pwn 0.5.562 → 0.5.573

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: fcfdf05e72d9c3c650d02dfb875519d3a4d95591e1b32227355b316e6fc1a8a6
-  data.tar.gz: 1af1dc3a3a01390e7b1ee57a5168ed42f58534b2565ebb94da9df120cd5dc21c
+  metadata.gz: 33e312831eb63249fad1a0f98b4386085255ee84188e76ddb1259ce9a5083e34
+  data.tar.gz: e61b59c15b896fbc3c5206e5e95a796d5e0f279d0c401b506b3fc075846426bf
 SHA512:
-  metadata.gz: a7344c5b670d5fa5b93e1f93c3a0a79830a7d1f790b8276ebfe9e7de730ab6f06bfccbc8d43ed47827de7d0b5a2df295dde687ee8e4cc5f009e10935f83be4a9
-  data.tar.gz: 84d8a15f6eedf53563a3c0261c3c34544afefb195778f70bdfbf9a2db360b8e31e69ae6b747f243e6410715a50d816250655832386f01fa254d824dc9163cbee
+  metadata.gz: e22d19452e6316c0aca8a4059b734302177eb03fe8bd59765fd0473fec096b3761dcc784fe0976241b21ab3e31349a2e7776a1ccccdb963edff63e24189308d8
+  data.tar.gz: ec98c1cc869f2e91b40cbc0be9ba05ae4c82ef5721e49dd959c3610d06dc1c9985b3580a464a1fc274a55762e27405140de52d096ce34f18fd74f19c87819b67

data/.rubocop.yml

@@ -6,7 +6,7 @@ Layout/LineLength:
 Lint/UselessRescue:
   Enabled: false
 Metrics/AbcSize:
-  Max: 563.8
+  Max: 720
 Metrics/BlockLength:
   Max: 292
 Metrics/BlockNesting:

data/.rubocop_todo.yml

@@ -1,6 +1,6 @@
 # This configuration was generated by
 # `rubocop --auto-gen-config`
-# on 2026-02-27 17:49:20 UTC using RuboCop version 1.85.0.
+# on 2026-06-05 17:51:34 UTC using RuboCop version 1.86.1.
 # The point is for the user to remove these configuration records
 # one by one as the offenses are removed from the code base.
 # Note that changes in the inspected code, or installation of new
@@ -36,7 +36,7 @@ Lint/ShadowedException:
     - 'lib/pwn/sdr/decoder/flex.rb'
     - 'lib/pwn/sdr/decoder/pocsag.rb'
 
-# Offense count: 301
+# Offense count: 302
 # This cop supports safe autocorrection (--autocorrect).
 Lint/UselessAssignment:
   Enabled: false
@@ -66,9 +66,10 @@ Metrics/MethodLength:
   Exclude:
     - 'lib/pwn/banner/code_cave.rb'
 
-# Offense count: 7
+# Offense count: 8
 Naming/AccessorMethodName:
   Exclude:
+    - 'lib/pwn/ai/anthropic.rb'
     - 'lib/pwn/ai/grok.rb'
     - 'lib/pwn/ai/ollama.rb'
     - 'lib/pwn/ai/open_ai.rb'

