pwn 0.4.404 → 0.4.407
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +2 -1
- data/README.md +2 -2
- data/lib/pwn/banner/matrix.rb +4 -2
- data/lib/pwn/plugins/credit_card.rb +1 -1
- data/lib/pwn/sast/amqp_connect_as_guest.rb +1 -1
- data/lib/pwn/sast/apache_file_system_util_api.rb +1 -1
- data/lib/pwn/sast/aws.rb +1 -1
- data/lib/pwn/sast/banned_function_calls_c.rb +1 -1
- data/lib/pwn/sast/base64.rb +1 -1
- data/lib/pwn/sast/beef_hook.rb +1 -1
- data/lib/pwn/sast/cmd_execution_java.rb +1 -1
- data/lib/pwn/sast/cmd_execution_python.rb +1 -1
- data/lib/pwn/sast/cmd_execution_ruby.rb +1 -1
- data/lib/pwn/sast/cmd_execution_scala.rb +1 -1
- data/lib/pwn/sast/csrf.rb +1 -1
- data/lib/pwn/sast/deserial_java.rb +1 -1
- data/lib/pwn/sast/emoticon.rb +1 -1
- data/lib/pwn/sast/eval.rb +1 -1
- data/lib/pwn/sast/factory.rb +1 -1
- data/lib/pwn/sast/file_permission.rb +1 -1
- data/lib/pwn/sast/http_authorization_header.rb +1 -1
- data/lib/pwn/sast/inner_html.rb +1 -1
- data/lib/pwn/sast/keystore.rb +1 -1
- data/lib/pwn/sast/location_hash.rb +1 -1
- data/lib/pwn/sast/log4j.rb +1 -1
- data/lib/pwn/sast/logger.rb +1 -1
- data/lib/pwn/sast/outer_html.rb +1 -1
- data/lib/pwn/sast/password.rb +1 -1
- data/lib/pwn/sast/pom_version.rb +1 -1
- data/lib/pwn/sast/port.rb +1 -1
- data/lib/pwn/sast/private_key.rb +1 -1
- data/lib/pwn/sast/redirect.rb +1 -1
- data/lib/pwn/sast/redos.rb +1 -1
- data/lib/pwn/sast/shell.rb +1 -1
- data/lib/pwn/sast/sql.rb +1 -1
- data/lib/pwn/sast/ssl.rb +1 -1
- data/lib/pwn/sast/sudo.rb +1 -1
- data/lib/pwn/sast/task_tag.rb +1 -1
- data/lib/pwn/sast/throw_errors.rb +1 -1
- data/lib/pwn/sast/token.rb +1 -1
- data/lib/pwn/sast/version.rb +1 -1
- data/lib/pwn/sast/window_location_hash.rb +1 -1
- data/lib/pwn/version.rb +1 -1
- data/packer/kali_rolling_aws_ami.json +3 -3
- data/packer/kali_rolling_qemu_kvm.json +2 -2
- data/packer/kali_rolling_virtualbox.json +4 -4
- data/packer/kali_rolling_vmware.json +3 -3
- data/packer/provisioners/upload_globals.sh +1 -1
- data/vagrant/provisioners/upload_globals.sh +1 -1
- metadata +30 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 9042d04424833fdac16b887039d8f7810923d9917649f620209452b606a9131b
|
4
|
+
data.tar.gz: 62d4e5929aaed74dcc5d6518d1d87cce93da269ab018e69bdf7f5d007e8dfec7
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 26a0e9ce0985ecba133464d4c3b8e7bf144fd5c760714117defc77186569d84981af5158ded4e5ff21da4664635c90195d2b50c43c8d767728bcfabf72aa1527
|
7
|
+
data.tar.gz: 2cc048cd0f862c0a01fdfbddda62421404e31dbb0c6f7591d682148648879a88c947797a31ea7fd83438bdd9f41828e8720d12d67339c1c9547496a5a35321ca
|
data/Gemfile
CHANGED
@@ -22,7 +22,7 @@ gem 'bundler', '>=2.3.11'
|
|
22
22
|
gem 'bundler-audit', '0.9.0.1'
|
23
23
|
gem 'bunny', '2.19.0'
|
24
24
|
gem 'colorize', '0.8.1'
|
25
|
-
|
25
|
+
gem 'credit_card_validations', '5.0.0'
|
26
26
|
gem 'faye-websocket', '0.11.1'
|
27
27
|
gem 'gdb', '1.0.0'
|
28
28
|
gem 'gist', '6.0.0'
|
@@ -79,3 +79,4 @@ gem 'watir', '7.1.0'
|
|
79
79
|
gem 'waveform', '0.1.2'
|
80
80
|
gem 'webrick', '1.7.0'
|
81
81
|
gem 'wicked_pdf', '2.1.0'
|
82
|
+
gem 'yard', '0.9.27'
|
data/README.md
CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.1.1@pwn
|
|
37
37
|
$ rvm list gemsets
|
38
38
|
$ gem install --verbose pwn
|
39
39
|
$ pwn
|
40
|
-
pwn[v0.4.
