pwn 0.4.427 → 0.4.430

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +2 -2
  3. data/bin/pwn_nessus_cloud_create_scan +65 -14
  4. data/bin/pwn_nessus_cloud_vulnscan +4 -8
  5. data/lib/pwn/plugins/nessus_cloud.rb +104 -5
  6. data/lib/pwn/version.rb +1 -1
  7. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: c5f15a780e9624b97ab5c97f6893867c10e063404f58cb5ffbfd7b9a60a0a203
4
- data.tar.gz: 1288494c82fd238638268e1449fa8871d95b3f110d2fd9c5b33c4383fcc7003b
3
+ metadata.gz: c31b2ac11c6feecd92b4cd5fb270270c7cf91794dec67257bd18b1ba5ce330f4
4
+ data.tar.gz: b774b6329c49e18d65720fad8e4ae0976cbce0507489e039b2b5745baf85055e
5
5
  SHA512:
6
- metadata.gz: 05aacaf69830d42724ed1d48c510f5c5c4245a9ce8631f85c93597cf577e0be34cc8645462ab7bd36c81c7872633eca5b6c0ade1fa0d234e38fef29ddfa4bc9c
7
- data.tar.gz: 44a6c433320b1e721408b711f09a6a39eb3eba26924547cd74ebaa2dcebfafd74d15fb18a41d557283fe9f45f19665264a10a9754565e8f4fe821b881dd9a7c5
6
+ metadata.gz: '08fc344ede5c67f38ef52aba9ed5d6fa9a9fcc7d1ec6b0f0f8486520a118ca94bf8de5219a93d00286813d1174270793805b3866ea99841571c0ddceedaff00f'
7
+ data.tar.gz: 9061c5bd187b2c0c99229cd35dbe31aec1d1935c6465a07b5bfaa55691888d280f68eade1217e5a518d2ecfda5b2509a81dfe35b26d60f6dca8cffb7b302c6b6
data/README.md CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.1.2@pwn
37
37
  $ rvm list gemsets
38
38
  $ gem install --verbose pwn
39
39
  $ pwn
40
- pwn[v0.4.427]:001 >>> PWN.help
40
+ pwn[v0.4.430]:001 >>> PWN.help
41
41
  ```
42
42
 
43
43
  [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.1.2@pwn
52
52
  $ gem uninstall --all --executables pwn
53
53
  $ gem install --verbose pwn
54
54
  $ pwn
55
- pwn[v0.4.427]:001 >>> PWN.help
55
+ pwn[v0.4.430]:001 >>> PWN.help
56
56
  ```
57
57
 
58
58
 
data/bin/pwn_nessus_cloud_create_scan CHANGED
@@ -19,12 +19,32 @@ OptionParser.new do |options|
19
19
  opts[:scan_name] = n
20
20
  end
21
21
 
22
+ options.on('-tVALUE', '--scan-template=VALUE', '<Optional - Canned Scan Template to Use for Scan Creation (Defaults to "Basic Network Scan">') do |t|
23
+ opts[:scan_template] = t
24
+ end
25
+
22
26
  options.on('-pPOLICY', '--policy-name=POLICY', '<Optional - Policy to Use to Create the Scan (Defaults to "")>') do |p|
23
27
  opts[:policy_name] = p
24
28
  end
25
29
 