data/.ruby-version

@@ -1 +1 @@
-4.0.1
+4.0.5

data/Gemfile

@@ -20,11 +20,11 @@ gem 'base32', '0.3.4'
 gem 'bitcoin-ruby', '0.0.20'
 gem 'brakeman', '8.0.4'
 gem 'bson', '5.2.0'
-gem 'bundler', '>=4.0.11'
+gem 'bundler', '>=4.0.13'
 gem 'bundler-audit', '>=0.9.3'
 gem 'bunny', '3.1.0'
 gem 'colorize', '1.1.0'
-gem 'credit_card_validations', '8.0.0'
+gem 'credit_card_validations', '9.0.0'
 gem 'curses', '1.6.0'
 gem 'diffy', '3.4.4'
 gem 'eventmachine', '1.2.7'
@@ -37,7 +37,7 @@ gem 'gdb', '1.0.0'
 gem 'gem-wrappers', '1.4.0'
 gem 'geocoder', '1.8.6'
 gem 'gist', '6.0.0'
-gem 'gruff', '0.30.0'
+gem 'gruff', '0.32.0'
 gem 'htmlentities', '4.4.2'
 gem 'ipaddress', '0.8.3'
 gem 'jenkins_api_client2', '1.9.0'
@@ -45,14 +45,14 @@ gem 'js-beautify', '0.1.8'
 gem 'json', '>=2.13.2'
 gem 'jsonpath', '1.1.5'
 gem 'json_schemer', '2.5.0'
-gem 'jwt', '3.1.2'
+gem 'jwt', '3.2.0'
 gem 'libusb', '0.7.2'
 gem 'luhn', '3.0.0'
 gem 'mail', '2.9.0'
-gem 'mcp', '0.14.0'
-gem 'meshtastic', '0.0.160'
-gem 'metasm', '1.0.5'
-gem 'mongo', '2.24.0'
+gem 'mcp', '0.18.0'
+gem 'meshtastic', '0.0.163'
+gem 'metasm', '1.0.6'
+gem 'mongo', '2.24.1'
 gem 'msfrpc-client', '1.1.2'
 gem 'netaddr', '2.0.6'
 gem 'net-ldap', '0.20.0'
@@ -74,27 +74,27 @@ gem 'pry-doc', '1.7.0'
 gem 'rake', '13.4.2'
 gem 'rb-readline', '0.5.5'
 gem 'rbvmomi2', '3.10.0'
-gem 'rdoc', '7.0.3'
+gem 'rdoc', '7.0.4'
 gem 'rest-client', '2.1.0'
 gem 'rex', '2.0.13'
-gem 'rmagick', '6.3.0'
+gem 'rmagick', '7.0.3'
 gem 'rqrcode', '3.2.0'
 gem 'rspec', '3.13.2'
 gem 'rtesseract', '3.1.4'
-gem 'rubocop', '1.86.1'
+gem 'rubocop', '1.87.0'
 gem 'rubocop-rake', '0.7.1'
-gem 'rubocop-rspec', '3.9.0'
+gem 'rubocop-rspec', '3.10.2'
 gem 'ruby-audio', '1.6.1'
 gem 'ruby-nmap', '1.0.3'
 gem 'ruby-saml', '1.18.1'
 gem 'rvm', '1.11.3.9'
-gem 'savon', '2.15.1'
-gem 'selenium-devtools', '0.147.0'
-gem 'selenium-webdriver', '4.43.0'
+gem 'savon', '2.17.1'
+gem 'selenium-devtools', '0.148.0'
+gem 'selenium-webdriver', '4.44.0'
 gem 'slack-ruby-client', '3.1.0'
 gem 'socksify', '1.8.1'
 gem 'spreadsheet', '1.3.5'
-gem 'sqlite3', '2.9.3'
+gem 'sqlite3', '2.9.5'
 gem 'thin', '2.0.1'
 gem 'tty-prompt', '0.23.1'
 gem 'tty-spinner', '0.9.3'
@@ -105,4 +105,4 @@ gem 'webrick', '1.9.2'
 gem 'whois', '6.0.3'
 gem 'whois-parser', '2.0.0'
 gem 'wicked_pdf', '2.8.2'
-gem 'yard', '0.9.43'
+gem 'yard', '0.9.44'

data/README.md

@@ -37,7 +37,7 @@ $ cd /opt/pwn
 $ ./install.sh
 $ ./install.sh ruby-gem
 $ pwn
-pwn[v0.5.562]:001 >>> PWN.help
+pwn[v0.5.573]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -48,21 +48,21 @@ pwn[v0.5.562]:001 >>> PWN.help
 It's wise to update pwn often as numerous versions are released/week:
 ```
 $ rvm list gemsets
-$ rvm use ruby-4.0.1@pwn
+$ rvm use ruby-4.0.5@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.5.562]:001 >>> PWN.help
+pwn[v0.5.573]:001 >>> PWN.help
 ```
 