|
40
|
+
pwn[v0.4.407]:001 >>> PWN.help
|
41
41
|
```
|
42
42
|
|
43
43
|
[![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.1.1@pwn
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
53
53
|
$ gem install --verbose pwn
|
54
54
|
$ pwn
|
55
|
-
pwn[v0.4.
|
55
|
+
pwn[v0.4.407]:001 >>> PWN.help
|
56
56
|
```
|
57
57
|
|
58
58
|
|
data/lib/pwn/banner/matrix.rb
CHANGED
@@ -153,7 +153,10 @@ module PWN
|
|
153
153
|
'> ',
|
154
154
|
'< ',
|
155
155
|
'. ',
|
156
|
-
', '
|
156
|
+
', ',
|
157
|
+
'P',
|
158
|
+
'W',
|
159
|
+
'N'
|
157
160
|
]
|
158
161
|
|
159
162
|
last_index = matrix_arr.length - 1
|
@@ -169,7 +172,6 @@ module PWN
|
|
169
172
|
matrix = "#{matrix}#{matrix_row}\n"
|
170
173
|
end
|
171
174
|
|
172
|
-
matrix = "#{matrix}PWN\n"
|
173
175
|
matrix.green
|
174
176
|
rescue StandardError => e
|
175
177
|
raise e
|
@@ -109,7 +109,7 @@ module PWN
|
|
109
109
|
{
|
110
110
|
sast_module: self,
|
111
111
|
section: 'ACCOUNT MANAGEMENT',
|
112
|
-
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search
|
112
|
+
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=AC-2'
|
113
113
|
}
|
114
114
|
rescue StandardError => e
|
115
115
|
raise e
|
@@ -108,7 +108,7 @@ module PWN
|
|
108
108
|
{
|
109
109
|
sast_module: self,
|
110
110
|
section: 'INFORMATION INPUT VALIDATION',
|
111
|
-
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search
|
111
|
+
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SI-10'
|
112
112
|
}
|
113
113
|
end
|
114
114
|
|
data/lib/pwn/sast/aws.rb
CHANGED
@@ -111,7 +111,7 @@ module PWN
|
|
111
111
|
{
|
112
112
|
sast_module: self,
|
113
113
|
section: 'TRANSMISSION CONFIDENTIALITY AND INTEGRITY',
|
114
|
-
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search
|
114
|
+
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SC-8'
|
115
115
|
}
|
116
116
|
rescue StandardError => e
|
117
117
|
raise e
|
@@ -236,7 +236,7 @@ module PWN
|
|
236
236
|
{
|
237
237
|
sast_module: self,
|
238
238
|
section: 'INFORMATION INPUT VALIDATION',
|
239
|
-
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search
|
239
|
+
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SI-10'
|
240
240
|
}
|
241
241
|
end
|
242
242
|
|
data/lib/pwn/sast/base64.rb
CHANGED
@@ -112,7 +112,7 @@ module PWN
|
|
112
112
|
{
|
113
113
|
sast_module: self,
|
114
114
|
section: 'PROTECTION OF INFORMATION AT REST',
|
115
|
-
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search
|
115
|
+
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SC-28'
|
116
116
|
}
|
117
117
|
rescue StandardError => e
|
118
118
|
raise e
|
data/lib/pwn/sast/beef_hook.rb
CHANGED
@@ -106,7 +106,7 @@ module PWN
|
|
106
106
|
{
|
107
107
|
sast_module: self,
|
108
108
|
section: 'MALICIOUS CODE PROTECTION',
|
109
|
-
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search
|
109
|
+
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SI-3'
|
110
110
|
}
|
111
111
|
rescue StandardError => e
|
112
112
|
raise e
|
@@ -111,7 +111,7 @@ module PWN
|
|
111
111
|
{
|
112
112
|
sast_module: self,
|
113
113
|
section: 'INFORMATION INPUT VALIDATION',
|
114
|
-
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search
|
114
|
+
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SI-10'
|
115
115
|
}
|
116
116
|
rescue StandardError => e
|
117
117
|
raise e
|
@@ -113,7 +113,7 @@ module PWN
