If X509_Certificate::allowed_usage was called with more than one Key_Usageset in the enum value, the function would return true if any of the allowedusages were set, instead of if all of the allowed usages are set.GH #591 (CVE-2016-6879)
AScaner 1.9.9 [2016]
CVE-2016-2849 DSA and ECDSA used a modular inverse function whichhad input dependent loops. It is possible a side channel attack onthis function could be used to recover sufficient information aboutthe nonce k to mount a lattice attack and recover the private key.Found by Sean Devlin.
CVE-2016-2850 The TLS client did not check that the signaturealgorithm or ECC curve a v1.2 server used was actually acceptable bythe policy. This would allow a server who ignored the preferencesindicated in the client to use a weak algorithm, and may allow MITMattacks by an attacker who can break MD5 signatures or 160 bit ECCin real time. The server similarly failed to check on the hash aclient used during client certificate authentication.
The CVE-2016-2195 overflow is not exploitable in 1.10.11 due to anadditional check in the multiplication function itself which wasalso added in that release, so there are no security implicationsfrom the missed check. However to avoid confusion the change waspushed in a new release immediately.
As of September 9th, 2019 the following is the history of Pwnix Releases as reflected in the /opt/pwnix/chef/CHANGELOG file2019-09-09 -- version 1.9.19General:- Remove Louis gem (from public repo) dependency- Use patrous_fati gem from Pwnieexpress GitHub and not public Ruby gem repo- Remove portly2019-08-29 -- version 1.9.18General:- Perform backup before px-system-update- BlueHydra to sync all devices to Pulse and perform hard_reset before each sync- Hermes - renew expired certificates2019-06-25 -- version 1.9.17General:- Fix insight_api/api_endpoints/vulnerability_scanner.rb for px-openvas-report-fallback- Discard "N/A - Random Address" in BlueHydra scan2019-05-12 -- version 1.9.16General:- Fix OpenVas connection check in px-connection-dr script- Make use of /etc/lsb-release.conf file to determine OS version codename- Changes required for kalirepo update2019-01-16 -- version 1.9.15General:- GPG key expired on updates server- Created new key, signed images, replaced public key2018-06-05 -- version 1.9.14General:- Fix AD integration insight api plugin- Prune OpenVAS plugins after upgrade- Cleanup AD integration on deregistration from Pulse2018-04-09 -- version 1.9.13General:- Fix AD integration status reporting- Fix PwnScan and BlueHydra config parsing from Pulse- Fix update endpoint used by Pulse2018-04-06 -- version 1.9.12General:- Fix configuration updates for reverse shells from Pulse- Fix status reporting of shells to Pulse2018-04-02 -- version 1.9.11General:- InsightAPI ...updated local UI- InsightAPI fixed all reverse shells- InsightAPI added HTTP and Proxy type shells- InsightAPI added user management- Make reverse shells more reliable- Remove color from scripts exposed through web interface- Add ability to completely disable OpenVAS- Add error handling to system health check- Fix passive recon's OS detection log- Fix passive recon's HTTP log- PwnScan add current scans to context- PwnScan confirm IP rolled when coming from passive arp- PwnScan increase arpscan speed- Fix updating over reverse shells- Update all Ruby gems- PF dont respect AP updates that try to change bands2018-03-01 -- version 1.9.10General:- BlueHydra fix btmon parsing due to bitrot- BlueHydra info scan rate changed to 4 min from 1 minute- BlueHydra 3 minute granularity, sync every 3 minutes- BlueHydra stop unknown company_data flapping- BlueHydra prevent from DDOSing cloud with runtime failue loops- Remove CWIPS from updates- Remove Trihard from updates- Fix OpenVAS status endpoint in insight- Update PX scripts to properly hit insight endpoints- Remove kali1 migrations (shells)- Kismet slow down channel hopping- No longer install radiotap-signals- PwnScan fix OpenVAS endpoint- PF Handle multiple cloaked SSIDs- PF Add signal threshold for client and AP detection- PF Disregard channel 0- PF reduce message flapping2018-02-07 -- version 1.9.9General:- Fix upstream Kali key from improper rolling2018-01-12 -- version 1.9.8General:- Sensor Notifications adjust throttle to 1 per minute per event- Upgrade to Ruby 2.3.6- PwnScan add IP context cache for smarter scanning- PwnScan track dirty attributes; cache hook, change integrity check- PwnScan throttle remote target notifications once per run- PwnScan abstract DM rescues to function call instead of manual rescues everywhere- PwnScan fix dark magic voodoo nmap timeout parsing for smaller queues- PwnScan lower subnet scan timeout to 120- PwnScan smarter sync throttling to further prevent cloud race condition- PwnScan sync thread reduced to every 12 hours from every 1 hour- PwnScan add config flag for intrusive scans to be turned off- BlueHydra make sensor events optional for open source users- BlueHydra update parser to handle new version of BlueZ- BlueHydra automatically reject obviously bad data and warn- CWIPS handle disconnection from Kismet- CWIPS minor parse improvementMobile:- Dont install ifplugd2017-12-08 -- version 1.9.7General:- Remove Ardennais Plus definition- Add Shire and Shire Plus definitions- AtCtMon Validate db is sane- AtCtMon quiet the no modem error- AtCtmon fix the failed lookup errors- AtCtMon update the lookup table- AtCtMon reset the dongle every 3 hours instead of 8- Limit RAM usage for Kismet and Openvas-scanner- Added intel microcode for ardennais and shire errata- PwnScan add port confidence for weighted updates- PwnScan retry checks for fatal network failures at runtime- PwnScan "fix" sprintf on incomplete packets for passive arp- PwnScan downgrade troubleshooting output from warn to debug- PwnScan move tsa line warning- Watchdog will restart if unable to map 50M RAM- PatFat updated to avoid microsecond race- Openvas pause scans during update and resume after- CWIPS improve parsing- CWIPS move warning to more useful place- Openvas pause before updating and resume after2017-11-17 -- version 1.9.6General:- Bump Patfat version to fix errors in log- Sensor Notifications - gather version at startup to avoid OOM while processing OOM notifications- PwnScan/DHCP0f fix domain parsing/passing- PwnScan throw out invalid looking domain_names passed from DHCP0f- PwnScan fix in logic during port fingerprint analysis- PwnScan add explicit passive cache deletion for remote hosts on save model hook- More properly ban kernel 4.9, additionally ban 4.12- Remove non-existant unused package xtables-addons-common from the install list- Revert improper removal of non systemd support2017-11-03 -- version 1.9.5General:- AtCtMon bandaid- Hermes rescue broken connections to keep logs cleaner- InsightAPI ensure directories exist- Remove dead SMS code- Fix service wants/requires in systemd- Remove unneeded GPSD package on fixed sensors- Trihard config validation- Remove Kali 1 support- BlueHydra consistency check on DB- InsightAPI config validation fix- Pwnix Service files cleanup- Add Watchdog- Dhcp0f ignore failure- Dhcp0f pass domain name if available- PwnScan weight hostname- PwnScan parse domain name from dhcp into fqdn when possible- PwnScan speed up slowest db access by a factor of 5- PwnScan ensure 0.0.0.0 hosts are set offline- PwnScan bring passive arp back into targets- PwnScan intelligent IP handling from passive dhcp- PwnScan hosts unthrottled on meaningful changes- PwnScan arp_up savior added- PwnScan stop port fingerprint flapping from time data- PwnScan extra sync measures to prevent cloud CDP race condition- PwnScan disable dns resolution when not required- Patfat Include last_visible time with SSIDs- Patfat Include whether it is likely that an AP is broadcasting multiple SSIDs (as opposed to transitioning to another SSID)- Patfat Do not expire the last SSID an AP has to reduce flapping (will still be removed when it's presence rotates out after two hours)- Patfat Fix race with two last_visible calls that extremely rarely may cause a nil exception- Patfat