\xff\xe4'
53
+ # "\xff\xe4"
54
+ opcodes.delete!('%5Cx') if opcodes.include?('%5Cx')
55
+ opcodes.delete!('%2C') if opcodes.include?('%2C')
56
+ opcodes.delete!('%22') if opcodes.include?('%22')
57
+ opcodes.delete!('%27') if opcodes.include?('%27')
58
+ opcodes.delete!('+') if opcodes.include?('+')
59
+ opcodes.delete!('%') if opcodes.include?('%')
47
60
  # puts opcodes.inspect
48
- opcodes = [opcodes].pack('H*') if opcodes.length.even? && opcodes.length != opcodes_orig_len
61
+ opcodes = [opcodes].pack('H*')
49
62
  # puts opcodes.inspect
50
63
 
51
64
  Metasm::Shellcode.disassemble(arch_obj, opcodes).to_s
@@ -65,6 +78,8 @@ module PWN
65
78
  arch = opts[:arch] ||= PWN::Plugins::DetectOS.arch
66
79
  endian = opts[:endian] ||= :little
67
80
 
81
+ asm_tmp = Tempfile.new('pwn_asm')
82
+
68
83
  raise 'ERROR: asm parameter is required.' if asm.nil?
69
84
 
70
85
  case arch
data/lib/pwn/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module PWN
4
- VERSION = '0.5.35'
4
+ VERSION = '0.5.36'
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pwn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.5.35
4
+ version: 0.5.36
5
5
  platform: ruby
6
6
  authors:
7
7
  - 0day Inc.
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-02-25 00:00:00.000000000 Z
11
+ date: 2024-02-26 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport