pwn 0.4.493 → 0.4.496

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ca875035f78d9cde4a61de1e0e89512474fced9934988411aa58f14237f1c6e9
-  data.tar.gz: 14cd3c5cb46ca810c7fa30db4af280f05e1c1e0ba389e71c8e8c1ffb24b09241
+  metadata.gz: 9a616acd502b984f546b0ab44705a102f9c6f54e4db9947e660351f47e310f77
+  data.tar.gz: 66cfa98e19408bbd09c81c99042006ea9b4ee63bbb2027ea9cffdbf54094ebdf
 SHA512:
-  metadata.gz: de05863476f114617fef1ee3133b78648199ac295cf23e953ace0ec44fb4a5d16847ff05239e335d74ada06618dfdb7cd28aad351780eebd1e6e0a56ffc8c0ba
-  data.tar.gz: bffdd5def65dd8d7417fe1781aca00fd3d1d1fdf1475551d1e04f2aea72f2b24a40fc714c6d19470c547b3e4c5992853ce76f5966a020a0b634762e6795ef36f
+  metadata.gz: a902740bc9f716635eb82eaa32fcddae58be0ad6478c72e7c60be8c9fffc85e2450b7e0987fe107ff24b17d65331632a545e75624ef98b3f0aa62f30e729b863
+  data.tar.gz: 12abb33a42e8681e6e45b279633e490302391e5a32c6a53eff27a8901786beab5835251b37e22975e55a0b0c26bf23bb8737516c8a3858483c729258c8eb724b

