pwn 0.4.432 → 0.4.433

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b53a054a6de64ad97760f3d1fe8e6dedbac6fd173d66600dcf08301635d88990
-  data.tar.gz: 459e0d3b96d8e297f0f48827202912f49e9e275c6f88bf242095c6bfbf3b33c7
+  metadata.gz: 0a46e9457e6865983d6c0c7fe5c80bdef0daf3a89145cf5c4d8209eff0b36ad0
+  data.tar.gz: 27dc83bbbad652c62eca8b27dddda5696c995bc4f129fcbf7678e50b4aeae6b8
 SHA512:
-  metadata.gz: 2094fcfe3d226dd7cea5dd8a9be4593ba853b968be90c657cfae828b74aebde36f3fe654aaf693782320a882fcfc2e18cf937998aff1dcf11cc04c4c655a79ec
-  data.tar.gz: 3b6dcdb9d2fc4fc65028485aa87418e5a1f0858c4475ab120d4f8e53b183f9c8d62d73ed3134a2648547a8e21fd41271b1a58e4f2785e13258b19a00406b9789
+  metadata.gz: 8d7e7119ff10f046fbd3963135e26536385edc6cefc8d83b2c92b0bb11f5c2845df0dc2891e73eb8b5ec55c2af9cb94cd3ad4ae4fc3b45bd6fb06d9f95ab93a6
+  data.tar.gz: 668308f6e0c04786f522a28feea4a9758f1e423aaea1610011665d9e1329d093547f40dbf508d8b70d3544a2f76f50711926ed23fc04086cefc816fc2feb298d

data/Gemfile

@@ -19,7 +19,7 @@ gem 'bettercap', '1.6.2'
 gem 'brakeman', '5.2.3'
 gem 'bson', '4.15.0'
 gem 'bundler', '>=2.3.14'
-gem 'bundler-audit', '0.9.0.1'
+gem 'bundler-audit', '0.9.1'
 gem 'bunny', '2.19.0'
 gem 'colorize', '0.8.1'
 gem 'credit_card_validations', '5.0.0'

data/README.md

@@ -37,7 +37,7 @@ $ rvm use ruby-3.1.2@pwn
 $ rvm list gemsets
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.432]:001 >>> PWN.help
+pwn[v0.4.433]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.1.2@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.432]:001 >>> PWN.help
+pwn[v0.4.433]:001 >>> PWN.help
 ```
 
 

data/bin/pwn_nessus_cloud_create_scan

@@ -11,7 +11,7 @@ OptionParser.new do |options|
     #{$PROGRAM_NAME} [opts]
   "
 
-  options.on('-cYPATH', '--yaml-config=YPATH', '<Required - YAML Config Containing Access & Secret Keys for Authentication>') do |c|
+  options.on('-cYPATH', '--yaml-config=YPATH', '<Required - YAML Config Containing Access & Secret Keys for Authentication, Including Credential Information for Scan Creation (https://developer.tenable.com/docs/determine-settings-for-credential-type)>') do |c|
     opts[:yaml_config] = c
   end
 
@@ -23,6 +23,10 @@ OptionParser.new do |options|
     opts[:text_targets] = t
   end
 
+  options.on('-dDESC', '--scan-description=DESC', '<Optional - Scan Description (Defaults to nil)>') do |d|
+    opts[:scan_desc] = d
+  end
+
   options.on('-tVALUE', '--scan-template=VALUE', '<Optional - Canned Scan Template to Use for Scan Creation (Defaults to "Basic Network Scan">') do |t|
     opts[:scan_template] = t
   end
@@ -51,7 +55,7 @@ OptionParser.new do |options|
     opts[:launch] = l
   end
 
-  options.on('-wTIME', '--scan-time-window=TIME', '<Optional - Scan Time Window in Minutes - (Defaults to 0 if nessus scanner scan || 180 if nessus agent scan)>') do |t|
+  options.on('-wTIMEWINDOW', '--scan-time-window=TIMEWINDOW', '<Optional - Scan Time Window in Minutes - (Defaults to 0)>') do |t|
     opts[:scan_time_window] = t
   end
 
@@ -87,7 +91,10 @@ begin
   access_key = yaml[:access_key]
   secret_key = yaml[:secret_key]
 
+  credentials = yaml[:create_scan][:credentials]
+
   scan_name = opts[:scan_name]
+  scan_desc = opts[:scan_desc]
 
   scan_template = opts[:scan_template]
   scan_template ||= 'Basic Network Scan'
@@ -113,18 +120,14 @@ begin
   launch = opts[:launch]
   launch ||= 'ON_DEMAND'
 
-  scan_time_window = opts[:scan_time_window]
+  scan_time_window = opts[:scan_time_window].to_i
+  scan_time_window ||= 0
 
   starttime = opts[:starttime]
   starttime ||= Time.now.strftime('%Y%m%dT%H%M%S')
 
   rrules = opts[:rrules]
   rrules ||= 'FREQ=ONETIME;INTERVAL=0;BYDAY=null'
-  # if opts[:rrules].nil?
