pwn 0.5.60 → 0.5.61
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +2 -2
- data/README.md +3 -3
- data/bin/pwn +37 -37
- data/etc/pwn.yaml.EXAMPLE +2 -0
- data/lib/pwn/version.rb +1 -1
- metadata +7 -7
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: ec464c3031975250eef48b7653e858ff40edce70a4da4a21b9f8d1e547d91483
|
4
|
+
data.tar.gz: c084f4cd17c64a5d9ddee2f9b0d62477dff4a60f2628d17c9a4533ec2a2b6765
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: c57b2c13075dd45f74ab328c27b553528ce5817e4f15b9a7522f27d032a2a3727f4801dbd663feb9922f2c2f5b4e6229369479aad8c64c5435ecf5f1966b337d
|
7
|
+
data.tar.gz: 6538fa98dfff9c9d7953d4df3c01fe38f0ebbe0d432f05cff6c9d321179fb5d0e20a5390c28318c1620870173ca4d9adc9c5ea01339635774b924cab3fa0650d
|
data/Gemfile
CHANGED
@@ -19,7 +19,7 @@ gem 'aws-sdk', '3.2.0'
|
|
19
19
|
gem 'barby', '0.6.9'
|
20
20
|
gem 'brakeman', '6.1.2'
|
21
21
|
gem 'bson', '5.0.0'
|
22
|
-
gem 'bundler', '>=2.5.
|
22
|
+
gem 'bundler', '>=2.5.7'
|
23
23
|
gem 'bundler-audit', '0.9.1'
|
24
24
|
gem 'bunny', '2.22.0'
|
25
25
|
gem 'colorize', '1.1.0'
|
@@ -66,7 +66,7 @@ gem 'pry-doc', '1.5.0'
|
|
66
66
|
gem 'rake', '13.1.0'
|
67
67
|
gem 'rb-readline', '0.5.5'
|
68
68
|
gem 'rbvmomi', '3.0.0'
|
69
|
-
gem 'rdoc', '6.6.
|
69
|
+
gem 'rdoc', '6.6.3.1'
|
70
70
|
gem 'rest-client', '2.1.0'
|
71
71
|
gem 'rex', '2.0.13'
|
72
72
|
gem 'rmagick', '5.4.4'
|
data/README.md
CHANGED
@@ -37,7 +37,7 @@ $ cd /opt/pwn
|
|
37
37
|
$ ./install.sh
|
38
38
|
$ ./install.sh ruby-gem
|
39
39
|
$ pwn
|
40
|
-
pwn[v0.5.
|
40
|
+
pwn[v0.5.61]:001 >>> PWN.help
|
41
41
|
```
|
42
42
|
|
43
43
|
[![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.3.0@pwn
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
53
53
|
$ gem install --verbose pwn
|
54
54
|
$ pwn
|
55
|
-
pwn[v0.5.
|
55
|
+
pwn[v0.5.61]:001 >>> PWN.help
|
56
56
|
```
|
57
57
|
|
58
58
|
If you're using a multi-user install of RVM do:
|
@@ -62,7 +62,7 @@ $ rvm use ruby-3.3.0@pwn
|
|
62
62
|
$ rvmsudo gem uninstall --all --executables pwn
|
63
63
|
$ rvmsudo gem install --verbose pwn
|
64
64
|
$ pwn
|
65
|
-
pwn[v0.5.
|
65
|
+
pwn[v0.5.61]:001 >>> PWN.help
|
66
66
|
```
|
67
67
|
|
68
68
|
PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
|
data/bin/pwn
CHANGED
@@ -54,13 +54,13 @@ begin
|
|
54
54
|
dchars = "\001\e[33m\002***\001\e[33m\002" if mode == :splat
|
55
55
|
end
|
56
56
|
|
57
|
-
if pi.config.
|
58
|
-
pi.config.prompt_name = 'pwn.
|
59
|
-
pi.config.prompt_name = 'pwn.
