pwn 0.4.615 → 0.4.617
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rubocop_todo.yml +24 -18
- data/Gemfile +1 -1
- data/README.md +2 -2
- data/bin/pwn_diff_csv_files_w_column_exclude +114 -0
- data/lib/pwn/plugins/char.rb +2 -2
- data/lib/pwn/version.rb +1 -1
- metadata +7 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 7ce0b8306b27187a799b6b6663fabcb1cd4b867c416821839afbdc919c30c223
|
4
|
+
data.tar.gz: 23bae66a8f9ab8b2aadb100ba2a8917534c2ff16810e0751f53a7fedc8c8147b
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 65c3e9b98ee212b202eb1bce9f94ec8166e922f82d89db136ab3102ddf423c3a260f47e495eb5d11ed32a9a5404e5729432f450938bf294b866c71464e637675
|
7
|
+
data.tar.gz: 1806d7bb3c43b009d2167fc56c10a9a3b25cb9d745b2966b7c3537cb44390b9d1f36c9cf22cb3213d1a7a19cf20dd840216a0805c14bb1a88bda1424bb0d842c
|
data/.rubocop_todo.yml
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
# This configuration was generated by
|
2
2
|
# `rubocop --auto-gen-config`
|
3
|
-
# on 2023-
|
3
|
+
# on 2023-03-07 16:56:25 UTC using RuboCop version 1.48.0.
|
4
4
|
# The point is for the user to remove these configuration records
|
5
5
|
# one by one as the offenses are removed from the code base.
|
6
6
|
# Note that changes in the inspected code, or installation of new
|
@@ -17,37 +17,43 @@ Layout/LineContinuationSpacing:
|
|
17
17
|
- 'packer/provisioners/wpscan.rb'
|
18
18
|
- 'vagrant/provisioners/beef.rb'
|
19
19
|
|
20
|
-
# Offense count:
|
20
|
+
# Offense count: 270
|
21
21
|
Lint/UselessAssignment:
|
22
22
|
Enabled: false
|
23
23
|
|
24
|
-
# Offense count:
|
24
|
+
# Offense count: 631
|
25
25
|
Lint/UselessRescue:
|
26
26
|
Enabled: false
|
27
27
|
|
28
|
-
# Offense count:
|
29
|
-
# Configuration parameters: AllowedMethods, AllowedPatterns,
|
28
|
+
# Offense count: 271
|
29
|
+
# Configuration parameters: AllowedMethods, AllowedPatterns, CountRepeatedAttributes.
|
30
30
|
Metrics/AbcSize:
|
31
31
|
Max: 328
|
32
32
|
|
33
|
-
# Offense count:
|
34
|
-
# Configuration parameters: CountComments, CountAsOne,
|
33
|
+
# Offense count: 69
|
34
|
+
# Configuration parameters: CountComments, CountAsOne, AllowedMethods, AllowedPatterns.
|
35
35
|
# AllowedMethods: refine
|
36
36
|
Metrics/BlockLength:
|
37
37
|
Max: 196
|
38
38
|
|
39
|
-
# Offense count:
|
39
|
+
# Offense count: 47
|
40
40
|
# Configuration parameters: CountBlocks.
|
41
41
|
Metrics/BlockNesting:
|
42
42
|
Max: 5
|
43
43
|
|
44
|
-
# Offense count:
|
45
|
-
# Configuration parameters:
|
44
|
+
# Offense count: 1
|
45
|
+
# Configuration parameters: LengthThreshold.
|
46
|
+
Metrics/CollectionLiteralLength:
|
47
|
+
Exclude:
|
48
|
+
- 'lib/pwn/plugins/uri_scheme.rb'
|
49
|
+
|
50
|
+
# Offense count: 98
|
51
|
+
# Configuration parameters: AllowedMethods, AllowedPatterns.
|
46
52
|
Metrics/CyclomaticComplexity:
|
47
53
|
Max: 231
|
48
54
|
|
49
|
-
# Offense count:
|
50
|
-
# Configuration parameters: CountComments, CountAsOne,
|
55
|
+
# Offense count: 493
|
56
|
+
# Configuration parameters: CountComments, CountAsOne, AllowedMethods, AllowedPatterns.
|
51
57
|
Metrics/MethodLength:
|
52
58
|
Max: 466
|
53
59
|
|
@@ -56,12 +62,12 @@ Metrics/MethodLength:
|
|
56
62
|
Metrics/ModuleLength:
|
57
63
|
Max: 1186
|
58
64
|
|
59
|
-
# Offense count:
|
60
|
-
# Configuration parameters: AllowedMethods, AllowedPatterns
|
65
|
+
# Offense count: 90
|
66
|
+
# Configuration parameters: AllowedMethods, AllowedPatterns.
|
61
67
|
Metrics/PerceivedComplexity:
|
62
68
|
Max: 51
|
63
69
|
|
64
|
-
# Offense count:
|
70
|
+
# Offense count: 166
|
65
71
|
Style/ClassVars:
|
66
72
|
Enabled: false
|
67
73
|
|
@@ -102,14 +108,14 @@ Style/RedundantStringEscape:
|
|
102
108
|
- 'lib/pwn/sast/redos.rb'
|
103
109
|
- 'vagrant/provisioners/kali_customize.rb'
|
104
110
|
|
105
|
-
# Offense count:
|
111
|
+
# Offense count: 46
|
106
112
|
# This cop supports unsafe autocorrection (--autocorrect-all).
|
107
113
|
Style/SlicingWithRange:
|
108
114
|
Enabled: false
|
109
115
|
|
110
|
-
# Offense count:
|
116
|
+
# Offense count: 579
|
111
117
|
# This cop supports safe autocorrection (--autocorrect).
|
112
|
-
# Configuration parameters: AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, AllowedPatterns
|
118
|
+
# Configuration parameters: AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, AllowedPatterns.
|
113
119
|
# URISchemes: http, https
|
114
120
|
Layout/LineLength:
|
115
121
|
Max: 1620
|
data/Gemfile
CHANGED
data/README.md
CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-ruby-3.2.1@pwn
|
|
37
37
|
$ rvm list gemsets
|
38
38
|
$ gem install --verbose pwn
|
39
39
|
$ pwn
|
40
|
-
pwn[v0.4.
|
40
|
+
pwn[v0.4.617]:001 >>> PWN.help
|
41
41
|
```
|
42
42
|
|
43
43
|
[![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
|
@@ -52,7 +52,7 @@ $ rvm use ruby-ruby-3.2.1@pwn
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
53
53
|
$ gem install --verbose pwn
|
54
54
|
$ pwn
|
55
|
-
pwn[v0.4.
|
55
|
+
pwn[v0.4.617]:001 >>> PWN.help
|
56
56
|
```
|
57
57
|
|
58
58
|
|
@@ -0,0 +1,114 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
require 'optparse'
|
5
|
+
require 'csv'
|
6
|
+
|
7
|
+
opts = {}
|
8
|
+
OptionParser.new do |options|
|
9
|
+
options.banner = "USAGE:
|
10
|
+
#{$PROGRAM_NAME} [opts]
|
11
|
+
EXAMPLE w/ Tenable Nessus Results:
|
12
|
+
#{$PROGRAM_NAME} \\
|
13
|
+
--csv-a vuln_scan1.csv \\
|
14
|
+
--csv-b vuln_scan2.csv \\
|
15
|
+
--csv-diff vuln_scan_diff.csv \\
|
16
|
+
--exclude-column-names 'Synopsis,Description,Solution,See Also,Plugin Output,Asset UUID,Vulnerability State,IP Address,FQDN,NetBios,OS,MAC Address,Plugin Family,CVSS Base Score,CVSS Temporal Score,CVSS Temporal Vector,CVSS Vector,CVSS3 Base Score,CVSS3 Temporal Score,CVSS3 Temporal Vector,CVSS3 Vector,System Type,Host Start,Host End,Vulnerability Priority Rating (VPR),First Found,Last Found,Host Scan Schedule ID,Host Scan ID,Indexed At,Last Authenticated Results Date,Last Unauthenticated Results Date,Tracked,Risk Factor,Severity,Original Severity,Modification,Plugin Family ID,Plugin Type,Plugin Version,Service,Plugin Modification Date,Plugin Publication Date,Checks for Malware,Exploit Available,Exploited by Malware,Exploited by Nessus,CANVAS,D2 Elliot,Metasploit,Core Exploits,ExploitHub,Default Account,Patch Available,In The News,Unsupported By Vendor,Last Fixed'