|
|
113
113
|
{
|
114
114
|
sast_module: self,
|
115
115
|
section: 'INFORMATION INPUT VALIDATION',
|
116
|
-
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search
|
116
|
+
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SI-10'
|
117
117
|
}
|
118
118
|
rescue StandardError => e
|
119
119
|
raise e
|
@@ -121,7 +121,7 @@ module PWN
|
|
121
121
|
{
|
122
122
|
sast_module: self,
|
123
123
|
section: 'INFORMATION INPUT VALIDATION',
|
124
|
-
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search
|
124
|
+
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SI-10'
|
125
125
|
}
|
126
126
|
rescue StandardError => e
|
127
127
|
raise e
|
@@ -111,7 +111,7 @@ module PWN
|
|
111
111
|
{
|
112
112
|
sast_module: self,
|
113
113
|
section: 'INFORMATION INPUT VALIDATION',
|
114
|
-
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search
|
114
|
+
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SI-10'
|
115
115
|
}
|
116
116
|
rescue StandardError => e
|
117
117
|
raise e
|
data/lib/pwn/sast/csrf.rb
CHANGED
@@ -107,7 +107,7 @@ module PWN
|
|
107
107
|
{
|
108
108
|
sast_module: self,
|
109
109
|
section: 'MALICIOUS CODE PROTECTION',
|
110
|
-
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search
|
110
|
+
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SI-3'
|
111
111
|
}
|
112
112
|
end
|
113
113
|
|
@@ -106,7 +106,7 @@ module PWN
|
|
106
106
|
{
|
107
107
|
sast_module: self,
|
108
108
|
section: 'INFORMATION INPUT VALIDATION',
|
109
|
-
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search
|
109
|
+
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SI-10'
|
110
110
|
}
|
111
111
|
end
|
112
112
|
|
data/lib/pwn/sast/emoticon.rb
CHANGED
@@ -114,7 +114,7 @@ module PWN
|
|
114
114
|
{
|
115
115
|
sast_module: self,
|
116
116
|
section: 'LEAST PRIVILEGE',
|
117
|
-
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search
|
117
|
+
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=AC-6'
|
118
118
|
}
|
119
119
|
rescue StandardError => e
|
120
120
|
raise e
|
data/lib/pwn/sast/eval.rb
CHANGED
@@ -109,7 +109,7 @@ module PWN
|
|
109
109
|
{
|
110
110
|
sast_module: self,
|
111
111
|
section: 'MALICIOUS CODE PROTECTION',
|
112
|
-
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search
|
112
|
+
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SI-3'
|
113
113
|
}
|
114
114
|
rescue StandardError => e
|
115
115
|
raise e
|
data/lib/pwn/sast/factory.rb
CHANGED
@@ -106,7 +106,7 @@ module PWN
|
|
106
106
|
{
|
107
107
|
sast_module: self,
|
108
108
|
section: 'DEVELOPER CONFIGURATION MANAGEMENT',
|
109
|
-
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search
|
109
|
+
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SA-10'
|
110
110
|
}
|
111
111
|
end
|
112
112
|
|
@@ -111,7 +111,7 @@ module PWN
|
|
111
111
|
{
|
112
112
|
sast_module: self,
|
113
113
|
section: 'LEAST PRIVILEGE',
|
114
|
-
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search
|
114
|
+
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=AC-6'
|
115
115
|
}
|
116
116
|
rescue StandardError => e
|
117
117
|
raise e
|
@@ -116,7 +116,7 @@ module PWN
|
|
116
116
|
{
|
117
117
|
sast_module: self,
|
118
118
|
section: 'PROTECTION OF INFORMATION AT REST',
|
119
|
-
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search
|
119
|
+
