# frozen_string_literal: true require 'yaml' module PWN module WWW # This plugin supports app.cobalt.io actions. module AppCobaltIO # Supported Method Parameters:: # browser_obj = PWN::WWW::AppCobaltIO.open( # browser_type: 'optional - :firefox|:chrome|:ie|:headless (Defaults to :firefox)', # proxy: 'optional - scheme://proxy_host:port', # with_tor: 'optional - boolean (defaults to false)' # ) public_class_method def self.open(opts = {}) browser_type = if opts[:browser_type].nil? :firefox else opts[:browser_type] end proxy = opts[:proxy].to_s unless opts[:proxy].nil? with_tor = if opts[:with_tor] true else false end if proxy if with_tor browser_obj = PWN::Plugins::TransparentBrowser.open( browser_type: browser_type, proxy: proxy, with_tor: with_tor ) else browser_obj = PWN::Plugins::TransparentBrowser.open( browser_type: browser_type, proxy: proxy ) end else browser_obj = PWN::Plugins::TransparentBrowser.open( browser_type: browser_type ) end browser_obj.goto('https://app.cobalt.io') browser_obj rescue StandardError => e raise e end # Supported Method Parameters:: # browser_obj = PWN::WWW::AppCobaltIO.login( # browser_obj: 'required - browser_obj returned from #open method', # username: 'required - username', # password: 'optional - passwd (will prompt if blank)', # mfa: 'optional - if true prompt for mfa token (defaults to false)' # ) public_class_method def self.login(opts = {}) browser_obj = opts[:browser_obj] username = opts[:username].to_s.scrub.strip.chomp password = opts[:password] if password.nil? password = PWN::Plugins::AuthenticationHelper.mask_password else password = opts[:password].to_s.scrub.strip.chomp end mfa = opts[:mfa] browser_obj.goto('https://app.cobalt.io/users/sign_in') # id: 'user_email' doesn't work browser_obj.text_field(index: 9).wait_until(&:present?).set(username) # id: 'user_password' doesn't work browser_obj.text_field(index: 10).wait_until(&:present?).set(password) # name: 'commit' doesn't work browser_obj.button(index: 6).wait_until(&:present?).click # no name or id in button element if mfa until browser_obj.url == 'https://app.cobalt.io/dashboard' browser_obj.text_field(id: 'code').wait_until(&:present?).set(PWN::Plugins::AuthenticationHelper.mfa(prompt: 'enter mfa token')) browser_obj.button(name: 'commit').wait_until(&:present?).click sleep 3 end print "\n" end browser_obj rescue StandardError => e raise e end # Supported Method Parameters:: # browser_obj = PWN::WWW::AppCobaltIO.logout( # browser_obj: 'required - browser_obj returned from #open method' # ) public_class_method def self.logout(opts = {}) browser_obj = opts[:browser_obj] browser_obj.li(class: 'user-dropdown').wait_until(&:present?).click browser_obj.link(index: 10).wait_until(&:present?).click browser_obj rescue StandardError => e raise e end # Supported Method Parameters:: # browser_obj = PWN::WWW::AppCobaltIO.close( # browser_obj: 'required - browser_obj returned from #open method' # ) public_class_method def self.close(opts = {}) browser_obj = opts[:browser_obj] PWN::Plugins::TransparentBrowser.close( browser_obj: browser_obj ) rescue StandardError => e raise e end # Author(s):: 0day Inc. public_class_method def self.authors "AUTHOR(S): 0day Inc. " end # Display Usage for this Module public_class_method def self.help puts "USAGE: browser_obj = #{self}.open( browser_type: 'optional - :firefox|:chrome|:ie|:headless (Defaults to :firefox)', proxy: 'optional - scheme://proxy_host:port', with_tor: 'optional - boolean (defaults to false)' ) puts browser_obj.public_methods browser_obj = #{self}.login( browser_obj: 'required - browser_obj returned from #open method', username: 'required - username', password: 'optional - passwd (will prompt if blank), mfa: 'optional - if true prompt for mfa token (defaults to false)' ) browser_obj = #{self}.logout( browser_obj: 'required - browser_obj returned from #open method' ) #{self}.close( browser_obj: 'required - browser_obj returned from #open method' ) #{self}.authors " end end end end