-  #   # SU, MO, TU, WE, TH, FR, SA
-  #   byday_today = Time.now.strftime('%A').upcase[0..1]
-  #   rrules = "FREQ=ONETIME;INTERVAL=0;BYDAY=#{byday_today}"
-  # end
 
   timezone = opts[:timezone]
   timezone ||= 'UTC'
@@ -132,23 +135,23 @@ begin
   text_targets = opts[:text_targets]
   raise 'ERROR: --text-targets (i.e. List of targets to scan) is required.' unless text_targets
 
-  text_targets_arr = text_targets.split(',')
-
   target_groups = opts[:target_groups]
 
   file_targets = opts[:file_targets]
 
   tag_targets = opts[:tag_targets]
+  tag_targets_arr = tag_targets.split(',')
 
   agent_group_name = opts[:agent_group_name]
-  agent_group_id = ''
+  agent_group_id_arr = []
 
   agent_scan_launch_type = opts[:agent_scan_launch_type]
   agent_scan_launch_type ||= 'triggered'
 
+  triggers_arr = []
   triggers = {}
-  triggers[:trigger_type] = agent_scan_launch_type
-  triggers[:trigger_type] ||= 'periodic'
+  triggers[:type] = agent_scan_launch_type
+  triggers[:type] ||= 'periodic'
 
   triggers[:options] = {}
   case agent_scan_launch_type
@@ -159,6 +162,8 @@ begin
     triggers[:options][:filename] = opts[:filename]
   end
 
+  triggers_arr.push(triggers)
+
   emails = opts[:emails]
 
   acls = {}
@@ -169,6 +174,9 @@ begin
   acls[:id] = opts[:acl_id]
   acls[:type] = opts[:acl_type]
 
+  credential_category = opts[:credential_category]
+  credential_type = opts[:credential_type]
+
   # Begin Here
   nessus_obj = PWN::Plugins::NessusCloud.login(
     access_key: access_key,
@@ -177,9 +185,9 @@ begin
 
   # Requirements to create a scan:
   # Part 1: Populate uuid
-  # Part 2: Populate settings object
-  # Part 3: Populate credentials object
-  # Part 4: Populate plugins object (optional)
+  # Part 2: Populate settings object from options passed to driver
+  # Part 3: Populate credentials object from YAML config (optional)
+  # Part 4: Populate plugins object from YAML config (optional)
 
   # Part 1: Populate uuid
   # TODO: add --list-canned-scan-templates option
@@ -190,73 +198,80 @@ begin
   scan_template_uuid = scan_template[:uuid]
   puts scan_template_uuid
 
-  # Part 2: Populate settings object
+  # Part 2: Populate settings object from options passed to driver
   settings = {}
+  settings[:name] = scan_name
+  settings[:description] = scan_desc
+
   policy = PWN::Plugins::NessusCloud.get_policies(
     nessus_obj: nessus_obj,
     name: policy_name
   )
-  policy_id = policy[:id]
-  puts policy_id
+  settings[:policy_id] = policy[:id]
 
   folder = PWN::Plugins::NessusCloud.get_folders(
     nessus_obj: nessus_obj,
     name: folder_name
   )
-  folder_id = folder[:id]
-  puts folder_id
+  settings[:folder_id] = folder[:id]
 
   scanner = PWN::Plugins::NessusCloud.get_scanners(
     nessus_obj: nessus_obj,
     name: scanner_name
   )
-  scanner_id = scanner[:id]