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SC-28'
|
120
120
|
}
|
121
121
|
end
|
122
122
|
|
data/lib/pwn/sast/inner_html.rb
CHANGED
@@ -109,7 +109,7 @@ module PWN
|
|
109
109
|
{
|
110
110
|
sast_module: self,
|
111
111
|
section: 'MALICIOUS CODE PROTECTION',
|
112
|
-
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search
|
112
|
+
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SI-3'
|
113
113
|
}
|
114
114
|
rescue StandardError => e
|
115
115
|
raise e
|
data/lib/pwn/sast/keystore.rb
CHANGED
@@ -106,7 +106,7 @@ module PWN
|
|
106
106
|
{
|
107
107
|
sast_module: self,
|
108
108
|
section: 'CRYPTOGRAPHIC KEY ESTABLISHMENT AND MANAGEMENT',
|
109
|
-
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search
|
109
|
+
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SC-12'
|
110
110
|
}
|
111
111
|
rescue StandardError => e
|
112
112
|
raise e.mesasge
|
@@ -109,7 +109,7 @@ module PWN
|
|
109
109
|
{
|
110
110
|
sast_module: self,
|
111
111
|
section: 'MALICIOUS CODE PROTECTION',
|
112
|
-
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search
|
112
|
+
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SI-3'
|
113
113
|
}
|
114
114
|
rescue StandardError => e
|
115
115
|
raise e
|
data/lib/pwn/sast/log4j.rb
CHANGED
@@ -109,7 +109,7 @@ module PWN
|
|
109
109
|
{
|
110
110
|
sast_module: self,
|
111
111
|
section: 'DEVELOPER SECURITY AND PRIVACY ARCHITECTURE AND DESIGN',
|
112
|
-
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search
|
112
|
+
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SA-17'
|
113
113
|
}
|
114
114
|
rescue StandardError => e
|
115
115
|
raise e
|
data/lib/pwn/sast/logger.rb
CHANGED
@@ -124,7 +124,7 @@ module PWN
|
|
124
124
|
{
|
125
125
|
sast_module: self,
|
126
126
|
section: 'PROTECTION OF INFORMATION AT REST',
|
127
|
-
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search
|
127
|
+
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SC-28'
|
128
128
|
}
|
129
129
|
rescue StandardError => e
|
130
130
|
raise e
|
data/lib/pwn/sast/outer_html.rb
CHANGED
@@ -109,7 +109,7 @@ module PWN
|
|
109
109
|
{
|
110
110
|
sast_module: self,
|
111
111
|
section: 'MALICIOUS CODE PROTECTION',
|
112
|
-
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search
|
112
|
+
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SI-3'
|
113
113
|
}
|
114
114
|
rescue StandardError => e
|
115
115
|
raise e
|
data/lib/pwn/sast/password.rb
CHANGED
@@ -111,7 +111,7 @@ module PWN
|
|
111
111
|
{
|
112
112
|
sast_module: self,
|
113
113
|
section: 'PROTECTION OF INFORMATION AT REST',
|
114
|
-
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search
|
114
|
+
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SC-28'
|
115
115
|
}
|
116
116
|
end
|
117
117
|
|
data/lib/pwn/sast/pom_version.rb
CHANGED
@@ -113,7 +113,7 @@ module PWN
|
|
113
113
|
{
|
114
114
|
sast_module: self,
|
115
115
|
section: 'VULNERABILITY SCANNING',
|
116
|
-
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search
|
116
|
+
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=RA-5'
|
117
117
|
}
|
118
118
|
rescue StandardError => e
|
119
119
|
raise e
|
data/lib/pwn/sast/port.rb
CHANGED
@@ -116,7 +116,7 @@ module PWN
|
|
116
116
|
{
|
117
117
|
sast_module: self,
|
118
118
|
section: 'TRANSMISSION CONFIDENTIALITY AND INTEGRITY',
|
119
|
-
