pwn 0.4.452 → 0.4.456

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 48f1885a09a8dab8a4d1404d9f142385e1e401c46248cec44d9444a3fd90b9b1
-  data.tar.gz: 499d0c4a1a613da0cab30df3eeb3402a27d6913aeb18588ed2680ff8af96118f
+  metadata.gz: b3b1843c0855572815309240a50172a80b69cb45ac5deb69680209ad1a8c7d67
+  data.tar.gz: 943a67a010803ace7adc4aac78c18b43c168dfb5014a29058a7245a84ae07424
 SHA512:
-  metadata.gz: b4d1bf2a6ada8c50b996406ef176425af6753c4f91b6a26fb2da77fdc5abacddb84ceee4dbdfefb385053bc6bba22d0a0eac5d7e5d4cc913ff10bf5e2aa2d884
-  data.tar.gz: b0a4de3193f5ce0df525745650a0f0ea76df6752e3f8a693606efb09e8461bd7e572d043047e9adf88cb44b5962e0bea692c5117c31f090d1bd4358b79cdd6fc
+  metadata.gz: 4f46dc1fa6e26ddab03a457400456670b6ce163669ed26b89932d27f22e597535f0b4e92d95035df91bb0eec7b2650e3a2e8d8a05eef01b71716433cc83a10b5
+  data.tar.gz: 1732ba89f610c2a50c20f932bee5fb9707e292ca3cb667f4bd937b7aa7fd27e80a8a431bc0a5032866c41d215d0f8e95b55a6407e3daacf32962a3d3ccadebca

data/Gemfile

@@ -67,7 +67,7 @@ gem 'ruby-nmap', '0.10.0'
 gem 'ruby-saml', '1.14.0'
 gem 'rvm', '1.11.3.9'
 gem 'savon', '2.12.1'
-gem 'selenium-devtools', '0.101.0'
+gem 'selenium-devtools', '0.102.0'
 gem 'serialport', '1.3.2'
 gem 'sinatra', '2.2.0'
 gem 'slack-ruby-client', '1.0.0'

data/README.md

@@ -37,7 +37,7 @@ $ rvm use ruby-3.1.2@pwn
 $ rvm list gemsets
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.452]:001 >>> PWN.help
+pwn[v0.4.456]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.1.2@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.452]:001 >>> PWN.help
+pwn[v0.4.456]:001 >>> PWN.help
 ```
 
 

data/bin/pwn_nessus_cloud_scan_crud

@@ -314,10 +314,10 @@ begin
     name: scan_name
   )
   if scan.any?
-    scan_uuid = scan[:uuid]
+    scan_id = scan[:id]
     update_scan_resp = PWN::Plugins::NessusCloud.update_scan(
       nessus_obj: nessus_obj,
-      scan_uuid: scan_uuid,
+      scan_id: scan_id,
       scan_template_uuid: scan_template_uuid,
       settings: settings,
       credentials: credentials,

data/bin/pwn_nessus_cloud_vulnscan

@@ -58,11 +58,11 @@ begin
     nessus_obj: nessus_obj,
     name: scan_name
   )
-  scan_uuid = scan[:uuid]
+  scan_id = scan[:id]
 
   PWN::Plugins::NessusCloud.launch_scan(
     nessus_obj: nessus_obj,
-    scan_uuid: scan_uuid
+    scan_id: scan_id
   )
 
   scan_status = 'initializing'
@@ -73,7 +73,7 @@ begin
 
     scan_status_resp = PWN::Plugins::NessusCloud.get_scan_status(
       nessus_obj: nessus_obj,
-      scan_uuid: scan_uuid
+      scan_id: scan_id
     )
 
     scan_status = scan_status_resp[:status]
@@ -87,7 +87,7 @@ begin
   print "Exporting results to #{path_to_export}..."
   PWN::Plugins::NessusCloud.export_scan_results(
     nessus_obj: nessus_obj,
-    scan_uuid: scan_uuid,
+    scan_id: scan_id,
     path_to_export: path_to_export,
     format: format
   )

data/lib/pwn/plugins/msr206.rb

@@ -0,0 +1,70 @@
+# frozen_string_literal: true
+
+module PWN
+  module Plugins
+    # This plugin is used for interacting with a three track
+    # MSR206 Magnetic Stripe Reader / Writer
+    module MSR206
+      # Supported Method Parameters::
+      # msr206_obj = PWN::Plugins::MSR206.connect(
+      #   block_dev: 'optional - serial block device path (defaults to /dev/ttyUSB0)',
+      #   baud: 'optional - (defaults to 9600)',
+      #   data_bits: 'optional - (defaults to 8)',
+      #   stop_bits: 'optional - (defaults to 1)',
+      #   parity: 'optional - (defaults to SerialPort::NONE)',
+      #   flow_control: 'optional - (defaults to SerialPort::HARD) SerialPort::NONE|SerialPort::SOFT|SerialPort::HARD'
+      # )
+
+      public_class_method def self.connect(opts = {})
+        # Default Baud Rate for this Device is 19200
+        opts[:baud] = 19_200 if opts[:baud].nil?