26
- options.on('-tVALUE', '--scan-template=VALUE', '<Optional - Canned Scan Template to Use for Scan Creation (Defaults to "Basic Network Scan">') do |t|
27
- opts[:scan_template] = t
30
+ options.on('-fFOLDER', '--folder-name=FOLDER', '<Optional - Where to Store the Scan (Defaults to "main")>') do |f|
31
+ opts[:folder_name] = f
32
+ end
33
+
34
+ options.on('-sSCANNER', '--scanner-name=SCANNER', '<Optional - Scanner to Use (Defaults to "AUTO-ROUTED")>') do |s|
35
+ opts[:scanner_name] = s
36
+ end
37
+
38
+ options.on('-nTARGET', '--target-network=TARGET', '<Optional if --scanner other than AUTO-ROUTED, Otherwise Required - Network to Scan (Defaults to "default-network")>') do |n|
39
+ opts[:target_network] = n
40
+ end
41
+
42
+ options.on('-lWHEN', '--launch=WHEN', '<Optional When to Launch Scan - ON_DEMAND || DAILY || WEEKLY || MONTHLY || YEARLY (Defaults to "ON_DEMAND")>') do |l|
43
+ opts[:launch] = l
44
+ end
45
+
46
+ options.on('-wTIME', '--scan-time-window=TIME', '<Optional Scan Time Window in Minutes - (Defaults to 0 if nessus scanner scan || 180 if nessus agent scan)>') do |l|
47
+ opts[:launch] = l
28
48
  end
29
49
  end.parse!
30
50
 
@@ -48,33 +68,64 @@ begin
48
68
 
49
69
  scan_name = opts[:scan_name]
50
70
 
71
+ scan_template = opts[:scan_template]
72
+ scan_template ||= 'Basic Network Scan'
73
+
51
74
  policy_name = opts[:policy_name]
52
75
  policy_name ||= ''
53
76
 
54
- scan_template = opts[:scan_template]
55
- scan_template ||= 'Basic Network Scan'
77
+ folder_name = opts[:folder_name]
78
+ folder_name ||= 'main'
79
+
80
+ scanner_name = opts[:scanner_name]
81
+ scanner_name ||= 'AUTO-ROUTED'
82
+
83
+ target_network = opts[:target_network]
84
+ target_network ||= '00000000-0000-0000-0000-000000000000'
85
+ target_network = '00000000-0000-0000-0000-000000000000' if target_network == 'default-network'
86
+
87
+ launch = opts[:launch]
88
+ launch ||= 'ON_DEMAND'
89
+
90
+ scan_time_window = opts[:scan_time_window]
56
91
 
57
92
  nessus_obj = PWN::Plugins::NessusCloud.login(
58
93
  access_key: access_key,
59
94
  secret_key: secret_key
60
95
  )
61
96
 
62
- policy_list = PWN::Plugins::NessusCloud.get_policies(
63
- nessus_obj: nessus_obj
97
+ scan_template = PWN::Plugins::NessusCloud.get_canned_scan_templates(
98
+ nessus_obj: nessus_obj,
99
+ title: scan_template
64
100
  )
65
- puts policy_list.inspect
101
+ scan_template_id = scan_template[:uuid]
102
+ puts scan_template_id
66
103
 
67
- scan_template_list = PWN::Plugins::NessusCloud.get_canned_scan_templates(
68
- nessus_obj: nessus_obj
104
+ policy = PWN::Plugins::NessusCloud.get_policies(
105
+ nessus_obj: nessus_obj,
106
+ name: policy_name
69
107
  )
108
+ policy_id = policy[:id]
109
+ puts policy_id
70
110
 
71
- selected_scan_template = scan_template_list[:templates].select do |scan_template|
72
- scan_template[:title] == scan_template
73
- end
111
+ folder = PWN::Plugins::NessusCloud.get_folders(
112
+ nessus_obj: nessus_obj,
113
+ name: folder_name
114
+ )
115
+ folder_id = folder[:id]
116
+ puts folder_id
74
117
 
75
- scan_template_id = selected_scan_template.first[:uuid]
118
+ scanner = PWN::Plugins::NessusCloud.get_scanners(
119
+ nessus_obj: nessus_obj,
120
+ name: scanner_name
121
+ )
122
+ scanner_id = scanner[:id]
123
+ puts scanner_id
76
124
 