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search
|
119
|
+
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SC-8'
|
120
120
|
}
|
121
121
|
rescue StandardError => e
|
122
122
|
raise e
|
data/lib/pwn/sast/private_key.rb
CHANGED
@@ -109,7 +109,7 @@ module PWN
|
|
109
109
|
{
|
110
110
|
sast_module: self,
|
111
111
|
section: 'CRYPTOGRAPHIC MODULE AUTHENTICATION',
|
112
|
-
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search
|
112
|
+
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=IA-7'
|
113
113
|
}
|
114
114
|
rescue StandardError => e
|
115
115
|
raise e
|
data/lib/pwn/sast/redirect.rb
CHANGED
@@ -111,7 +111,7 @@ module PWN
|
|
111
111
|
{
|
112
112
|
sast_module: self,
|
113
113
|
section: 'LEAST PRIVILEGE',
|
114
|
-
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search
|
114
|
+
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=AC-6'
|
115
115
|
}
|
116
116
|
rescue StandardError => e
|
117
117
|
raise e
|
data/lib/pwn/sast/redos.rb
CHANGED
@@ -116,7 +116,7 @@ module PWN
|
|
116
116
|
{
|
117
117
|
sast_module: self,
|
118
118
|
section: 'PROTECTION OF INFORMATION AT REST',
|
119
|
-
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search
|
119
|
+
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SC-28'
|
120
120
|
}
|
121
121
|
rescue StandardError => e
|
122
122
|
raise e
|
data/lib/pwn/sast/shell.rb
CHANGED
@@ -117,7 +117,7 @@ module PWN
|
|
117
117
|
{
|
118
118
|
sast_module: self,
|
119
119
|
section: 'DEVELOPER SECURITY AND PRIVACY ARCHITECTURE AND DESIGN',
|
120
|
-
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search
|
120
|
+
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SA-17'
|
121
121
|
}
|
122
122
|
rescue StandardError => e
|
123
123
|
raise e
|
data/lib/pwn/sast/sql.rb
CHANGED
@@ -113,7 +113,7 @@ module PWN
|
|
113
113
|
{
|
114
114
|
sast_module: self,
|
115
115
|
section: 'INFORMATION INPUT VALIDATION',
|
116
|
-
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search
|
116
|
+
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SI-10'
|
117
117
|
}
|
118
118
|
rescue StandardError => e
|
119
119
|
raise e
|
data/lib/pwn/sast/ssl.rb
CHANGED
@@ -106,7 +106,7 @@ module PWN
|
|
106
106
|
{
|
107
107
|
sast_module: self,
|
108
108
|
section: 'PUBLIC KEY INFRASTRUCTURE CERTIFICATES',
|
109
|
-
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search
|
109
|
+
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SC-17'
|
110
110
|
}
|
111
111
|
rescue StandardError => e
|
112
112
|
raise e
|
data/lib/pwn/sast/sudo.rb
CHANGED
@@ -109,7 +109,7 @@ module PWN
|
|
109
109
|
{
|
110
110
|
sast_module: self,
|
111
111
|
section: 'LEAST PRIVILEGE',
|
112
|
-
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search
|
112
|
+
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=AC-6'
|
113
113
|
}
|
114
114
|
rescue StandardError => e
|
115
115
|
raise e
|
data/lib/pwn/sast/task_tag.rb
CHANGED
@@ -123,7 +123,7 @@ module PWN
|
|
123
123
|
{
|
124
124
|
sast_module: self,
|
125
125
|
section: 'LEAST PRIVILEGE',
|
126
|
-
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search
|
126
|
+
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=AC-6'
|
127
127
|
}
|
128
128
|
rescue StandardError => e
|
129
129
|
raise e
|
@@ -108,7 +108,7 @@ module PWN
|
|
108
108
|
{
|
109
109
|
sast_module: self,
|
110