 If you're using a multi-user install of RVM do:
 ```
 $ rvm list gemsets
-$ rvm use ruby-4.0.1@pwn
+$ rvm use ruby-4.0.5@pwn
 $ rvmsudo gem uninstall --all --executables pwn
 $ rvmsudo gem install --verbose pwn
 $ pwn
-pwn[v0.5.562]:001 >>> PWN.help
+pwn[v0.5.573]:001 >>> PWN.help
 ```
 
 PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`.  The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:

data/build_gem.sh

@@ -1,17 +1,22 @@
 #!/bin/bash --login
+set -eo pipefail
+shopt -s nullglob
+export rvmsudo_secure_path=1
+
 if [[ -d '/opt/pwn' ]]; then
   pwn_root='/opt/pwn' 
 else
   pwn_root="${PWN_ROOT}"
 fi
 
-ls pkg/*.gem | while read previous_gems; do 
-  rvmsudo rm $previous_gems
+for previous_gem in pkg/*.gem; do
+  rvmsudo rm "$previous_gem"
 done
 old_ruby_version=`cat ${pwn_root}/.ruby-version`
 # Default Strategy is to merge codebase
-rvmsudo git config pull.rebase false 
-rvmsudo git pull
+sudo chown -R $USER:$USER $pwn_root
+git config pull.rebase false 
+git pull
 new_ruby_version=`cat ${pwn_root}/.ruby-version`
 
 rvmsudo gem update --system
@@ -19,13 +24,12 @@ rvmsudo gem update --system
 if [[ $old_ruby_version == $new_ruby_version ]]; then
   export rvmsudo_secure_path=1
   rvmsudo /bin/bash --login -c "cd ${pwn_root} && ./reinstall_gemset.sh"
-  cd /tmp && cd $pwn_root
-  rvmsudo rake
-  rvmsudo rake install
-  rvmsudo rake rerdoc
-  rvmsudo gem rdoc --backtrace --rdoc --ri --overwrite -V pwn
+  cd /tmp && cd "$pwn_root"
+  rvmsudo /bin/bash --login -c "cd ${pwn_root} && bundle exec rake"
+  rvmsudo /bin/bash --login -c "cd ${pwn_root} && bundle exec rake install"
+  rvmsudo /bin/bash --login -c "cd ${pwn_root} && bundle exec rake rerdoc"
   echo "Invoking bundle-audit Gemfile Scanner..."
-  rvmsudo bundle-audit
+  rvmsudo /bin/bash --login -c "cd ${pwn_root} && bundle exec bundle-audit"
 else
   cd $pwn_root && ./upgrade_ruby.sh $new_ruby_version $old_ruby_version
 fi

data/documentation/lifecycle_authz_replay.example.yaml

@@ -0,0 +1,27 @@
+campaign:
+  id: github-collaborator-revoke
+  label: GitHub collaborator removal replay
+  target: https://github.com/acme/private-repo
+  change_event: remove_collaborator
+  notes: Capture access before and after collaborator removal.
+
+actors:
+  - id: owner
+    label: Repository owner account
+  - id: revoked_user
+    label: User removed from repository
+
+surfaces:
+  - id: repo_settings_page
+    label: Repository settings HTML page
+  - id: repo_metadata_api
+    label: Repository metadata API endpoint
+
+checkpoints:
+  - pre_change
+  - post_change_t0
+  - post_change_tn
+
+expected_denied_after:
+  - post_change_t0
+  - post_change_tn

