pwn 0.5.66 → 0.5.67
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +3 -3
- data/bin/pwn +6 -25
- data/lib/pwn/plugins/ps.rb +21 -0
- data/lib/pwn/plugins/vault.rb +19 -0
- data/lib/pwn/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 8fd794ce6149bca1bcacf6eb83e4116d26dddad3f7007829cec0ff4520eb9f59
|
|
4
|
+
data.tar.gz: 056c7e6727ec6afb5ec98563b912ab65fdca366067296f0aa12501d5d7ae63d1
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 0764f4c9956e10475675ed33769d07b94ba19090c2db59937ff45ed1f110dad1860a6c02b8eaca71d7e5269dacb4c460472777dfb3285d2ec963c4a0c59975e2
|
|
7
|
+
data.tar.gz: 651a021f5476d9e6735c08f126411c23c6cfba3b0d9455ad1561b0fa9a46793f1c1b4bf6025a49f1d0c50f557ed9e150cd339aefed44003298a5f3100fa85e94
|
data/README.md
CHANGED
|
@@ -37,7 +37,7 @@ $ cd /opt/pwn
|
|
|
37
37
|
$ ./install.sh
|
|
38
38
|
$ ./install.sh ruby-gem
|
|
39
39
|
$ pwn
|
|
40
|
-
pwn[v0.5.
|
|
40
|
+
pwn[v0.5.67]:001 >>> PWN.help
|
|
41
41
|
```
|
|
42
42
|
|
|
43
43
|
[](https://youtu.be/G7iLUY4FzsI)
|
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.3.0@pwn
|
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
|
53
53
|
$ gem install --verbose pwn
|
|
54
54
|
$ pwn
|
|
55
|
-
pwn[v0.5.
|
|
55
|
+
pwn[v0.5.67]:001 >>> PWN.help
|
|
56
56
|
```
|
|
57
57
|
|
|
58
58
|
If you're using a multi-user install of RVM do:
|
|
@@ -62,7 +62,7 @@ $ rvm use ruby-3.3.0@pwn
|
|
|
62
62
|
$ rvmsudo gem uninstall --all --executables pwn
|
|
63
63
|
$ rvmsudo gem install --verbose pwn
|
|
64
64
|
$ pwn
|
|
65
|
-
pwn[v0.5.
|
|
65
|
+
pwn[v0.5.67]:001 >>> PWN.help
|
|
66
66
|
```
|
|
67
67
|
|
|
68
68
|
PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
|
data/bin/pwn
CHANGED
|
@@ -1,7 +1,6 @@
|
|
|
1
1
|
#!/usr/bin/env ruby
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
|
-
require 'base64'
|
|
5
4
|
require 'optparse'
|
|
6
5
|
require 'pwn'
|
|
7
6
|
require 'pry'
|
|
@@ -32,24 +31,6 @@ OptionParser.new do |options|
|
|
|
32
31
|
end.parse!
|
|
33
32
|
|
|
34
33
|
begin
|
|
35
|
-
def yaml_config_encrypted?(opts = {})
|
|
36
|
-
config = opts[:config]
|
|
37
|
-
|
|
38
|
-
config_contents = File.read(config)
|
|
39
|
-
config_contents.is_a?(String) && Base64.strict_encode64(Base64.decode64(config_contents)) == config_contents
|
|
40
|
-
end
|
|
41
|
-
|
|
42
|
-
def cleanup_pids(opts = {})
|
|
43
|
-
pids_arr = opts[:pids_arr]
|
|
44
|
-
|
|
45
|
-
pids_arr.each do |pid_line|
|
|
46
|
-
pid = pid_line[2].to_i
|
|
47
|
-
Process.kill('TERM', pid)
|
|
48
|
-
rescue Errno::ESRCH
|
|
49
|
-
next
|
|
50
|
-
end
|
|
51
|
-
end
|
|
52
|
-
|
|
53
34
|
def refresh_ps1_proc(opts = {})
|
|
54
35
|
mode = opts[:mode]
|
|
55
36
|
|
|
@@ -90,7 +71,7 @@ begin
|
|
|
90
71
|
end
|
|
91
72
|
end
|
|
92
73
|
|
|
93
|
-
# Pry Monkey Patches \_(
|
|
74
|
+
# Pry Monkey Patches \_(--)_/
|
|
94
75
|
class Pry
|
|
95
76
|
# Overwrite Pry::History.push method in History class to get duplicate history entries
|
|
96
77
|
# in order to properly replay automation in this prototyping driver
|
|
@@ -308,7 +289,7 @@ begin
|
|
|
308
289
|
Pry.config.hooks.add_hook(:before_session, :init_opts) do |_output, _binding, pi|
|
|
309
290
|
if opts[:yaml_config_path] && File.exist?(opts[:yaml_config_path])
|
|
310
291
|
yaml_config_path = opts[:yaml_config_path]
|
|
311
|
-
is_encrypted =
|
|
292
|
+
is_encrypted = PWN::Plugins::Vault.file_encrypted?(file: yaml_config_path)
|
|
312
293
|
|
|
313
294
|
if is_encrypted
|
|
314
295
|
# TODO: Implement "something you know, something you have, && something you are?"
|
|
@@ -321,12 +302,12 @@ begin
|
|
|
321
302
|
iv = opts[:iv] ||= yaml_decryptor[:iv] ||= ENV.fetch('PWN_DECRYPTOR_IV')
|
|
322
303
|
iv = PWN::Plugins::AuthenticationHelper.mask_password(prompt: 'Decryption IV') if iv.nil?