Fix nil check issue when an item has expired but we're still trying to identify how long it was visible for2017-09-28 -- version 1.9.4General:- PwnScan fix mark online call- PwnScan pass score for best device_type match2017-09-27 -- version 1.9.3General:- Blue Hydra stun database instead of cause backlog- Blue Hydra cleanup ancient stuff from db (lowers RAM usage slightly)- CWIPS add wireshark 2.4 support- CWIPS slightly modify hop/xmit pattern- PwnScan dhcp0f and fingerbank support- PwnScan port timeout detection improvement- PwnScan host inspection queue push/pop reorder- PwnScan status thread poke recently offline hosts2017-08-24 -- version 1.9.2General:- Blue Hydra must be root to start- Blue Hydra CUI filtering *glory*- CWIPS add new prevention rules- Remove deprecated sshd_config options- Make automated testing available on sensor with gusto- Remove OpenVAS temporary tasks when not needednoise from PXT- Add sensor events to PXT- Deregistration / cleanup.sh restart insight last- Re-add aircrack-ng for EvilAP- PwnScan improve matching logic - split local and remote, refine local rules further- PwnScan add host inspection thread/queue/scan for individual host scanning- PwnScan auto detect host (port) scan timeouts and inspect host further- PwnScan improve host status checking- PwnScan improve port scan used for port savior checking - stops port flapping- PwnScan fix host OS updating around OS info (accuracy vs source ranking)- PwnScan inspect hosts based on status changes- PwnScan drop all scan timeouts- PwnScan improve service scan accuracy- PwnScan stop SMB vuln detection from creating cloud side duplicates for new records- Fix OpenVAS provisioning for Kali 1- Bump Louis version: update OUI database, minor performance improvements- CWIPS - Add channel verification- CWIPS - Add RSSI API- BlueHydra - Add RSSI API- Trihard - Consume rssi api from cwips and bluehydra- Hermes handle and shame failed insight calls which return no dataMobile:- Actually export Blue Hydra in CSV2017-07-21 -- version 1.9.1General:- MOTD last thing done on update- Diasble older SSL connection options Hermes & Connection Dr- PwnScan blob targets uniq fix- Ease upgrade of hosts which upgraded from Kali 1- Prevent chef from updating more than once a day- Add cwips events for demo purposesMobile:- Remove too specific deps on libbtbb and libubertooth2017-07-17 -- version 1.9.0General:- InsightAPI AdNauseam rename fix- InsightAPI expand permitted update pack target names- px connection dr stop testing things we dont connect to- OpenVAS submit report ourselves if it fails to- OpenVAS remove --deep, dangerous and mostly untested- px update openvas update OpenVAS9- fix pwnscan.service to actually run netvalid prestart- autorun dist-upgrade after adding Pwnie debian repo- restart redis immediately on upgrade- PwnScan fix vlan helper IPAddr include? bug- PwnScan fix port flapping bug- PwnScan add more fatal notifications- PwnScan add eth0 check, add overlapping target check- make update slightly quieter- make update more resiliant to dpkg failures- downgrade broken kernels- kernel safety check to ensure broken kernel isnt installed- fix logic bug forcing reinstallation of ruby dev every update- improve logic for kernel change reboots2017-07-10 -- version 1.8.10General:- Minor fix to ruby development check- Minor fixes to gold image script- Tweak to openvas update logic (what utility gets run)- Don't log martian packets- Don't manipulate legacy service unless required2017-07-06 -- version 1.8.9General:- Add Trihard alpha- Add CWIPS public beta- Rename AdNauseam- Catch oom errors and exit when possible- Update for OpenVAS9- Realtime Wireless drop sqlite internally- Realtime Wireless vast performance improvments- Realtime Wireless now tracking wireless assets over a longer period of time- Realtime Wireless assets now have an internal history, allowing more reliable logic on their uptime and state- Realtime Wireless more reliably track client's probes- Realtime Wireless adjusted connection logic to reduce noise and false connections- Realtime Wireless added comprehensive test coverage over all business logic- Vuln Scan minor adjustments to client library to handle unexpected disconnects- Prevent vuln scan from triggering errors in insight's logs- Ensure OpenVAS is restarted after database migrations- Add safety checks and notifications to sensor upgrade- Only permit sensor to update to the same version once per day- BlueHydra add sensor notifications for errors- BlueHydra remove excessive sync to pulse- Hermes expose currently running jobs through process names- Pwnix utils add sensor notifications- Px subnet info (re)add sensor's non-normalized IP- Px troublshooter show top 5 memory users, up from 2- Pwnix chef add sensor notifications- Fix sensor notificaiton rate limiting- Bump nmap version- Send event crashes wont propegate to code that includes it- Insight plugin cleanup and fixes- PwnScan large refactor, performance optimizations- PwnScan newly created host save relationships at sync- PwnScan validate sensors network configuration in systemd pre-start- PwnScan use iNotify- PwnScan port closing bug fix- PwnScan newly created host double status check bug fix- PwnScan status thread lookalike bug fix- PwnScan passive arp offline host creation bug fix- PwnScan deduplicate macs at startup- PwnScan enforce macs are unique across all records while creating and updating- PwnScan resultsprocessor ignore single IP targets in set_hosts_offline- PwnScan fix changed to reflect changed not last_seen in attribute meta- PwnScan reorder + add in reliable attributes to also consider in matching- PwnScan track targeted hosts with passive arp too- PwnScan scan queue wont allow overlapping CIDRs- PwnScan removes dead targets from queue if config changes- PwnScan fix nmap smb vuln parsing after nmap verison bump2017-05-26 -- version 1.8.8General:- Chef cleanup warnings- Chef disabled services now masked- Hermes handle unified config messages from Pulse- Hermes sync time to pulse on connection- InsightAPI add network_info to system properties- InsightAPI add config valid check for PwnScan in system properties- InsightAPI write status file when updating Pulse- InsightAPI multiple Ruby 1.9 fixes- sync_properties handle corrupt properties file- add SensorEvents (Pulse SensorNotifications)- px-connection-dr now validates sni MITM- px-subnet-info add json mode and normalize subnet- px-system-id add hardware detection- BlueHydra fix various warnings- PwnScan prevent multiple instances from running concurrently- PwnScan add timestamps to all attributes_meta (includes startup migration)- PwnScan remove redundant less accurate data (os version)- PwnScan add attribute meta reset- PwnScan stop shipping os_accuracy to Pulse (its unused)- PwnScan add sensor notifications- PwnScan add fatal error for no valid px-subnet-info data- PwnScan add in_targets boolean on network hosts- PwnScan dont send to pulse while starting- PwnScan dont sync to pulse unless there is a reason to- PwnScan simplify marking hosts online, offline and duplicate- PwnScan format hostnames consistently- PwnScan merge smb-os script data with nmaps os data instead of overriding- PwnScan remove discovery and service scans in favor of smb-os-service scan to reduce inaccurate data and simplify matching- PwnScan only rewrite the config if it changed and fix target validation and remove old keys- PwnScan remove expensive db query for debug log- PwnScan bump version and fix spec- PwnScan dont double send hard reset- PwnScan refactor vulnscan thread and add vulnscan flush- PwnScan simplify passive arp offliner- PwnScan allow status thread to mark hosts in target subnet online as well as offline- PwnScan allow_match consistency check- PwnScan rename variables from reserved words2017-05-02 -- version 1.8.7General:- CWIPS fix kismet integration- Patfat remove sqlite db- Vulnscan dont scan when OpenVAS considers a target invalid- px-subnet-info more safety checks- px-system-id get MACs from wizard not macchanger due to macchanger bug- px-system-id get specific