pwn 0.4.516 → 0.4.519
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +5 -5
- data/README.md +2 -2
- data/lib/pwn/plugins/baresip.rb +31 -9
- data/lib/pwn/sast/amqp_connect_as_guest.rb +1 -1
- data/lib/pwn/sast/apache_file_system_util_api.rb +1 -1
- data/lib/pwn/sast/aws.rb +1 -1
- data/lib/pwn/sast/banned_function_calls_c.rb +1 -1
- data/lib/pwn/sast/base64.rb +1 -1
- data/lib/pwn/sast/beef_hook.rb +5 -2
- data/lib/pwn/sast/cmd_execution_java.rb +1 -1
- data/lib/pwn/sast/cmd_execution_python.rb +1 -1
- data/lib/pwn/sast/cmd_execution_ruby.rb +1 -1
- data/lib/pwn/sast/cmd_execution_scala.rb +1 -1
- data/lib/pwn/sast/csrf.rb +3 -2
- data/lib/pwn/sast/deserial_java.rb +12 -2
- data/lib/pwn/sast/emoticon.rb +4 -1
- data/lib/pwn/sast/eval.rb +3 -2
- data/lib/pwn/sast/factory.rb +7 -2
- data/lib/pwn/sast/http_authorization_header.rb +1 -1
- data/lib/pwn/sast/inner_html.rb +3 -2
- data/lib/pwn/sast/keystore.rb +5 -2
- data/lib/pwn/sast/location_hash.rb +3 -2
- data/lib/pwn/sast/log4j.rb +1 -1
- data/lib/pwn/sast/logger.rb +1 -1
- data/lib/pwn/sast/outer_html.rb +3 -2
- data/lib/pwn/sast/password.rb +1 -1
- data/lib/pwn/sast/pom_version.rb +5 -2
- data/lib/pwn/sast/port.rb +1 -1
- data/lib/pwn/sast/private_key.rb +1 -1
- data/lib/pwn/sast/redirect.rb +1 -1
- data/lib/pwn/sast/redos.rb +1 -1
- data/lib/pwn/sast/shell.rb +1 -1
- data/lib/pwn/sast/signature.rb +1 -1
- data/lib/pwn/sast/sql.rb +1 -1
- data/lib/pwn/sast/ssl.rb +9 -2
- data/lib/pwn/sast/sudo.rb +1 -1
- data/lib/pwn/sast/task_tag.rb +1 -1
- data/lib/pwn/sast/throw_errors.rb +3 -2
- data/lib/pwn/sast/token.rb +7 -2
- data/lib/pwn/sast/version.rb +6 -2
- data/lib/pwn/sast/window_location_hash.rb +3 -2
- data/lib/pwn/version.rb +1 -1
- metadata +13 -13
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: fe3ddbaf62f25dd464ff0f20bc246bf64de86e8da5dd99ee9e4bb1e96809ed0e
|
4
|
+
data.tar.gz: c412d6c18bdd5050f593315fb246d7269bac6af1de1cfa5dc604fdf1f5dc959c
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: e13ccc9856631374e168cd58877891784b45ea653eeed58e1c4cd2cc59737078f71aa5891e93c6afa0c0fb1f81f9ca7074cbcad48b411f33981bd495ba0eacca
|
7
|
+
data.tar.gz: 5c341c124a7c4df33d0f63f272eb00b63e0f6f8a2bddbadade06bc1792fda1a57eddafe79cf70d4c4da28e1bc1538df473b33a892d05bdc06296531e482008ec
|
data/Gemfile
CHANGED
@@ -16,9 +16,9 @@ gem 'anemone', '0.7.2'
|
|
16
16
|
gem 'authy', '3.0.1'
|
17
17
|
gem 'aws-sdk', '3.1.0'
|
18
18
|
gem 'bettercap', '1.6.2'
|
19
|
-
gem 'brakeman', '5.
|
19
|
+
gem 'brakeman', '5.3.1'
|
20
20
|
gem 'bson', '4.15.0'
|
21
|
-
gem 'bundler', '>=2.3.
|
21
|
+
gem 'bundler', '>=2.3.20'
|
22
22
|
gem 'bundler-audit', '0.9.1'
|
23
23
|
gem 'bunny', '2.19.0'
|
24
24
|
gem 'colorize', '0.8.1'
|
@@ -48,7 +48,7 @@ gem 'oily_png', '1.2.1'
|
|
48
48
|
gem 'os', '1.1.4'
|
49
49
|
gem 'packetfu', '1.1.13'
|
50
50
|
gem 'pdf-reader', '2.10.0'
|
51
|
-
gem 'pg', '1.4.
|
51
|
+
gem 'pg', '1.4.3'
|
52
52
|
gem 'pry', '0.14.1'
|
53
53
|
gem 'pry-doc', '1.3.0'
|
54
54
|
gem 'rake', '13.0.6'
|
@@ -60,14 +60,14 @@ gem 'rex', '2.0.13'
|
|
60
60
|
gem 'rmagick', '4.2.6'
|
61
61
|
gem 'rspec', '3.11.0'
|
62
62
|
gem 'rtesseract', '3.1.2'
|
63
|
-
gem 'rubocop', '1.
|
63
|
+
gem 'rubocop', '1.35.1'
|
64
64
|
gem 'rubocop-rake', '0.6.0'
|
65
65
|
gem 'rubocop-rspec', '2.12.1'
|
66
66
|
gem 'ruby-audio', '1.6.1'
|
67
67
|
gem 'ruby-nmap', '0.10.0'
|
68
68
|
gem 'ruby-saml', '1.14.0'
|
69
69
|
gem 'rvm', '1.11.3.9'
|
70
|
-
gem 'savon', '2.