|
57
|
+
if pi.config.pwn_ai
|
58
|
+
pi.config.prompt_name = 'pwn.ai'
|
59
|
+
pi.config.prompt_name = 'pwn.ai.SPEAKING' if pi.config.pwn_ai_speak
|
60
60
|
name = "\001\e[1m\002\001\e[33m\002#{pi.config.prompt_name}\001\e[0m\002"
|
61
61
|
dchars = "\001\e[32m\002>>>\001\e[33m\002"
|
62
62
|
dchars = "\001\e[33m\002***\001\e[33m\002" if mode == :splat
|
63
|
-
if pi.config.
|
63
|
+
if pi.config.pwn_ai_debug
|
64
64
|
dchars = "\001\e[32m\002(DEBUG) >>>\001\e[33m\002"
|
65
65
|
dchars = "\001\e[33m\002(DEBUG) ***\001\e[33m\002" if mode == :splat
|
66
66
|
end
|
@@ -124,8 +124,8 @@ begin
|
|
124
124
|
exec_hook :after_read, eval_string, self
|
125
125
|
|
126
126
|
begin
|
127
|
-
complete_expr = true if config.
|
128
|
-
complete_expr = Pry::Code.complete_expression?(@eval_string) unless config.
|
127
|
+
complete_expr = true if config.pwn_ai || config.pwn_asm
|
128
|
+
complete_expr = Pry::Code.complete_expression?(@eval_string) unless config.pwn_ai || config.pwn_asm
|
129
129
|
rescue SyntaxError => e
|
130
130
|
output.puts e.message.gsub(/^.*syntax error, */, "SyntaxError: ")
|
131
131
|
reset_eval_string
|
@@ -135,7 +135,7 @@ begin
|
|
135
135
|
@suppress_output = true if @eval_string =~ /;\Z/ ||
|
136
136
|
@eval_string.empty? ||
|
137
137
|
@eval_string =~ /\A *#.*\n\z/ ||
|
138
|
-
config.
|
138
|
+
config.pwn_ai ||
|
139
139
|
config.pwn_asm
|
140
140
|
|
141
141
|
# A bug in jruby makes java.lang.Exception not rescued by
|
@@ -158,10 +158,10 @@ begin
|
|
158
158
|
eval_string = @eval_string
|
159
159
|
reset_eval_string
|
160
160
|
|
161
|
-
result = evaluate_ruby(eval_string) unless config.
|
161
|
+
result = evaluate_ruby(eval_string) unless config.pwn_ai ||
|
162
162
|
config.pwn_asm
|
163
163
|
|
164
|
-
result = eval_string if config.
|
164
|
+
result = eval_string if config.pwn_ai ||
|
165
165
|
config.pwn_asm
|
166
166
|
rescue RescuableException, *jruby_exceptions => e
|
167
167
|
# Eliminate following warning:
|
@@ -182,9 +182,9 @@ begin
|
|
182
182
|
throw(:breakout) if current_binding.nil?
|
183
183
|
end
|
184
184
|
|
185
|
-
# Ensure the return value in
|
185
|
+
# Ensure the return value in pwn_ai mode reflects the input
|
186
186
|
def evaluate_ruby(code)
|
187
|
-
# if config.
|
187
|
+
# if config.pwn_ai || config.pwn_asm
|
188
188
|
# result = message = code.to_s
|
189
189
|
# return
|
190
190
|
# end
|
@@ -236,44 +236,44 @@ begin
|
|
236
236
|
end
|
237
237
|
end
|
238
238
|
|
239
|
-
Pry::Commands.create_command 'pwn-
|
240
|
-
description 'Initiate pwn.
|
239
|
+
Pry::Commands.create_command 'pwn-ai' do
|
240
|
+
description 'Initiate pwn.ai chat interface.'
|
241
241
|
|
242
242
|
def process
|
243
243
|
pi = pry_instance
|
244
|
-
pi.config.
|
245
|
-
pi.config.color = false if pi.config.