ssd serials, not a jumble of all of them- PwnScan add gateway_ip,gateway_mac,interface detected on, vlan detected on, subnet detected on- PwnScan avoid double sync_to_pulse on new host creation to avoid cloud race- PwnScan validate network information and cache when reading in- Add Ardennais PlusMobile:- fix freeradius wpe configs- read MAC address through wizardry instead of macchanger2017-04-21 -- version 1.8.6General:- Tags were incorrectly applied to repos2017-04-21 -- version 1.8.5General:- insight_api send up system information for all registered sensors- insight_api add Credential Request plugin- px_subnet_info add gateway MAC when available- add Pwnie apt repository- PatFat correctly parse encryption type- PatFat detect WPS properly- AdNauseam beta (v0.0.2) Pulse + Credential management- px-subnet-info fix several bugs- PwnScan fix passive arp reply parsing- PwnScan add cache for network information + warnings- PwnScan add discovered_by Network Host model- PwnScan add IP validation on Network Host model- PwnScan more reliably pass source for attributes meta- PwnScan only actively scan things in targets- PwnScan default logger to info to surpress early debug log leakage- PwnScan use passive arp to offline hosts not in targets- PwnScan passive arp only used for hosts outside of targets- PwnScan automatically create new DB if DB is corrupt- PwnScan fix network config warnings and elevate to error- PwnScan validate host offline if possible not just missing from scan results2017-04-04 -- version 1.8.4General:- PwnScan fix for non-scoped targets- PwnScan more information for non-scoped targets- CWIPS alpha with channel control2017-03-31 -- version 1.8.3General:- add AdNauseam alpha- add Cool WIPS alpha- blue_hydra add sighup support for logrotation- blue_hydra lower severity of debug message- blue_hydra fix service data leaking into service name- hermes fix tests, code cleanup, dead code removal- hermes fixing breaks in read threads- insight drop direct manipulation of Pwnscan config file- insight fix crash when scanned by OpenVAS- realtime wireless add safelogger- px troubleshooter add new services and top memory users- insight, patfat - fix logrotate- blue_hydra, pwnscan - add logrotate- pwnscan add config validate mode- pwnscan handle sighup rereads config and reinits logger- pwnscan replace magic with standardized deep magic- pwnscan fix to work on moto- pwnscan remove local and remote targets in favor of targets- pwnscan fix discovery scan to scan things in db- pwnscan initial discovery scan blocks like it was intended to- pwnscan another hard reset on update - simple vulnscan was bad- massively update ruby gems in useMobile:- fix typo in kismet one touch script2017-03-17 -- version 1.8.2General:- debian needs ifupdown to configure network interfaces but somehow it isn't default2017-03-15 -- version 1.8.1General:- w3af-console is no longer found in Packages upstream- drop some unneeded packages2017-02-09 -- version 1.8.0General:- px-subnet-info -l add vlan information- px-subnet-info show eth0 subnet by default- PwnScan add optional offline all cloud network hosts at first run after update- PwnScan process arp replies correctly- PwnScan dont clobber mac addresses- PwnScan remove unused ip_addresses function- PwnScan cache interface/vlan info- PwnScan process and handle vlan tags properly- PwnScan add warnings for unusual (broken) network configurations- PwnScan do not delete duplicate hosts - mark ineligible for matching- PwnScan pass interface flag to arpscan- PwnScan add pwnix management interface to blacklist dynamically at startup- PwnScan handle known IP matching corner cases- PwnScan add logging to identify source of host duplication- PwnScan fix "evalute" function typo- PwnScan deterministicly choose exact duplicate hosts in weightedmatcher- PwnScan send up hard reset if duplicate hosts found- PwnScan send up a sync (reset) to offline all not in current DB at start- PwnScan handle passive arp correctly- PwnScan only union remote and local targets since pulse cannot set targets directly- PwnScan offline duplicate IP hosts2017-01-27 -- version 1.7.30General:- atctmon: send reset to pulse when first started to ensure old data can be cleaned up- blue_hydra: send reset to pulse when first started to ensure old data can be cleaned up- blue_hydra: add icon- blue_hydra: adjust scanning script to logfile name- insight_api: Fix subnet matching- updates: restart kismet whenever the update restart realtime wireless- realtime_wireless: use kismet timing information to drop pre-cached data2016-12-28 -- version 1.7.29bGeneral:- refactor service disabling- update spec2016-12-26 -- version 1.7.29aGeneral: improve service disabling to only happen when needed2016-12-23 -- version 1.7.29General:- px-subnet-info: -i updated to only show if we have an interface- backup script: add default file name with date- pwnscan: sync_version support- pwnscan: prevent IPV6 addresses from being used in the VlanHelper- disable clamav services due to logs filling the drive- do not add metasploit by default on fixed line2016-12-12 -- version 1.7.28General:- atctmon: sync data to pulse at startup- atctmon: add sync_version to pulse data- blue_hydra: fix developer console- px-subnet-info: improve -i flag- pwnscan: specify interface for nmap scans- pwnscan: automatically determine local vs remote subnets- pwnscan: add rake task to offline hosts- vulnscan: safer renewal of certificates- openvas: fix auto cert renewal time logic- spec: fix typo in spec introduced in 1.7.27 for kali1 sensors- spec: remove tests that don't apply to packages that we don't touch- update.sh: better testing for installed packages- update.sh: keep locale fixing non-interactive- realtime_wireless: better dealing with timestamps from kismet- realtime_wireless: bad data from kismet won't stop the service2016-12-05 -- version 1.7.27General:- insight: Add in support for radiotap- insight: Disconnect redis from openvas service control- insight: Fix reverse SSH over SSL- insight: Minor copy fix on shell names- insight: Fix system blacklist updating- px-subnet-info: Add -i flag for showing interface / subnet- redis: Moved to general service, not vuln scan specific- Remove chkconfig, on kali 2- Remove SET and manatoolkit on fixed lines- vulnscan: Allow database rebuilds to fail when updating (safety mechanism)- pwnscan: Send vulnerabilities for open smb shares on network hosts- receiver script: updates and fixes2016-11-18 -- version 1.7.26General:- insight: Make registration log available- insight: Some language display adjustment around Pulse registration- insight: Tweak to service control to prevent running start scripts when the service is already running.- openvas: Added automatic certificate renewal system to help keep OpenVAS stable.- Disable intel bt in preference for using the sena2016-11-11 -- version 1.7.25General:- atctmon: import world mcc/mnc list from wikipedia- atctmon: add pulse reset- image-prep: rm kali upgrade backup file- kali-rolling: auto upgrade from kali 1 (fixed line only)- patfat: bump to version 0.9.22- patfat: changed SSID expiration to 600s- patfat: included kismet alert type information- patfat: output useful error when failed to save SSIDMobile:- evilap: fix log creation of active clients when quitting2016-11-04 -- version 1.7.24General:- cleanup vulnscans when running cleanup script- cleanup.sh only remove history from homedirs- fix typo in pwnix_kismet_server- px-troubleshooter: force text mode when parsing log files- update kali-rolling upgrade scriptMobile:- evil_ap: fancy new ui2016-10-25 -- version 1.7.23bGeneral:- fix rspec to not test gnokii-smsd2016-10-24 -- version 1.7.23General:- rename Sophia to Ardennais- px-troubleshooter: truncate update.log- passive_recon service: switch dsniff to ettercap and fix logging- update.sh: set locale if unset- update.sh: ease transition to https repo automatically- remove gnokii-smd package for kali rollingMobile:- add AOPP product- px-connection-dr: do not test openvas stuff- evilap: fix double/triple cleanup to ensure multiple runs