pwn 0.4.438 → 0.4.443
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +2 -2
- data/bin/pwn_nessus_cloud_create_scan +34 -5
- data/lib/pwn/plugins/nessus_cloud.rb +81 -39
- data/lib/pwn/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 922671309b203e0f0e7f03e6dff9f67fb6e133cd8713d0e513365e07c134d9e4
|
|
4
|
+
data.tar.gz: 32cb95070b1d500dbd3338aafdada9e43e024d24784616ff2f8e8d63f148e63f
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 89bf92b8d1d73c388186e97b0a5c3ae2da016f013dc5f67d1438058677b15386a00c2217b12deb9f1ed37a03f11ec7bca8b13f4c7f13c49689ab4ffff77c1728
|
|
7
|
+
data.tar.gz: ea852ef1ba8100112cf51c8292f970b78e5ee759bf4cb166a5e134f1ebe28aa192f68c8be0ad1bb599e17960146bd7fc471487d66cc68cb162b37398cc8218a4
|
data/README.md
CHANGED
|
@@ -37,7 +37,7 @@ $ rvm use ruby-3.1.2@pwn
|
|
|
37
37
|
$ rvm list gemsets
|
|
38
38
|
$ gem install --verbose pwn
|
|
39
39
|
$ pwn
|
|
40
|
-
pwn[v0.4.
|
|
40
|
+
pwn[v0.4.443]:001 >>> PWN.help
|
|
41
41
|
```
|
|
42
42
|
|
|
43
43
|
[](https://youtu.be/G7iLUY4FzsI)
|
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.1.2@pwn
|
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
|
53
53
|
$ gem install --verbose pwn
|
|
54
54
|
$ pwn
|
|
55
|
-
pwn[v0.4.
|
|
55
|
+
pwn[v0.4.443]:001 >>> PWN.help
|
|
56
56
|
```
|
|
57
57
|
|
|
58
58
|
|
|
@@ -55,19 +55,27 @@ OptionParser.new do |options|
|
|
|
55
55
|
opts[:launch] = l
|
|
56
56
|
end
|
|
57
57
|
|
|
58
|
-
options.on('-wTIMEWINDOW', '--scan-time-window=TIMEWINDOW', '<Optional - Scan Time Window in Minutes
|
|
58
|
+
options.on('-wTIMEWINDOW', '--scan-time-window=TIMEWINDOW', '<Optional - Scan Time Window in Minutes (Defaults to 0)>') do |t|
|
|
59
59
|
opts[:scan_time_window] = t
|
|
60
60
|
end
|
|
61
61
|
|
|
62
|
-
options.on('-STIME', '--start-time=TIME', '<Optional - For One-Time Scans, the Starting Time and Date for the Scan
|
|
62
|
+
options.on('-STIME', '--start-time=TIME', '<Optional - For One-Time Scans, the Starting Time and Date for the Scan (Defaults to Time.now.strftime("%Y%m%dT%H%M%S")>') do |t|
|
|
63
63
|
opts[:starttime] = t
|
|
64
64
|
end
|
|
65
65
|
|
|
66
|
-
options.on('-rRRULES', '--rrules=RRULES', '<Optional - For One-Time Scans, the Starting Time and Date for the Scan
|
|
66
|
+
options.on('-rRRULES', '--rrules=RRULES', '<Optional - For One-Time Scans, the Starting Time and Date for the Scan (Defaults to "FREQ=ONETIME;INTERVAL=0;BYDAY=null")>') do |r|
|
|
67
67
|
opts[:rrules] = r
|
|
68
68
|
end
|
|
69
69
|
|
|
70
|
-
options.on('-
|
|
70
|
+
options.on('-xTAGS', '--tag-targets=TAGS', '<Optional - Comma-delimited list of tags to add to targets in scan>') do |x|
|
|
71
|
+
