pwn 0.4.451 → 0.4.452

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 02f8e66dcae91cac37030a71ca31451c0f7c95b54f80fbdac9ed00e61fd459eb
-  data.tar.gz: bcea061287c2abaf5a9703a8d6c66daad7cd96e01333e1e54e4cf3425e5918c5
+  metadata.gz: 48f1885a09a8dab8a4d1404d9f142385e1e401c46248cec44d9444a3fd90b9b1
+  data.tar.gz: 499d0c4a1a613da0cab30df3eeb3402a27d6913aeb18588ed2680ff8af96118f
 SHA512:
-  metadata.gz: 4b6c769c439cd1f89a7311759c54fa663ec47e6e67b578c5a376e6ec89c09f723fd5b655596da4bb2ff78dc7af965ff07b874cd2c269a5a312568a938b557e4e
-  data.tar.gz: f7d916073ff34c9fe2ef2f25a326aa386ea84735dea35cf2682a97e68cd9375766508fa6f0f967b3968f2655f51106b82fd9a16c48a7e095dfe50abe4d962256
+  metadata.gz: b4d1bf2a6ada8c50b996406ef176425af6753c4f91b6a26fb2da77fdc5abacddb84ceee4dbdfefb385053bc6bba22d0a0eac5d7e5d4cc913ff10bf5e2aa2d884
+  data.tar.gz: b0a4de3193f5ce0df525745650a0f0ea76df6752e3f8a693606efb09e8461bd7e572d043047e9adf88cb44b5962e0bea692c5117c31f090d1bd4358b79cdd6fc

data/README.md

@@ -37,7 +37,7 @@ $ rvm use ruby-3.1.2@pwn
 $ rvm list gemsets
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.451]:001 >>> PWN.help
+pwn[v0.4.452]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.1.2@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.451]:001 >>> PWN.help
+pwn[v0.4.452]:001 >>> PWN.help
 ```
 
 

data/bin/{pwn_nessus_cloud_create_scan → pwn_nessus_cloud_scan_crud}

@@ -32,7 +32,7 @@ OptionParser.new do |options|
   end
 
   options.on('-tVALUE', '--scan-template=VALUE', '<Optional - Canned Scan Template to Use for Scan Creation (Defaults to "Basic Network Scan">') do |t|
-    opts[:scan_template] = t
+    opts[:scan_template_name] = t
   end
 
   options.on('-pPOLICY', '--policy-name=POLICY', '<Optional - Policy to Use to Create the Scan>') do |p|
@@ -116,8 +116,8 @@ begin
   # Optional Arguments
   scan_desc = opts[:scan_desc]
 
-  scan_template = opts[:scan_template]
-  scan_template ||= 'Basic Network Scan'
+  scan_template_name = opts[:scan_template_name]
+  scan_template_name ||= 'Basic Network Scan'
 
   policy_name = opts[:policy_name]
   policy_name ||= ''
@@ -204,17 +204,18 @@ begin
     secret_key: secret_key
   )
 
-  # Requirements to create a scan:
+  # Requirements to update / create a scan:
   # Part 1: Populate uuid
   # Part 2: Populate settings object from options passed to driver
   # Part 3: Populate credentials object from YAML config (optional)
   # Part 4: Populate plugins object from YAML config (optional)
+  # Part 5: Update Scan if it exists, or create it.
 
   # Part 1: Populate uuid
   # TODO: add --list-canned-scan-templates option
   scan_template = PWN::Plugins::NessusCloud.get_canned_scan_templates(
     nessus_obj: nessus_obj,
-    name: scan_template
+    name: scan_template_name
   )
   scan_template_uuid = scan_template[:uuid]
   puts scan_template_uuid
@@ -307,15 +308,34 @@ begin
   # Part 4: Populate plugins object from YAML config (optional)
   plugins = yaml[:plugins] if yaml[:plugins]
 
-  create_scan_resp = PWN::Plugins::NessusCloud.create_scan(
+  # Part 5: Update Scan if it exists, or create it.