|
70
|
+
gem 'savon', '2.13.0'
|
71
71
|
gem 'selenium-devtools', '0.104.0'
|
72
72
|
gem 'serialport', '1.3.2'
|
73
73
|
gem 'sinatra', '2.2.2'
|
data/README.md
CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.1.2@pwn
|
|
37
37
|
$ rvm list gemsets
|
38
38
|
$ gem install --verbose pwn
|
39
39
|
$ pwn
|
40
|
-
pwn[v0.4.
|
40
|
+
pwn[v0.4.519]:001 >>> PWN.help
|
41
41
|
```
|
42
42
|
|
43
43
|
[![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.1.2@pwn
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
53
53
|
$ gem install --verbose pwn
|
54
54
|
$ pwn
|
55
|
-
pwn[v0.4.
|
55
|
+
pwn[v0.4.519]:001 >>> PWN.help
|
56
56
|
```
|
57
57
|
|
58
58
|
|
data/lib/pwn/plugins/baresip.rb
CHANGED
@@ -291,6 +291,10 @@ module PWN
|
|
291
291
|
# )
|
292
292
|
|
293
293
|
public_class_method def self.apply_src_num_rules(opts = {})
|
294
|
+
config_root = opts[:config_root] if Dir.exist?(
|
295
|
+
opts[:config_root].to_s
|
296
|
+
)
|
297
|
+
config_root ||= "#{Dir.home}/.baresip"
|
294
298
|
src_num_rules = opts[:src_num_rules]
|
295
299
|
target_num = opts[:target_num]
|
296
300
|
|
@@ -307,25 +311,25 @@ module PWN
|
|
307
311
|
country = ''
|
308
312
|
when 11
|
309
313
|
# 1 digit country+area+prefix+suffix
|
310
|
-
country = format('%0.
|
314
|
+
country = format('%0.1d', Random.rand(1..9))
|
311
315
|
country = target_num.to_s.chars.first if src_num_rules_arr.include?(
|
312
316
|
:same_country
|
313
317
|
)
|
314
318
|
when 12
|
315
319
|
# 2 digit country+area+prefix+suffix
|
316
|
-
country = format('%0.
|
320
|
+
country = format('%0.2d', Random.rand(1..99))
|
317
321
|
country = target_num.to_s.chars[0..1].join if src_num_rules_arr.include?(
|
318
322
|
:same_country
|
319
323
|
)
|
320
324
|
when 13
|
321
325
|
# 3 digit country+area+prefix+suffix
|
322
|
-
country = format('%0.
|
326
|
+
country = format('%0.3d', Random.rand(1..999))
|
323
327
|
country = target_num.to_s.chars[0..2].join if src_num_rules_arr.include?(
|
324
328
|
:same_country
|
325
329
|
)
|
326
330
|
when 14
|
327
331
|
# 4 digit country+area+prefix+suffix
|
328
|
-
country = format('%0.
|
332
|
+
country = format('%0.4d', Random.rand(1..9999))
|
329
333
|
country = target_num.to_s.chars[0..3].join if src_num_rules_arr.include?(
|
330
334
|
:same_country
|
331
335
|
)
|
@@ -333,22 +337,33 @@ module PWN
|
|
333
337
|
raise "Target # should be 10-14 digits. Length is: #{target_num.to_s.length}"
|
334
338
|
end
|
335
339
|
|
336
|
-
|
340
|
+
# > 799 for prefix leads to call issues when calling 800 numbers.
|
341
|
+
# area = format('%0.3s', Random.rand(200..999))
|
342
|
+
area = format('%0.3d', Random.rand(200..999))
|
337
343
|
area = target_num.to_s.chars[-10..-8].join if src_num_rules_arr.include?(
|
338
344
|
:same_area
|
339
345
|
)
|
340
346
|
|
341
|
-
prefix = format('%0.
|
347
|
+
prefix = format('%0.3d', Random.rand(200..999))
|
342
348
|
prefix = target_num.to_s.chars[-7..-5].join if src_num_rules_arr.include?(
|
343
349
|
:same_prefix
|
344
350
|
)
|
345
|
-
suffix = format('%0.