opts[:tag_targets] = x
|
|
72
|
+
end
|
|
73
|
+
|
|
74
|
+
options.on('-yCATEGORY', '--tag-category-name=CATEGORY', '<Optional - Tag Category Name to Associate with --tag-targets flag>') do |y|
|
|
75
|
+
opts[:tag_category_name] = y
|
|
76
|
+
end
|
|
77
|
+
|
|
78
|
+
options.on('-zTIMEZONE', '--timezone=TIMEZONE', '<Optional - Timezone of the scheduled start time for the scan (Defaults to "UTC")>') do |t|
|
|
71
79
|
opts[:timezone] = t
|
|
72
80
|
end
|
|
73
81
|
|
|
@@ -148,6 +156,9 @@ begin
|
|
|
148
156
|
tag_targets_arr = []
|
|
149
157
|
tag_targets_arr = tag_targets.split(',') if tag_targets
|
|
150
158
|
|
|
159
|
+
tag_category_name = opts[:tag_category_name]
|
|
160
|
+
raise 'ERROR: --tag-category-name Required as --tag-targets is Populated' if tag_targets && !tag_category_name
|
|
161
|
+
|
|
151
162
|
agent_group_name = opts[:agent_group_name]
|
|
152
163
|
agent_group_id_arr = []
|
|
153
164
|
|
|
@@ -252,7 +263,25 @@ begin
|
|
|
252
263
|
|
|
253
264
|
settings[:file_targets] = file_targets if file_targets
|
|
254
265
|
|
|
255
|
-
|
|
266
|
+
if tag_targets_arr.any?
|
|
267
|
+
tag_targets_arr.each do |tag_name|
|
|
268
|
+
# Lookup tag and create if does not exist
|
|
269
|
+
tag = PWN::Plugins::NessusCloud.get_tag_values(
|
|
270
|
+
nessus_obj: nessus_obj,
|
|
271
|
+
name: tag_name
|
|
272
|
+
)
|
|
273
|
+
|
|
274
|
+
next if tag.any?
|
|
275
|
+
|
|
276
|
+
PWN::Plugins::NessusCloud.create_tag(
|
|
277
|
+
nessus_obj: nessus_obj,
|
|
278
|
+
category: tag_category_name,
|
|
279
|
+
value: tag_name
|
|
280
|
+
)
|
|
281
|
+
end
|
|
282
|
+
|
|
283
|
+
settings[:tag_targets] = tag_targets_arr
|
|
284
|
+
end
|
|
256
285
|
|
|
257
286
|
settings[:agent_group_id] = agent_group_id_arr if agent_group_id_arr.any?
|
|
258
287
|
|
|
@@ -275,7 +275,7 @@ module PWN
|
|
|
275
275
|
# Supported Method Parameters::
|
|
276
276
|
# PWN::Plugins::NessusCloud.get_target_groups(
|
|
277
277
|
# nessus_obj: 'required - nessus_obj returned from #login method',
|
|
278
|
-
# name: 'optional - name of
|
|
278
|
+
# name: 'optional - name of target group'
|
|
279
279
|
# )
|
|
280
280
|
# )
|
|
281
281
|
|
|
@@ -288,17 +288,48 @@ module PWN
|
|
|
288
288
|
rest_call: 'target-groups'
|
|
289
289
|
).body
|
|
290
290
|
|
|
291
|
-
|
|
291
|
+
target_groups = JSON.parse(target_groups_resp, symbolize_names: true)
|
|
292
292
|
|
|
293
293
|
if name
|
|
294
|
-
|
|
295
|
-
|
|
294
|
+
selected_target_group = target_groups[:target_groups].select do |tg|
|
|
295
|
+
tg[:name] == name
|
|
296
296
|
end
|
|
297
|
-
|
|
298
|
-
|
|
297
|
+
target_groups = selected_target_group.first if selected_target_group.any?