|
|
323
304
|
|
|
324
|
-
|
|
305
|
+
decrypted_yaml_config = PWN::Plugins::Vault.dump(
|
|
325
306
|
file: yaml_config_path,
|
|
326
307
|
key: key,
|
|
327
308
|
iv: iv
|
|
328
309
|
)
|
|
329
|
-
yaml_config = YAML.load(
|
|
310
|
+
yaml_config = YAML.load(decrypted_yaml_config, symbolize_names: true)
|
|
330
311
|
else
|
|
331
312
|
yaml_config = YAML.load_file(yaml_config_path, symbolize_names: true)
|
|
332
313
|
end
|
|
@@ -439,6 +420,6 @@ ensure
|
|
|
439
420
|
end
|
|
440
421
|
# pp grandkid_pids_arr
|
|
441
422
|
|
|
442
|
-
cleanup_pids(pids_arr: grandkid_pids_arr)
|
|
443
|
-
cleanup_pids(pids_arr: kid_pids_arr)
|
|
423
|
+
PWN::Plugins::PS.cleanup_pids(pids_arr: grandkid_pids_arr)
|
|
424
|
+
PWN::Plugins::PS.cleanup_pids(pids_arr: kid_pids_arr)
|
|
444
425
|
end
|
data/lib/pwn/plugins/ps.rb
CHANGED
|
@@ -47,6 +47,23 @@ module PWN
|
|
|
47
47
|
raise e
|
|
48
48
|
end
|
|
49
49
|
|
|
50
|
+
# Supported Method Parameters::
|
|
51
|
+
# PWN::Plugins::PS.cleanup_pids(
|
|
52
|
+
# pids_arr: 'required - array of pids to kill'
|
|
53
|
+
# )
|
|
54
|
+
public_class_method def self.cleanup_pids(opts = {})
|
|
55
|
+
pids_arr = opts[:pids_arr]
|
|
56
|
+
|
|
57
|
+
pids_arr.each do |pid_line|
|
|
58
|
+
pid = pid_line[2].to_i
|
|
59
|
+
Process.kill('TERM', pid)
|
|
60
|
+
rescue Errno::ESRCH
|
|
61
|
+
next
|
|
62
|
+
end
|
|
63
|
+
rescue StandardError => e
|
|
64
|
+
raise e
|
|
65
|
+
end
|
|
66
|
+
|
|
50
67
|
# Author(s):: 0day Inc. <request.pentest@0dayinc.com>
|
|
51
68
|
|
|
52
69
|
public_class_method def self.authors
|
|
@@ -61,6 +78,10 @@ module PWN
|
|
|
61
78
|
puts "USAGE:
|
|
62
79
|
proc_list_arr = #{self}.list
|
|
63
80
|
|
|
81
|
+
#{self}.cleanup_pids(
|
|
82
|
+
pids_arr: 'required - array of pids to kill'
|
|
83
|
+
)
|
|
84
|
+
|
|
64
85
|
#{self}.authors
|
|
65
86
|
"
|
|
66
87
|
end
|
data/lib/pwn/plugins/vault.rb
CHANGED
|
@@ -184,6 +184,21 @@ module PWN
|
|
|
184
184
|
raise e
|
|
185
185
|
end
|
|
186
186
|
|
|
187
|
+
# Supported Method Parameters::
|
|
188
|
+
# PWN::Plugins::Vault.file_encrypted?(
|
|
189
|
+
# file: 'required - file to check if encrypted'
|
|
190
|
+
# )
|
|
191
|
+
public_class_method def self.file_encrypted?(opts = {})
|
|
192
|
+
file = opts[:file].to_s.scrub if File.exist?(opts[:file].to_s.scrub)
|
|
193
|
+
|
|
194
|
+
raise 'ERROR: File does not exist.' unless File.exist?(file)
|
|
195
|
+
|
|
196
|
+
file_contents = File.read(file)
|
|
197
|
+
file_contents.is_a?(String) && Base64.strict_encode64(Base64.strict_decode64(file_contents)) == file_contents
|
|
198
|
+
rescue StandardError => e
|
|
199
|
+
raise e
|
|
200
|
+
end
|
|
201
|
+
|
|
187
202
|
# Author(s):: 0day Inc. <request.pentest@0dayinc.com>
|
|
188
203
|
|
|
189
204
|
public_class_method def self.authors
|
|
@@ -231,6 +246,10 @@ module PWN
|
|
|
231
246
|
iv: 'required - iv to decrypt'
|
|
232
247
|
)
|
|
233
248
|
|
|
249
|
+
#{self}.file_encrypted?(
|
|
250
|
+
file: 'required - file to check if encrypted'
|
|
251
|
+
)
|
|
252
|
+
|
|
234
253
|
#{self}.authors
|
|
235
254
|
"
|
|
236
255
|
end
|
data/lib/pwn/version.rb
CHANGED