|
351
|
+
suffix = format('%0.4d', Random.rand(0..9999))
|
346
352
|
src_num = "#{country}#{area}#{prefix}#{suffix}"
|
347
353
|
src_num = target_num if src_num_rules_arr.include?(:self)
|
348
354
|
|
349
355
|
# TODO: Update ~/.baresip/accounts to apply source number
|
350
|
-
|
351
|
-
|
356
|
+
sip_accounts_path = "#{config_root}/accounts"
|
357
|
+
updated_account_content = ''
|
358
|
+
File.read(sip_accounts_path).each_line do |line|
|
359
|
+
this_account_line = line
|
360
|
+
if line.match?(/^<sip:.+@.+>/)
|
361
|
+
sip_account_to_keep = this_account_line.split('@').last
|
362
|
+
this_account_line = "<sip:#{src_num}@#{sip_account_to_keep}"
|
363
|
+
end
|
364
|
+
updated_account_content = "#{updated_account_content}#{this_account_line}"
|
365
|
+
end
|
366
|
+
File.write(sip_accounts_path, updated_account_content)
|
352
367
|
|
353
368
|
src_num
|
354
369
|
rescue StandardError => e
|
@@ -366,6 +381,12 @@ module PWN
|
|
366
381
|
|
367
382
|
public_class_method def self.recon(opts = {})
|
368
383
|
baresip_bin = opts[:baresip_bin]
|
384
|
+
|
385
|
+
config_root = opts[:config_root] if Dir.exist?(
|
386
|
+
opts[:config_root].to_s
|
387
|
+
)
|
388
|
+
config_root ||= "#{Dir.home}/.baresip"
|
389
|
+
|
369
390
|
session_root = opts[:session_root]
|
370
391
|
session_root ||= Dir.pwd
|
371
392
|
target_file = opts[:target_file]
|
@@ -414,6 +435,7 @@ module PWN
|
|
414
435
|
Dir.chdir(session_root)
|
415
436
|
|
416
437
|
src_num = apply_src_num_rules(
|
438
|
+
config_root: config_root,
|
417
439
|
target_num: target_num,
|
418
440
|
src_num_rules: src_num_rules
|
419
441
|
)
|
@@ -23,7 +23,7 @@ module PWN
|
|
23
23
|
logger_results = ''
|
24
24
|
|
25
25
|
PWN::Plugins::FileFu.recurse_dir(dir_path: dir_path) do |entry|
|
26
|
-
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/
|
26
|
+
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/ && entry !~ /test/i
|
27
27
|
line_no_and_contents_arr = []
|
28
28
|
entry_beautified = false
|
29
29
|
|
@@ -22,7 +22,7 @@ module PWN
|
|
22
22
|
logger_results = ''
|
23
23
|
|
24
24
|
PWN::Plugins::FileFu.recurse_dir(dir_path: dir_path) do |entry|
|
25
|
-
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/
|
25
|
+
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/ && entry !~ /test/i
|
26
26
|
line_no_and_contents_arr = []
|
27
27
|
entry_beautified = false
|
28
28
|
|
data/lib/pwn/sast/aws.rb
CHANGED
@@ -21,7 +21,7 @@ module PWN
|
|
21
21
|
logger_results = ''
|
22
22
|
|
23
23
|
PWN::Plugins::FileFu.recurse_dir(dir_path: dir_path) do |entry|
|
24
|
-
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/
|
24
|
+
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/ && entry !~ /test/i
|
25
25
|
line_no_and_contents_arr = []
|
26
26
|
entry_beautified = false
|
27
27
|
|
@@ -23,7 +23,7 @@ module PWN
|
|
23
23
|
logger_results = ''
|
24
24
|
|
25
25
|
PWN::Plugins::FileFu.recurse_dir(dir_path: dir_path) do |entry|
|
26
|
-
if (File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/) && (File.extname(entry) == '.c' || File.extname(entry) == '.cpp' || File.extname(entry) == '.c++' || File.extname(entry) == '.cxx' || File.extname(entry) == '.h' || File.extname(entry) == '.hpp' || File.extname(entry) == '.h++' || File.extname(entry) == '.hh' || File.extname(entry) == '.hxx' || File.extname(entry) == '.ii' || File.extname(entry) == '.ixx' || File.extname(entry) == '.ipp' || File.extname(entry) == '.inl' || File.extname(entry) == '.txx' || File.extname(entry) == '.tpp' || File.extname(entry) == '.tpl')
|
26
|
+
if (File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/) && (File.extname(entry) == '.c' || File.extname(entry) == '.cpp' || File.extname(entry) == '.c++' || File.extname(entry) == '.cxx' || File.extname(entry) == '.h' || File.extname(entry) == '.hpp' || File.extname(entry) == '.h++' || File.extname(entry) == '.hh' || File.extname(entry) == '.hxx' || File.extname(entry) == '.ii' || File.extname(entry) == '.ixx' || File.extname(entry) == '.ipp' || File.extname(entry) == '.inl' || File.extname(entry) == '.txx' || File.extname(entry) == '.tpp' || File.extname(entry) == '.tpl') && entry !~ /test/i
|
27
27
|
line_no_and_contents_arr = []
|
28
28
|
entry_beautified = false
|
29
29
|
|
data/lib/pwn/sast/base64.rb
CHANGED
@@ -22,7 +22,7 @@ module PWN
|
|
22
22
|
logger_results = ''
|
23
23
|
|
24
24
|
PWN::Plugins::FileFu.recurse_dir(dir_path: dir_path) do |entry|
|
25
|
-
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/
|
25
|
+
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/ && entry !~ /test/i
|
26
26
|
line_no_and_contents_arr = []
|
27
27
|
entry_beautified = false
|
28
28
|
|
data/lib/pwn/sast/beef_hook.rb
CHANGED
@@ -22,7 +22,7 @@ module PWN
|
|
22
22
|
logger_results = ''
|
23
23
|
|
24
24
|
PWN::Plugins::FileFu.recurse_dir(dir_path: dir_path) do |entry|