+        msr206_obj = PWN::Plugins::Serial.connect(opts)
+      rescue StandardError => e
+        disconnect(msr206_obj: msr206_obj) unless msr206_obj.nil?
+        raise e
+      end
+
+      # Supported Method Parameters::
+      # PWN::Plugins::MSR206.disconnect(
+      #   msr206_obj: 'required - msr206_obj returned from #connect method'
+      # )
+
+      public_class_method def self.disconnect(opts = {})
+        PWN::Plugins::Serial.disconnect(
+          serial_obj: opts[:msr206_obj]
+        )
+      rescue StandardError => e
+        raise e
+      end
+
+      # Author(s):: 0day Inc. <request.pentest@0dayinc.com>
+
+      public_class_method def self.authors
+        "AUTHOR(S):
+          0day Inc. <request.pentest@0dayinc.com>
+        "
+      end
+
+      # Display Usage for this Module
+
+      public_class_method def self.help
+        puts "USAGE:
+          msr206_obj = #{self}.connect(
+            block_dev: 'optional serial block device path (defaults to /dev/ttyUSB0)',
+            baud: 'optional (defaults to 9600)',
+            data_bits: 'optional (defaults to 8)',
+            stop_bits: 'optional (defaults to 1)',
+            parity: 'optional (defaults to SerialPort::NONE)',
+            flow_control: 'optional (defaults to SerialPort::NONE)'
+          )
+
+          #{self}.disconnect(
+            msr206_obj: 'required msr206_obj returned from #connect method'
+          )
+
+          #{self}.authors
+        "
+      end
+    end
+  end
+end

data/lib/pwn/plugins/nessus_cloud.rb

@@ -46,6 +46,19 @@ module PWN
             verify_ssl: false
           )
 
+        when :put
+          response = rest_client.execute(
+            method: :put,
+            url: "#{base_nessus_cloud_api_uri}/#{rest_call}",
+            headers: {
+              x_apikeys: "accessKey=#{access_key}; secretKey=#{secret_key}",
+              accept: 'application/json',
+              content_type: 'application/json; charset=UTF-8'
+            },
+            payload: http_body,
+            verify_ssl: false
+          )
+
         when :post
           response = rest_client.execute(
             method: :post,
@@ -445,7 +458,7 @@ module PWN
       # Supported Method Parameters::
       # PWN::Plugins::NessusCloud.update_scan(
       #   nessus_obj: 'required - nessus_obj returned from #login method',
-      #   scan_uuid: 'required - the scan UUID to update.  Run #get_scans for a list of UUIDs',
+      #   scan_id: 'required - the scan id to update.  Run #get_scans for a list',
       #   scan_template_uuid: 'required - the UUID for the Tenable-provided scan template to use.  Run #get_canned_scan_templates for a list of UUIDs',
       #   settings: 'required - settings object as defined by https://developer.tenable.com/reference/scans-create',
       #   credentials: 'required - credentials object as defined by https://developer.tenable.com/reference/scans-create',
@@ -454,7 +467,7 @@ module PWN
 
       public_class_method def self.update_scan(opts = {})
         nessus_obj = opts[:nessus_obj]
-        scan_uuid = opts[:scan_uuid]
+        scan_id = opts[:scan_id]
         scan_template_uuid = opts[:scan_template_uuid]
         settings = opts[:settings]
         credentials = opts[:credentials]
@@ -470,7 +483,7 @@ module PWN
         update_scan_resp = nessus_cloud_rest_call(
           http_method: :put,
           nessus_obj: nessus_obj,
-          rest_call: "scans/#{scan_uuid}",
+          rest_call: "scans/#{scan_id}",