|
246
|
-
pi.config.color = true unless pi.config.
|
244
|
+
pi.config.pwn_ai = true
|
245
|
+
pi.config.color = false if pi.config.pwn_ai
|
246
|
+
pi.config.color = true unless pi.config.pwn_ai
|
247
247
|
end
|
248
248
|
end
|
249
249
|
|
250
|
-
Pry::Commands.create_command 'toggle-pwn-
|
251
|
-
description 'Display the response_history object while using pwn.
|
250
|
+
Pry::Commands.create_command 'toggle-pwn-ai-debug' do
|
251
|
+
description 'Display the response_history object while using pwn.ai'
|
252
252
|
|
253
253
|
def process
|
254
254
|
pi = pry_instance
|
255
|
-
pi.config.
|
255
|
+
pi.config.pwn_ai_debug ? pi.config.pwn_ai_debug = false : pi.config.pwn_ai_debug = true
|
256
256
|
end
|
257
257
|
end
|
258
258
|
|
259
|
-
Pry::Commands.create_command 'toggle-pwn-
|
260
|
-
description 'Use speech capabilities within pwn.
|
259
|
+
Pry::Commands.create_command 'toggle-pwn-ai-speaks' do
|
260
|
+
description 'Use speech capabilities within pwn.ai to speak answers.'
|
261
261
|
|
262
262
|
def process
|
263
263
|
pi = pry_instance
|
264
|
-
pi.config.
|
264
|
+
pi.config.pwn_ai_speak ? pi.config.pwn_ai_speak = false : pi.config.pwn_ai_speak = true
|
265
265
|
end
|
266
266
|
end
|
267
267
|
|
268
268
|
Pry::Commands.create_command 'back' do
|
269
|
-
description 'Jump back to pwn REPL when in pwn-asm || pwn-
|
269
|
+
description 'Jump back to pwn REPL when in pwn-asm || pwn-ai.'
|
270
270
|
|
271
271
|
def process
|
272
272
|
pi = pry_instance
|
273
273
|
pi.config.pwn_asm = false if pi.config.pwn_asm
|
274
|
-
pi.config.
|
275
|
-
pi.config.
|
276
|
-
pi.config.
|
274
|
+
pi.config.pwn_ai = false if pi.config.pwn_ai
|
275
|
+
pi.config.pwn_ai_debug = false if pi.config.pwn_ai_debug
|
276
|
+
pi.config.pwn_ai_speak = false if pi.config.pwn_ai_speak
|
277
277
|
pi.config.completer = Pry::InputCompleter
|
278
278
|
end
|
279
279
|
end
|
@@ -284,13 +284,13 @@ begin
|
|
284
284
|
output.puts PWN::Banner.welcome
|
285
285
|
end
|
286
286
|
|
287
|
-
# pwn.
|
287
|
+
# pwn.ai Hooks
|
288
288
|
Pry.config.hooks.add_hook(:before_session, :init_opts) do |_output, _binding, pi|
|
289
289
|
if opts[:yaml_config_path] && File.exist?(opts[:yaml_config_path])
|
290
290
|
yaml_config_path = opts[:yaml_config_path]
|
291
291
|
yaml_config = YAML.load_file(yaml_config_path, symbolize_names: true)
|
292
|
-
pi.config.
|
293
|
-
Pry.config.
|
292
|
+
pi.config.pwn_ai_key = yaml_config[:open_ai_key]
|
293
|
+
Pry.config.pwn_ai_key = pi.config.pwn_ai_key
|
294
294
|
end
|
295
295
|
end
|
296
296
|
|
@@ -322,21 +322,21 @@ begin
|
|
322
322
|
end
|
323
323
|
end
|
324
324
|
|
325
|
-
Pry.config.hooks.add_hook(:after_read, :
|
326
|
-
if pi.config.
|
325
|
+
Pry.config.hooks.add_hook(:after_read, :pwn_ai_hook) do |request, pi|
|
326
|
+
if pi.config.pwn_ai && !request.chomp.empty?