|
|
298
|
+
target_groups ||= {}
|
|
299
299
|
end
|
|
300
300
|
|
|
301
|
-
|
|
301
|
+
target_groups
|
|
302
|
+
rescue StandardError, SystemExit, Interrupt => e
|
|
303
|
+
raise e
|
|
304
|
+
end
|
|
305
|
+
|
|
306
|
+
# Supported Method Parameters::
|
|
307
|
+
# PWN::Plugins::NessusCloud.get_tag_values(
|
|
308
|
+
# nessus_obj: 'required - nessus_obj returned from #login method',
|
|
309
|
+
# name: 'optional - name of tag value'
|
|
310
|
+
# )
|
|
311
|
+
# )
|
|
312
|
+
|
|
313
|
+
public_class_method def self.get_tag_values(opts = {})
|
|
314
|
+
nessus_obj = opts[:nessus_obj]
|
|
315
|
+
name = opts[:name]
|
|
316
|
+
|
|
317
|
+
tag_values_resp = nessus_cloud_rest_call(
|
|
318
|
+
nessus_obj: nessus_obj,
|
|
319
|
+
rest_call: 'tags/values'
|
|
320
|
+
).body
|
|
321
|
+
|
|
322
|
+
tag_values = JSON.parse(tag_values_resp, symbolize_names: true)
|
|
323
|
+
|
|
324
|
+
if name
|
|
325
|
+
selected_tag = tag_values[:tags].select do |tag|
|
|
326
|
+
tag[:name] == name
|
|
327
|
+
end
|
|
328
|
+
tag_values = selected_tag.first if selected_tag.any?
|
|
329
|
+
tag_values ||= {}
|
|
330
|
+
end
|
|
331
|
+
|
|
332
|
+
tag_values
|
|
302
333
|
rescue StandardError, SystemExit, Interrupt => e
|
|
303
334
|
raise e
|
|
304
335
|
end
|
|
@@ -347,6 +378,35 @@ module PWN
|
|
|
347
378
|
raise e
|
|
348
379
|
end
|
|
349
380
|
|
|
381
|
+
# Supported Method Parameters::
|
|
382
|
+
# PWN::Plugins::NessusCloud.get_scans(
|
|
383
|
+
# nessus_obj: 'required - nessus_obj returned from #login method'
|
|
384
|
+
# )
|
|
385
|
+
|
|
386
|
+
public_class_method def self.get_scans(opts = {})
|
|
387
|
+
nessus_obj = opts[:nessus_obj]
|
|
388
|
+
name = opts[:name]
|
|
389
|
+
|
|
390
|
+
scans_resp = nessus_cloud_rest_call(
|
|
391
|
+
nessus_obj: nessus_obj,
|
|
392
|
+
rest_call: 'scans'
|
|
393
|
+
).body
|
|
394
|
+
|
|
395
|
+
scans = JSON.parse(scans_resp, symbolize_names: true)
|
|
396
|
+
|
|
397
|
+
if name
|
|
398
|
+
selected_scan = scans[:scans].select do |s|
|
|
399
|
+
s[:name] == name
|
|
400
|
+
end
|
|
401
|
+
scans = selected_scan.first if selected_scan.any?