|
25
|
-
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/
|
25
|
+
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/ && entry !~ /test/i
|
26
26
|
line_no_and_contents_arr = []
|
27
27
|
entry_beautified = false
|
28
28
|
|
@@ -32,7 +32,10 @@ module PWN
|
|
32
32
|
entry_beautified = true
|
33
33
|
end
|
34
34
|
|
35
|
-
test_case_filter = "
|
35
|
+
test_case_filter = "
|
36
|
+
grep -Fin \
|
37
|
+
-e 'hook.js' #{entry}
|
38
|
+
"
|
36
39
|
|
37
40
|
str = `#{test_case_filter}`.to_s.scrub
|
38
41
|
|
@@ -22,7 +22,7 @@ module PWN
|
|
22
22
|
logger_results = ''
|
23
23
|
|
24
24
|
PWN::Plugins::FileFu.recurse_dir(dir_path: dir_path) do |entry|
|
25
|
-
if (File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/) && File.extname(entry) == '.java'
|
25
|
+
if (File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/) && File.extname(entry) == '.java' && entry !~ /test/i
|
26
26
|
line_no_and_contents_arr = []
|
27
27
|
entry_beautified = false
|
28
28
|
|
@@ -22,7 +22,7 @@ module PWN
|
|
22
22
|
logger_results = ''
|
23
23
|
|
24
24
|
PWN::Plugins::FileFu.recurse_dir(dir_path: dir_path) do |entry|
|
25
|
-
if (File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/) && (File.extname(entry) == '.py' || File.extname(entry) == '.pyc' || File.extname(entry) == '.pyo' || File.extname(entry) == '.pyd')
|
25
|
+
if (File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/) && (File.extname(entry) == '.py' || File.extname(entry) == '.pyc' || File.extname(entry) == '.pyo' || File.extname(entry) == '.pyd') && entry !~ /test/i
|
26
26
|
line_no_and_contents_arr = []
|
27
27
|
entry_beautified = false
|
28
28
|
|
@@ -22,7 +22,7 @@ module PWN
|
|
22
22
|
logger_results = ''
|
23
23
|
|
24
24
|
PWN::Plugins::FileFu.recurse_dir(dir_path: dir_path) do |entry|
|
25
|
-
if (File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/) && (File.extname(entry) == '.rb' || File.extname(entry) == '.rbw')
|
25
|
+
if (File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/) && (File.extname(entry) == '.rb' || File.extname(entry) == '.rbw') && entry !~ /test/i
|
26
26
|
line_no_and_contents_arr = []
|
27
27
|
entry_beautified = false
|
28
28
|
|
@@ -22,7 +22,7 @@ module PWN
|
|
22
22
|
logger_results = ''
|
23
23
|
|
24
24
|
PWN::Plugins::FileFu.recurse_dir(dir_path: dir_path) do |entry|
|
25
|
-
if (File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/) && File.extname(entry) == '.scala'
|
25
|
+
if (File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/) && File.extname(entry) == '.scala' && entry !~ /test/i
|
26
26
|
line_no_and_contents_arr = []
|
27
27
|
entry_beautified = false
|
28
28
|
|
data/lib/pwn/sast/csrf.rb
CHANGED
@@ -23,7 +23,7 @@ module PWN
|
|
23
23
|
logger_results = ''
|
24
24
|
|
25
25
|
PWN::Plugins::FileFu.recurse_dir(dir_path: dir_path) do |entry|
|
26
|
-
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/
|
26
|
+
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/ && entry !~ /test/i
|
27
27
|
line_no_and_contents_arr = []
|
28
28
|
entry_beautified = false
|
29
29
|
|
@@ -34,7 +34,8 @@ module PWN
|
|
34
34
|
end
|
35
35
|
|
36
36
|
test_case_filter = "
|
37
|
-
grep -ni
|
37
|
+
grep -ni \
|
38
|
+
-e 'csrf' #{entry}
|
38
39
|
"
|
39
40
|
|
40
41
|
str = `#{test_case_filter}`.to_s.scrub
|
@@ -24,7 +24,7 @@ module PWN
|
|
24
24
|
logger_results = ''
|
25
25
|
|
26
26
|
PWN::Plugins::FileFu.recurse_dir(dir_path: dir_path) do |entry|
|
27
|
-
if (File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/) && (File.extname(entry) == '.scala' || File.extname(entry) == '.java')
|
27
|
+
if (File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/) && (File.extname(entry) == '.scala' || File.extname(entry) == '.java') && entry !~ /test/i
|
28
28
|
line_no_and_contents_arr = []
|
29
29
|
entry_beautified = false
|
30
30
|
|
@@ -34,7 +34,17 @@ module PWN
|
|
34
34
|
entry_beautified = true
|
35
35
|
end
|
36
36
|
|
37
|
-
test_case_filter = "
|
37
|
+
test_case_filter = "
|
38
|
+
grep -in \
|
39
|
+
-e readObject \
|
40
|
+
-e XMLdecoder \
|
41
|
+
-e fromXML \
|
42
|
+
-e readObjectNodData \
|
43
|
+
-e readResolve \
|
44
|
+
-e readExternal \
|
45
|
+
-e readUnshared \
|
46
|
+
-e Serializable #{entry}
|
47
|
+
"
|
38
48
|
|
39
49
|
str = `#{test_case_filter}`.to_s.scrub
|
40
50
|
|
data/lib/pwn/sast/emoticon.rb
CHANGED
@@ -22,7 +22,7 @@ module PWN
|
|
22
22
|
logger_results = ''
|
23
23
|
|
24
24
|
PWN::Plugins::FileFu.recurse_dir(dir_path: dir_path) do |entry|
|
25
|
-
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/
|
25
|
+
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/ && entry !~ /test/i
|
26
26
|
line_no_and_contents_arr = []
|
27
27
|
entry_beautified = false
|
28
28
|
|
@@ -38,6 +38,9 @@ module PWN
|
|
38
38
|
-e ';-)' \
|
39
39
|
-e ':-P' \
|
40
40
|
-e ':-D' \
|
41
|
+
-e '\_o_/' \
