pwn 0.4.428 → 0.4.431

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d9bd0dc9709e3043fbe7ad675ff346e3b40d669cfea819738d80f55ab4eed27f
-  data.tar.gz: 3ec835eac8f1a6844497636822ad604eb5c344859499af7d423db16fc358b2f9
+  metadata.gz: 48072b8179bfac8c54e8c436a40414dc482092f73ef06fb3f6f318fde1f27ca7
+  data.tar.gz: 1760f70d5a5e81fb0c5e82606a3019b4de3e374a2a596a1ffd344dba62d2d865
 SHA512:
-  metadata.gz: c27de53fb91911f8310b32039391636fa8be67325c4a5bbb20b12ae7d7a43965c62bdbfbb685fa9740b6d7a8d362582eda1517133d41369092940ba64aad0ce2
-  data.tar.gz: 5c00306225bc215c7117a3ed4163f763a76818b7ec2d557e6d44c416766dde6396dd1ce032c2260cf20cf7af245f6e01a4018fd9d6c47ad60b00e8f594399b95
+  metadata.gz: 48b319c619e24c40ec69a45c4ab2470972480400157443470752d0915e93761f3ad0e0a74b33f6d5389034e091d054efa4455ea8943957620d4e98130cb0c598
+  data.tar.gz: d93a09ed3585490878ca297da4be21bcce0a28f80732838eb2ddb436bab7383293aead3628a851bd7fc78f03b4af0a231f01145434132292f6d3ed6e69f088f1

data/README.md

@@ -37,7 +37,7 @@ $ rvm use ruby-3.1.2@pwn
 $ rvm list gemsets
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.428]:001 >>> PWN.help
+pwn[v0.4.431]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.1.2@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.428]:001 >>> PWN.help
+pwn[v0.4.431]:001 >>> PWN.help
 ```
 
 

data/bin/pwn_nessus_cloud_create_scan

@@ -19,12 +19,32 @@ OptionParser.new do |options|
     opts[:scan_name] = n
   end
 
+  options.on('-tVALUE', '--scan-template=VALUE', '<Optional - Canned Scan Template to Use for Scan Creation (Defaults to "Basic Network Scan">') do |t|
+    opts[:scan_template] = t
+  end
+
   options.on('-pPOLICY', '--policy-name=POLICY', '<Optional - Policy to Use to Create the Scan (Defaults to "")>') do |p|
     opts[:policy_name] = p
   end
 
-  options.on('-tVALUE', '--scan-template=VALUE', '<Optional - Canned Scan Template to Use for Scan Creation (Defaults to "Basic Network Scan">') do |t|
-    opts[:scan_template] = t
+  options.on('-fFOLDER', '--folder-name=FOLDER', '<Optional - Where to Store the Scan (Defaults to "main")>') do |f|
+    opts[:folder_name] = f
+  end
+
+  options.on('-sSCANNER', '--scanner-name=SCANNER', '<Optional - Scanner to Use (Defaults to "AUTO-ROUTED")>') do |s|
+    opts[:scanner_name] = s
+  end
+
+  options.on('-TTARGET', '--target-network-name=TARGET', '<Optional if --scanner other than AUTO-ROUTED, Otherwise Required - Network to Scan (Defaults to "Default")>') do |t|
+    opts[:target_network_name] = t
+  end
+
+  options.on('-lWHEN', '--launch=WHEN', '<Optional When to Launch Scan - ON_DEMAND || DAILY || WEEKLY || MONTHLY || YEARLY (Defaults to "ON_DEMAND")>') do |l|
+    opts[:launch] = l
+  end
+
+  options.on('-wTIME', '--scan-time-window=TIME', '<Optional Scan Time Window in Minutes - (Defaults to 0 if nessus scanner scan || 180 if nessus agent scan)>') do |l|
+    opts[:launch] = l
   end
 end.parse!