work properly- evilap: add noise so it's obvious what is happening2016-10-14 -- version 1.7.22General:- hermes: support dispatch stunning- debug-pack: add xz compression- debug-pack: only search rootfs for large files- insight: add debug pack function- insight: add connection dr function- insight: add system-health function- insight: reorg navigation and page structure to match pulse use case- insight: add admin page with functions- insight: alert user when default password has not been changed- insight: improve documentation2016-10-07 -- version 1.7.21General:- blue_hydra: add pulse debug option- blue_hydra: add sync_version- blue_hydra: update corelation process- blue_hydra: add reset for starting with empty DB- blue_hydra: add support for agressive RSSI syncing- blue_hydra: handle SIGINT better- cleanup.sh: restart insight to deal with logging issues- pwnscan: protect against missing values in custom script xml- realtime_wireless: send up periodic status messages for devices we have seen in last 5 minutes- nac bypass: overhaul nac bypass scripts to support kali rolling- kail rolling upgrade: ensure systemd is installed- minor logfile fix for update scriptMobile:- evil_ap: switch from dhcpd to dnsmasq- ssl_strip: change default interface for new evil ap support- wifite: use aircrack instead of tshark to find handshakes- blue_hydra: fixed CUI for mobile line2016-09-09 -- version 1.7.20General:- blue_hydra: handle already dead threads- blue_hydra: supress known l2ping errors- blue_hydra: fix path for corrupt database recovery- insight: get service status from exit code- insight: v1 update now calls v2- px-subnet-info: fix and add -a flag- px-system-update: fix for new syntax- px-update-blacklist: update path to pwnscan.json- pwnscan: prevent syncing test data to pulse- update: switch to https- update: better testing for missing packages- update: use --reinstall to fix broken critical packages- update: fix bugs caused by system-setup migration- kismet: add regular check for health, restarting the service when it fails2016-08-26 -- version 1.7.19General:- blue_hydra: properly test for ubertooth and reflect status in CUI- blue_hydra: set mode type from parser and enforce default values- blue_hydra: fix offlining bug for devices detected by ubertooth- blue_hydra: fix call absolute path call to ubertooth-util- fix kali-rolling to use dist-upgrade instead of upgrade- syntax improvements and code cleanup for update.sh & run-chef-solo.sh- fix bug with remounting system read-only- merge system-setup.sh into update.shMobile:- automatically detect when wifi devices labels are switched- automatically run 'dpkg --configure -a' as needed during update- evilap.sh: fix regresion on AOPP- nmap_scan.sh: specify interface2016-08-19 -- version 1.7.18bGeneral:- pwnscan: drop nbtscan due to mis-corelation issues2016-08-19 -- version 1.7.18aGeneral:- insight: fix pwnscan config migration when pwnscan is off during migration2016-08-19 -- version 1.7.18General:- blue_hydra: ubuntu path fix for bluez test scripts- blue_hydra: add 'q' to quit to cui- blue_hydra: default cui sort order to 'seen at'- blue_hydra: nil logger support- insight: properly check which init system to use for managing services- insight: added a service target to update kali-rolling sensors- px-troubleshooter: truncate logs to show only last 100 lines- kali-rolling switch to QA'd repos- pwnscan: add nbtscan support- pwnscan: extract fqdn from SMB OS detection script to use as hostname- pwnscan: tell me i'm frozen but what can i do- pwnscan: only kill threads that exists (haven't crashed)- pwnscan: deduplicate SMB and Service scans and prioritize SMB queue to improve rate of SMB OS detection script runs- patronus fati: limit active ssids per bssid- update script: fix locking to prevent running update script multiple times- update script: don't run fix_apt code unless absolutely neededMobile:- evilap: fix non AOPP regression2016-07-29 -- version 1.7.17General:- blue_hydra: check if threads are alive before killing- blue_hydra: require more exactly- blue_hydra: more errors on cli- blue_hydra: only kill the running threads- drop build-essential cookbook- insight: remove citadel licensing- insight: fix for new data location- insight: update pwnscan config location- minimize openssh and sudo cookbooks- fix permissions on /opt/pwnix/dataMobile:- evilap: fix hostapd-wpe cleanup- set: fix site cloner to not need apache- tshark: fix logging mode to still show packets- usb copy: dereference symlinks and do not try to preserve permissions- fix for updating very old PP2014 factory images to current for AOPP upgrade pathing2016-07-21 -- version 1.7.16aGeneral:- Ensure new paths are purged by image_prep- Purge blue_hydra and atctmon configs and database during image_prep- Fix pwnscan development consoleMobile:- Fix blue_hydra database path in blue_hydra utility2016-07-21 -- version 1.7.16General:- Migrate service state and config to common directory for sensor 2.0- migrate atctmon and blue_hydra to yaml config files- hermes - handle pre-emptive certificate expiration check more reliably- insight_api - don't attempt start / stop / status checks on unavailable services- insight_api - pass generated session secret through to secure cookie handler explicitly to silence warning- prevent raised exceptions in px-connection-dr when unable to connect to server- better clean up logic when deregistering a sensor- silence warning in px-system-id when lsblk isn't present- include network config in px-troubleshooter- include complete iptables state in px-troubleshooter- include pwnix license check in px-troubleshooter- include blue_hydra and atctmon configs in px-troubleshooter- whitelisted firmware packages for the autoupgrade script- update kali-rolling magic upgrade scripts- backup / restore scripts more gracefully handles missing directories- blue_hydra - default to no pulse- blue_hydra - add support for demo masking of mac addresses- blue_hydra - add magic recovery from rfkill and hardware lockup- blue_hydra - add magic recovery from bluetoothd lockup- blue_hydra - compress btmon logs- blue_hydra - make cui pretty- blue_hydra - support reading gzipped btmon files- blue_hydra - support testing on devices with no bluetooth adapter- blue_hydra - Fix Gemfile for actual use- blue_hydra - add BSD-3 license for open source release- blue_hydra - lots and lots of comments- make update.sh log more- ensure e2fsprogs is installedMobile:- evil ap - perform cleanup when receiving more aggressive signals- fix bad syntax in choices for some scripts2016-07-19 -- version 1.7.15aGeneral:- hermes - wait for renewal request confirmation before disconnecting- hermes - log additional error messages from Pulse2016-07-13 -- version 1.7.15General:- hermes - add better dead lock protections- hermes - fix issues with wrong worker killed during IPC issues- hermes - when authentication fails five times, will now request it's status from pulse- hermes - handle expiration and revoked status for authentication material- hermes - fix typo on method that cleans up after a sensor has been rejected2016-07-08 -- version 1.7.14General:- fix novatel on newer kernel to use option driver- blue_hydra - fix aggressive_rssiMobile:- Fixes for sns endpoint generation and package verification (legacy)- Ensure update path functional on all non-aopp builds2016-07-01 -- version 1.7.13General:- pwnscan - sanitize local_targets in the config file- pwnscan - a few extra workarounds for dm-types bug- drop "datamapper" in favor of "data_mapper"- insight - add the secure flag on session cookies2016-06-29 -- version 1.7.12aMobile:- fix copy pasta reversed safety logic2016-06-29 -- version 1.7.12General:- blue_hydra - add compressed raw log- blue_hydra - add initial ibeacon support- blue_hydra - add initial gimbal support- blue_hydra - add and use uuid tracking in cui- blue_hydra - improve mac address tracking to support changes- blue_hydra - improve ubertooth detection- blue_hydra - add some hot keys to adjust cui sort and columns shown- blue_hydra - catch sigint "properly"- px-system-id - add system information and send with registration- networking - dhcp only request gateway and dns on primary interface- xtables - add xtables for support of Android 5 default rules, etc- pwnscan - offline blacklisted hosts- pwnscan - add support for "no_arp" mode- update kali-rolling upgrade scripts with whitelist package check- update kali-rolling upgrade with minor fixesMobile:- evilap - add support for hostapd-wpe- dnsspoof - add support for hostapd-wpe2016-06-14 -- version 1.7.11General:- spec - switch rspec to use in memory db for pwnscan & atctmon- pwnscan - auto-black list first and last addresses of default subnets (.0 / .255)- blue hydra - add uuid to device modelsMobile:- evil ap - ensure dhcpd.leases file exists2016-06-10 -- version 1.7.10General:- hermes - handle errors around IPC pipes- insight - rm deprecated wireless survey functionality- insight - prevent blank passwords from being set for pwnie user- insight - fix use of ip route for pwnscan and system properties- kali-rolling upgrade - improve service management post upgrade- pwnscan - fix bad call in port model callback- patronus_fati - fix early client recording bug- patronus_fati - remove client connection threshold- connection-dr - test www.openvas.org:80- connection-dr - allow siphon tld- update - run apt-get --fix-broken liberallyMobile:- blue_hydra - write summary to captures directory after app run- ubertooth - fix selection of ubetrtooth-rx or ubertooth-lap2016-06-03 -- version 1.7.9General:- enforce updating config files during apt use- ship optional kali-rolling upgrade scripts- add vlan package for proper vlan support- blue_hydra - add optional aggressive rssi reporting- troubleshooter - recursive list of log files- troubleshooter - selectively read ssd temp- troubleshooter - add smart disk diagnostic information- troubleshooter - alert on diskspace- evilap - fix config file locations- passive_recon - prohibit/stop service when drive is >79% full- pwnscan - consolidate db access to avoid write lock contention- pwnscan - remove unused method- pwnscan - split vulnscan queue into high (new hosts) and low priority- pwnscan - do not add hosts to vulnscan queue if they have been recently scanned- improve date wrapping during upgradeMobile:- ettercap - update to support kali-rolling, cleanup script- sslstrip - update to support kali-rolling, cleanup script- tshark - cleanup script- ubertooth - update to support kali-rolling, minor improvements- remove unused samba and smbclient packages2016-05-25 -- version 1.7.8General:- chef - add tcpdump package- chef - purge unused system packages- hermes - improve logging- hermes - additional error handling- hermes - remove use of zlib and fix IPC bug- hermes - improve recovery in working communciations- hermes - handles additional error states for workers- openvas - add --pulse flag to parser script to send directly to pulse- openvas - improve service checkin in insight- pwnscan - Add configurable vulnscan flag to run Vulnerability Scan against new hosts one at a time- pwnscan - Add OS Version attribute- pwnscan - Add use of SMB OS Detection Nmap Script for certain Systems- pwnscan - Improve behavior and consistency of Blacklist- pwnscan - Improve local subnet Enumeration to allow for scenarios where tunneling is enabled- pwnscan - Track what scan source an attribute was set for, attempt to not down grade to prevent flapping- troubleshooter script improvements around service checking- unsafe-cell-id - caputre sim mccmnc2016-05-05 -- version 1.7.7General:- Remove unused cookbooks- atctmon - autodetect serial port- blue_hydra - add rssi logfile- blue_hydra - always rewrite pretty config file- hermes - reduce logging on messages while disconnected- insight - fix interface up/down detection- insight - fix service not available checking- Add Sophia (not Sofia) hardware support- 4g rshell - add support for att m2m network- 4g rshell - add routing options- rshell - prevent shell from closing on insight restart- health check - add thermals- cell id - always call safely- cell id - add support for detecting cell/sim issues- cell id - add support for detecting physical device- move hostname setting from image_prep to firstboot- patfat - respect gemfile version- patfat - ssid expiration fix- patfat - do not reset ssid on restart- patfat - fix thread spawning on unsuccessful connection- patfat - optimize sqlite usage- use the correct public repo for kali2/rolling- openvas - fix updater to check time delta properly- add locking support to update.sh to prevent simultaneous runsMobile:- evilap - fix hostname/mac rolling- evilap - fix magic ipv4 -> ipv6 nat2016-04-15 -- version 1.7.6aMobile:- Properly notify PXUpdater of successful update2016-04-15 -- version 1.7.6General:- Blue Hydra -- fix ubertooth-rx -z detection- Hermes -- run client thread rescue properly- Rshell -- unify setup and checking for rshell- Rshell -- use ssh keep alive instead of autossh port forward loopback- Rshell -- do not connect if port forward fails- px-realtime-wireless -- retry Kismet 3 times then accept defeat- px-troubleshooter -- cleanup and various improvements- Create installed-version-id on update successMobile:- Remove Android apks (except PXUpdater), now built into aopp- Prevent PXUpdater from being installed on aopp- Remove system scripts, now built into aopp- Fix nmap script ip conversion bug and add support for multi-homing- Change _apt group to default to AID_INET and add required members- Stop mounting /system rw on Android API > 19- Stop creating /system/etc/vendor/pwnieexpress for latest-version-id file2016-04-07 -- version 1.7.5General:- Blue Hydra -- handle known Bluez warnings- Blue Hydra -- add ubertooth package to be installed via chef- Blue Hydra -- require bluetooth.service not just bluetooth.target- Insight -- don't disclose sensor type to unauthenticated users- px-connection-dr -- more invalid cert info- OpenVas -- moved redis socket to /var/lib/redis/redis.sock- Handle nmap version change in spec- bump nokogiri gem version- px-bluetooth-discovery -- fix crash on corner case error from hcitool2016-03-21 -- version 1.7.4General:- Add Support for PwnPlug R4- Use packaged bundler instead of gem bundler- Add support for safely calling update.sh from pulse- Handle new `ifconfig` output or switch to use of `ip`- Add kali-rolling Support- Use dist-upgrade instead of upgrade for kali 2+ in run-chef-solo script- Add support for ruby 2.2 and 2.3- Inform Pulse about presence of cell adapter- Remove unused subnet_info.sh script- Use --force-confnew & --force-confmiss DPKG options for apt-get- Add htop, iotop, nano and strace packages- Ensure libopenvas8 is installed where needed- Redirect update.sh to call Insight if RUNNING_IN_INSIGHT flag is set- AtCtMon -- split mccmnc files into country code groups- AtCtMon -- add config file support- Blue Hydra -- add CUI option- Blue Hydra -- reduce sync volume- Blue Hydra -- add Blue Hydra periodic sync- Blue Hydra -- ensure bluetooth target has started first- Hermes -- avoid starting extra API workers- Hermes -- add heartbeat- Hermes -- stabilize network socket result thread- Hermes -- remove use of config file- Hermes -- improve management of workers- Hermes -- add timeout to IPC connection to master in generic worker- Insight -- handle invalid JSON in config file on start- Insight -- add passive recon disk usage warning- Insight -- prevent from failing to start on deregistration- Insight -- add RUNNING_IN_INSIGHT flag to bin_runner pluginMobile:- Blue Hydra -- add blue_hydra.sh to launch cui- Fix _apt user groups2016-02-24 -- version 1.7.3General:- Disable automatic partition resizing on non-gold generated images2016-02-19 -- version 1.7.2General:- Remove unused resetting code from at_ct_mon's run script- Handle random MAC addresses reported vendor in blue hydra- Offline bluetooth devices during blue hydra's startup- Add ubertooth support to blue hydra when present- Add diagnostic server endpoint utility for hermes- Massive overhaul of the hermes worker that communicates with Pulse- px-bluetooth-discovery is completely