|
327
327
|
request = pi.input.line_buffer.to_s
|
328
|
-
debug = pi.config.
|
329
|
-
open_ai_key = pi.config.
|
328
|
+
debug = pi.config.pwn_ai_debug
|
329
|
+
open_ai_key = pi.config.pwn_ai_key
|
330
330
|
open_ai_key ||= ''
|
331
331
|
if open_ai_key.empty?
|
332
332
|
open_ai_key = PWN::Plugins::AuthenticationHelper.mask_password(
|
333
333
|
prompt: 'OpenAI API Key'
|
334
334
|
)
|
335
|
-
pi.config.
|
335
|
+
pi.config.pwn_ai_key = open_ai_key
|
336
336
|
end
|
337
337
|
|
338
|
-
response_history = pi.config.
|
339
|
-
speak_answer = pi.config.
|
338
|
+
response_history = pi.config.pwn_ai_response_history
|
339
|
+
speak_answer = pi.config.pwn_ai_speak
|
340
340
|
response = PWN::Plugins::OpenAI.chat(
|
341
341
|
token: open_ai_key,
|
342
342
|
request: request.chomp,
|
@@ -360,7 +360,7 @@ begin
|
|
360
360
|
pp response_history
|
361
361
|
puts "\nresponse_history[:choices] Length: #{response_history[:choices].length}\n" unless response_history.nil?
|
362
362
|
end
|
363
|
-
pi.config.
|
363
|
+
pi.config.pwn_ai_response_history = response_history
|
364
364
|
end
|
365
365
|
end
|
366
366
|
|
data/etc/pwn.yaml.EXAMPLE
CHANGED
data/lib/pwn/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: pwn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.5.
|
4
|
+
version: 0.5.61
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- 0day Inc.
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2024-03-
|
11
|
+
date: 2024-03-22 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|
@@ -114,14 +114,14 @@ dependencies:
|
|
114
114
|
requirements:
|
115
115
|
- - ">="
|
116
116
|
- !ruby/object:Gem::Version
|
117
|
-
version: 2.5.
|
117
|
+
version: 2.5.7
|
118
118
|
type: :development
|
119
119
|
prerelease: false
|
120
120
|
version_requirements: !ruby/object:Gem::Requirement
|
121
121
|
requirements:
|
122
122
|
- - ">="
|
123
123
|
- !ruby/object:Gem::Version
|
124
|
-
version: 2.5.
|
124
|
+
version: 2.5.7
|
125
125
|
- !ruby/object:Gem::Dependency
|
126
126
|
name: bundler-audit
|
127
127
|
requirement: !ruby/object:Gem::Requirement
|
@@ -758,14 +758,14 @@ dependencies:
|
|
758
758
|
requirements:
|
759
759
|
- - '='
|
760
760
|
- !ruby/object:Gem::Version
|
761
|
-
version: 6.6.
|
761
|
+
version: 6.6.3.1
|
762
762
|
type: :development
|
763
763
|
prerelease: false
|
764
764
|
version_requirements: !ruby/object:Gem::Requirement
|
765
765
|
requirements:
|
766
766
|
- - '='
|
767
767
|
- !ruby/object:Gem::Version
|
768
|
-
version: 6.6.
|
768
|
+
version: 6.6.3.1
|
769
769
|
- !ruby/object:Gem::Dependency
|
770
770
|
name: rest-client
|
771
771
|
requirement: !ruby/object:Gem::Requirement
|
@@ -2252,7 +2252,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
2252
2252
|
- !ruby/object:Gem::Version
|
2253
2253
|
version: '0'
|
2254
2254
|
requirements: []
|
2255
|
-
rubygems_version: 3.5.
|
2255
|
+
rubygems_version: 3.5.7
|
2256
2256
|
signing_key:
|
2257
2257
|
specification_version: 4
|
2258
2258
|
summary: Automated Security Testing for CI/CD Pipelines & Beyond
|