 
@@ -48,32 +68,64 @@ begin
 
   scan_name = opts[:scan_name]
 
+  scan_template = opts[:scan_template]
+  scan_template ||= 'Basic Network Scan'
+
   policy_name = opts[:policy_name]
   policy_name ||= ''
 
-  scan_template = opts[:scan_template]
-  scan_template ||= 'Basic Network Scan'
+  folder_name = opts[:folder_name]
+  folder_name ||= 'main'
+
+  scanner_name = opts[:scanner_name]
+  scanner_name ||= 'AUTO-ROUTED'
+
+  target_network_name = opts[:target_network_name]
+  target_network_name ||= 'Default'
+
+  launch = opts[:launch]
+  launch ||= 'ON_DEMAND'
+
+  scan_time_window = opts[:scan_time_window]
 
   nessus_obj = PWN::Plugins::NessusCloud.login(
     access_key: access_key,
     secret_key: secret_key
   )
 
-  policy_list = PWN::Plugins::NessusCloud.get_policies(
-    nessus_obj: nessus_obj
+  scan_template = PWN::Plugins::NessusCloud.get_canned_scan_templates(
+    nessus_obj: nessus_obj,
+    title: scan_template
   )
-  puts policy_list.inspect
+  scan_template_id = scan_template[:uuid]
+  puts scan_template_id
 
-  scan_template_list = PWN::Plugins::NessusCloud.get_canned_scan_templates(
-    nessus_obj: nessus_obj
+  policy = PWN::Plugins::NessusCloud.get_policies(
+    nessus_obj: nessus_obj,
+    name: policy_name
   )
+  policy_id = policy[:id]
+  puts policy_id
 
-  selected_scan_template = scan_template_list[:templates].select do |sc|
-    sc[:title] == scan_template
-  end
+  folder = PWN::Plugins::NessusCloud.get_folders(
+    nessus_obj: nessus_obj,
+    name: folder_name
+  )
+  folder_id = folder[:id]
+  puts folder_id
 
-  scan_template_id = selected_scan_template.first[:uuid]
+  scanner = PWN::Plugins::NessusCloud.get_scanners(
+    nessus_obj: nessus_obj,
+    name: scanner_name
+  )
+  scanner_id = scanner[:id]
+  puts scanner_id
 
+  target_network = PWN::Plugins::NessusCloud.get_target_networks(
+    nessus_obj: nessus_obj,
+    name: target_network_name
+  )
+  target_network_id = target_network[:uuid]
 rescue Interrupt
   puts 'CTRL+C detected...goodbye.'
 rescue StandardError => e

data/bin/pwn_nessus_cloud_vulnscan

@@ -54,15 +54,11 @@ begin
     secret_key: secret_key
   )
 
-  scan_list = PWN::Plugins::NessusCloud.get_scans(
-    nessus_obj: nessus_obj
+  scan = PWN::Plugins::NessusCloud.get_scans(
+    nessus_obj: nessus_obj,
+    name: scan_name
   )
-
-  selected_scan_to_launch = scan_list[:scans].select do |scan|
-    scan[:name] == scan_name
-  end
-
-  scan_id = selected_scan_to_launch.first[:id]
+  scan_id = scan[:id]
 
   PWN::Plugins::NessusCloud.launch_scan(
     nessus_obj: nessus_obj,

data/lib/pwn/plugins/nessus_cloud.rb

@@ -99,13 +99,24 @@ module PWN
 
       public_class_method def self.get_canned_scan_templates(opts = {})
         nessus_obj = opts[:nessus_obj]
+        title = opts[:title]
 
         scan_templates_resp = nessus_cloud_rest_call(
           nessus_obj: nessus_obj,
           rest_call: 'editor/scan/templates'
         ).body
 
-        JSON.parse(scan_templates_resp, symbolize_names: true)
+        scan_templates = JSON.parse(scan_templates_resp, symbolize_names: true)
+
+        if title
+          selected_scan_template = scan_templates[:templates].select do |sc|
+            sc[:title] == title
+          end
+          scan_templates = selected_scan_template.first if selected_scan_template.any?
+          scan_templates ||= {}
+        end
+
+        scan_templates
       rescue StandardError, SystemExit, Interrupt => e
         raise e
       end
@@ -117,31 +128,111 @@ module PWN
 
       public_class_method def self.get_policies(opts = {})
         nessus_obj = opts[:nessus_obj]
+        name = opts[:name]
 
         scan_templates_resp = nessus_cloud_rest_call(
           nessus_obj: nessus_obj,
           rest_call: 'policies'
         ).body
 
-        JSON.parse(scan_templates_resp, symbolize_names: true)
+        policies = JSON.parse(scan_templates_resp, symbolize_names: true)
+
+        if name
+          selected_policy = policies[:policies].select do |p|
+            p[:name] == name
+          end
+          policies = selected_policy.first if selected_policy.any?