data/lib/pwn/ai/anthropic.rb

@@ -0,0 +1,281 @@
+# frozen_string_literal: true
+
+require 'json'
+require 'rest-client'
+require 'tty-spinner'
+require 'securerandom'
+
+module PWN
+  module AI
+    # This plugin interacts with Anthropic's Claude API.
+    # It provides methods to list models, generate completions, and chat.
+    # API documentation: https://docs.anthropic.com/en/api
+    # Obtain an API key from https://console.anthropic.com/
+    module Anthropic
+      # Supported Method Parameters::
+      # anthropic_rest_call(
+      #   token: 'required - anthropic api key',
+      #   http_method: 'optional HTTP method (defaults to GET)',
+      #   base_uri: 'optional base anthropic api URI (defaults to https://api.anthropic.com/v1)',
+      #   rest_call: 'required rest call to make per the schema',
+      #   params: 'optional params passed in the URI or HTTP Headers',
+      #   http_body: 'optional HTTP body sent in HTTP methods that support it e.g. POST',
+      #   timeout: 'optional timeout in seconds (defaults to 300)',
+      #   spinner: 'optional - display spinner (defaults to false)'
+      # )
+
+      private_class_method def self.anthropic_rest_call(opts = {})
+        engine = PWN::Env[:ai][:anthropic]
+        raise 'ERROR: Anthropic Hash not found in PWN::Env.  Run `pwn -Y default.yaml`, then `PWN::Env` for usage.' if engine.nil?
+
+        token = engine[:key] ||= PWN::Plugins::AuthenticationHelper.mask_password(prompt: 'Anthropic API Key')
+
+        http_method = if opts[:http_method].nil?
+                        :get
+                      else
+                        opts[:http_method].to_s.scrub.to_sym
+                      end
+
+        base_uri = engine[:base_uri] ||= 'https://api.anthropic.com/v1'
+        rest_call = opts[:rest_call].to_s.scrub
+        params = opts[:params]
+        headers = {
+          content_type: 'application/json; charset=UTF-8',
+          'x-api-key': token,
+          'anthropic-version': '2023-06-01'
+        }
+
+        http_body = opts[:http_body]
+        http_body ||= {}
+
+        timeout = opts[:timeout]
+        timeout ||= 300
+
+        spinner = opts[:spinner] || false
+
+        browser_obj = PWN::Plugins::TransparentBrowser.open(browser_type: :rest)
+        rest_client = browser_obj[:browser]::Request
+
+        if spinner
+          spin = TTY::Spinner.new(format: :dots)
+          spin.auto_spin
+        end
+
+        retry_count = 0
+        begin
+          case http_method
+          when :delete, :get
+            headers[:params] = params
+            response = rest_client.execute(
+              method: http_method,
+              url: "#{base_uri}/#{rest_call}",
+              headers: headers,
+              verify_ssl: false,
+              timeout: timeout
+            )
+
+          when :post
+            if http_body.key?(:multipart)
+              headers[:content_type] = 'multipart/form-data'
+
+              response = rest_client.execute(
+                method: http_method,
+                url: "#{base_uri}/#{rest_call}",
+                headers: headers,
+                payload: http_body,
+                verify_ssl: false,
+                timeout: timeout
+              )
+            else
+              response = rest_client.execute(
+                method: http_method,
+                url: "#{base_uri}/#{rest_call}",
+                headers: headers,
+                payload: http_body.to_json,
+                verify_ssl: false,
+                timeout: timeout
+              )
+            end
+          else
+            raise @@logger.error("Unsupported HTTP Method #{http_method} for #{self} Plugin")
+          end
+
+          response
+        rescue RestClient::TooManyRequests => e
+          retry_after = e.response.headers[:retry_after]&.to_i ||= (0.5 * (retry_count + 1))
+          sleep(retry_after + rand(0.3..5.0))
+          retry_count += 1
+
+          retry
+        end
+      rescue RestClient::ExceptionWithResponse => e
+        puts "ERROR: #{e.message}: #{e.response}"
+      rescue StandardError => e
+        case e.message
+        when '400 Bad Request', '404 Resource Not Found'
+          "#{e.message}: #{e.response}"
+        else
+          raise e
+        end
+      ensure
+        spin.stop if spinner
+      end
+
+      # Supported Method Parameters::
+      # models = PWN::AI::Anthropic.get_models
+
+      public_class_method def self.get_models
+        models = anthropic_rest_call(rest_call: 'models')
+
+        JSON.parse(models, symbolize_names: true)[:data]
+      rescue StandardError => e
+        raise e
+      end
+
+      # Supported Method Parameters::
+      # response = PWN::AI::Anthropic.chat(
+      #   request: 'required - message to Anthropic',
+      #   model: 'optional - model to use for text generation (defaults to PWN::Env[:ai][:anthropic][:model])',
+      #   temp: 'optional - creative response float (defaults to PWN::Env[:ai][:anthropic][:temp])',
+      #   system_role_content: 'optional - context to set up the model behavior for conversation (Default: PWN::Env[:ai][:anthropic][:system_role_content])',
