pwn 0.4.427 → 0.4.430

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c5f15a780e9624b97ab5c97f6893867c10e063404f58cb5ffbfd7b9a60a0a203
-  data.tar.gz: 1288494c82fd238638268e1449fa8871d95b3f110d2fd9c5b33c4383fcc7003b
+  metadata.gz: c31b2ac11c6feecd92b4cd5fb270270c7cf91794dec67257bd18b1ba5ce330f4
+  data.tar.gz: b774b6329c49e18d65720fad8e4ae0976cbce0507489e039b2b5745baf85055e
 SHA512:
-  metadata.gz: 05aacaf69830d42724ed1d48c510f5c5c4245a9ce8631f85c93597cf577e0be34cc8645462ab7bd36c81c7872633eca5b6c0ade1fa0d234e38fef29ddfa4bc9c
-  data.tar.gz: 44a6c433320b1e721408b711f09a6a39eb3eba26924547cd74ebaa2dcebfafd74d15fb18a41d557283fe9f45f19665264a10a9754565e8f4fe821b881dd9a7c5
+  metadata.gz: '08fc344ede5c67f38ef52aba9ed5d6fa9a9fcc7d1ec6b0f0f8486520a118ca94bf8de5219a93d00286813d1174270793805b3866ea99841571c0ddceedaff00f'
+  data.tar.gz: 9061c5bd187b2c0c99229cd35dbe31aec1d1935c6465a07b5bfaa55691888d280f68eade1217e5a518d2ecfda5b2509a81dfe35b26d60f6dca8cffb7b302c6b6

data/README.md

@@ -37,7 +37,7 @@ $ rvm use ruby-3.1.2@pwn
 $ rvm list gemsets
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.427]:001 >>> PWN.help
+pwn[v0.4.430]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.1.2@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.427]:001 >>> PWN.help
+pwn[v0.4.430]:001 >>> PWN.help
 ```
 
 

data/bin/pwn_nessus_cloud_create_scan

@@ -19,12 +19,32 @@ OptionParser.new do |options|
     opts[:scan_name] = n
   end
 
+  options.on('-tVALUE', '--scan-template=VALUE', '<Optional - Canned Scan Template to Use for Scan Creation (Defaults to "Basic Network Scan">') do |t|
+    opts[:scan_template] = t
+  end
+
   options.on('-pPOLICY', '--policy-name=POLICY', '<Optional - Policy to Use to Create the Scan (Defaults to "")>') do |p|
     opts[:policy_name] = p
   end
 
-  options.on('-tVALUE', '--scan-template=VALUE', '<Optional - Canned Scan Template to Use for Scan Creation (Defaults to "Basic Network Scan">') do |t|
-    opts[:scan_template] = t
+  options.on('-fFOLDER', '--folder-name=FOLDER', '<Optional - Where to Store the Scan (Defaults to "main")>') do |f|
+    opts[:folder_name] = f
+  end
+
+  options.on('-sSCANNER', '--scanner-name=SCANNER', '<Optional - Scanner to Use (Defaults to "AUTO-ROUTED")>') do |s|
+    opts[:scanner_name] = s
+  end
+
+  options.on('-nTARGET', '--target-network=TARGET', '<Optional if --scanner other than AUTO-ROUTED, Otherwise Required - Network to Scan (Defaults to "default-network")>') do |n|
+    opts[:target_network] = n
+  end
+
+  options.on('-lWHEN', '--launch=WHEN', '<Optional When to Launch Scan - ON_DEMAND || DAILY || WEEKLY || MONTHLY || YEARLY (Defaults to "ON_DEMAND")>') do |l|
+    opts[:launch] = l
+  end
+
+  options.on('-wTIME', '--scan-time-window=TIME', '<Optional Scan Time Window in Minutes - (Defaults to 0 if nessus scanner scan || 180 if nessus agent scan)>') do |l|
+    opts[:launch] = l
   end
 end.parse!