replaced by blue_hydra where supported- Added tool for identifying what GSM adapter is plugged into a sensor- Reporting connected GSM adapter to Pulse- Made ruby safe logger thread safe- Preliminary cookbook support for kali-rolling- Gold image disk will be automatically resized during first boot- Ensure EPA's wireless firmware is installed on clean gold images- Ensure traditional linux interface names are used in clean gold images- Removed, db5.1-util from installed packages- Added psmisc to installed packages- Ensuring apache isn't running after it gets installed as a dependency- Enable weekly fstrim on devices that support it- Move redis socket location out of /tmp to /var/tmp- Fix some broken test coverageMobile:- Removed hostapd deb and config that was no longer necessary- Updated PXUpdater2016-02-05 -- version 1.7.1General:- Fix issue with Hermes IPC communications- Offline old bluetooth devices when restarting blue_hydra- Enforce shutdown of hermes in init script when stop call is sent- Fix support for alternative server ports in Hermes- Allow controlling at_ct_mon through local UI- Fix 4G shell and cleanup other shell's status check- Report blue_hydra, at_ct_mon, and openvas service status's to Pulse- Allow OpenVAS's scap data sync to retry database update automatically- Automatically resize system partitions during first boot- Add SafeLogger to PwnScan- Added hermes testing utility that works as a stand in for Pulse2016-02-02 -- version 1.7.0General:- use network result socket for Hermes- add BlueHydra realtime bluetooth service- add system safe logger and test- switch Hermes & Insight to use system safe logger- ability to specify update version in Insight v2 system/update plugin- move AtCtMon db file to /opt/pwnix- remove auto-reset of 4g card in AtCtMon- cleanup legacy Hermes code- send system properties from hermes with every connection to Dispatch- fix 'socket would block' errors in Hermes- suppress output of service management in Insight logs- add distribution to system properties info- ditch external Nginx cookbook- better error logging for OpenVas utilities- update px troubleshooter script- switch blacklist script to use drop target instead of reject- add --quiet flag to OpenVas update- handle OpenVas connection issues gracefully- enable retrial of downloads for package updates- rotate Insight logfile properly- fix backup and restore scripts- add AtCtMon to systemd controls- handle kali forcibly disabling network services- stop installation of unused packages- enourage rsyslog and cron to start- use curl where possible for initial OpenVas data sync- reject bad BSSIDs in realtime wirless service- remove tech_debt() as a function- fix truncating of update log- Fix bluetooth discovery crashing with longer intervals- Prevent 3G & 4G from setting up multiple times- Remove resource handle leak in hermes master loop2016-01-20 -- version 1.6.20General:- Fix issue where AP MACs would be sent up instead of Client MACs2016-01-08 -- version 1.6.19General:- Silence OpenVAS update during Chef run- Handle local / global bit in MAC address vendor lookups- Drop wired clients leaking into realtime wireless- Remove gem server from px-connection-dr- Enforce population of node['pwnix'] by default2016-01-06 -- version 1.6.18General:- Optimize 4G scanning (atctmon)- Attempt to recover 4G dongle when out to lunch (atctmon)- Add and use system attributes in chef- Hermes fixes for handling messages coming from result socket- Fix pwnix-utils tests- Add ruby safe_logger- Restart px-realtime-wireless on update- Add connection thresholding logic to px-realtime-wireless- patfat - Prevent crash when parsing client message from kismet- patfat - Add online sync messages to eliminate ghost online devices- fix passive recon writing to daemon log- fix nac bypass to allow r2 and AE- install linux on sensors- unneeded package cleanupMobile:- Run chef-solo on firstboot- Mark SElinuxfs readonly so apt-get works- Chroot v2 support- Support for AOPP builds- Fix /data being improperly mounted nosuid2015-12-17 -- version 1.6.17General:- Fixed issue with problem environment when update is run from insight2015-12-17 -- version 1.6.16General:- Added 4G Service (atctmon)- Centralized Gem and lock files- Centralized Gem vendoring- Created Ruby 1.9 and Ruby 2.1 specific gem lock files- Fixed init script headers- Configured ruby services to use central gem lock file- Fixed realtime wireless crash during long quiet periods- Fixed invalid data handling on BSSID records in realtime wireless- Service control fixes to support kali 2 (systemd)- Updated, cleanup and fixed pwnix_passive_recon, ssh_vpn, stealth_mode and fixed line evil AP- Added systemd unit files for pwnix services in preparation for systemd transition- Switch chef to make use of node attributes where appropriate rather than shelling out- Merged 'EPA only' packages into all sensor lines (required for clean images)- Fix conditional restart on pwnscan when it's enabled- Cleanup fix and improve system tests- Ensure update script exits with an error code when it fail- Create a swap file if it doesn't exit before running the update- Fix hermes handling of UTF-8 on the result socket- Update backup and restore scripts- Prevent excessively large log files from PwnScan2015-11-30 -- version 1.6.15General:- Pin version of ohai to prevent gem resolution errors2015-11-24 -- version 1.6.14General:- Added system wide blacklist for all scans and communications controlled by the PwnScan blacklist- Ensured network changes, and pwnscan configuration changes would trigger the blacklist update- Fix system spec that couldn't find some chef managed files2015-11-19 -- version 1.6.13aGeneral:- Update version of patronus_fati gem to correct WEP reporting issue- Add sources.list fix to update.sh script for correcting sources.list earlier in the update process2015-11-13 -- version 1.6.13General:- Prevent insight from starting reverse shells or running custom scripts if /opt/pwnix/.sensor-lock exists- Properly disable pwnscan service when stop action occurs- Pause, not stop openvas and restart properly when updating- Reorganize OpenVas recipe in chef- Output current system version before running chef solo to update- Do not truncate update log when updating2015-10-27 -- version 1.6.12General:- Fix path in Hermes init script- Handle bad JSON being sent to hermes result socket more gracefully- Suppress bad output in Insight service status checks- Prevent R3's from attempting to start openvas via Insight- Support checking of Pwnscan Status in Insight on kali 2 sensors- Clean up all shells when a duplicate shell_id exists- Remove unused parameter in px-wireless-discovery script and Insight endpoint- Remove unused cookbook dependencies- Fix sequence of steps in px-deregister-dispatch script- Add px-troubleshooter script- Bump default scan length for bluetooth discovery- Update kismet xml parser to dedup APs- Add custom channel list to kismet config- Pwnscan 0.2.0 Update- - replace ProcessingHelper with ResultsProcessor- - Update weighting logic to improve correlation- - Add more spec- - Improve loggingMobile:- Add stock chroot fallback logic to handle when kali image doesn't exist- Deprecate wlan_interface_assigner.sh script2015-09-17 -- version 1.6.11aGeneral:- Still provide vulnerability results even when the scan has error'd out.2015-09-16 -- version 1.6.11General:- Update Package Repository Paths- kali 2 compatability refactor- - Service Scripts- - Insight compatability changes- - Update Spec- OpenVas fixes- - Properly report openvas status to pulse with system properties info- - Properly report errored scans in OpenVas- - Enforce target variable always passed to px-simple-vulnscan script- - properly configure redis for OpenVas- - Only run initial DB rebuild once through chef- - Initial population of OpenVAS is now done from a tarball on the update server.