pwn 0.5.416 → 0.5.417

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +3 -3
  3. data/lib/pwn/plugins/transparent_browser.rb +1 -2
  4. data/lib/pwn/version.rb +1 -1
  5. data/lib/pwn/www/hacker_one.rb +111 -39
  6. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 28095b87ac8e60d0caad499cc96ad6fbb79832dc4d009ed5b9a1f51ff081d755
4
- data.tar.gz: 4b3d0a573e840033f90496ba11244e3d8b3ef6f3ec08e5ff39baaaed3e4f6f3e
3
+ metadata.gz: 8cafc7549310f3dd64c9f8b8794ca996ee16c80d57617822cb3ef38bcd1a7f45
4
+ data.tar.gz: d5fd1a2dc3b8f901cd3cb2a9bcb5b131377cc0ed8c5fd63563757b991febfdf5
5
5
  SHA512:
6
- metadata.gz: 58115b0a7db3baef39deecb8fd486a8a5b9f4369b7f6cd778a9d6867ae6bb36f1010afc43c729498ee7191fc3c58e5fa4b3fd04b8aa1562f2a79d24880dbdebf
7
- data.tar.gz: 91d45eb10e7b19b880b65064ca6c5d386f8630de865aacbc8941e8550c9608ed1e68d3e9c1e0bfd97f561469cea702ca725998d096352a28d103a3f79cccf55d
6
+ metadata.gz: 9fbc6c458031607bfaf7f400a68f0a887a8b42e95696a6708c1a6c8271edde502652b86e4cba63aee459b8b5ffb69c67d6c5b6080334a424263b890e8a29690c
7
+ data.tar.gz: 50e973dc9b275909a2100aed6986f19fba776a691313661bbf7d8101a8f742d32f7cca0620e6423510af8386dd147a3d51c9df91141f2bd1847609da4e827bd3
data/README.md CHANGED
@@ -37,7 +37,7 @@ $ cd /opt/pwn
37
37
  $ ./install.sh
38
38
  $ ./install.sh ruby-gem
39
39
  $ pwn
40
- pwn[v0.5.416]:001 >>> PWN.help
40
+ pwn[v0.5.417]:001 >>> PWN.help
41
41
  ```
42
42
 
43
43
  [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.4.4@pwn
52
52
  $ gem uninstall --all --executables pwn
53
53
  $ gem install --verbose pwn
54
54
  $ pwn
55
- pwn[v0.5.416]:001 >>> PWN.help
55
+ pwn[v0.5.417]:001 >>> PWN.help
56
56
  ```
57
57
 
58
58
  If you're using a multi-user install of RVM do:
@@ -62,7 +62,7 @@ $ rvm use ruby-3.4.4@pwn
62
62
  $ rvmsudo gem uninstall --all --executables pwn
63
63
  $ rvmsudo gem install --verbose pwn
64
64
  $ pwn
65
- pwn[v0.5.416]:001 >>> PWN.help
65
+ pwn[v0.5.417]:001 >>> PWN.help
66
66
  ```
67
67
 
68
68
  PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
data/lib/pwn/plugins/transparent_browser.rb CHANGED
@@ -1225,8 +1225,7 @@ module PWN
1225
1225
  PWN::Plugins::Tor.stop(tor_obj: browser_obj[:tor_obj]) if tor_obj
1226
1226
 
1227
1227
  # Close the browser unless browser.nil? (thus the &)
1228
- # browser&.close unless browser.to_s == 'RestClient'
1229
- browser&.close unless browser.is_a?(RestClient)
1228
+ browser&.close unless browser == RestClient
1230
1229
 
1231
1230
  nil
1232
1231
  rescue StandardError => e
data/lib/pwn/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module PWN
4
- VERSION = '0.5.416'
4
+ VERSION = '0.5.417'
5
5
  end
data/lib/pwn/www/hacker_one.rb CHANGED
@@ -27,55 +27,128 @@ module PWN
27
27
 
28
28
  # Supported Method Parameters::
29
29
  # programs_arr = PWN::WWW::HackerOne.get_bounty_programs(
30
- # browser_obj: 'required - browser_obj returned from #open method',
31
- # proxy: 'optional - scheme://proxy_host:port || tor',
32
30
  # min_payouts_enabled: 'optional - only display programs where payouts are > $0.00 (defaults to false)',
33
- # suppress_progress: 'optional - suppress output (defaults to false)'
31
+ # suppress_progress: 'optional - suppress output (defaults to false)',
32
+ # proxy: 'optional - scheme://proxy_host:port || tor'
