pwn 0.5.72 → 0.5.73
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +3 -3
- data/etc/pwn.yaml.EXAMPLE +5 -4
- data/lib/pwn/plugins/repl.rb +27 -14
- data/lib/pwn/plugins/vault.rb +2 -4
- data/lib/pwn/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 6d22687be26dd2efb462c08c0fd075f9d2b907a050e58ee01e765892e5654a01
|
4
|
+
data.tar.gz: 76ecf4144fccc062c20143cdaa773db2f5fad30bc2f63e6bca3a84e9c8421f76
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 0225e701ff060cbc35fa91038bf2a9603ea3596d355471a2c62b0c4ca08b645c45cf863d4e2f290bd2844d295ada836cfa1462a36f5da171961b3e22b00a0a2c
|
7
|
+
data.tar.gz: f70688109e619bdb2e0070734dfe4f3aa2dd1a55f3a2b2250fab45777d6a3bd30e2e4e7538bb5f6721a5a8dd5d2a3b7d743d08249d38296f5e2e9b3e79c0f036
|
data/README.md
CHANGED
@@ -37,7 +37,7 @@ $ cd /opt/pwn
|
|
37
37
|
$ ./install.sh
|
38
38
|
$ ./install.sh ruby-gem
|
39
39
|
$ pwn
|
40
|
-
pwn[v0.5.
|
40
|
+
pwn[v0.5.73]:001 >>> PWN.help
|
41
41
|
```
|
42
42
|
|
43
43
|
[![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.3.0@pwn
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
53
53
|
$ gem install --verbose pwn
|
54
54
|
$ pwn
|
55
|
-
pwn[v0.5.
|
55
|
+
pwn[v0.5.73]:001 >>> PWN.help
|
56
56
|
```
|
57
57
|
|
58
58
|
If you're using a multi-user install of RVM do:
|
@@ -62,7 +62,7 @@ $ rvm use ruby-3.3.0@pwn
|
|
62
62
|
$ rvmsudo gem uninstall --all --executables pwn
|
63
63
|
$ rvmsudo gem install --verbose pwn
|
64
64
|
$ pwn
|
65
|
-
pwn[v0.5.
|
65
|
+
pwn[v0.5.73]:001 >>> PWN.help
|
66
66
|
```
|
67
67
|
|
68
68
|
PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
|
data/etc/pwn.yaml.EXAMPLE
CHANGED
@@ -3,9 +3,10 @@
|
|
3
3
|
ai_engine: 'openai'
|
4
4
|
|
5
5
|
openai:
|
6
|
-
key: 'OpenAI API Key'
|
6
|
+
key: 'required - OpenAI API Key'
|
7
|
+
model: 'optional - OpenAI model to use'
|
7
8
|
|
8
9
|
ollama:
|
9
|
-
fqdn: 'FQDN for Open WebUI - e.g. https://ollama.local'
|
10
|
-
key: 'Open WebUI API Key Under Settings >> Account >> JWT Token'
|
11
|
-
model: 'Ollama model to use'
|
10
|
+
fqdn: 'required - FQDN for Open WebUI - e.g. https://ollama.local'
|
11
|
+
key: 'required - Open WebUI API Key Under Settings >> Account >> JWT Token'
|
12
|
+
model: 'required - Ollama model to use'
|
data/lib/pwn/plugins/repl.rb
CHANGED
@@ -38,8 +38,13 @@ module PWN
|
|
38
38
|
end
|
39
39
|
|
40
40
|
if pi.config.pwn_ai
|
41
|
-
pi.config.
