pwn 0.5.74 → 0.5.75
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +3 -3
- data/lib/pwn/plugins/vault.rb +41 -13
- data/lib/pwn/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 1cba5aa01f8984c7ba1ce83fa78dc1d095b4d861396b9232ab3f76b3016006a3
|
4
|
+
data.tar.gz: 7f485302aa1bf96ce268673fb81b954146de4c2ccc9689019e7f511b2f9e025e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: f7f4289fa20980acead88c2fe8d4229e4e264fd19781b9bfe36992eeff5f9fecabbc8d90d65b508d0eee73ae0277d97a54818cf2c8f9eadac6fbf4ee6719bd05
|
7
|
+
data.tar.gz: 8ed257b5ecf62599422d90dea3fba4e2bf03a8bf5831e793cd91e2fc138bd5cecf820abd477b6f8689b55934e4d4629ab72c9387b62ec812ab35d881591a9bbc
|
data/README.md
CHANGED
@@ -37,7 +37,7 @@ $ cd /opt/pwn
|
|
37
37
|
$ ./install.sh
|
38
38
|
$ ./install.sh ruby-gem
|
39
39
|
$ pwn
|
40
|
-
pwn[v0.5.
|
40
|
+
pwn[v0.5.75]:001 >>> PWN.help
|
41
41
|
```
|
42
42
|
|
43
43
|
[![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.3.0@pwn
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
53
53
|
$ gem install --verbose pwn
|
54
54
|
$ pwn
|
55
|
-
pwn[v0.5.
|
55
|
+
pwn[v0.5.75]:001 >>> PWN.help
|
56
56
|
```
|
57
57
|
|
58
58
|
If you're using a multi-user install of RVM do:
|
@@ -62,7 +62,7 @@ $ rvm use ruby-3.3.0@pwn
|
|
62
62
|
$ rvmsudo gem uninstall --all --executables pwn
|
63
63
|
$ rvmsudo gem install --verbose pwn
|
64
64
|
$ pwn
|
65
|
-
pwn[v0.5.
|
65
|
+
pwn[v0.5.75]:001 >>> PWN.help
|
66
66
|
```
|
67
67
|
|
68
68
|
PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
|
data/lib/pwn/plugins/vault.rb
CHANGED
@@ -9,13 +9,13 @@ module PWN
|
|
9
9
|
# Used to encrypt/decrypt configuration files leveraging AES256
|
10
10
|
module Vault
|
11
11
|
# Supported Method Parameters::
|
12
|
-
# PWN::Plugins::Vault.
|
12
|
+
# PWN::Plugins::Vault.refresh_encryption_secrets(
|
13
13
|
# file: 'required - file to encrypt with new key and iv',
|
14
14
|
# key: 'required - key to decrypt',
|
15
15
|
# iv: 'required - iv to decrypt'
|
16
16
|
# )
|
17
17
|
|
18
|
-
def self.
|
18
|
+
def self.refresh_encryption_secrets(opts = {})
|
19
19
|
file = opts[:file].to_s.scrub if File.exist?(opts[:file].to_s.scrub)
|
20
20
|
key = opts[:key]
|
21
21
|
iv = opts[:iv]
|
@@ -29,6 +29,8 @@ module PWN
|
|
29
29
|
create(
|
30
30
|
file: file
|
31
31
|
)
|
32
|
+
rescue ArgumentError
|
33
|
+
raise 'ERROR: Incorrect Key or IV.'
|
32
34
|
rescue StandardError => e
|
33
35
|
raise e
|
34
36
|
end
|
@@ -67,8 +69,13 @@ module PWN
|
|
67
69
|
|
68
70
|
public_class_method def self.decrypt(opts = {})
|
69
71
|
file = opts[:file].to_s.scrub if File.exist?(opts[:file].to_s.scrub)
|
70
|
-
key = opts[:key] ||= PWN::Plugins::AuthenticationHelper.mask_password(
|
71
|
-
|
72
|
+
key = opts[:key] ||= PWN::Plugins::AuthenticationHelper.mask_password(
|
73
|
+
prompt: 'Key'
|
74
|
+
)
|
75
|
+
|
76
|
+
iv = opts[:iv] ||= PWN::Plugins::AuthenticationHelper.mask_password(
|
77
|
+
prompt: 'IV'
|
78
|
+
)
|
72
79
|
|
73
80
|
is_encrypted = file_encrypted?(file: file)
|
74
81
|
raise 'ERROR: File is not encrypted.' unless is_encrypted
|
@@ -82,8 +89,8 @@ module PWN
|
|
82
89
|
plain_text = cipher.update(b64_decoded_file_contents) + cipher.final
|
83
90
|
|
84
91
|
File.write(file, plain_text)
|
85
|
-
rescue
|
86
|
-
|
92
|
+
rescue ArgumentError
|
93
|
+
raise 'ERROR: Incorrect Key or IV.'