110
|
section: 'ERROR HANDLING',
|
111
|
-
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search
|
111
|
+
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SI-11'
|
112
112
|
}
|
113
113
|
rescue StandardError => e
|
114
114
|
raise e
|
data/lib/pwn/sast/token.rb
CHANGED
@@ -106,7 +106,7 @@ module PWN
|
|
106
106
|
{
|
107
107
|
sast_module: self,
|
108
108
|
section: 'CRYPTOGRAPHIC MODULE AUTHENTICATION',
|
109
|
-
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search
|
109
|
+
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=IA-7'
|
110
110
|
}
|
111
111
|
rescue StandardError => e
|
112
112
|
raise e
|
data/lib/pwn/sast/version.rb
CHANGED
@@ -106,7 +106,7 @@ module PWN
|
|
106
106
|
{
|
107
107
|
sast_module: self,
|
108
108
|
section: 'VULNERABILITY SCANNING',
|
109
|
-
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search
|
109
|
+
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=RA-5'
|
110
110
|
}
|
111
111
|
rescue StandardError => e
|
112
112
|
raise e
|
@@ -108,7 +108,7 @@ module PWN
|
|
108
108
|
{
|
109
109
|
sast_module: self,
|
110
110
|
section: 'MALICIOUS CODE PROTECTION',
|
111
|
-
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search
|
111
|
+
nist_800_53_uri: 'https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/control/?version=5.1&number=SI-3'
|
112
112
|
}
|
113
113
|
rescue StandardError => e
|
114
114
|
raise e
|
data/lib/pwn/version.rb
CHANGED
@@ -32,7 +32,7 @@
|
|
32
32
|
{
|
33
33
|
"type": "shell",
|
34
34
|
"environment_vars": [
|
35
|
-
"PWN_ROOT
|
35
|
+
"PWN_ROOT=\$(ruby -r pwn -e 'puts \"#{Gem.path.first}/gems/pwn-#{PWN::VERSION}\"')",
|
36
36
|
"PWN_PROVIDER=aws"
|
37
37
|
],
|
38
38
|
"scripts": [
|
@@ -52,7 +52,7 @@
|
|
52
52
|
"pause_before": "180s",
|
53
53
|
"type": "shell",
|
54
54
|
"environment_vars": [
|
55
|
-
"PWN_ROOT
|
55
|
+
"PWN_ROOT=\$(ruby -r pwn -e 'puts \"#{Gem.path.first}/gems/pwn-#{PWN::VERSION}\"')",
|
56
56
|
"PWN_PROVIDER=aws"
|
57
57
|
],
|
58
58
|
"scripts": [
|
@@ -71,7 +71,7 @@
|
|
71
71
|
"pause_before": "180s",
|
72
72
|
"type": "shell",
|
73
73
|
"environment_vars": [
|
74
|
-
"PWN_ROOT
|
74
|
+
"PWN_ROOT=\$(ruby -r pwn -e 'puts \"#{Gem.path.first}/gems/pwn-#{PWN::VERSION}\"')",
|
75
75
|
"PWN_PROVIDER=aws"
|
76
76
|
],
|
77
77
|
"scripts": [
|
@@ -39,7 +39,7 @@
|
|
39
39
|
{
|
40
40
|
"type": "shell",
|
41
41
|
"environment_vars": [
|
42
|
-
"PWN_ROOT
|
42
|
+
"PWN_ROOT=\$(ruby -r pwn -e 'puts \"#{Gem.path.first}/gems/pwn-#{PWN::VERSION}\"')",
|
43
43
|
"PWN_PROVIDER=qemu"
|
44
44
|
],
|
45
45
|
"scripts": [
|
@@ -75,7 +75,7 @@
|
|
75
75
|
"pause_before": "180s",
|
76
76
|
"type": "shell",
|
77
77
|
"environment_vars": [
|
78
|
-
"PWN_ROOT
|
78
|
+
"PWN_ROOT=\$(ruby -r pwn -e 'puts \"#{Gem.path.first}/gems/pwn-#{PWN::VERSION}\"')",
|
79
79
|
"PWN_PROVIDER=qemu"
|
80
80
|
],
|
81
81
|
"scripts": [
|
@@ -43,7 +43,7 @@
|
|
43
43
|
{
|
44
44
|
"type": "shell",
|
45
45
|
"environment_vars": [
|
46
|
-
"PWN_ROOT
|
46
|
+
"PWN_ROOT=\$(ruby -r pwn -e 'puts \"#{Gem.path.first}/gems/pwn-#{PWN::VERSION}\"')",
|
47
47
|
"PWN_PROVIDER=virtualbox"
|
48
48
|
],
|
49
49
|
"scripts": [
|
@@ -63,7 +63,7 @@
|
|
63
63
|
"pause_before": "180s",
|
64
64
|
"type": "shell",
|
65
65
|
"environment_vars": [
|
66
|
-
"PWN_ROOT
|
66
|
+
"PWN_ROOT=\$(ruby -r pwn -e 'puts \"#{Gem.path.first}/gems/pwn-#{PWN::VERSION}\"')",