|
42
|
+
-e '\_O_/' \
|
43
|
+
-e '\_0_/' \
|
41
44
|
-e ':-O' #{entry}
|
42
45
|
"
|
43
46
|
|
data/lib/pwn/sast/eval.rb
CHANGED
@@ -23,7 +23,7 @@ module PWN
|
|
23
23
|
logger_results = ''
|
24
24
|
|
25
25
|
PWN::Plugins::FileFu.recurse_dir(dir_path: dir_path) do |entry|
|
26
|
-
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/
|
26
|
+
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/ && entry !~ /test/i
|
27
27
|
line_no_and_contents_arr = []
|
28
28
|
entry_beautified = false
|
29
29
|
|
@@ -34,7 +34,8 @@ module PWN
|
|
34
34
|
end
|
35
35
|
|
36
36
|
test_case_filter = "
|
37
|
-
grep -n
|
37
|
+
grep -n \
|
38
|
+
-e 'eval(' #{entry}
|
38
39
|
"
|
39
40
|
|
40
41
|
str = `#{test_case_filter}`.to_s.scrub
|
data/lib/pwn/sast/factory.rb
CHANGED
@@ -24,7 +24,7 @@ module PWN
|
|
24
24
|
logger_results = ''
|
25
25
|
|
26
26
|
PWN::Plugins::FileFu.recurse_dir(dir_path: dir_path) do |entry|
|
27
|
-
if (File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/) && (File.extname(entry) == '.scala' || File.extname(entry) == '.java')
|
27
|
+
if (File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/) && (File.extname(entry) == '.scala' || File.extname(entry) == '.java') && entry !~ /test/i
|
28
28
|
line_no_and_contents_arr = []
|
29
29
|
entry_beautified = false
|
30
30
|
|
@@ -34,7 +34,12 @@ module PWN
|
|
34
34
|
entry_beautified = true
|
35
35
|
end
|
36
36
|
|
37
|
-
test_case_filter = "
|
37
|
+
test_case_filter = "
|
38
|
+
grep -in \
|
39
|
+
-e DocumentBuilderFactory \
|
40
|
+
-e XMLInputFactory \
|
41
|
+
-e SAXParserFactory #{entry}
|
42
|
+
"
|
38
43
|
|
39
44
|
str = `#{test_case_filter}`.to_s.scrub
|
40
45
|
|
@@ -22,7 +22,7 @@ module PWN
|
|
22
22
|
logger_results = ''
|
23
23
|
|
24
24
|
PWN::Plugins::FileFu.recurse_dir(dir_path: dir_path) do |entry|
|
25
|
-
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/
|
25
|
+
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/ && entry !~ /test/i
|
26
26
|
line_no_and_contents_arr = []
|
27
27
|
entry_beautified = false
|
28
28
|
|
data/lib/pwn/sast/inner_html.rb
CHANGED
@@ -23,7 +23,7 @@ module PWN
|
|
23
23
|
logger_results = ''
|
24
24
|
|
25
25
|
PWN::Plugins::FileFu.recurse_dir(dir_path: dir_path) do |entry|
|
26
|
-
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/
|
26
|
+
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/ && entry !~ /test/i
|
27
27
|
line_no_and_contents_arr = []
|
28
28
|
entry_beautified = false
|
29
29
|
|
@@ -34,7 +34,8 @@ module PWN
|
|
34
34
|
end
|
35
35
|
|
36
36
|
test_case_filter = "
|
37
|
-
grep -n
|
37
|
+
grep -n \
|
38
|
+
-e 'innerHTML' #{entry}
|
38
39
|
"
|
39
40
|
|
40
41
|
str = `#{test_case_filter}`.to_s.scrub
|
data/lib/pwn/sast/keystore.rb
CHANGED
@@ -22,7 +22,7 @@ module PWN
|
|
22
22
|
logger_results = ''
|
23
23
|
|
24
24
|
PWN::Plugins::FileFu.recurse_dir(dir_path: dir_path) do |entry|
|
25
|
-
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/
|
25
|
+
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/ && entry !~ /test/i
|
26
26
|
line_no_and_contents_arr = []
|
27
27
|
entry_beautified = false
|
28
28
|
|
@@ -32,7 +32,10 @@ module PWN
|
|
32
32
|
entry_beautified = true
|
33
33
|
end
|
34
34
|
|
35
|
-
test_case_filter = "
|
35
|
+
test_case_filter = "
|
36
|
+
grep -Fin \
|
37
|
+
-e 'keystore' #{entry}
|
38
|
+
"
|
36
39
|
|
37
40
|
str = `#{test_case_filter}`.to_s.scrub
|
38
41
|
|
@@ -23,7 +23,7 @@ module PWN
|
|
23
23
|
logger_results = ''
|
24
24
|
|
25
25
|
PWN::Plugins::FileFu.recurse_dir(dir_path: dir_path) do |entry|
|
26
|
-
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/
|
26
|
+
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/ && entry !~ /test/i
|
27
27
|
line_no_and_contents_arr = []
|
28
28
|
entry_beautified = false
|
29
29
|
|
@@ -34,7 +34,8 @@ module PWN
|
|
34
34
|
end
|
35
35
|
|
36
36
|
test_case_filter = "
|
37
|
-
grep -n
|
37
|
+
grep -n \
|
38
|
+
-e 'location.hash' #{entry}
|
38
39
|
"
|
39
40
|
|
40
41
|
str = `#{test_case_filter}`.to_s.scrub
|
data/lib/pwn/sast/log4j.rb
CHANGED
@@ -22,7 +22,7 @@ module PWN
|
|
22
22
|
logger_results = ''
|
23
23
|
|
24
24
|
PWN::Plugins::FileFu.recurse_dir(dir_path: dir_path) do |entry|
|
25
|
-
if (File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/) && File.extname(entry) == '.java'
|
25
|
+
if (File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/) && File.extname(entry) == '.java' && entry !~ /test/i
|
26
26
|
line_no_and_contents_arr = []
|
27
27
|
entry_beautified = false
|
28
28
|
|
data/lib/pwn/sast/logger.rb
CHANGED
@@ -23,7 +23,7 @@ module PWN
|
|
23
23
|
logger_results = ''
|
24
24
|
|
25
25
|
PWN::Plugins::FileFu.recurse_dir(dir_path: dir_path) do |entry|
|
26
|
-
if (File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/) && (File.extname(entry) == '.scala' || File.extname(entry) == '.java')