|
87
94
|
rescue StandardError => e
|
88
95
|
raise e
|
89
96
|
end
|
@@ -98,8 +105,14 @@ module PWN
|
|
98
105
|
|
99
106
|
def self.dump(opts = {})
|
100
107
|
file = opts[:file].to_s.scrub if File.exist?(opts[:file].to_s.scrub)
|
101
|
-
key = opts[:key]
|
102
|
-
|
108
|
+
key = opts[:key] ||= PWN::Plugins::AuthenticationHelper.mask_password(
|
109
|
+
prompt: 'Key'
|
110
|
+
)
|
111
|
+
|
112
|
+
iv = opts[:iv] ||= PWN::Plugins::AuthenticationHelper.mask_password(
|
113
|
+
prompt: 'IV'
|
114
|
+
)
|
115
|
+
|
103
116
|
search = opts[:search]
|
104
117
|
|
105
118
|
decrypt(
|
@@ -121,6 +134,8 @@ module PWN
|
|
121
134
|
)
|
122
135
|
|
123
136
|
file_dump
|
137
|
+
rescue ArgumentError
|
138
|
+
raise 'ERROR: Incorrect Key or IV.'
|
124
139
|
rescue StandardError => e
|
125
140
|
raise e
|
126
141
|
end
|
@@ -134,8 +149,14 @@ module PWN
|
|
134
149
|
|
135
150
|
def self.edit(opts = {})
|
136
151
|
file = opts[:file].to_s.scrub if File.exist?(opts[:file].to_s.scrub)
|
137
|
-
key = opts[:key]
|
138
|
-
|
152
|
+
key = opts[:key] ||= PWN::Plugins::AuthenticationHelper.mask_password(
|
153
|
+
prompt: 'Key'
|
154
|
+
)
|
155
|
+
|
156
|
+
iv = opts[:iv] ||= PWN::Plugins::AuthenticationHelper.mask_password(
|
157
|
+
prompt: 'IV'
|
158
|
+
)
|
159
|
+
|
139
160
|
editor = opts[:editor] ||= '/usr/bin/vim'
|
140
161
|
|
141
162
|
decrypt(
|
@@ -155,6 +176,8 @@ module PWN
|
|
155
176
|
key: key,
|
156
177
|
iv: iv
|
157
178
|
)
|
179
|
+
rescue ArgumentError
|
180
|
+
raise 'ERROR: Incorrect Key or IV.'
|
158
181
|
rescue StandardError => e
|
159
182
|
raise e
|
160
183
|
end
|
@@ -168,8 +191,13 @@ module PWN
|
|
168
191
|
|
169
192
|
public_class_method def self.encrypt(opts = {})
|
170
193
|
file = opts[:file].to_s.scrub if File.exist?(opts[:file].to_s.scrub)
|
171
|
-
key = opts[:key] ||= PWN::Plugins::AuthenticationHelper.mask_password(
|
172
|
-
|
194
|
+
key = opts[:key] ||= PWN::Plugins::AuthenticationHelper.mask_password(
|
195
|
+
prompt: 'Key'
|
196
|
+
)
|
197
|
+
|
198
|
+
iv = opts[:iv] ||= PWN::Plugins::AuthenticationHelper.mask_password(
|
199
|
+
prompt: 'IV'
|
200
|
+
)
|
173
201
|
|
174
202
|
cipher = OpenSSL::Cipher.new('aes-256-cbc')
|
175
203
|
cipher.encrypt
|
@@ -214,7 +242,7 @@ module PWN
|
|
214
242
|
|
215
243
|
public_class_method def self.help
|
216
244
|
puts "USAGE:
|
217
|
-
#{self}.
|
245
|
+
#{self}.refresh_encryption_secrets(
|
218
246
|
file: 'required - file to encrypt with new key and iv',
|
219
247
|
key: 'required - key to decrypt',
|
220
248
|
iv: 'required - iv to decrypt'
|
data/lib/pwn/version.rb
CHANGED