|
67
67
|
"PWN_PROVIDER=virtualbox"
|
68
68
|
],
|
69
69
|
"scripts": [
|
@@ -83,7 +83,7 @@
|
|
83
83
|
"pause_before": "180s",
|
84
84
|
"type": "shell",
|
85
85
|
"environment_vars": [
|
86
|
-
"PWN_ROOT
|
86
|
+
"PWN_ROOT=\$(ruby -r pwn -e 'puts \"#{Gem.path.first}/gems/pwn-#{PWN::VERSION}\"')",
|
87
87
|
"PWN_PROVIDER=virtualbox"
|
88
88
|
],
|
89
89
|
"scripts": [
|
@@ -102,7 +102,7 @@
|
|
102
102
|
"pause_before": "180s",
|
103
103
|
"type": "shell",
|
104
104
|
"environment_vars": [
|
105
|
-
"PWN_ROOT
|
105
|
+
"PWN_ROOT=\$(ruby -r pwn -e 'puts \"#{Gem.path.first}/gems/pwn-#{PWN::VERSION}\"')",
|
106
106
|
"PWN_PROVIDER=virtualbox"
|
107
107
|
],
|
108
108
|
"scripts": [
|
@@ -43,7 +43,7 @@
|
|
43
43
|
{
|
44
44
|
"type": "shell",
|
45
45
|
"environment_vars": [
|
46
|
-
"PWN_ROOT
|
46
|
+
"PWN_ROOT=\$(ruby -r pwn -e 'puts \"#{Gem.path.first}/gems/pwn-#{PWN::VERSION}\"')",
|
47
47
|
"PWN_PROVIDER=vmware"
|
48
48
|
],
|
49
49
|
"scripts": [
|
@@ -63,7 +63,7 @@
|
|
63
63
|
"pause_before": "180s",
|
64
64
|
"type": "shell",
|
65
65
|
"environment_vars": [
|
66
|
-
"PWN_ROOT
|
66
|
+
"PWN_ROOT=\$(ruby -r pwn -e 'puts \"#{Gem.path.first}/gems/pwn-#{PWN::VERSION}\"')",
|
67
67
|
"PWN_PROVIDER=vmware"
|
68
68
|
],
|
69
69
|
"scripts": [
|
@@ -83,7 +83,7 @@
|
|
83
83
|
"pause_before": "180s",
|
84
84
|
"type": "shell",
|
85
85
|
"environment_vars": [
|
86
|
-
"PWN_ROOT
|
86
|
+
"PWN_ROOT=\$(ruby -r pwn -e 'puts \"#{Gem.path.first}/gems/pwn-#{PWN::VERSION}\"')",
|
87
87
|
"PWN_PROVIDER=vmware"
|
88
88
|
],
|
89
89
|
"scripts": [
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: pwn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.4.
|
4
|
+
version: 0.4.407
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- 0day Inc.
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-04-
|
11
|
+
date: 2022-04-12 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|
@@ -164,6 +164,20 @@ dependencies:
|
|
164
164
|
- - '='
|
165
165
|
- !ruby/object:Gem::Version
|
166
166
|
version: 0.8.1
|
167
|
+
- !ruby/object:Gem::Dependency
|
168
|
+
name: credit_card_validations
|
169
|
+
requirement: !ruby/object:Gem::Requirement
|
170
|
+
requirements:
|
171
|
+
- - '='
|
172
|
+
- !ruby/object:Gem::Version
|
173
|
+
version: 5.0.0
|
174
|
+
type: :runtime
|
175
|
+
prerelease: false
|
176
|
+
version_requirements: !ruby/object:Gem::Requirement
|
177
|
+
requirements:
|
178
|
+
- - '='
|
179
|
+
- !ruby/object:Gem::Version
|
180
|
+
version: 5.0.0
|
167
181
|
- !ruby/object:Gem::Dependency
|
168
182
|
name: faye-websocket
|
169
183
|
requirement: !ruby/object:Gem::Requirement
|
@@ -934,6 +948,20 @@ dependencies:
|
|
934
948
|
- - '='
|
935
949
|
- !ruby/object:Gem::Version
|
936
950
|
version: 2.1.0
|
951
|
+
- !ruby/object:Gem::Dependency
|
952
|
+
name: yard
|
953
|
+
requirement: !ruby/object:Gem::Requirement
|
954
|
+
requirements:
|
955
|
+
- - '='
|
956
|
+
- !ruby/object:Gem::Version
|
957
|
+
version: 0.9.27
|
958
|
+
type: :runtime
|
959
|
+
prerelease: false
|
960
|
+
version_requirements: !ruby/object:Gem::Requirement
|
961
|
+
requirements:
|
962
|
+
- - '='
|
963
|
+
- !ruby/object:Gem::Version
|
964
|
+
version: 0.9.27
|
937
965
|
description: https://github.com/0dayinc/pwn/README.md
|
938
966
|
email:
|
939
967
|
- request.pentest@0dayinc.com
|