 
@@ -48,33 +68,64 @@ begin
 
   scan_name = opts[:scan_name]
 
+  scan_template = opts[:scan_template]
+  scan_template ||= 'Basic Network Scan'
+
   policy_name = opts[:policy_name]
   policy_name ||= ''
 
-  scan_template = opts[:scan_template]
-  scan_template ||= 'Basic Network Scan'
+  folder_name = opts[:folder_name]
+  folder_name ||= 'main'
+
+  scanner_name = opts[:scanner_name]
+  scanner_name ||= 'AUTO-ROUTED'
+
+  target_network = opts[:target_network]
+  target_network ||= '00000000-0000-0000-0000-000000000000'
+  target_network = '00000000-0000-0000-0000-000000000000' if target_network == 'default-network'
+
+  launch = opts[:launch]
+  launch ||= 'ON_DEMAND'
+
+  scan_time_window = opts[:scan_time_window]
 
   nessus_obj = PWN::Plugins::NessusCloud.login(
     access_key: access_key,
     secret_key: secret_key
   )
 
-  policy_list = PWN::Plugins::NessusCloud.get_policies(
-    nessus_obj: nessus_obj
+  scan_template = PWN::Plugins::NessusCloud.get_canned_scan_templates(
+    nessus_obj: nessus_obj,
+    title: scan_template
   )
-  puts policy_list.inspect
+  scan_template_id = scan_template[:uuid]
+  puts scan_template_id
 
-  scan_template_list = PWN::Plugins::NessusCloud.get_canned_scan_templates(
-    nessus_obj: nessus_obj
+  policy = PWN::Plugins::NessusCloud.get_policies(
+    nessus_obj: nessus_obj,
+    name: policy_name
   )
+  policy_id = policy[:id]
+  puts policy_id
 
-  selected_scan_template = scan_template_list[:templates].select do |scan_template|
-    scan_template[:title] == scan_template
-  end
+  folder = PWN::Plugins::NessusCloud.get_folders(
+    nessus_obj: nessus_obj,
+    name: folder_name
+  )
+  folder_id = folder[:id]
+  puts folder_id
 
-  scan_template_id = selected_scan_template.first[:uuid]
+  scanner = PWN::Plugins::NessusCloud.get_scanners(
+    nessus_obj: nessus_obj,
+    name: scanner_name
+  )
+  scanner_id = scanner[:id]
+  puts scanner_id
 
-  
+  target_network_list = PWN::Plugins::NessusCloud.get_target_networks(
+    nessus_obj: nessus_obj
+  )
+  puts target_network_list.inspect
 rescue Interrupt
   puts 'CTRL+C detected...goodbye.'
 rescue StandardError => e

data/bin/pwn_nessus_cloud_vulnscan

@@ -54,15 +54,11 @@ begin
     secret_key: secret_key
   )
 
-  scan_list = PWN::Plugins::NessusCloud.get_scans(
-    nessus_obj: nessus_obj
+  scan = PWN::Plugins::NessusCloud.get_scans(
+    nessus_obj: nessus_obj,
+    name: scan_name
   )
-
-  selected_scan_to_launch = scan_list[:scans].select do |scan|
-    scan[:name] == scan_name
-  end
-
-  scan_id = selected_scan_to_launch.first[:id]
+  scan_id = scan[:id]
 
   PWN::Plugins::NessusCloud.launch_scan(
     nessus_obj: nessus_obj,

data/lib/pwn/plugins/nessus_cloud.rb

@@ -99,13 +99,24 @@ module PWN
 
       public_class_method def self.get_canned_scan_templates(opts = {})
         nessus_obj = opts[:nessus_obj]
+        title = opts[:title]
 
         scan_templates_resp = nessus_cloud_rest_call(
           nessus_obj: nessus_obj,
           rest_call: 'editor/scan/templates'
         ).body
 
-        JSON.parse(scan_templates_resp, symbolize_names: true)
+        scan_templates = JSON.parse(scan_templates_resp, symbolize_names: true)
+
+        if title
+          selected_scan_template = scan_templates[:templates].select do |sc|
+            sc[:title] == title
+          end
+          scan_templates = selected_scan_template.first if selected_scan_template.any?
+          scan_templates ||= {}
+        end
+
+        scan_templates
       rescue StandardError, SystemExit, Interrupt => e
         raise e
       end
@@ -117,28 +128,97 @@ module PWN
 
       public_class_method def self.get_policies(opts = {})
         nessus_obj = opts[:nessus_obj]
+        name = opts[:name]
 
         scan_templates_resp = nessus_cloud_rest_call(
           nessus_obj: nessus_obj,
           rest_call: 'policies'
         ).body
 
-        JSON.parse(scan_templates_resp, symbolize_names: true)
+        policies = JSON.parse(scan_templates_resp, symbolize_names: true)
+
+        if name
+          selected_policy = policies[:policies].select do |p|
+            p[:name] == name
+          end
+          policies = selected_policy.first if selected_policy.any?
