PWN::Plugins::Vault module - protect sensitive artifacts when presenting

ninp0 · ninp0 · commit 906e6008cb12 · 2024-03-26T16:22:40.000-06:00
diff --git a/README.md b/README.md
@@ -37,7 +37,7 @@ $ cd /opt/pwn
 $ ./install.sh
 $ ./install.sh ruby-gem
 $ pwn
-pwn[v0.5.73]:001 >>> PWN.help
+pwn[v0.5.74]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.3.0@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.5.73]:001 >>> PWN.help
+pwn[v0.5.74]:001 >>> PWN.help
 ```
 
 If you're using a multi-user install of RVM do:
@@ -62,7 +62,7 @@ $ rvm use ruby-3.3.0@pwn
 $ rvmsudo gem uninstall --all --executables pwn
 $ rvmsudo gem install --verbose pwn
 $ pwn
-pwn[v0.5.73]:001 >>> PWN.help
+pwn[v0.5.74]:001 >>> PWN.help
 ```
 
 PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`.  The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
diff --git a/lib/pwn/plugins/vault.rb b/lib/pwn/plugins/vault.rb
@@ -67,10 +67,8 @@ def self.change_encryption_secrets(opts = {})
 
       public_class_method def self.decrypt(opts = {})
         file = opts[:file].to_s.scrub if File.exist?(opts[:file].to_s.scrub)
-        key = opts[:key]
-        iv = opts[:iv]
-
-        raise 'ERROR: key and iv parameters are required.' if key.nil? || iv.nil?
+        key = opts[:key] ||= PWN::Plugins::AuthenticationHelper.mask_password(prompt: 'Key')
+        iv = opts[:iv] ||= PWN::Plugins::AuthenticationHelper.mask_password(prompt: 'IV')
 
         is_encrypted = file_encrypted?(file: file)
         raise 'ERROR: File is not encrypted.' unless is_encrypted
@@ -84,6 +82,8 @@ def self.change_encryption_secrets(opts = {})
         plain_text = cipher.update(b64_decoded_file_contents) + cipher.final
 
         File.write(file, plain_text)
+      rescue ArgumentError
+        raise 'Invalid Key or IV.'
       rescue StandardError => e
         raise e
       end
@@ -168,10 +168,8 @@ def self.edit(opts = {})
 
       public_class_method def self.encrypt(opts = {})
         file = opts[:file].to_s.scrub if File.exist?(opts[:file].to_s.scrub)
-        key = opts[:key]
-        iv = opts[:iv]
-
-        raise 'ERROR: key and iv parameters are required.' if key.nil? || iv.nil?
+        key = opts[:key] ||= PWN::Plugins::AuthenticationHelper.mask_password(prompt: 'Key')
+        iv = opts[:iv] ||= PWN::Plugins::AuthenticationHelper.mask_password(prompt: 'IV')
 
         cipher = OpenSSL::Cipher.new('aes-256-cbc')
         cipher.encrypt
diff --git a/lib/pwn/version.rb b/lib/pwn/version.rb
@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.5.73'
+  VERSION = '0.5.74'
 end