|
26
|
+
if (File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/) && (File.extname(entry) == '.scala' || File.extname(entry) == '.java') && entry !~ /test/i
|
27
27
|
line_no_and_contents_arr = []
|
28
28
|
entry_beautified = false
|
29
29
|
|
data/lib/pwn/sast/outer_html.rb
CHANGED
@@ -23,7 +23,7 @@ module PWN
|
|
23
23
|
logger_results = ''
|
24
24
|
|
25
25
|
PWN::Plugins::FileFu.recurse_dir(dir_path: dir_path) do |entry|
|
26
|
-
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/
|
26
|
+
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/ && entry !~ /test/i
|
27
27
|
line_no_and_contents_arr = []
|
28
28
|
entry_beautified = false
|
29
29
|
|
@@ -34,7 +34,8 @@ module PWN
|
|
34
34
|
end
|
35
35
|
|
36
36
|
test_case_filter = "
|
37
|
-
grep -n
|
37
|
+
grep -n \
|
38
|
+
-e 'outerHTML' #{entry}
|
38
39
|
"
|
39
40
|
|
40
41
|
str = `#{test_case_filter}`.to_s.scrub
|
data/lib/pwn/sast/password.rb
CHANGED
@@ -22,7 +22,7 @@ module PWN
|
|
22
22
|
logger_results = ''
|
23
23
|
|
24
24
|
PWN::Plugins::FileFu.recurse_dir(dir_path: dir_path) do |entry|
|
25
|
-
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/
|
25
|
+
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/ && entry !~ /test/i
|
26
26
|
line_no_and_contents_arr = []
|
27
27
|
entry_beautified = false
|
28
28
|
|
data/lib/pwn/sast/pom_version.rb
CHANGED
@@ -23,7 +23,7 @@ module PWN
|
|
23
23
|
logger_results = ''
|
24
24
|
|
25
25
|
PWN::Plugins::FileFu.recurse_dir(dir_path: dir_path) do |entry|
|
26
|
-
if File.file?(entry) && File.basename(entry) == 'pom.xml'
|
26
|
+
if File.file?(entry) && File.basename(entry) == 'pom.xml' && entry !~ /test/i
|
27
27
|
line_no_and_contents_arr = []
|
28
28
|
entry_beautified = false
|
29
29
|
|
@@ -33,7 +33,10 @@ module PWN
|
|
33
33
|
entry_beautified = true
|
34
34
|
end
|
35
35
|
|
36
|
-
test_case_filter = "
|
36
|
+
test_case_filter = "
|
37
|
+
grep -in -B2 \
|
38
|
+
-e 'version' #{entry}
|
39
|
+
"
|
37
40
|
|
38
41
|
str = `#{test_case_filter}`.to_s.scrub
|
39
42
|
|
data/lib/pwn/sast/port.rb
CHANGED
@@ -24,7 +24,7 @@ module PWN
|
|
24
24
|
logger_results = ''
|
25
25
|
|
26
26
|
PWN::Plugins::FileFu.recurse_dir(dir_path: dir_path) do |entry|
|
27
|
-
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/
|
27
|
+
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/ && entry !~ /test/i
|
28
28
|
line_no_and_contents_arr = []
|
29
29
|
entry_beautified = false
|
30
30
|
|
data/lib/pwn/sast/private_key.rb
CHANGED
@@ -22,7 +22,7 @@ module PWN
|
|
22
22
|
logger_results = ''
|
23
23
|
|
24
24
|
PWN::Plugins::FileFu.recurse_dir(dir_path: dir_path) do |entry|
|
25
|
-
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/
|
25
|
+
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/ && entry !~ /test/i
|
26
26
|
line_no_and_contents_arr = []
|
27
27
|
entry_beautified = false
|
28
28
|
|
data/lib/pwn/sast/redirect.rb
CHANGED
@@ -22,7 +22,7 @@ module PWN
|
|
22
22
|
logger_results = ''
|
23
23
|
|
24
24
|
PWN::Plugins::FileFu.recurse_dir(dir_path: dir_path) do |entry|
|
25
|
-
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/
|
25
|
+
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/ && entry !~ /test/i
|
26
26
|
line_no_and_contents_arr = []
|
27
27
|
entry_beautified = false
|
28
28
|
|
data/lib/pwn/sast/redos.rb
CHANGED
@@ -23,7 +23,7 @@ module PWN
|
|
23
23
|
logger_results = ''
|
24
24
|
|
25
25
|
PWN::Plugins::FileFu.recurse_dir(dir_path: dir_path) do |entry|
|
26
|
-
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/
|
26
|
+
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/ && entry !~ /test/i
|
27
27
|
line_no_and_contents_arr = []
|
28
28
|
entry_beautified = false
|
29
29
|
|
data/lib/pwn/sast/shell.rb
CHANGED
@@ -22,7 +22,7 @@ module PWN
|
|
22
22
|
logger_results = ''
|
23
23
|
|
24
24
|
PWN::Plugins::FileFu.recurse_dir(dir_path: dir_path) do |entry|
|
25
|
-
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/
|
25
|
+
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/ && entry !~ /test/i
|
26
26
|
line_no_and_contents_arr = []
|
27
27
|
entry_beautified = false
|
28
28
|
|
data/lib/pwn/sast/signature.rb
CHANGED
@@ -22,7 +22,7 @@ module PWN
|
|
22
22
|
logger_results = ''
|
23
23
|
|
24
24
|
PWN::Plugins::FileFu.recurse_dir(dir_path: dir_path) do |entry|
|
25
|
-
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/
|
25
|
+
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/ && entry !~ /test/i
|
26
26
|
line_no_and_contents_arr = []
|
27
27
|
entry_beautified = false
|
28
28
|
|
data/lib/pwn/sast/sql.rb
CHANGED
@@ -23,7 +23,7 @@ module PWN
|
|
23
23
|
logger_results = ''
|
24
24
|
|
25
25
|
PWN::Plugins::FileFu.recurse_dir(dir_path: dir_path) do |entry|
|
26
|
-
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/
|
26
|
+