77
-
125
+ target_network_list = PWN::Plugins::NessusCloud.get_target_networks(
126
+ nessus_obj: nessus_obj
127
+ )
128
+ puts target_network_list.inspect
78
129
  rescue Interrupt
79
130
  puts 'CTRL+C detected...goodbye.'
80
131
  rescue StandardError => e
data/bin/pwn_nessus_cloud_vulnscan CHANGED
@@ -54,15 +54,11 @@ begin
54
54
  secret_key: secret_key
55
55
  )
56
56
 
57
- scan_list = PWN::Plugins::NessusCloud.get_scans(
58
- nessus_obj: nessus_obj
57
+ scan = PWN::Plugins::NessusCloud.get_scans(
58
+ nessus_obj: nessus_obj,
59
+ name: scan_name
59
60
  )
60
-
61
- selected_scan_to_launch = scan_list[:scans].select do |scan|
62
- scan[:name] == scan_name
63
- end
64
-
65
- scan_id = selected_scan_to_launch.first[:id]
61
+ scan_id = scan[:id]
66
62
 
67
63
  PWN::Plugins::NessusCloud.launch_scan(
68
64
  nessus_obj: nessus_obj,
data/lib/pwn/plugins/nessus_cloud.rb CHANGED
@@ -99,13 +99,24 @@ module PWN
99
99
 
100
100
  public_class_method def self.get_canned_scan_templates(opts = {})
101
101
  nessus_obj = opts[:nessus_obj]
102
+ title = opts[:title]
102
103
 
103
104
  scan_templates_resp = nessus_cloud_rest_call(
104
105
  nessus_obj: nessus_obj,
105
106
  rest_call: 'editor/scan/templates'
106
107
  ).body
107
108
 
108
- JSON.parse(scan_templates_resp, symbolize_names: true)
109
+ scan_templates = JSON.parse(scan_templates_resp, symbolize_names: true)
110
+
111
+ if title
112
+ selected_scan_template = scan_templates[:templates].select do |sc|
113
+ sc[:title] == title
114
+ end
115
+ scan_templates = selected_scan_template.first if selected_scan_template.any?
116
+ scan_templates ||= {}
117
+ end
118
+
119
+ scan_templates
109
120
  rescue StandardError, SystemExit, Interrupt => e
110
121
  raise e
111
122
  end
@@ -117,28 +128,97 @@ module PWN
117
128
 
118
129
  public_class_method def self.get_policies(opts = {})
119
130
  nessus_obj = opts[:nessus_obj]
131
+ name = opts[:name]
120
132
 
121
133
  scan_templates_resp = nessus_cloud_rest_call(
122
134
  nessus_obj: nessus_obj,
123
135
  rest_call: 'policies'
124
136
  ).body
125
137
 
126
- JSON.parse(scan_templates_resp, symbolize_names: true)
138
+ policies = JSON.parse(scan_templates_resp, symbolize_names: true)
139
+
140
+ if name
141
+ selected_policy = policies[:policies].select do |p|
142
+ p[:name] == name
143
+ end
144
+ policies = selected_policy.first if selected_policy.any?
145
+ policies ||= {}
146
+ end
147
+
148
+ policies
127
149
  rescue StandardError, SystemExit, Interrupt => e
128
150
  raise e
129
151
  end
130
152
 
131
153
  # Supported Method Parameters::
132
- # PWN::Plugins::NessusCloud.get_policies(
154
+ # PWN::Plugins::NessusCloud.get_folders(
133
155
  # nessus_obj: 'required - nessus_obj returned from #login method'
134
156
  # )
135
157
 
136
158
  public_class_method def self.get_folders(opts = {})
137
159
  nessus_obj = opts[:nessus_obj]
160
+ name = opts[:name]
138
161
 