|
17
|
+
"
|
18
|
+
|
19
|
+
options.on('-aCSV', '--csv-a=CSV', '<Required - First CSV to Compare)>') do |c1|
|
20
|
+
opts[:c1_path] = c1
|
21
|
+
end
|
22
|
+
|
23
|
+
options.on('-bCSV', '--csv-b=CSV', '<Required - Second CSV to Compare)>') do |c2|
|
24
|
+
opts[:c2_path] = c2
|
25
|
+
end
|
26
|
+
|
27
|
+
options.on('-dDIFF', '--csv-diff=DIFF', '<Required - Path of CSV Diff to Generate)>') do |d|
|
28
|
+
opts[:diff_path] = d
|
29
|
+
end
|
30
|
+
|
31
|
+
options.on('-eNAMES', '--exclude-column-names=NAMES', '<Optional - Comma-Delimited List of Column Names to Exclude)>') do |n|
|
32
|
+
opts[:column_names_to_exclude] = n
|
33
|
+
end
|
34
|
+
|
35
|
+
options.on('-n', '--no-headers', '<Optional - Redact CSV Headers in CSV Diff>') do |h|
|
36
|
+
opts[:no_headers] = h
|
37
|
+
end
|
38
|
+
end.parse!
|
39
|
+
|
40
|
+
if opts.empty?
|
41
|
+
puts `#{$PROGRAM_NAME} --help`
|
42
|
+
exit 1
|
43
|
+
end
|
44
|
+
|
45
|
+
def csv_diff(opts = {})
|
46
|
+
larger_csv = opts[:larger_csv]
|
47
|
+
smaller_csv = opts[:smaller_csv]
|
48
|
+
diff_path = opts[:diff_path]
|
49
|
+
include_csv_headers = opts[:include_csv_headers]
|
50
|
+
column_names_to_exclude = opts[:column_names_to_exclude]
|
51
|
+
|
52
|
+
columns_index_arr = []
|
53
|
+
column_names_to_exclude&.each do |column_name|
|
54
|
+
column_index = smaller_csv.first.find_index(column_name)
|
55
|
+
columns_index_arr.push(column_index)
|
56
|
+
end
|
57
|
+
|
58
|
+
if columns_index_arr.any?
|
59
|
+
larger_csv.each do |line_arr|
|
60
|
+
line_arr.delete_if.with_index do |_, index|
|
61
|
+
columns_index_arr.include?(index)
|
62
|
+
end
|
63
|
+
end
|
64
|
+
|
65
|
+
smaller_csv.each do |line_arr|
|
66
|
+
line_arr.delete_if.with_index do |_, index|
|
67
|
+
columns_index_arr.include?(index)
|
68
|
+
end
|
69
|
+
end
|
70
|
+
end
|
71
|
+
|
72
|
+
csv_headers = larger_csv.first.join(',')
|
73
|
+
File.open(diff_path, 'w') do |f|
|
74
|
+
f.puts csv_headers if include_csv_headers
|
75
|
+
larger_csv.each do |line_arr|
|
76
|
+
line = line_arr.join(',')
|
77
|
+
f.puts line unless smaller_csv.include?(line_arr)
|
78
|
+
end
|
79
|
+
end
|
80
|
+
end
|
81
|
+
|
82
|
+
c1_path = opts[:c1_path]
|
83
|
+
csv1 = CSV.read(c1_path)
|
84
|
+
|
85
|
+
c2_path = opts[:c2_path]
|
86
|
+
csv2 = CSV.read(c2_path)
|
87
|
+
|
88
|
+
diff_path = opts[:diff_path]
|
89
|
+
|
90
|
+
column_names_to_exclude = opts[:column_names_to_exclude].to_s.split(',')
|
91
|
+
|
92
|
+
include_csv_headers = false if opts[:no_headers]
|
93
|
+
include_csv_headers ||= true
|
94
|
+
|
95
|
+
# Compare which two is larger
|
96
|
+
if csv1.length > csv2.length
|
97
|
+
csv_diff(
|
98
|
+
larger_csv: csv1,
|
99
|
+
smaller_csv: csv2,
|
100
|
+
diff_path: diff_path,
|
101
|
+
include_csv_headers: include_csv_headers,
|
102
|
+
column_names_to_exclude: column_names_to_exclude
|
103
|
+
)
|
104
|
+
elsif csv1.length < csv2.length
|
105
|
+
csv_diff(
|
106
|
+
larger_csv: csv2,
|
107
|
+
smaller_csv: csv1,
|
108
|
+
diff_path: diff_path,
|
109
|
+
include_csv_headers: include_csv_headers,
|
110
|
+
column_names_to_exclude: column_names_to_exclude
|
111
|
+
)
|
112
|
+
else
|
113
|
+
puts "#{c1_path} and #{c2_path} are the same size."