+  scan = PWN::Plugins::NessusCloud.get_scans(
     nessus_obj: nessus_obj,
-    scan_template_uuid: scan_template_uuid,
-    settings: settings,
-    credentials: credentials,
-    plugins: plugins
+    name: scan_name
   )
-
-  puts create_scan_resp.inspect
+  if scan.any?
+    scan_uuid = scan[:uuid]
+    update_scan_resp = PWN::Plugins::NessusCloud.update_scan(
+      nessus_obj: nessus_obj,
+      scan_uuid: scan_uuid,
+      scan_template_uuid: scan_template_uuid,
+      settings: settings,
+      credentials: credentials,
+      plugins: plugins
+    )
+
+    puts update_scan_resp.inspect
+  else
+    create_scan_resp = PWN::Plugins::NessusCloud.create_scan(
+      nessus_obj: nessus_obj,
+      scan_template_uuid: scan_template_uuid,
+      settings: settings,
+      credentials: credentials,
+      plugins: plugins
+    )
+
+    puts create_scan_resp.inspect
+  end
 rescue Interrupt
   puts 'CTRL+C detected...goodbye.'
 rescue StandardError => e

data/bin/pwn_nessus_cloud_vulnscan

@@ -58,11 +58,11 @@ begin
     nessus_obj: nessus_obj,
     name: scan_name
   )
-  scan_id = scan[:id]
+  scan_uuid = scan[:uuid]
 
   PWN::Plugins::NessusCloud.launch_scan(
     nessus_obj: nessus_obj,
-    scan_id: scan_id
+    scan_uuid: scan_uuid
   )
 
   scan_status = 'initializing'
@@ -73,7 +73,7 @@ begin
 
     scan_status_resp = PWN::Plugins::NessusCloud.get_scan_status(
       nessus_obj: nessus_obj,
-      scan_id: scan_id
+      scan_uuid: scan_uuid
     )
 
     scan_status = scan_status_resp[:status]
@@ -87,7 +87,7 @@ begin
   print "Exporting results to #{path_to_export}..."
   PWN::Plugins::NessusCloud.export_scan_results(
     nessus_obj: nessus_obj,
-    scan_id: scan_id,
+    scan_uuid: scan_uuid,
     path_to_export: path_to_export,
     format: format
   )

data/lib/pwn/plugins/nessus_cloud.rb

@@ -442,20 +442,57 @@ module PWN
         raise e
       end
 
+      # Supported Method Parameters::
+      # PWN::Plugins::NessusCloud.update_scan(
+      #   nessus_obj: 'required - nessus_obj returned from #login method',
+      #   scan_uuid: 'required - the scan UUID to update.  Run #get_scans for a list of UUIDs',
+      #   scan_template_uuid: 'required - the UUID for the Tenable-provided scan template to use.  Run #get_canned_scan_templates for a list of UUIDs',
+      #   settings: 'required - settings object as defined by https://developer.tenable.com/reference/scans-create',
+      #   credentials: 'required - credentials object as defined by https://developer.tenable.com/reference/scans-create',
+      #   plugins: 'optional - plugins object as defined by https://developer.tenable.com/reference/scans-create (Defaults to {})'
+      # )
+
+      public_class_method def self.update_scan(opts = {})
+        nessus_obj = opts[:nessus_obj]
+        scan_uuid = opts[:scan_uuid]
+        scan_template_uuid = opts[:scan_template_uuid]
+        settings = opts[:settings]
+        credentials = opts[:credentials]
+        plugins = opts[:plugins]
+
+        http_body = {
+          uuid: scan_template_uuid,
+          settings: settings,
+          credentials: credentials,
+          plugins: plugins
+        }.to_json
+
+        update_scan_resp = nessus_cloud_rest_call(
+          http_method: :put,
+          nessus_obj: nessus_obj,
+          rest_call: "scans/#{scan_uuid}",
+          http_body: http_body
+        ).body
+
+        JSON.parse(update_scan_resp, symbolize_names: true)