|
42
|
-
|
41
|
+
ai_engine = pi.config.pwn_ai_engine
|
42
|
+
model = pi.config.pwn_ai_model
|
43
|
+
pname = "pwn.ai:#{ai_engine}"
|
44
|
+
pname = "pwn.ai:#{ai_engine}/#{model}" if model
|
45
|
+
pname = "pwn.ai:#{ai_engine}/#{model}.SPEAK" if pi.config.pwn_ai_speak
|
46
|
+
pi.config.prompt_name = pname
|
47
|
+
|
43
48
|
name = "\001\e[1m\002\001\e[33m\002#{pi.config.prompt_name}\001\e[0m\002"
|
44
49
|
dchars = "\001\e[32m\002>>>\001\e[33m\002"
|
45
50
|
dchars = "\001\e[33m\002***\001\e[33m\002" if mode == :splat
|
@@ -180,20 +185,27 @@ module PWN
|
|
180
185
|
yaml_config = YAML.load_file(yaml_config_path, symbolize_names: true)
|
181
186
|
end
|
182
187
|
|
188
|
+
valid_ai_engines = %i[
|
189
|
+
openai
|
190
|
+
ollama
|
191
|
+
]
|
183
192
|
ai_engine = yaml_config[:ai_engine].to_s.to_sym
|
193
|
+
|
194
|
+
raise "ERROR: Unsupported AI Engine: #{ai_engine} in #{yaml_config_path}" unless valid_ai_engines.include?(ai_engine)
|
195
|
+
|
184
196
|
pi.config.pwn_ai_engine = ai_engine
|
185
|
-
|
186
|
-
|
187
|
-
|
188
|
-
|
189
|
-
pi.config.pwn_ai_key = yaml_config[:ollama][:key]
|
190
|
-
Pry.config.pwn_ai_fqdn = yaml_config[:ollama][:fqdn]
|
191
|
-
Pry.config.pwn_ai_model = yaml_config[:ollama][:model]
|
192
|
-
else
|
193
|
-
raise "ERROR: Unsupported AI Engine: #{ai_engine} in #{yaml_config_path}"
|
194
|
-
end
|
197
|
+
Pry.config.pwn_ai_engine = ai_engine
|
198
|
+
|
199
|
+
pi.config.pwn_ai_fqdn = yaml_config[ai_engine][:fqdn]
|
200
|
+
Pry.config.pwn_ai_fqdn = yaml_config[ai_engine][:fqdn]
|
195
201
|
|
196
|
-
|
202
|
+
pi.config.pwn_ai_key = yaml_config[ai_engine][:key]
|
203
|
+
Pry.config.pwn_ai_key = yaml_config[ai_engine][:key]
|
204
|
+
|
205
|
+
pi.config.pwn_ai_model = yaml_config[ai_engine][:model]
|
206
|
+
Pry.config.pwn_ai_model = yaml_config[ai_engine][:model]
|
207
|
+
|
208
|
+
true
|
197
209
|
end
|
198
210
|
end
|
199
211
|
|
@@ -241,10 +253,11 @@ module PWN
|
|
241
253
|
|
242
254
|
response_history = pi.config.pwn_ai_response_history
|
243
255
|
speak_answer = pi.config.pwn_ai_speak
|
256
|
+
model = pi.config.pwn_ai_model
|
257
|
+
|
244
258
|
case ai_engine
|
245
259
|
when :ollama
|
246
260
|
fqdn = pi.config.pwn_ai_fqdn
|
247
|
-
model = pi.config.pwn_ai_model
|
248
261
|
|
249
262
|
response = PWN::Plugins::Ollama.chat(
|
250
263
|
fqdn: fqdn,
|
data/lib/pwn/plugins/vault.rb
CHANGED
@@ -168,10 +168,8 @@ module PWN
|
|
168
168
|
|
169
169
|
public_class_method def self.encrypt(opts = {})
|
170
170
|
file = opts[:file].to_s.scrub if File.exist?(opts[:file].to_s.scrub)
|
171
|
-
key = opts[:key]
|
172
|
-
iv = opts[:iv]
|
173
|
-
|
174
|
-
raise 'ERROR: key and iv parameters are required.' if key.nil? || iv.nil?
|
171
|
+
key = opts[:key] ||= PWN::Plugins::AuthenticationHelper.mask_password(prompt: 'Key')
|
172
|
+
iv = opts[:iv] ||= PWN::Plugins::AuthenticationHelper.mask_password(prompt: 'IV')
|
175
173
|
|
176
174
|
cipher = OpenSSL::Cipher.new('aes-256-cbc')
|
177
175
|
cipher.encrypt
|
data/lib/pwn/version.rb
CHANGED