+          policies ||= {}
+        end
+
+        policies
       rescue StandardError, SystemExit, Interrupt => e
         raise e
       end
 
       # Supported Method Parameters::
-      # PWN::Plugins::NessusCloud.get_policies(
+      # PWN::Plugins::NessusCloud.get_folders(
       #   nessus_obj: 'required - nessus_obj returned from #login method'
       # )
 
       public_class_method def self.get_folders(opts = {})
         nessus_obj = opts[:nessus_obj]
+        name = opts[:name]
 
         scan_templates_resp = nessus_cloud_rest_call(
           nessus_obj: nessus_obj,
-          rest_call: 'policies'
+          rest_call: 'folders'
+        ).body
+
+        folders = JSON.parse(scan_templates_resp, symbolize_names: true)
+
+        if name
+          selected_folder = folders[:folders].select do |f|
+            f[:name] == name
+          end
+          folders = selected_folder.first if selected_folder.any?
+          folders ||= {}
+        end
+
+        folders
+      rescue StandardError, SystemExit, Interrupt => e
+        raise e
+      end
+
+      # Supported Method Parameters::
+      # PWN::Plugins::NessusCloud.get_scanners(
+      #   nessus_obj: 'required - nessus_obj returned from #login method'
+      # )
+
+      public_class_method def self.get_scanners(opts = {})
+        nessus_obj = opts[:nessus_obj]
+        name = opts[:name]
+
+        scan_templates_resp = nessus_cloud_rest_call(
+          nessus_obj: nessus_obj,
+          rest_call: 'scanners'
+        ).body
+
+        scanners = JSON.parse(scan_templates_resp, symbolize_names: true)
+
+        if name
+          selected_scanner = scanners[:scanners].select do |s|
+            s[:name] == name
+          end
+          scanners = selected_scanner.first if selected_scanner.any?
+          scanners ||= {}
+        end
+
+        scanners
+      rescue StandardError, SystemExit, Interrupt => e
+        raise e
+      end
+
+      # Supported Method Parameters::
+      # PWN::Plugins::NessusCloud.get_target_networks(
+      #   nessus_obj: 'required - nessus_obj returned from #login method'
+      # )
+
+      public_class_method def self.get_target_networks(opts = {})
+        nessus_obj = opts[:nessus_obj]
+
+        scan_templates_resp = nessus_cloud_rest_call(
+          nessus_obj: nessus_obj,
+          rest_call: 'networks'
         ).body
 
         JSON.parse(scan_templates_resp, symbolize_names: true)
@@ -153,13 +233,24 @@ module PWN
 
       public_class_method def self.get_scans(opts = {})
         nessus_obj = opts[:nessus_obj]
+        name = opts[:name]
 
         scans_resp = nessus_cloud_rest_call(
           nessus_obj: nessus_obj,
           rest_call: 'scans'
         ).body
 
-        JSON.parse(scans_resp, symbolize_names: true)
+        scans = JSON.parse(scans_resp, symbolize_names: true)
+
+        if name
+          selected_scan = scans[:scans].select do |s|
+            s[:name] == name
+          end
+          scans = selected_scan.first if selected_scan.any?
+          scans ||= {}
+        end
+
+        scans
       rescue StandardError, SystemExit, Interrupt => e
         raise e
       end
@@ -349,6 +440,14 @@ module PWN
             nessus_obj: 'required - nessus_obj returned from #login method'
           )
 
+          #{self}.get_scanners(
+            nessus_obj: 'required - nessus_obj returned from #login method'
+          )
+
+          #{self}.get_target_networks(
+            nessus_obj: 'required - nessus_obj returned from #login method'
+          )
+
           #{self}.get_scans(
             nessus_obj: 'required - nessus_obj returned from #login method'
           )

data/lib/pwn/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.4.427'
+  VERSION = '0.4.430'
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.4.427
+  version: 0.4.430
 platform: ruby
 authors:
 - 0day Inc.