data/README.md

@@ -37,7 +37,7 @@ $ rvm use ruby-3.1.2@pwn
 $ rvm list gemsets
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.493]:001 >>> PWN.help
+pwn[v0.4.496]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.1.2@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.493]:001 >>> PWN.help
+pwn[v0.4.496]:001 >>> PWN.help
 ```
 
 

data/bin/pwn_nessus_cloud_scan_crud

@@ -47,8 +47,8 @@ OptionParser.new do |options|
     opts[:scanner_name] = s
   end
 
-  options.on('-D', '--disable-scan', '<Optional - If true, the schedule for the scan is disabled (Defaults to false)>') do |d|
-    opts[:disabled] = d
+  options.on('-E', '--enable-schedule', '<Optional - If true, the schedule for the scan is enabled (Defaults to false)>') do |e|
+    opts[:enable_schedule] = e
   end
 
   options.on('-NTARGET', '--target-network-name=TARGET', '<Optional - If --scanner other than AUTO-ROUTED, Otherwise Required - Network to Scan (Defaults to "Default")>') do |n|
@@ -63,11 +63,11 @@ OptionParser.new do |options|
     opts[:scan_time_window] = t
   end
 
-  options.on('-STIME', '--start-time=TIME', '<Optional - For One-Time Scans, the Starting Time and Date for the Scan>') do |t|
+  options.on('-STIME', '--start-time=TIME', '<Optional - For One-Time Scans, the Starting Time and Date for the Scan (e.g. "2777-07-07T00:00:00")>') do |t|
     opts[:starttime] = t
   end
 
-  options.on('-rRRULES', '--rrules=RRULES', '<Optional - For One-Time Scans, the Starting Time and Date for the Scan (Defaults to "FREQ=null;INTERVAL=0;BYDAY=null")>') do |r|
+  options.on('-rRRULES', '--rrules=RRULES', '<Optional - For One-Time Scans, the Starting Time and Date for the Scan (e.g. "FREQ=WEEKLY;INTERVAL=3;BYDAY=MO,WE,FR")>') do |r|
     opts[:rrules] = r
   end
 
@@ -79,12 +79,12 @@ OptionParser.new do |options|
     opts[:tag_category_name] = y
   end
 
-  options.on('-zTIMEZONE', '--timezone=TIMEZONE', '<Optional - Timezone of the scheduled start time for the scan>') do |t|
+  options.on('-zTIMEZONE', '--timezone=TIMEZONE', '<Optional - Timezone of the scheduled start time for the scan (e.g. "US/Eastern")>') do |t|
     opts[:timezone] = t
   end
 
-  options.on('-gGROUPS', '--target-groups=GROUPS', '<Optional - Comma-delimited list of target group IDs to scan>') do |t|
-    opts[:timezone] = t
+  options.on('-gGROUPS', '--target-groups=GROUPS', '<Optional - Comma-delimited list of target group IDs to scan>') do |g|
+    opts[:target_groups] = g
   end
 end.parse!
 
@@ -131,11 +131,8 @@ begin
   target_network_name = opts[:target_network_name]
   target_network_name ||= 'Default'
 
-  disabled = true if opts[:disabled]
-  disabled ||= false
-
-  enabled = true
-  enabled = false if disabled
+  enable_schedule = true if opts[:enable_schedule]
+  enable_schedule ||= false
 
   launch = opts[:launch]
   launch ||= 'ON_DEMAND'
@@ -147,7 +144,7 @@ begin
   # starttime ||= Time.now.strftime('%Y%m%dT%H%M%S')
 
   rrules = opts[:rrules]
-  rrules ||= 'FREQ=null;INTERVAL=0;BYDAY=null'
+  # rrules ||= 'FREQ=null;INTERVAL=0;BYDAY=null'
 
   timezone = opts[:timezone]
   # timezone ||= 'UTC'
@@ -248,7 +245,7 @@ begin
   )
   settings[:target_network_uuid] = target_network[:uuid]
 
-  settings[:enabled] = enabled
+  settings[:enabled] = enable_schedule
 
   settings[:launch] = launch
 
@@ -288,6 +285,12 @@ begin
       tag_uuids_arr.push(tag_uuid)
     end
 
+    tag_assets = PWN::Plugins::NessusCloud.add_tag_to_assets(
+      nessus_obj: nessus_obj,
+      targets: text_targets,
+      tag_uuids: tag_uuids_arr
+    )
+
     settings[:tag_targets] = tag_uuids_arr
   end
 

data/lib/pwn/plugins/nessus_cloud.rb

@@ -347,6 +347,81 @@ module PWN
         raise e
       end
 
+      # Supported Method Parameters::
+      # PWN::Plugins::NessusCloud.get_assets(
+      #   nessus_obj: 'required - nessus_obj returned from #login method',
+      #   name: 'optional - name of asset'
+      # )
+      # )
+
+      public_class_method def self.get_assets(opts = {})
+        nessus_obj = opts[:nessus_obj]
+        name = opts[:name]
+
+        assets_resp = nessus_cloud_rest_call(
+          nessus_obj: nessus_obj,
+          rest_call: 'assets'
+        ).body
+
+        assets = JSON.parse(assets_resp, symbolize_names: true)
+
+        if name
+          selected_asset = assets[:assets].select do |asset|
+            asset[:fqdn] == name
+          end
+          assets = selected_asset.first
+          assets ||= {}
+        end
+
+        assets
+      rescue StandardError, SystemExit, Interrupt => e
+        raise e
+      end
+
+      # Supported Method Parameters::
+      # PWN::Plugins::NessusCloud.add_tag_to_assets(
+      #   nessus_obj: 'required - nessus_obj returned from #login method',
+      #   targets: 'required - comma-delimited list of targets to tag',
+      #   tag_uuids: 'required - array of tag UUIDS to tag against targets'
+      # )
+      # )
+
+      public_class_method def self.add_tag_to_assets(opts = {})
+        nessus_obj = opts[:nessus_obj]
+        targets = opts[:targets].to_s.split(',')
+        tag_uuids = opts[:tag_uuids]
+
+        all_assets = get_assets(nessus_obj: nessus_obj)
+
+        asset_uuids_arr = []
+        targets.each do |target|
+          selected_asset = all_assets[:assets].select do |asset|
+            asset[:fqdn] == target
+          end
+          this_asset = selected_asset.first
+          target_uuid = this_asset[:uuid]
+
+          asset_uuids_arr.push(target_uuid)
+        end
+
+        http_body = {
+          action: 'add',
+          assets: asset_uuids_arr,
+          tags: tag_uuids
+        }.to_json
+
+        tag_assets_resp = nessus_cloud_rest_call(
+          http_method: :post,
+          nessus_obj: nessus_obj,
+          rest_call: 'tags/assets/assignments',
+          http_body: http_body
+        ).body
+
+        JSON.parse(tag_assets_resp, symbolize_names: true)
+      rescue StandardError, SystemExit, Interrupt => e
+        raise e
+      end
+
       # Supported Method Parameters::
       # PWN::Plugins::NessusCloud.get_credential_types(
       #   nessus_obj: 'required - nessus_obj returned from #login method',

data/lib/pwn/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.4.493'
+  VERSION = '0.4.496'
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.4.493
+  version: 0.4.496
 platform: ruby
 authors:
 - 0day Inc.