+      rescue StandardError, SystemExit, Interrupt => e
+        raise e
+      end
+
       # Supported Method Parameters::
       # PWN::Plugins::NessusCloud.launch_scan(
       #   nessus_obj: 'required - nessus_obj returned from #login method',
-      #   scan_id: 'required - scan id to launch'
+      #   scan_uuid: 'required - scan uuid to launch'
       # )
 
       public_class_method def self.launch_scan(opts = {})
         nessus_obj = opts[:nessus_obj]
-        scan_id = opts[:scan_id]
+        scan_uuid = opts[:scan_uuid]
 
         launch_scan_resp = nessus_cloud_rest_call(
           http_method: :post,
           nessus_obj: nessus_obj,
-          rest_call: "scans/#{scan_id}/launch"
+          rest_call: "scans/#{scan_uuid}/launch"
         ).body
 
         JSON.parse(launch_scan_resp, symbolize_names: true)
@@ -466,16 +503,16 @@ module PWN
       # Supported Method Parameters::
       # PWN::Plugins::NessusCloud.get_scan_status(
       #   nessus_obj: 'required - nessus_obj returned from #login method',
-      #   scan_id: 'required - scan id to retrieve status'
+      #   scan_uuid: 'required - scan uuid to retrieve status'
       # )
 
       public_class_method def self.get_scan_status(opts = {})
         nessus_obj = opts[:nessus_obj]
-        scan_id = opts[:scan_id]
+        scan_uuid = opts[:scan_uuid]
 
         scan_status_resp = nessus_cloud_rest_call(
           nessus_obj: nessus_obj,
-          rest_call: "scans/#{scan_id}/latest-status"
+          rest_call: "scans/#{scan_uuid}/latest-status"
         ).body
 
         JSON.parse(scan_status_resp, symbolize_names: true)
@@ -518,16 +555,16 @@ module PWN
       # Supported Method Parameters::
       # PWN::Plugins::NessusCloud.get_scan_history(
       #   nessus_obj: 'required - nessus_obj returned from #login method'
-      #   scan_id: 'required - scan id to launch'
+      #   scan_uuid: 'required - scan uuid to launch'
       # )
 
       public_class_method def self.get_scan_history(opts = {})
         nessus_obj = opts[:nessus_obj]
-        scan_id = opts[:scan_id]
+        scan_uuid = opts[:scan_uuid]
 
         scan_hist_resp = nessus_cloud_rest_call(
           nessus_obj: nessus_obj,
-          rest_call: "scans/#{scan_id}/history"
+          rest_call: "scans/#{scan_uuid}/history"
         ).body
 
         JSON.parse(scan_hist_resp, symbolize_names: true)
@@ -538,7 +575,7 @@ module PWN
       # Supported Method Parameters::
       # PWN::Plugins::NessusCloud.export_scan_results(
       #   nessus_obj: 'required - nessus_obj returned from #login method',
-      #   scan_id: 'required - scan id to export',
+      #   scan_uuid: 'required - scan uuid to export',
       #   path_to_export: 'required - filename to export results',
       #   history_id: 'optional - defaults to last scan',
       #   format: 'optional - :csv|:db|:html|:nessus|:pdf (defaults to :csv')
@@ -546,14 +583,14 @@ module PWN
 
       public_class_method def self.export_scan_results(opts = {})
         nessus_obj = opts[:nessus_obj]
-        scan_id = opts[:scan_id]
+        scan_uuid = opts[:scan_uuid]
         path_to_export = opts[:path_to_export]
         if opts[:history_id]
           history_id = opts[:history_id]
         else
           scan_history_resp = get_scan_history(
             nessus_obj: nessus_obj,
-            scan_id: scan_id
+            scan_uuid: scan_uuid
           )
 
           if scan_history_resp[:history].empty?