+      #   response_history: 'optional - pass response back in to have a conversation',
+      #   speak_answer: 'optional speak answer using PWN::Plugins::Voice.text_to_speech (Default: nil)',
+      #   timeout: 'optional timeout in seconds (defaults to 300)',
+      #   spinner: 'optional - display spinner (defaults to false)'
+      # )
+
+      public_class_method def self.chat(opts = {})
+        engine = PWN::Env[:ai][:anthropic]
+        request = opts[:request]
+        max_prompt_length = engine[:max_prompt_length] ||= 200_000
+        request_trunc_idx = ((max_prompt_length - 1) / 3.36).floor
+        request = request[0..request_trunc_idx]
+
+        model = opts[:model] ||= engine[:model]
+        raise 'ERROR: Model is required.  Call #get_models method for details' if model.nil?
+
+        temp = opts[:temp].to_f ||= engine[:temp].to_f
+        temp = 1 if temp.zero?
+
+        rest_call = 'messages'
+
+        response_history = opts[:response_history]
+
+        system_role_content = opts[:system_role_content] ||= engine[:system_role_content]
+        system_role_content = response_history[:choices].first[:content] if response_history && response_history[:choices]
+
+        system_role = {
+          role: 'system',
+          content: system_role_content
+        }
+
+        user_role = {
+          role: 'user',
+          content: request
+        }
+
+        response_history ||= { choices: [system_role] }
+
+        http_body = {
+          model: model,
+          max_tokens: 4096,
+          temperature: temp,
+          system: system_role_content,
+          messages: []
+        }
+
+        if response_history[:choices].length > 1
+          response_history[:choices][1..].each do |message|
+            next if message[:role] == 'system'
+
+            http_body[:messages].push(role: message[:role].to_s, content: message[:content].to_s)
+          end
+        end
+
+        http_body[:messages].push(role: 'user', content: request)
+
+        timeout = opts[:timeout]
+        spinner = opts[:spinner]
+
+        response = anthropic_rest_call(
+          http_method: :post,
+          rest_call: rest_call,
+          http_body: http_body,
+          timeout: timeout,
+          spinner: spinner
+        )
+
+        json_resp = JSON.parse(response, symbolize_names: true)
+        assistant_content = if json_resp[:content] && json_resp[:content].is_a?(Array) && json_resp[:content].first
+                              json_resp[:content].first[:text]
+                            else
+                              ''
+                            end
+        assistant_resp = {
+          role: 'assistant',
+          content: assistant_content
+        }
+
+        # Build choices for PWN compatibility: [system, ...history..., user, assistant]
+        json_resp[:choices] = [system_role] + http_body[:messages]
+        json_resp[:choices].push(assistant_resp)
+
+        # Ensure compatibility fields
+        json_resp[:id] ||= "msg_#{SecureRandom.hex(8)}"
+        json_resp[:object] ||= 'message'
+        json_resp[:model] ||= model
+
+        if json_resp[:usage].is_a?(Hash)
+          inp_tokens = json_resp[:usage][:input_tokens] || 0
+          out_tokens = json_resp[:usage][:output_tokens] || 0
+          json_resp[:usage][:total_tokens] = inp_tokens + out_tokens
+        else
+          json_resp[:usage] = { input_tokens: 0, output_tokens: 0, total_tokens: 0 }
+        end
+
+        speak_answer = true if opts[:speak_answer]
+
+        if speak_answer
+          answer = assistant_resp[:content]
+          text_path = "/tmp/#{SecureRandom.hex}.pwn_voice"
+          File.write(text_path, answer)
+          PWN::Plugins::Voice.text_to_speech(text_path: text_path)
+          File.unlink(text_path)
+        end
+
+        json_resp
+      rescue StandardError => e
+        raise e
+      end
+
+      # Author(s):: 0day Inc. <support@0dayinc.com>
+
+      public_class_method def self.authors
+        "AUTHOR(S):
+          0day Inc. <support@0dayinc.com>
+        "
+      end
+
+      # Display Usage for this Module
+
+      public_class_method def self.help
+        puts "USAGE:
+          models = #{self}.get_models
+
+          response = #{self}.chat(
+            request: 'required - message to Anthropic',
+            model: 'optional - model to use for text generation (defaults to PWN::Env[:ai][:anthropic][:model])',
+            temp: 'optional - creative response float (defaults to PWN::Env[:ai][:anthropic][:temp])',
+            system_role_content: 'optional - context to set up the model behavior for conversation (Default: PWN::Env[:ai][:anthropic][:system_role_content])',
+            response_history: 'optional - pass response back in to have a conversation',
+            speak_answer: 'optional speak answer using PWN::Plugins::Voice.text_to_speech (Default: nil)',
+            timeout: 'optional - timeout in seconds (defaults to 300)',
+            spinner: 'optional - display spinner (defaults to false)'
+          )
+
+          #{self}.authors
+        "
+      end
+    end
+  end
+end