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/ && entry !~ /test/i
|
27
27
|
line_no_and_contents_arr = []
|
28
28
|
entry_beautified = false
|
29
29
|
|
data/lib/pwn/sast/ssl.rb
CHANGED
@@ -22,7 +22,7 @@ module PWN
|
|
22
22
|
logger_results = ''
|
23
23
|
|
24
24
|
PWN::Plugins::FileFu.recurse_dir(dir_path: dir_path) do |entry|
|
25
|
-
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/
|
25
|
+
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/ && entry !~ /test/i
|
26
26
|
line_no_and_contents_arr = []
|
27
27
|
entry_beautified = false
|
28
28
|
|
@@ -32,7 +32,14 @@ module PWN
|
|
32
32
|
entry_beautified = true
|
33
33
|
end
|
34
34
|
|
35
|
-
test_case_filter = "
|
35
|
+
test_case_filter = "
|
36
|
+
grep -Fin \
|
37
|
+
-e 'ssl' \
|
38
|
+
-e 'tls' \
|
39
|
+
-e 'trustAll' \
|
40
|
+
-e 'trustmanager' \
|
41
|
+
-e 'ssl_version' #{entry}
|
42
|
+
"
|
36
43
|
|
37
44
|
str = `#{test_case_filter}`.to_s.scrub
|
38
45
|
|
data/lib/pwn/sast/sudo.rb
CHANGED
@@ -22,7 +22,7 @@ module PWN
|
|
22
22
|
logger_results = ''
|
23
23
|
|
24
24
|
PWN::Plugins::FileFu.recurse_dir(dir_path: dir_path) do |entry|
|
25
|
-
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/
|
25
|
+
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/ && entry !~ /test/i
|
26
26
|
line_no_and_contents_arr = []
|
27
27
|
entry_beautified = false
|
28
28
|
|
data/lib/pwn/sast/task_tag.rb
CHANGED
@@ -23,7 +23,7 @@ module PWN
|
|
23
23
|
logger_results = ''
|
24
24
|
|
25
25
|
PWN::Plugins::FileFu.recurse_dir(dir_path: dir_path) do |entry|
|
26
|
-
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/
|
26
|
+
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/ && entry !~ /test/i
|
27
27
|
line_no_and_contents_arr = []
|
28
28
|
entry_beautified = false
|
29
29
|
|
@@ -22,7 +22,7 @@ module PWN
|
|
22
22
|
logger_results = ''
|
23
23
|
|
24
24
|
PWN::Plugins::FileFu.recurse_dir(dir_path: dir_path) do |entry|
|
25
|
-
if (File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/) && (File.extname(entry) == '.scala' || File.extname(entry) == '.java')
|
25
|
+
if (File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/) && (File.extname(entry) == '.scala' || File.extname(entry) == '.java') && entry !~ /test/i
|
26
26
|
line_no_and_contents_arr = []
|
27
27
|
entry_beautified = false
|
28
28
|
|
@@ -33,7 +33,8 @@ module PWN
|
|
33
33
|
end
|
34
34
|
|
35
35
|
test_case_filter = %(
|
36
|
-
grep -in
|
36
|
+
grep -in \
|
37
|
+
-e throw #{entry} | grep '"'
|
37
38
|
)
|
38
39
|
|
39
40
|
str = `#{test_case_filter}`.to_s.scrub
|
data/lib/pwn/sast/token.rb
CHANGED
@@ -22,7 +22,7 @@ module PWN
|
|
22
22
|
logger_results = ''
|
23
23
|
|
24
24
|
PWN::Plugins::FileFu.recurse_dir(dir_path: dir_path) do |entry|
|
25
|
-
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/
|
25
|
+
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/ && entry !~ /test/i
|
26
26
|
line_no_and_contents_arr = []
|
27
27
|
entry_beautified = false
|
28
28
|
|
@@ -32,7 +32,12 @@ module PWN
|
|
32
32
|
entry_beautified = true
|
33
33
|
end
|
34
34
|
|
35
|
-
test_case_filter = "
|
35
|
+
test_case_filter = "
|
36
|
+
grep -Fin \
|
37
|
+
-e 'token' \
|
38
|
+
-e 'oauth' \
|
39
|
+
-e 'decodeAndVerify' #{entry}
|
40
|
+
"
|
36
41
|
|
37
42
|
str = `#{test_case_filter}`.to_s.scrub
|
38
43
|
|
data/lib/pwn/sast/version.rb
CHANGED
@@ -22,7 +22,7 @@ module PWN
|
|
22
22
|
logger_results = ''
|
23
23
|
|
24
24
|
PWN::Plugins::FileFu.recurse_dir(dir_path: dir_path) do |entry|
|
25
|
-
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/
|
25
|
+
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/ && entry !~ /test/i
|
26
26
|
line_no_and_contents_arr = []
|
27
27
|
entry_beautified = false
|
28
28
|
|
@@ -32,7 +32,11 @@ module PWN
|
|
32
32
|
entry_beautified = true
|
33
33
|
end
|
34
34
|
|
35
|
-
test_case_filter = %(
|
35
|
+
test_case_filter = %(
|
36
|
+
grep -in \
|
37
|
+
-e "version\\s=\\s" #{entry} | \
|
38
|
+
grep -F '"'
|
39
|
+
)
|
36
40
|
|
37
41
|
str = `#{test_case_filter}`.to_s.scrub
|
38
42
|
|
@@ -22,7 +22,7 @@ module PWN
|
|
22
22
|
logger_results = ''
|
23
23
|
|
24
24
|
PWN::Plugins::FileFu.recurse_dir(dir_path: dir_path) do |entry|
|
25
|
-
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/
|
25
|
+
if File.file?(entry) && File.basename(entry) !~ /^pwn.+(html|json|db)$/ && File.basename(entry) !~ /\.JS-BEAUTIFIED$/ && entry !~ /test/i
|
26
26
|
line_no_and_contents_arr = []
|
27
27
|
entry_beautified = false
|
28
28
|
|
@@ -33,7 +33,8 @@ module PWN
|
|
33
33
|
end
|
34
34
|
|
35
35
|
test_case_filter = "
|
36
|
-
grep -n
|
36
|
+
grep -n \
|
37
|
+
-e 'window.location.hash' #{entry}
|
37
38
|
"
|
38
39
|
|
39
40
|
str = `#{test_case_filter}`.to_s.scrub
|
data/lib/pwn/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: pwn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.4.