- PwnScan Fixes- - Recast String Columns VarChar(255)- - Add lightweight model validations for Port Number Mac string format- - Test coverage on host upate helper- - Process macs to remove duplicate macs in string taking the last mac in every case- - Fix comparison serializer method on Network Hosts- Add logrotation for realtime wireless- fix passive recon script- chef run fixes in chroot creation environments- Update default packages in chef- Fix issue in wireless discovery where an AP would be connected to itselfMobile:- Safely created sdcard and system mountpoints if missing- improve interface selection for evil ap script- remove OpenVas installation from chef for mobile- detect if running inside android system before installing apk's2015-08-25 -- version 1.6.10bGeneral:- Remove code that was breaking R3 system/request_properties- Add test covering system/request_properties2015-08-21 -- version 1.6.10aGeneral:- Switch package update flag from force-confold to force-confdef- Ignore default stunnel config in system integrity spec2015-08-21 -- version 1.6.10General:- Added random nonce and logic time to Insight's session cookies- Insight sessions automatically expire after two hours- Insight sessions are invalidated after a user changes their password from anywhere on the system.- Added new version of vulnerability scanning tools- Rotating OpenVAS logs- Replaced broken OpenVAS service control scripts- Add OpenVAS service control to Insight- Sending status of OpenVAS services to Pulse when available- Added support for 'Deep' vulnerability scans- Automatically handle modeswitching for huawei lowlink devices- Added locales packages to the base package list- Added mana-toolkit to the base package list- Updated OpenVAS update process to gracefully handle running scans and only update changed files.- Deprecated iconv gem in favor of Ruby 2.0.0+ compatible string encodings2015-08-12 -- version 1.6.9bGeneral:- Fix swapoff issue in image_prep.sh- Ensure mkswap is formatting the system swapfile correctly during first_boot2015-08-05 -- version 1.6.9aMobile:- actually enforce cleanup of stale directories to allow MSF to run- actually install device specific Settings APK2015-08-03 -- version 1.6.9General:- Remove -Pn flag from default nmap scanning behavior- Move PwnScan rescue block inside of loop so threads don't exit on errors- allow PwnScan service to reload when chef updates so code updates get shipped out properly- Fix behavior around creation of latest-version-id file- enforce creation of swapfilesMobile:- Enforce cleanup of stale directories to allow MSF to run- Add support for chroot-only reset as well as full system reset- New PXUpdater APK- New device specific Settings APK2015-07-10 -- version 1.6.8General:- updates to check-pwnix-license script in hermes- remove deprecated legacy fix cookbook- add px-connection-dr script- prevent registration if sensor is already registered- enforce stopped kali services- install crda package- add passive host detection to PwnScan based on ARP repliesMobile:- add version 1 chroot support for legacy sensors- check default runlevel and start services as appropriate- configure PS setting for each mobile script- fix interface for dnsspoof- allow dual band operation for EvilAP- fix macchanger behavior to set sane hostname- add f_channel_list function- support version 1 for reset.shscript- fix sslstrip script to prevent errors being printed to STDOUT- fix airodump-ng flags- add squashfs-tools package- allow latest-version-id file to be read2015-06-18 -- version 1.6.7General:- Handling certificate renewal logic in hermes- Verifying authentication status when connected to dispatch server before starting communications- Resolved issue with hermes startup when no log file is provided- Add "change wipe to shred on logwiper" to 1.6.6 changelog- run px-simple-vulnscan in jenkins- fix kismet.conf checksum error in rspec- Refactor openvas setup and run it on the mobile lineMobileT- Minor chroot script fixes- rewritten wlan interface assignment script- always use wlan1mon interface for tools that need monitor mode- move monitor mode control functions to px_functions.sh- fix logging in btscan- up interface before running tcpdump and tshark- ship and/or update PXUpdater for all devices using chef- use /proc/self/mounts for /etc/mtab- autodetect window size in bootpwn- Make image prep remove sensor registration- Enable some sslstrip-hsts features when available2015-06-15 -- version 1.6.6General:- Remove legacy console code- Additional cleanup on deregistration- standardize kismet.conf location- Additional kismet init script safety checks- on update only restart kismet if neededMobile:- /var/run on tmpfs- kismet.conf sync with fixed- minor kismet_ui to avoid corruption- disable SE Linux during update- add nobody to AID_INET group so hermes can reach pulse- safety checks for missing adapters, etc- force interface up for dnsspoof- force interface up for dsniff- force interface up for ettercap- kismet can suspend/resume pulse kismet- kismet can optionally kill interfering processes- ssh on informs user of IP- check for usb before running copy to usb- add validate_one to make sure needed adapters are in place- add bluetooth checking to validate_one- messages enhanced in interface selection- handled showing intentionally disabled interfaces in grey- change wipe to shred on logwiper (just as secure on flash)2015-6-5 -- version 1.6.5General:- Ensure Pwnscan is enabled when started via Insight- Fix key conflict in Reverse shell configuration in Insight- Add support for new Huawei hilink 3g/4g cards- prevent history clearing on user logout- setup friendlier shell defaults for all users- Ensure Pwnscan respects configured blacklist for nmap scans- Create System status syncing cron task to push changes to pulseMobile:- make /system read only by default- use px_interface_selector.sh for unified interface selection2015-5-29 -- version 1.6.4General:- fix regressed OpenVas Package- allow virtual sensor to run OpenVasMobile:- setup friendlier shell defaults for mobile users- call busybox directly- verify /system is rw on update2015-5-22 -- version 1.6.3General- Enforce /tmp/result.sock is never owned by root when hermes starts- fix V1 Insight Api for update- Return pid from V2 API with system update- Allow Virtual Sensor to Run VulnScan- include gawk package- Unlock Metasploit version in run-chef-solo.shMobile- Prevent first_boot from looping restart- Background wlan interface assigner in chrootboot- fix imageprep for selinux2015-5-21 -- version 1.6.2a- fix syntax in image prep- shred /tmp/result.sock in image prep2015-5-21 -- version 1.6.2General: - Enforce default Pwnscan local_targets in Insight configuration - Allow Pwn Pro Plus 2015 to behave like a Pwn Pro - Prevent Insight from failing to start after triggering an update via Insight v2 APIMobile: - Make chrootboot & bootpwn scripts represent the lollipop guild - handle mon1 to wlan1mon in interface selection menus - loop interface selection menu on invalid choice2015-5-19 -- version 1.6.1- Improve spec tests- fix wireless management for mobile sensors2015-5-13 -- version 1.6.0- Add PwnScan persistent network scanning service- Add Patronus Fati based pwnix_realtime_wireless wifi scanning service- Add pwnix_kismet_server service- Sync System properties to Pulse after an Updated- Deprecate legacy ConsolePoller worker in Hermes- Allow registration of mobile sensors to PwnPulse- Allow scripts to function of "Pwn Pro Plus 2015" sensor type2015-4-27 -- version 1.5.12h- Switch to using Pwnie Hosted Gem server and kali Mirrors2015-4-09 -- version 1.5.12g- fix openvas for deprecated openvasad package, replaced with openvasmd2015-4-03 -- version 1.5.12f- adjust path for route command in reverse shell plugin- add `ip route` command to debug pack script2015-3-17 -- version 1.5.12e- Install updated GPG key for kali Repos2015-3-12 -- version 1.5.12d- add uptime to debug pack- enforce installation of bundler for msf2015-3-2 -- version 1.5.12c- Fix path in insight for 3g reverse shell- enforce apt-get update is run before attempting MSF install or apt-get upgrade2015-2-27 -- version 1.5.12b- Install metasploit-framework package from fixed .debs hosted on the Pwnie Update server until kali has a working version of