34
33
  # )
35
34
 
36
35
  public_class_method def self.get_bounty_programs(opts = {})
37
- browser_obj = opts[:browser_obj]
38
- browser = browser_obj[:browser]
39
- min_payouts_enabled = true if opts[:min_payouts_enabled]
40
- min_payouts_enabled ||= false
41
- suppress_progress = opts[:suppress_progress] ||= false
36
+ min_payouts_enabled = opts[:min_payouts_enabled] || false
37
+ raise 'ERROR: min_payouts_enabled should be true or false' unless [true, false].include?(min_payouts_enabled)
38
+
39
+ suppress_progress = opts[:suppress_progress] || false
40
+ raise 'ERROR: suppress_progress should be true or false' unless [true, false].include?(suppress_progress)
41
+
42
+ proxy = opts[:proxy]
43
+
44
+ browser_obj = PWN::Plugins::TransparentBrowser.open(
45
+ browser_type: :rest,
46
+ proxy: proxy
47
+ )
48
+ rest_client = browser_obj[:browser]
49
+ rest_request = rest_client::Request
42
50
 
43
- browser.goto('https://hackerone.com/bug-bounty-programs')
44
- # Wait for JavaScript to load the DOM
51
+ graphql_endpoint = 'https://hackerone.com/graphql'
52
+ headers = { content_type: 'application/json' }
53
+ # NOTE: If you copy this payload to the pwn REPL
54
+ # the triple dots ... attempt to execute commands
55
+ # <cough>Pry CE</cough>
56
+ query = "
57
+ query GetBountyPrograms($after: String) {
58
+ teams(
59
+ first: 100,
60
+ after: $after,
61
+ where: { state: {_in: [soft_launched, public_mode]} }
62
+ ) {
63
+ edges {
64
+ node {
65
+ handle
66
+ name
67
+ minimum_bounty
68
+ }
69
+ }
70
+ pageInfo {
71
+ endCursor
72
+ hasNextPage
73
+ }
74
+ }
75
+ }
76
+ "
45
77
 
46
78
  programs_arr = []
47
- browser.ul(class: 'program__meta-data').wait_until(&:present?)
48
- browser.uls(class: 'program__meta-data').each do |ul|
49
- min_payout = ul.text.split('$').last.split.first.to_f
50
-
51
- next if min_payouts_enabled && min_payout.zero?
52
-
53
- print '.' unless suppress_progress
54
-
55
- link = "https://#{ul.first.text}"
56
- min_payout_fmt = format('$%0.2f', min_payout)
57
- scheme = URI.parse(link).scheme
58
- host = URI.parse(link).host
59
- path = URI.parse(link).path
60
- burp_target_config = "#{scheme}://#{host}/teams#{path}/assets/download_burp_project_file.json"
61
-
62
- bounty_program_hash = {
63
- name: link.split('/').last,
64
- min_payout: min_payout_fmt,
65
- policy: "#{link}?view_policy=true",
66
- burp_target_config: burp_target_config,
67
- scope: "#{link}/policy_scopes",
68
- hacktivity: "#{link}/hacktivity",
69
- thanks: "#{link}/thanks",
70
- updates: "#{link}/updates",
71
- collaborators: "#{link}/collaborators"
79
+ cursor = nil
80
+
81
+ loop do
82
+ payload = {
83
+ operationName: 'GetBountyPrograms',
84
+ variables: { after: cursor },
85
+ query: query
72
86
  }
73
- programs_arr.push(bounty_program_hash)
87
+
88
+ rest_response = rest_request.execute(
89
+ method: :post,
90
+ url: graphql_endpoint,
91
+ headers: headers,
92
+ payload: payload.to_json.delete("\n"),
93
+ verify_ssl: false
94
+ )
95
+
96
+ data = JSON.parse(rest_response.body, symbolize_names: true)
97
+
98
+ teams = data[:data][:teams][:edges]
99
+ teams.each do |edge|
100
+ team = edge[:node]
101
+ min_payout = team[:minimum_bounty] ? team[:minimum_bounty].to_f : 0.0
102
+ next if min_payouts_enabled && min_payout.zero?