-  puts scanner_id
+  settings[:scanner_id] = scanner[:id]
 
   target_network = PWN::Plugins::NessusCloud.get_target_networks(
     nessus_obj: nessus_obj,
     name: target_network_name
   )
-  target_network_id = target_network[:uuid]
-  puts target_network_id
+  settings[:target_network_uuid] = target_network[:uuid]
+
+  settings[:enabled] = enabled
+
+  settings[:launch] = launch
+
+  settings[:scan_time_window] = scan_time_window
+
+  settings[:starttime] = starttime
+
+  settings[:rrules] = rrules
+
+  settings[:timezone] = timezone
 
-  # Part 3: Populate credentials object
-  credentials = {}
-  credential_types = PWN::Plugins::NessusCloud.get_credential_types(
-    nessus_obj: nessus_obj
+  settings[:text_targets] = text_targets
+
+  settings[:target_groups] = target_groups
+
+  settings[:file_targets] = file_targets
+
+  settings[:tag_targets] = tag_targets_arr
+
+  settings[:agent_group_id] = agent_group_id_arr
+
+  settings[:agent_scan_launch_type] = agent_scan_launch_type
+
+  settings[:triggers] = triggers_arr
+
+  settings[:emails] = emails
+
+  settings[:acls] = acls
+
+  # Part 3: Populate credentials object from YAML config (optional)
+  credentials = yaml[:credentials]
+
+  # Part 4: Populate plugins object from YAML config (optional)
+  plugins = yaml[:plugins]
+
+  create_scan_resp = PWN::Plugins::NessusCloud.create_scan(
+    nessus_obj: nessus_obj,
+    scan_template_uuid: scan_template_uuid,
+    settings: settings,
+    credentials: credentials,
+    plugins: plugins
   )
-  puts credential_types.inspect
-  # TODO: add --list-credential-types option
-  # credentials[:add] = {}
-
-  # case opts[:credential_type]
-  # when 'host/ssh'
-  #   credential_type_parent = opts[:credential_type].split('/').first.to_sym
-  #   credential_type = opts[:credential_type].split('/').last.to_sym
-  #   credentials[:add][credential_type_parent] = {}
-  #   credentials[:add][credential_type_parent][credential_type] = []
-  # when 'host/windows'
-  #   credential_type_parent = opts[:credential_type].split('/').first.to_sym
-  #   credential_type = opts[:credential_type].split('/').last.to_sym
-  #   credentials[:add][credential_type_parent] = {}
-  #   credentials[:add][credential_type_parent][credential_type] = []
-  # else
-  #   raise "ERROR: #{opts[:credential_type]} Not Supported."
-  # end
-
-  # Part 4: Populate plugins object (optional)
-  # TODO: Implment Plugins During Scan Creation
-  plugins = {}
-
-  # create_scan_resp = PWN::Plugins::NessusCloud.create_scan(
-  #   nessus_obj: nessus_obj,
-  #   scan_template_uuid: scan_template_uuid,
-  #   settings: settings,
-  #   credentials: credentials,
-  #   plugins: plugins
-  # )
-
-  # puts create_scan_resp.inspect
+
+  puts create_scan_resp.inspect
 rescue Interrupt
   puts 'CTRL+C detected...goodbye.'