139
162
  scan_templates_resp = nessus_cloud_rest_call(
140
163
  nessus_obj: nessus_obj,
141
- rest_call: 'policies'
164
+ rest_call: 'folders'
165
+ ).body
166
+
167
+ folders = JSON.parse(scan_templates_resp, symbolize_names: true)
168
+
169
+ if name
170
+ selected_folder = folders[:folders].select do |f|
171
+ f[:name] == name
172
+ end
173
+ folders = selected_folder.first if selected_folder.any?
174
+ folders ||= {}
175
+ end
176
+
177
+ folders
178
+ rescue StandardError, SystemExit, Interrupt => e
179
+ raise e
180
+ end
181
+
182
+ # Supported Method Parameters::
183
+ # PWN::Plugins::NessusCloud.get_scanners(
184
+ # nessus_obj: 'required - nessus_obj returned from #login method'
185
+ # )
186
+
187
+ public_class_method def self.get_scanners(opts = {})
188
+ nessus_obj = opts[:nessus_obj]
189
+ name = opts[:name]
190
+
191
+ scan_templates_resp = nessus_cloud_rest_call(
192
+ nessus_obj: nessus_obj,
193
+ rest_call: 'scanners'
194
+ ).body
195
+
196
+ scanners = JSON.parse(scan_templates_resp, symbolize_names: true)
197
+
198
+ if name
199
+ selected_scanner = scanners[:scanners].select do |s|
200
+ s[:name] == name
201
+ end
202
+ scanners = selected_scanner.first if selected_scanner.any?
203
+ scanners ||= {}
204
+ end
205
+
206
+ scanners
207
+ rescue StandardError, SystemExit, Interrupt => e
208
+ raise e
209
+ end
210
+
211
+ # Supported Method Parameters::
212
+ # PWN::Plugins::NessusCloud.get_target_networks(
213
+ # nessus_obj: 'required - nessus_obj returned from #login method'
214
+ # )
215
+
216
+ public_class_method def self.get_target_networks(opts = {})
217
+ nessus_obj = opts[:nessus_obj]
218
+
219
+ scan_templates_resp = nessus_cloud_rest_call(
220
+ nessus_obj: nessus_obj,
221
+ rest_call: 'networks'
142
222
  ).body
143
223
 
144
224
  JSON.parse(scan_templates_resp, symbolize_names: true)
@@ -153,13 +233,24 @@ module PWN
153
233
 
154
234
  public_class_method def self.get_scans(opts = {})
155
235
  nessus_obj = opts[:nessus_obj]
236
+ name = opts[:name]
156
237
 
157
238
  scans_resp = nessus_cloud_rest_call(
158
239
  nessus_obj: nessus_obj,
159
240
  rest_call: 'scans'
160
241
  ).body
161
242
 
162
- JSON.parse(scans_resp, symbolize_names: true)
243
+ scans = JSON.parse(scans_resp, symbolize_names: true)
244
+
245
+ if name
246
+ selected_scan = scans[:scans].select do |s|
247
+ s[:name] == name
248
+ end
249
+ scans = selected_scan.first if selected_scan.any?
250
+ scans ||= {}
251
+ end
252
+
253
+ scans
163
254
  rescue StandardError, SystemExit, Interrupt => e
164
255
  raise e
165
256
  end
@@ -349,6 +440,14 @@ module PWN
349
440
  nessus_obj: 'required - nessus_obj returned from #login method'
350
441
  )
351
442
 
443
+ #{self}.get_scanners(
444
+ nessus_obj: 'required - nessus_obj returned from #login method'
445
+ )
446
+
447
+ #{self}.get_target_networks(
448
+ nessus_obj: 'required - nessus_obj returned from #login method'
449
+ )
450
+
352
451
  #{self}.get_scans(
353
452
  nessus_obj: 'required - nessus_obj returned from #login method'
354
453
  )
data/lib/pwn/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module PWN
4
- VERSION = '0.4.427'
4
+ VERSION = '0.4.430'
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pwn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.427
4
+ version: 0.4.430
5
5
  platform: ruby
6
6
  authors:
7
7
  - 0day Inc.