103
+
104
+ # next if min_payouts_enabled && min_payout.zero?
105
+
106
+ print '.' unless suppress_progress
107
+
108
+ min_payout_fmt = format('$%0.2f', min_payout)
109
+ handle = team[:handle]
110
+ link = "https://hackerone.com/#{handle}"
111
+ scheme = URI.parse(link).scheme
112
+ host = URI.parse(link).host
113
+ path = URI.parse(link).path
114
+ burp_target_config = "#{scheme}://#{host}/teams#{path}/assets/download_burp_project_file.json"
115
+
116
+ bounty_program_hash = {
117
+ name: handle,
118
+ min_payout: min_payout_fmt,
119
+ policy: "#{link}?view_policy=true",
120
+ burp_target_config: burp_target_config,
121
+ scope: "#{link}/policy_scopes",
122
+ hacktivity: "#{link}/hacktivity",
123
+ thanks: "#{link}/thanks",
124
+ updates: "#{link}/updates",
125
+ collaborators: "#{link}/collaborators"
126
+ }
127
+ programs_arr.push(bounty_program_hash)
128
+ end
129
+
130
+ page_info = data[:data][:teams][:pageInfo]
131
+ cursor = page_info[:endCursor]
132
+ break unless page_info[:hasNextPage]
74
133
  end
75
134
 
135
+ programs_arr.sort_by! { |p| -p[:min_payout].gsub('$', '').gsub(',', '').to_f }
136
+
76
137
  programs_arr
138
+ rescue RestClient::ExceptionWithResponse => e
139
+ if e.response
140
+ puts "HTTP RESPONSE CODE: #{e.response.code}"
141
+ puts "HTTP RESPONSE HEADERS:\n#{e.response.headers}"
142
+ puts "HTTP RESPONSE BODY:\n#{e.response.body}\n\n\n"
143
+ end
144
+
145
+ raise e
77
146
  rescue StandardError => e
78
147
  raise e
148
+ ensure
149
+ browser_obj = PWN::Plugins::TransparentBrowser.close(browser_obj: browser_obj) if browser_obj
150
+ rest_client = nil if rest_client
151
+ rest_request = nil if rest_request
79
152
  end
80
153
 
81
154
  # Supported Method Parameters::
@@ -500,10 +573,9 @@ module PWN
500
573
  )
501
574
 
502
575
  programs_arr = #{self}.get_bounty_programs(
503
- browser_obj: 'required - browser_obj returned from #open method',
504
- proxy: 'optional - scheme://proxy_host:port || tor',
505
576
  min_payouts_enabled: 'optional - only display programs where payouts are > $0.00 (defaults to false)',
506
- suppress_progress: 'optional - suppress output (defaults to false)'
577
+ suppress_progress: 'optional - suppress output (defaults to false)',
578
+ proxy: 'optional - scheme://proxy_host:port || tor'
507
579
  )
508
580
 
509
581
  scope_details = #{self}.get_scope_details(
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pwn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.5.416
4
+ version: 0.5.417
5
5
  platform: ruby
6
6
  authors:
7
7
  - 0day Inc.