+          policies ||= {}
+        end
+
+        policies
       rescue StandardError, SystemExit, Interrupt => e
         raise e
       end
 
       # Supported Method Parameters::
-      # PWN::Plugins::NessusCloud.get_policies(
+      # PWN::Plugins::NessusCloud.get_folders(
       #   nessus_obj: 'required - nessus_obj returned from #login method'
       # )
 
       public_class_method def self.get_folders(opts = {})
         nessus_obj = opts[:nessus_obj]
+        name = opts[:name]
 
         scan_templates_resp = nessus_cloud_rest_call(
           nessus_obj: nessus_obj,
-          rest_call: 'policies'
+          rest_call: 'folders'
+        ).body
+
+        folders = JSON.parse(scan_templates_resp, symbolize_names: true)
+
+        if name
+          selected_folder = folders[:folders].select do |f|
+            f[:name] == name
+          end
+          folders = selected_folder.first if selected_folder.any?
+          folders ||= {}
+        end
+
+        folders
+      rescue StandardError, SystemExit, Interrupt => e
+        raise e
+      end
+
+      # Supported Method Parameters::
+      # PWN::Plugins::NessusCloud.get_scanners(
+      #   nessus_obj: 'required - nessus_obj returned from #login method'
+      # )
+
+      public_class_method def self.get_scanners(opts = {})
+        nessus_obj = opts[:nessus_obj]
+        name = opts[:name]
+
+        scan_templates_resp = nessus_cloud_rest_call(
+          nessus_obj: nessus_obj,
+          rest_call: 'scanners'
+        ).body
+
+        scanners = JSON.parse(scan_templates_resp, symbolize_names: true)
+
+        if name
+          selected_scanner = scanners[:scanners].select do |s|
+            s[:name] == name
+          end
+          scanners = selected_scanner.first if selected_scanner.any?
+          scanners ||= {}
+        end
+
+        scanners
+      rescue StandardError, SystemExit, Interrupt => e
+        raise e
+      end
+
+      # Supported Method Parameters::
+      # PWN::Plugins::NessusCloud.get_target_networks(
+      #   nessus_obj: 'required - nessus_obj returned from #login method'
+      # )
+
+      public_class_method def self.get_target_networks(opts = {})
+        nessus_obj = opts[:nessus_obj]
+        name = opts[:name]
+
+        scan_templates_resp = nessus_cloud_rest_call(
+          nessus_obj: nessus_obj,
+          rest_call: 'networks'
         ).body
 
-        JSON.parse(scan_templates_resp, symbolize_names: true)
+        target_networks = JSON.parse(scan_templates_resp, symbolize_names: true)
+
+        if name
+          selected_network = target_networks[:networks].select do |tn|
+            tn[:name] == name
+          end
+          target_networks = selected_network.first if selected_network.any?
+          target_networks ||= {}
+        end
+
+        target_networks
       rescue StandardError, SystemExit, Interrupt => e
         raise e
       end
@@ -153,13 +244,24 @@ module PWN
 
       public_class_method def self.get_scans(opts = {})
         nessus_obj = opts[:nessus_obj]
+        name = opts[:name]
 
         scans_resp = nessus_cloud_rest_call(
           nessus_obj: nessus_obj,
           rest_call: 'scans'
         ).body
 
-        JSON.parse(scans_resp, symbolize_names: true)
+        scans = JSON.parse(scans_resp, symbolize_names: true)
+
+        if name
+          selected_scan = scans[:scans].select do |s|
+            s[:name] == name
+          end
+          scans = selected_scan.first if selected_scan.any?
+          scans ||= {}
+        end
+
+        scans
       rescue StandardError, SystemExit, Interrupt => e
         raise e
       end
@@ -349,6 +451,14 @@ module PWN
             nessus_obj: 'required - nessus_obj returned from #login method'
           )
 
+          #{self}.get_scanners(
+            nessus_obj: 'required - nessus_obj returned from #login method'
+          )
+
+          #{self}.get_target_networks(
+            nessus_obj: 'required - nessus_obj returned from #login method'
+          )
+
           #{self}.get_scans(
             nessus_obj: 'required - nessus_obj returned from #login method'
           )

data/lib/pwn/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.4.428'
+  VERSION = '0.4.431'
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.4.428
+  version: 0.4.431
 platform: ruby
 authors:
 - 0day Inc.