|
|
402
|
+
scans ||= {}
|
|
403
|
+
end
|
|
404
|
+
|
|
405
|
+
scans
|
|
406
|
+
rescue StandardError, SystemExit, Interrupt => e
|
|
407
|
+
raise e
|
|
408
|
+
end
|
|
409
|
+
|
|
350
410
|
# Supported Method Parameters::
|
|
351
411
|
# PWN::Plugins::NessusCloud.create_scan(
|
|
352
412
|
# nessus_obj: 'required - nessus_obj returned from #login method',
|
|
@@ -382,35 +442,6 @@ module PWN
|
|
|
382
442
|
raise e
|
|
383
443
|
end
|
|
384
444
|
|
|
385
|
-
# Supported Method Parameters::
|
|
386
|
-
# PWN::Plugins::NessusCloud.get_scans(
|
|
387
|
-
# nessus_obj: 'required - nessus_obj returned from #login method'
|
|
388
|
-
# )
|
|
389
|
-
|
|
390
|
-
public_class_method def self.get_scans(opts = {})
|
|
391
|
-
nessus_obj = opts[:nessus_obj]
|
|
392
|
-
name = opts[:name]
|
|
393
|
-
|
|
394
|
-
scans_resp = nessus_cloud_rest_call(
|
|
395
|
-
nessus_obj: nessus_obj,
|
|
396
|
-
rest_call: 'scans'
|
|
397
|
-
).body
|
|
398
|
-
|
|
399
|
-
scans = JSON.parse(scans_resp, symbolize_names: true)
|
|
400
|
-
|
|
401
|
-
if name
|
|
402
|
-
selected_scan = scans[:scans].select do |s|
|
|
403
|
-
s[:name] == name
|
|
404
|
-
end
|
|
405
|
-
scans = selected_scan.first if selected_scan.any?
|
|
406
|
-
scans ||= {}
|
|
407
|
-
end
|
|
408
|
-
|
|
409
|
-
scans
|
|
410
|
-
rescue StandardError, SystemExit, Interrupt => e
|
|
411
|
-
raise e
|
|
412
|
-
end
|
|
413
|
-
|
|
414
445
|
# Supported Method Parameters::
|
|
415
446
|
# PWN::Plugins::NessusCloud.launch_scan(
|
|
416
447
|
# nessus_obj: 'required - nessus_obj returned from #login method',
|
|
@@ -453,14 +484,14 @@ module PWN
|
|
|
453
484
|
end
|
|
454
485
|
|
|
455
486
|
# Supported Method Parameters::
|
|
456
|
-
# PWN::Plugins::NessusCloud.
|
|
487
|
+
# PWN::Plugins::NessusCloud.create_tag(
|
|
457
488
|
# nessus_obj: 'required - nessus_obj returned from #login method',
|
|
458
489
|
# category: 'required - category name to create or use',
|
|
459
490
|
# value: 'required - value name to create or use',
|
|
460
491
|
# desc: 'optional - _value_ description'
|
|
461
492
|
# )
|
|
462
493
|
|
|
463
|
-
public_class_method def self.
|
|
494
|
+
public_class_method def self.create_tag(opts = {})
|
|
464
495
|
nessus_obj = opts[:nessus_obj]
|
|
465
496
|
category = opts[:category]
|
|
466
497
|
value = opts[:value]
|
|
@@ -468,7 +499,8 @@ module PWN
|
|
|
468
499
|
|
|
469
500
|
http_body = {
|
|
470
501
|
category_name: category,
|
|
471
|
-
value: value
|
|
502
|
+
value: value,
|
|
503
|
+
description: desc
|
|
472
504
|
}.to_json
|
|
473
505
|
|
|
474
506
|
tag_resp = nessus_cloud_rest_call(
|
|
@@ -614,6 +646,16 @@ module PWN
|
|
|
614
646
|
name: 'optional - name of timezone'
|
|
615
647
|
)
|
|
616
648
|
|
|
649
|
+
#{self}.get_target_groups(
|
|
650
|
+
nessus_obj: 'required - nessus_obj returned from #login method',
|
|
651
|
+
name: 'optional - name of target group'
|
|
652
|
+
)
|
|
653
|
+
|
|
654
|
+
#{self}.get_tag_values(
|
|
655
|
+
nessus_obj: 'required - nessus_obj returned from #login method',
|
|
656
|
+
name: 'optional - name of tag value'
|
|
657
|
+
)
|
|
658
|
+
|
|
617
659
|
#{self}.get_scans(
|
|
618
660
|
nessus_obj: 'required - nessus_obj returned from #login method'
|
|
619
661
|
)
|
data/lib/pwn/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: pwn
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.4.
|
|
4
|
+
version: 0.4.443
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- 0day Inc.
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-05-
|
|
11
|
+
date: 2022-05-24 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activesupport
|