data/lib/pwn/ai/grok.rb

@@ -25,9 +25,14 @@ module PWN
 
       private_class_method def self.grok_rest_call(opts = {})
         engine = PWN::Env[:ai][:grok]
-        raise 'ERROR: Jira Server Hash not found in PWN::Env.  Run i`pwn -Y default.yaml`, then `PWN::Env` for usage.' if engine.nil?
-
-        token = engine[:key] ||= PWN::Plugins::AuthenticationHelper.mask_password(prompt: 'Grok API Key')
+        raise 'ERROR: Grok Hash not found in PWN::Env.  Run `pwn -Y default.yaml`, then `PWN::Env` for usage.' if engine.nil?
+
+        oauth = engine[:oauth] || {}
+        token = if oauth[:access_token] && !oauth[:access_token].to_s.empty? && !oauth[:access_token].to_s.match?(/optional/i)
+                  oauth[:access_token]
+                else
+                  engine[:key] ||= PWN::Plugins::AuthenticationHelper.mask_password(prompt: 'Grok API Key (or set oauth:access_token in pwn-vault for xAI SuperGrok subscriptions)')
+                end
 
         http_method = if opts[:http_method].nil?
                         :get

data/lib/pwn/ai/introspection.rb

@@ -65,6 +65,15 @@ module PWN
               response = response[:choices].last[:text] if response[:choices].last.keys.include?(:text)
               response = response[:choices].last[:content] if response[:choices].last.keys.include?(:content)
             end
+          when :anthropic
+            response = PWN::AI::Anthropic.chat(
+              request: request.chomp,
+              system_role_content: system_role_content,
+              spinner: spinner
+            )
+            response = response[:choices].last[:content] if response.is_a?(Hash) &&
+                                                            response.key?(:choices) &&
+                                                            response[:choices].last.keys.include?(:content)
           end
         end
 

data/lib/pwn/ai/open_ai.rb

@@ -98,8 +98,12 @@ module PWN
           end
           response
         rescue RestClient::TooManyRequests => e
-          retry_after = e.response.headers[:retry_after]&.to_i ||= (0.5 * (retry_count + 1))
-          sleep(retry_after + rand(0.3..5.0))
+          duration = 0
+          if e.response
+            retry_after = e.response.headers[:retry_after]&.to_i ||= (0.5 * (retry_count + 1))
+            duration = retry_after.to_i
+          end
+          sleep(duration + rand(0.3..5.0))
           retry_count += 1
 
           retry

data/lib/pwn/ai.rb

@@ -6,6 +6,7 @@ module PWN
   # http://www.rubyinside.com/ruby-techniques-revealed-autoload-1652.html
   module AI
     autoload :Agent, 'pwn/ai/agent'
+    autoload :Anthropic, 'pwn/ai/anthropic'
     autoload :Grok, 'pwn/ai/grok'
     autoload :Introspection, 'pwn/ai/introspection'
     autoload :Ollama, 'pwn/ai/ollama'