           http_body: http_body
         ).body
 
@@ -482,17 +495,17 @@ module PWN
       # Supported Method Parameters::
       # PWN::Plugins::NessusCloud.launch_scan(
       #   nessus_obj: 'required - nessus_obj returned from #login method',
-      #   scan_uuid: 'required - scan uuid to launch'
+      #   scan_id: 'required - scan uuid to launch'
       # )
 
       public_class_method def self.launch_scan(opts = {})
         nessus_obj = opts[:nessus_obj]
-        scan_uuid = opts[:scan_uuid]
+        scan_id = opts[:scan_id]
 
         launch_scan_resp = nessus_cloud_rest_call(
           http_method: :post,
           nessus_obj: nessus_obj,
-          rest_call: "scans/#{scan_uuid}/launch"
+          rest_call: "scans/#{scan_id}/launch"
         ).body
 
         JSON.parse(launch_scan_resp, symbolize_names: true)
@@ -503,16 +516,16 @@ module PWN
       # Supported Method Parameters::
       # PWN::Plugins::NessusCloud.get_scan_status(
       #   nessus_obj: 'required - nessus_obj returned from #login method',
-      #   scan_uuid: 'required - scan uuid to retrieve status'
+      #   scan_id: 'required - scan uuid to retrieve status'
       # )
 
       public_class_method def self.get_scan_status(opts = {})
         nessus_obj = opts[:nessus_obj]
-        scan_uuid = opts[:scan_uuid]
+        scan_id = opts[:scan_id]
 
         scan_status_resp = nessus_cloud_rest_call(
           nessus_obj: nessus_obj,
-          rest_call: "scans/#{scan_uuid}/latest-status"
+          rest_call: "scans/#{scan_id}/latest-status"
         ).body
 
         JSON.parse(scan_status_resp, symbolize_names: true)
@@ -555,16 +568,16 @@ module PWN
       # Supported Method Parameters::
       # PWN::Plugins::NessusCloud.get_scan_history(
       #   nessus_obj: 'required - nessus_obj returned from #login method'
-      #   scan_uuid: 'required - scan uuid to launch'
+      #   scan_id: 'required - scan uuid to launch'
       # )
 
       public_class_method def self.get_scan_history(opts = {})
         nessus_obj = opts[:nessus_obj]
-        scan_uuid = opts[:scan_uuid]
+        scan_id = opts[:scan_id]
 
         scan_hist_resp = nessus_cloud_rest_call(
           nessus_obj: nessus_obj,
-          rest_call: "scans/#{scan_uuid}/history"
+          rest_call: "scans/#{scan_id}/history"
         ).body
 
         JSON.parse(scan_hist_resp, symbolize_names: true)
@@ -575,7 +588,7 @@ module PWN
       # Supported Method Parameters::
       # PWN::Plugins::NessusCloud.export_scan_results(
       #   nessus_obj: 'required - nessus_obj returned from #login method',
-      #   scan_uuid: 'required - scan uuid to export',
+      #   scan_id: 'required - scan uuid to export',
       #   path_to_export: 'required - filename to export results',
       #   history_id: 'optional - defaults to last scan',
       #   format: 'optional - :csv|:db|:html|:nessus|:pdf (defaults to :csv')
@@ -583,14 +596,14 @@ module PWN
 
       public_class_method def self.export_scan_results(opts = {})
         nessus_obj = opts[:nessus_obj]
-        scan_uuid = opts[:scan_uuid]
+        scan_id = opts[:scan_id]
         path_to_export = opts[:path_to_export]
         if opts[:history_id]
           history_id = opts[:history_id]
         else
           scan_history_resp = get_scan_history(
             nessus_obj: nessus_obj,
-            scan_uuid: scan_uuid
+            scan_id: scan_id
           )
 
           if scan_history_resp[:history].empty?