 rescue StandardError => e

data/etc/userland/aws/nessus/vagrant.yaml.EXAMPLE

@@ -1,2 +1,15 @@
 access_key: 'ACCESS_KEY'
 secret_key: 'SECRET_KEY'
+credentials:
+  add:
+    Host:
+      Windows:
+      - domain: 'dc.local'
+        username: 'USERNAME'
+        auth_method: 'Password'
+        password: 'PASSWORD'
+plugins:
+  Web Servers:
+    individual:
+      '11213': enabled
+      '18261': enabled

data/etc/userland/docker/nessus/vagrant.yaml.EXAMPLE

@@ -1,2 +1,15 @@
 access_key: 'ACCESS_KEY'
 secret_key: 'SECRET_KEY'
+credentials:
+  add:
+    Host:
+      Windows:
+      - domain: 'dc.local'
+        username: 'USERNAME'
+        auth_method: 'Password'
+        password: 'PASSWORD'
+plugins:
+  Web Servers:
+    individual:
+      '11213': enabled
+      '18261': enabled

data/etc/userland/qemu/nessus/vagrant.yaml.EXAMPLE

@@ -1,2 +1,15 @@
 access_key: 'ACCESS_KEY'
 secret_key: 'SECRET_KEY'
+credentials:
+  add:
+    Host:
+      Windows:
+      - domain: 'dc.local'
+        username: 'USERNAME'
+        auth_method: 'Password'
+        password: 'PASSWORD'
+plugins:
+  Web Servers:
+    individual:
+      '11213': enabled
+      '18261': enabled

data/etc/userland/ruby-gem/nessus/vagrant.yaml.EXAMPLE

@@ -1,2 +1,15 @@
 access_key: 'ACCESS_KEY'
 secret_key: 'SECRET_KEY'
+credentials:
+  add:
+    Host:
+      Windows:
+      - domain: 'dc.local'
+        username: 'USERNAME'
+        auth_method: 'Password'
+        password: 'PASSWORD'
+plugins:
+  Web Servers:
+    individual:
+      '11213': enabled
+      '18261': enabled

data/etc/userland/virtualbox/nessus/vagrant.yaml.EXAMPLE

@@ -1,2 +1,15 @@
 access_key: 'ACCESS_KEY'
 secret_key: 'SECRET_KEY'
+credentials:
+  add:
+    Host:
+      Windows:
+      - domain: 'dc.local'
+        username: 'USERNAME'
+        auth_method: 'Password'
+        password: 'PASSWORD'
+plugins:
+  Web Servers:
+    individual:
+      '11213': enabled
+      '18261': enabled

data/etc/userland/vmware/nessus/vagrant.yaml.EXAMPLE

@@ -1,2 +1,15 @@
 access_key: 'ACCESS_KEY'
 secret_key: 'SECRET_KEY'
+credentials:
+  add:
+    Host:
+      Windows:
+      - domain: 'dc.local'
+        username: 'USERNAME'
+        auth_method: 'Password'
+        password: 'PASSWORD'
+plugins:
+  Web Servers:
+    individual:
+      '11213': enabled
+      '18261': enabled

data/lib/pwn/plugins/nessus_cloud.rb

@@ -306,13 +306,17 @@ module PWN
       # Supported Method Parameters::
       # PWN::Plugins::NessusCloud.get_credential_types(
       #   nessus_obj: 'required - nessus_obj returned from #login method',
-      #   name: 'optional - name of credential type (e.g. SSH, Windows, HTTP, etc.)'
+      #   category: 'optional - category of credential type (Defaults to "Host")',
+      #   name: 'optional - name of credential type (Defaults to "SSH")'
       # )
       # )
 
       public_class_method def self.get_credential_types(opts = {})
         nessus_obj = opts[:nessus_obj]
-        name = opts[:name]
+        category = opts[:category].to_s.downcase
+        name = opts[:name].to_s.downcase
+
+        raise 'ERROR: name parameter requires category parameter.' if category.empty? && !name.empty?
 
         credential_types_resp = nessus_cloud_rest_call(
           nessus_obj: nessus_obj,
@@ -321,12 +325,21 @@ module PWN
 
         credential_types = JSON.parse(credential_types_resp, symbolize_names: true)
 
-        if name
-          selected_credential_type = credential_types[:networks].select do |tz|
-            tz[:name] == name
+        if category
+          selected_credential_category = credential_types[:credentials].select do |cc|
+            cc[:category].downcase == category
           end
-          credential_types = selected_credential_type.first if selected_credential_type.any?
+          credential_types = selected_credential_category.first if selected_credential_category.any?
           credential_types ||= {}
+
+          if name
+            selected_credential_type = credential_types[:types].select do |ct|
+              ct[:name].downcase == name
+            end
+            credential_types = selected_credential_type.first if selected_credential_type.any?
+            credential_types ||= {}
+          end
+
         end
 
         credential_types

data/lib/pwn/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.4.432'
+  VERSION = '0.4.433'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.4.432
+  version: 0.4.433
 platform: ruby
 authors:
 - 0day Inc.
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-05-19 00:00:00.000000000 Z
+date: 2022-05-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -128,14 +128,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.9.0.1
+        version: 0.9.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.9.0.1
+        version: 0.9.1
 - !ruby/object:Gem::Dependency
   name: bunny
   requirement: !ruby/object:Gem::Requirement
@@ -1968,7 +1968,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.13
+rubygems_version: 3.3.14
 signing_key: 
 specification_version: 4
 summary: Automated Security Testing for CI/CD Pipelines & Beyond