|
114
|
+
end
|
data/lib/pwn/plugins/char.rb
CHANGED
@@ -368,7 +368,7 @@ module PWN
|
|
368
368
|
end
|
369
369
|
end
|
370
370
|
|
371
|
-
if File.
|
371
|
+
if File.empty?(this_file)
|
372
372
|
File.unlink(this_file)
|
373
373
|
else
|
374
374
|
print '.'
|
@@ -376,7 +376,7 @@ module PWN
|
|
376
376
|
rescue StandardError => e
|
377
377
|
puts "FILE GENERATION ATTEMPT OF: #{this_file} RESULTED THE FOLLOWING ERROR:"
|
378
378
|
puts "#{e.class}: #{e.message}\n#{e.backtrace}\n\n\n"
|
379
|
-
File.unlink(this_file) if File.
|
379
|
+
File.unlink(this_file) if File.empty?(this_file)
|
380
380
|
next
|
381
381
|
end
|
382
382
|
print "\n"
|
data/lib/pwn/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: pwn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.4.
|
4
|
+
version: 0.4.617
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- 0day Inc.
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-03-
|
11
|
+
date: 2023-03-09 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|
@@ -114,14 +114,14 @@ dependencies:
|
|
114
114
|
requirements:
|
115
115
|
- - ">="
|
116
116
|
- !ruby/object:Gem::Version
|
117
|
-
version: 2.4.
|
117
|
+
version: 2.4.8
|
118
118
|
type: :development
|
119
119
|
prerelease: false
|
120
120
|
version_requirements: !ruby/object:Gem::Requirement
|
121
121
|
requirements:
|
122
122
|
- - ">="
|
123
123
|
- !ruby/object:Gem::Version
|
124
|
-
version: 2.4.
|
124
|
+
version: 2.4.8
|
125
125
|
- !ruby/object:Gem::Dependency
|
126
126
|
name: bundler-audit
|
127
127
|
requirement: !ruby/object:Gem::Requirement
|
@@ -1080,6 +1080,7 @@ executables:
|
|
1080
1080
|
- pwn_defectdojo_engagement_create
|
1081
1081
|
- pwn_defectdojo_importscan
|
1082
1082
|
- pwn_defectdojo_reimportscan
|
1083
|
+
- pwn_diff_csv_files_w_column_exclude
|
1083
1084
|
- pwn_domain_reversewhois
|
1084
1085
|
- pwn_fuzz_net_app_proto
|
1085
1086
|
- pwn_ibm_appscan_enterprise
|
@@ -1146,6 +1147,7 @@ files:
|
|
1146
1147
|
- bin/pwn_defectdojo_engagement_create
|
1147
1148
|
- bin/pwn_defectdojo_importscan
|
1148
1149
|
- bin/pwn_defectdojo_reimportscan
|
1150
|
+
- bin/pwn_diff_csv_files_w_column_exclude
|
1149
1151
|
- bin/pwn_domain_reversewhois
|
1150
1152
|
- bin/pwn_fuzz_net_app_proto
|
1151
1153
|
- bin/pwn_ibm_appscan_enterprise
|
@@ -2079,7 +2081,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
2079
2081
|
- !ruby/object:Gem::Version
|
2080
2082
|
version: '0'
|
2081
2083
|
requirements: []
|
2082
|
-
rubygems_version: 3.4.
|
2084
|
+
rubygems_version: 3.4.8
|
2083
2085
|
signing_key:
|
2084
2086
|
specification_version: 4
|
2085
2087
|
summary: Automated Security Testing for CI/CD Pipelines & Beyond
|