the metasploit package again.2015-1-16 -- version 1.5.12aGeneral - Remove installation of package kali deprecated for the EPA to ensure that chef is able to run on those systems.2015-1-9 -- version 1.5.12General: - Additional nmap parser improvements - Fix spec so that it only checks nac bypass script status on R3 - Fix bluetooth results to handle errors better - Update image_prep.sh script cleanup of root directory - Add Pineapple Management 1471/tcp to nmap services file - Remove failing CGI::unescape call in Insight V2 BinRunner plugin2014-12-12 -- version 1.5.11/1.5.11aGeneral: - Suppress hermes console poller log - Default to local subnet for Insight V2 Network Discovery tools - Add Explicit require to Insight for shellwords - Fix security of Insight API Key for logged out users - Improvement to quality of Wireless result data - Improvements to NAC Bypass script2014-11-14 -- version 1.5.10fGeneral: - Add interactive confirmation to px-deregister-dispatch script - Add Pwn Pulse registration link to local sensor UI - Add -Pn flag to px-service-scan nmap flags - Capture additional fields where available for Nmap parser: Host Vendor NIC (OUI), Port Service Product, Device Type and Service Fingerprint - Add PwnPro Specific Cookbook - Fix potential instability around OpenVas for px-simple-vulnscan - Disable Register Dispatch link in Insight for mobile sensors - Add px-system-health && px-system-update scripts - Fix rspec tests & deprecation warnings2014-10-03 -- version 1.5.10eGeneral: - fix proxy timeout configuration & sesion expiration issue for Insight - default appropriate Bluetooth adapter to be loaded as hci0 for PwnPro - attempt to bring hci0 interface up for px-bluetooth-discovery scans - support standalone PwnPro recipe in chef - install mdk3 package on all kali sensors rather than only PwnPad - improve update script loggin with better timestamping2014-09-15 -- version 1.5.10dGeneral: - Support Pwn Plug R3 in Updates - Reduce Hermes log level to "info" - Kill Kismet with `-9` flag when px-wireless-survey is run - Install `amap` package with chef - Hermes stuck hot loop issue - Fix Insight static IP configuration issue - Dispatch Deregistration support in Insight2014-07-31 -- version 1.5.10cGeneral: - Fix v2 Insight Update Plugin for Pwn Pulse Support - Improve px-wireless-discovery client summary2014-07-29 -- version 1.5.10bGeneral: - Include summary of Wireless Clients with px-wireless-discovery result - When px-wireless-discovery runs kill all other running versions of Kismet - Clean up Shell Config in Image Prep Script - Enforce deprecated pwnix_msfrpcd service is cleaned up2014-07-22 -- version 1.5.10aGeneral:- Allow Pwn Pro 2014 to run px-simple-vulnscan2014-07-22 -- version 1.5.10General:- Remove Citadel Registration Capabilities- Deprecate pwnix_msfrpcd service- Remove Postgres Default Installation- Deprecate Network Bruteforce plugin from Insight v1 API- Minor fix for Hermes startup script- Dispatch client added to Hermes- Support for Insight V2 API in Hermes- Send version identifier to Citadel- Insight V2 API- NTP service management in Insight UI- Overhaul reverse shells and shells UI in Insight- Dispatch registration support in Insight UI- Add /opt/pwnix/bin to the Insight path- Improve HTML escaping in Insight- Minor updates to Insight styles- Various Insight updates to support future Dispatch release- Add pwnix-utils (/opt/pwnix/bin and /opt/pwnix/lib)- Fix SSH VPN script- Add Kismet config to support px-wireless-discovery- Better information gathering in build-debug-pack.sh- Reboot device after running first_boot.sh- Update pwnix_bluelog service to use pwnix-utils- Add /opt/pwnix/bin to the default path- Minor change to chrootboot- Deprecate update support for first-gen Ubuntu-based EPAs- Install OpenVAS on EPA hardware- Chef updates to support pwnix-utils and Dispatch- Install reaver on all devices2014-05-16 -- version 1.5.9eMobile:- Updates Chrootboot & System Reset Script for Pad & Phone2014-05-12 -- version 1.5.9dMobile:- Updates to bootpwn, chrootboot, WLAN switcher, image_prep scripts to support PwnPhone- Updates to application launcher scripts to support PwnPhone- Add factory reset app for Android devices- Fix incorrect PATH causing updates to fail on mobile devices2104-04-14 -- version 1.5.9cGeneral:- PwnPad interface switcher hotfix2104-04-08 -- version 1.5.9bGeneral:- Heartbleed SSL vulnerability hotfix2014-03-17 -- version 1.5.9General:- Improve Insight UI on Pwn Pad- Update rsync flags for backup and restore scripts- Add kismet_ui.conf for Pwn Pad- Update airodump and kismet scripts on Pwn Pad to support BlueNMEA GPS- Add Pwn Pad script to copy capture data to USB media- Add /opt/pwnix/bin and /etc/reaver to sensor filesystem- Add ruby-nokogiri to installed packages on sensors- Fix Hermes log rotationConsole:- Modify console log file location and ownership- Update pidfile location- Run console as 'nobody' user- Add console restore and backup scripts- Security improvements for nginx- General security hardening for console systems2014-02-18 -- version 1.5.8General:- Backup / Restore now handling root user SSH keys- Fixed permission issue on /etc/bash.bash_logout after cleanup- Cleaned up grammar / spelling in update Pwn Pad script- Configure default timezone to America/New_York when /etc/timezone is missing2014-02-17 -- version 1.5.7General:- Add /opt/pwnix/pwnix-scripts/build-debug-pack.sh- Add Backup / Restore scripts to Pwnix- Disable GSM reverse shell in Insight UI of pad- Add beacon rate option to Pwn Pad EvilAP launcher- Clear Bash history in Pwn Pad logwiper script- Ensure proper cleanup after killing SSLStrip on Pwn PadSecurity:- Removed the following accounts: games news lp list irc- Added cron task to automatically update network services- Configure SSH Client & Daemon to use FIPS-140-2 approved MACs & Ciphers- Prevent Insight UI from pre-populating forms from get parameters- Add 'autocomplete=off' to Inisght UI login form- Update security settings for Nginx- Disable core dumps in /etc/security/limits.conf- Restrict dmesg to only privileged users- Restrict secure ttys to 'console' and tty[1-6]- Restrict system accounts login shell- Prevent login to accounts with an empty password- Harden kernel parameters- Remove Passwordless Sudo- Run Hermes Daemon as nobody user2014-02-10 -- Version 1.5.6General:- Update chrootboot for backwards compatibility with 2012 Pad hardware- Update Pad launcher scripts for backwards compatibility with 2012 Pad- Enforce root ownership on /opt/pwnix/pwnix-config/shells- Add colored logo to MOTD- Remove sms_message config file from rspec- Add --local to `bundle install` in update.sh2014-01-30 -- Version 1.5.5General:- Added updated header information to Pwnie Express scripts- Improved documentation and updated UI language- Improved reverse shell scripts- Added SSH VPN scriptinsight_api:- Improved logging for reverse shells and added log to Insight log page- Removed Backtrack reciever script and added kali receiver script- Added helper methods for product type- Refactored reverse shells plugin for device-specific functionality- Log rotating support- Fix issue with 'service insight_api stop'pwnix_base_cookbook:- Improved logging configurations for reverse shells- Update get_public_ip.sh to use -api.net/ip- Refactored sms_message.sh- Removed normal_mode.sh- Improved thoroughness of cleanup script- Bugfixes in first_boot.sh- Add subnet_info.sh helper script- Deprecated wepbuster package- Update Pwn Pad .apk files- Add /etc/product information to Ubuntu EPAs- Preserve EvilAP configuration on update- merge script_services_cookbook into pwnix_base_cookbookpwn_pad_sources:- Fix bootpwn mounting issues- Ensure first_boot.sh runs in chrootboot as required- Update default Kismet packet source and improve logging configuration- Improve input validation and formatting of PwnPad scripts- Add SSH On/Off apppwnix_chef:- Enable root logon via SSH key authentication- Updated spec tests- Merge Pad preparation script into image_prep.sh- Add dev build target in addition to stable and qa 2ff7e9595c
Comments