@@ -605,7 +618,7 @@ module PWN
         format = opts[:format].to_s.to_sym if opts[:format]
 
         http_body = {
-          scan_uuid: scan_uuid,
+          scan_id: scan_id,
           history_id: history_id,
           format: format
         }.to_json
@@ -613,7 +626,7 @@ module PWN
         export_scan_resp = nessus_cloud_rest_call(
           http_method: :post,
           nessus_obj: nessus_obj,
-          rest_call: "scans/#{scan_uuid}/export",
+          rest_call: "scans/#{scan_id}/export",
           http_body: http_body
         ).body
 
@@ -624,7 +637,7 @@ module PWN
 
         download_export_resp = nessus_cloud_rest_call(
           nessus_obj: nessus_obj,
-          rest_call: "scans/#{scan_uuid}/export/#{file_id}/download"
+          rest_call: "scans/#{scan_id}/export/#{file_id}/download"
         ).body
 
         File.open(path_to_export, 'wb') do |f|
@@ -707,7 +720,7 @@ module PWN
 
           #{self}.update_scan(
             nessus_obj: 'required - nessus_obj returned from #login method',
-            scan_uuid: 'required - the scan UUID to update.  Run #get_scans for a list of UUIDs',
+            scan_id: 'required - the scan id to update.  Run #get_scans for a list',
             scan_template_uuid: 'required - the UUID for the Tenable-provided scan template to use.  Run #get_canned_scan_templates for a list of UUIDs',
             settings: 'required - settings object as defined by https://developer.tenable.com/reference/scans-create',
             credentials: 'required - credentials object as defined by https://developer.tenable.com/reference/scans-create',
@@ -716,12 +729,12 @@ module PWN
 
           #{self}.launch_scan(
             nessus_obj: 'required - nessus_obj returned from #login method',
-            scan_uuid: 'required - scan uuid to launch'
+            scan_id: 'required - scan uuid to launch'
           )
 
           #{self}.get_scan_status(
             nessus_obj: 'required - nessus_obj returned from #login method',
-            scan_uuid: 'required - scan uuid to retrieve status'
+            scan_id: 'required - scan uuid to retrieve status'
           )
 
           #{self}.create_tag(
@@ -733,12 +746,12 @@ module PWN
 
           #{self}.get_scan_history(
             nessus_obj: 'required - nessus_obj returned from #login method'
-            scan_uuid: 'required - scan uuid to launch'
+            scan_id: 'required - scan uuid to launch'
           )
 
           #{self}.export_scan_results(
             nessus_obj: 'required - nessus_obj returned from #login method',
-            scan_uuid: 'required - scan uuid to export',
+            scan_id: 'required - scan uuid to export',
             path_to_export: 'required - filename to export results',
             history_id: 'optional - defaults to last scan',
             format: 'optional - :csv|:db|:html|:nessus|:pdf (defaults to :csv')

data/lib/pwn/plugins.rb

@@ -32,6 +32,7 @@ module PWN
     autoload :JSONPathify, 'pwn/plugins/json_pathify'
     autoload :MailAgent, 'pwn/plugins/mail_agent'
     autoload :Metasploit, 'pwn/plugins/metasploit'
+    autoload :MSR206, 'pwn/plugins/msr206'
     autoload :NessusCloud, 'pwn/plugins/nessus_cloud'
     autoload :NexposeVulnScan, 'pwn/plugins/nexpose_vuln_scan'
     autoload :NmapIt, 'pwn/plugins/nmap_it'

data/lib/pwn/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.4.452'
+  VERSION = '0.4.456'
 end

data/spec/lib/pwn/plugins/msr206_spec.rb

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe PWN::Plugins::MSR206 do
+  it 'should display information for authors' do
+    authors_response = PWN::Plugins::MSR206
+    expect(authors_response).to respond_to :authors
+  end
+
+  it 'should display information for existing help method' do
+    help_response = PWN::Plugins::MSR206
+    expect(help_response).to respond_to :help
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.4.452
+  version: 0.4.456
 platform: ruby
 authors:
 - 0day Inc.
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-05-24 00:00:00.000000000 Z
+date: 2022-05-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -786,14 +786,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.101.0
+        version: 0.102.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.101.0
+        version: 0.102.0
 - !ruby/object:Gem::Dependency
   name: serialport
   requirement: !ruby/object:Gem::Requirement
@@ -1531,6 +1531,7 @@ files:
 - lib/pwn/plugins/json_pathify.rb
 - lib/pwn/plugins/mail_agent.rb
 - lib/pwn/plugins/metasploit.rb
+- lib/pwn/plugins/msr206.rb
 - lib/pwn/plugins/nessus_cloud.rb
 - lib/pwn/plugins/nexpose_vuln_scan.rb
 - lib/pwn/plugins/nmap_it.rb
@@ -1827,6 +1828,7 @@ files:
 - spec/lib/pwn/plugins/json_pathify_spec.rb
 - spec/lib/pwn/plugins/mail_agent_spec.rb
 - spec/lib/pwn/plugins/metasploit_spec.rb
+- spec/lib/pwn/plugins/msr206_spec.rb
 - spec/lib/pwn/plugins/nessus_cloud_spec.rb
 - spec/lib/pwn/plugins/nexpose_vuln_scan_spec.rb
 - spec/lib/pwn/plugins/nmap_it_spec.rb
@@ -2096,6 +2098,7 @@ test_files:
 - spec/lib/pwn/plugins/json_pathify_spec.rb
 - spec/lib/pwn/plugins/mail_agent_spec.rb
 - spec/lib/pwn/plugins/metasploit_spec.rb
+- spec/lib/pwn/plugins/msr206_spec.rb
 - spec/lib/pwn/plugins/nessus_cloud_spec.rb
 - spec/lib/pwn/plugins/nexpose_vuln_scan_spec.rb
 - spec/lib/pwn/plugins/nmap_it_spec.rb