|
4
|
+
version: 0.4.519
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- 0day Inc.
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-08-
|
11
|
+
date: 2022-08-23 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|
@@ -86,14 +86,14 @@ dependencies:
|
|
86
86
|
requirements:
|
87
87
|
- - '='
|
88
88
|
- !ruby/object:Gem::Version
|
89
|
-
version: 5.
|
89
|
+
version: 5.3.1
|
90
90
|
type: :runtime
|
91
91
|
prerelease: false
|
92
92
|
version_requirements: !ruby/object:Gem::Requirement
|
93
93
|
requirements:
|
94
94
|
- - '='
|
95
95
|
- !ruby/object:Gem::Version
|
96
|
-
version: 5.
|
96
|
+
version: 5.3.1
|
97
97
|
- !ruby/object:Gem::Dependency
|
98
98
|
name: bson
|
99
99
|
requirement: !ruby/object:Gem::Requirement
|
@@ -114,14 +114,14 @@ dependencies:
|
|
114
114
|
requirements:
|
115
115
|
- - ">="
|
116
116
|
- !ruby/object:Gem::Version
|
117
|
-
version: 2.3.
|
117
|
+
version: 2.3.20
|
118
118
|
type: :development
|
119
119
|
prerelease: false
|
120
120
|
version_requirements: !ruby/object:Gem::Requirement
|
121
121
|
requirements:
|
122
122
|
- - ">="
|
123
123
|
- !ruby/object:Gem::Version
|
124
|
-
version: 2.3.
|
124
|
+
version: 2.3.20
|
125
125
|
- !ruby/object:Gem::Dependency
|
126
126
|
name: bundler-audit
|
127
127
|
requirement: !ruby/object:Gem::Requirement
|
@@ -520,14 +520,14 @@ dependencies:
|
|
520
520
|
requirements:
|
521
521
|
- - '='
|
522
522
|
- !ruby/object:Gem::Version
|
523
|
-
version: 1.4.
|
523
|
+
version: 1.4.3
|
524
524
|
type: :runtime
|
525
525
|
prerelease: false
|
526
526
|
version_requirements: !ruby/object:Gem::Requirement
|
527
527
|
requirements:
|
528
528
|
- - '='
|
529
529
|
- !ruby/object:Gem::Version
|
530
|
-
version: 1.4.
|
530
|
+
version: 1.4.3
|
531
531
|
- !ruby/object:Gem::Dependency
|
532
532
|
name: pry
|
533
533
|
requirement: !ruby/object:Gem::Requirement
|
@@ -688,14 +688,14 @@ dependencies:
|
|
688
688
|
requirements:
|
689
689
|
- - '='
|
690
690
|
- !ruby/object:Gem::Version
|
691
|
-
version: 1.
|
691
|
+
version: 1.35.1
|
692
692
|
type: :runtime
|
693
693
|
prerelease: false
|
694
694
|
version_requirements: !ruby/object:Gem::Requirement
|
695
695
|
requirements:
|
696
696
|
- - '='
|
697
697
|
- !ruby/object:Gem::Version
|
698
|
-
version: 1.
|
698
|
+
version: 1.35.1
|
699
699
|
- !ruby/object:Gem::Dependency
|
700
700
|
name: rubocop-rake
|
701
701
|
requirement: !ruby/object:Gem::Requirement
|
@@ -786,14 +786,14 @@ dependencies:
|
|
786
786
|
requirements:
|
787
787
|
- - '='
|
788
788
|
- !ruby/object:Gem::Version
|
789
|
-
version: 2.
|
789
|
+
version: 2.13.0
|
790
790
|
type: :runtime
|
791
791
|
prerelease: false
|
792
792
|
version_requirements: !ruby/object:Gem::Requirement
|
793
793
|
requirements:
|
794
794
|
- - '='
|
795
795
|
- !ruby/object:Gem::Version
|
796
|
-
version: 2.
|
796
|
+
version: 2.13.0
|
797
797
|
- !ruby/object:Gem::Dependency
|
798
798
|
name: selenium-devtools
|
799
799
|
requirement: !ruby/object:Gem::Requirement
|
@@ -2024,7 +2024,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
2024
2024
|
- !ruby/object:Gem::Version
|
2025
2025
|
version: '0'
|
2026
2026
|
requirements: []
|
2027
|
-
rubygems_version: 3.3.
|
2027
|
+
rubygems_version: 3.3.20
|
2028
2028
|
signing_key:
|
2029
2029
|
specification_version: 4
|
2030
2030
|
summary: Automated Security Testing for CI/CD Pipelines & Beyond
|