@@ -568,7 +605,7 @@ module PWN
         format = opts[:format].to_s.to_sym if opts[:format]
 
         http_body = {
-          scan_id: scan_id,
+          scan_uuid: scan_uuid,
           history_id: history_id,
           format: format
         }.to_json
@@ -576,7 +613,7 @@ module PWN
         export_scan_resp = nessus_cloud_rest_call(
           http_method: :post,
           nessus_obj: nessus_obj,
-          rest_call: "scans/#{scan_id}/export",
+          rest_call: "scans/#{scan_uuid}/export",
           http_body: http_body
         ).body
 
@@ -587,7 +624,7 @@ module PWN
 
         download_export_resp = nessus_cloud_rest_call(
           nessus_obj: nessus_obj,
-          rest_call: "scans/#{scan_id}/export/#{file_id}/download"
+          rest_call: "scans/#{scan_uuid}/export/#{file_id}/download"
         ).body
 
         File.open(path_to_export, 'wb') do |f|
@@ -660,14 +697,31 @@ module PWN
             nessus_obj: 'required - nessus_obj returned from #login method'
           )
 
+          #{self}.create_scan(
+            nessus_obj: 'required - nessus_obj returned from #login method',
+            scan_template_uuid: 'required - the UUID for the Tenable-provided scan template to use.  Run #get_canned_scan_templates for a list of UUIDs',
+            settings: 'required - settings object as defined by https://developer.tenable.com/reference/scans-create',
+            credentials: 'required - credentials object as defined by https://developer.tenable.com/reference/scans-create',
+            plugins: 'optional - plugins object as defined by https://developer.tenable.com/reference/scans-create (Defaults to {})'
+          )
+
+          #{self}.update_scan(
+            nessus_obj: 'required - nessus_obj returned from #login method',
+            scan_uuid: 'required - the scan UUID to update.  Run #get_scans for a list of UUIDs',
+            scan_template_uuid: 'required - the UUID for the Tenable-provided scan template to use.  Run #get_canned_scan_templates for a list of UUIDs',
+            settings: 'required - settings object as defined by https://developer.tenable.com/reference/scans-create',
+            credentials: 'required - credentials object as defined by https://developer.tenable.com/reference/scans-create',
+            plugins: 'optional - plugins object as defined by https://developer.tenable.com/reference/scans-create (Defaults to {})'
+          )
+
           #{self}.launch_scan(
             nessus_obj: 'required - nessus_obj returned from #login method',
-            scan_id: 'required - scan id to launch'
+            scan_uuid: 'required - scan uuid to launch'
           )
 
           #{self}.get_scan_status(
             nessus_obj: 'required - nessus_obj returned from #login method',
-            scan_id: 'required - scan id to retrieve status'
+            scan_uuid: 'required - scan uuid to retrieve status'
           )
 
           #{self}.create_tag(
@@ -679,12 +733,12 @@ module PWN
 
           #{self}.get_scan_history(
             nessus_obj: 'required - nessus_obj returned from #login method'
-            scan_id: 'required - scan id to launch'
+            scan_uuid: 'required - scan uuid to launch'
           )
 
           #{self}.export_scan_results(
             nessus_obj: 'required - nessus_obj returned from #login method',
-            scan_id: 'required - scan id to export',
+            scan_uuid: 'required - scan uuid to export',
             path_to_export: 'required - filename to export results',
             history_id: 'optional - defaults to last scan',
             format: 'optional - :csv|:db|:html|:nessus|:pdf (defaults to :csv')

data/lib/pwn/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.4.451'
+  VERSION = '0.4.452'
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.4.451
+  version: 0.4.452
 platform: ruby
 authors:
 - 0day Inc.
@@ -1007,7 +1007,7 @@ executables:
 - pwn_jenkins_useradd
 - pwn_mail_agent
 - pwn_msf_postgres_login
-- pwn_nessus_cloud_create_scan
+- pwn_nessus_cloud_scan_crud
 - pwn_nessus_cloud_vulnscan
 - pwn_nexpose
 - pwn_openvas_vulnscan
@@ -1066,7 +1066,7 @@ files:
 - bin/pwn_jenkins_useradd
 - bin/pwn_mail_agent
 - bin/pwn_msf_postgres_login
-- bin/pwn_nessus_cloud_create_scan
+- bin/pwn_nessus_cloud_scan_crud
 - bin/pwn_nessus_cloud_vulnscan
 - bin/pwn_nexpose
 - bin/pwn_openvas_vulnscan