pwn 0.4.616 → 0.4.618

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +4 -4
  3. data/README.md +2 -2
  4. data/bin/pwn_diff_csv_files_w_column_exclude +114 -0
  5. data/lib/pwn/plugins/jenkins.rb +1 -1
  6. data/lib/pwn/version.rb +1 -1
  7. metadata +25 -9
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 07d6ae5051610f818620f4c6435ad3e1149f9ac5c36f68b54f4ec012d9aefd08
4
- data.tar.gz: 4c4bbf2f7178ef1c43b168f36bff45f7b5175fb92f6c9686a1f79888ab00cd4f
3
+ metadata.gz: 46b245ad4f639c970cf5840e137c9d55deb5d6d79d46b423a9cec6c84048237d
4
+ data.tar.gz: '082bff94ad45ee0891caaab8ce17b0e17e9f95180eacfaedb7ea8f62800e901b'
5
5
  SHA512:
6
- metadata.gz: e5d4ad9b2a4a304e96c72d1955feacfcf098116d4ee14d59062badedbf44fd8502ae75e0eb85cb83131da0529baf56292c08d5d8e78111c24cac53ec7767797e
7
- data.tar.gz: 912dfb0843d52dff40ef0f0e0fa409eefae3ab13867fb9b3733aaaf060a5e783d08b3f819fb5d32383fada9f2eadd7a6f88c3e5b738bc77f4f0e14124f1cfdd7
6
+ metadata.gz: 6aadac951190c38f228965ccff85b3af1c7e87053173ba0965ed39df4a96143ec398a45eeaad9cfc5ba1a064dab349a0f6965c6e1a2d4cdc0593df95662aa374
7
+ data.tar.gz: e0b8483c95d6c1717dcce9127f5575aabd88aeb5bfad5760a920f559f0b50cc7135c358da2e827db7b6e8ff16cbfec702e09cd21488e597db16101a0185598dd
data/Gemfile CHANGED
@@ -18,7 +18,7 @@ gem 'aws-sdk', '3.1.0'
18
18
  gem 'bettercap', '1.6.2'
19
19
  gem 'brakeman', '5.4.1'
20
20
  gem 'bson', '4.15.0'
21
- gem 'bundler', '>=2.4.7'
21
+ gem 'bundler', '>=2.4.8'
22
22
  gem 'bundler-audit', '0.9.1'
23
23
  gem 'bunny', '2.20.3'
24
24
  gem 'colorize', '0.8.1'
@@ -33,7 +33,7 @@ gem 'gem-wrappers', '1.4.0'
33
33
  gem 'gist', '6.0.0'
34
34
  gem 'htmlentities', '4.3.4'
35
35
  gem 'ipaddress', '0.8.3'
36
- # gem 'jenkins_api_client', '1.5.3' # Temporarily disabled until arangamani/jenkins_api_client/issues/304 is Closed out
36
+ gem 'jenkins_api_client2', '1.9.0'
37
37
  gem 'js-beautify', '0.1.8'
38
38
  gem 'json', '2.6.3'
39
39
  gem 'jsonpath', '1.1.2'
@@ -61,10 +61,10 @@ gem 'rbvmomi', '3.0.0'
61
61
  gem 'rdoc', '6.5.0'
62
62
  gem 'rest-client', '2.1.0'
63
63
  gem 'rex', '2.0.13'
64
- gem 'rmagick', '5.1.0'
64
+ gem 'rmagick', '5.2.0'
65
65
  gem 'rspec', '3.12.0'
66
66
  gem 'rtesseract', '3.1.2'
67
- gem 'rubocop', '1.48.0'
67
+ gem 'rubocop', '1.48.1'
68
68
  gem 'rubocop-rake', '0.6.0'
69
69
  gem 'rubocop-rspec', '2.19.0'
70
70
  gem 'ruby-audio', '1.6.1'
data/README.md CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-ruby-3.2.1@pwn
37
37
  $ rvm list gemsets
38
38
  $ gem install --verbose pwn
39
39
  $ pwn
40
- pwn[v0.4.616]:001 >>> PWN.help
40
+ pwn[v0.4.618]:001 >>> PWN.help
41
41
  ```
42
42
 
43
43
  [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-ruby-3.2.1@pwn
52
52
  $ gem uninstall --all --executables pwn
53
53
  $ gem install --verbose pwn
54
54
  $ pwn
55
- pwn[v0.4.616]:001 >>> PWN.help
55
+ pwn[v0.4.618]:001 >>> PWN.help
56
56
  ```
57
57
 
58
58
 
data/bin/pwn_diff_csv_files_w_column_exclude ADDED
@@ -0,0 +1,114 @@
1
+ #!/usr/bin/env ruby
2
+ # frozen_string_literal: true
3
+
4
+ require 'optparse'
5
+ require 'csv'
6
+
7
+ opts = {}
8
+ OptionParser.new do |options|
9
+ options.banner = "USAGE:
10
+ #{$PROGRAM_NAME} [opts]
11
+ EXAMPLE w/ Tenable Nessus Results:
12
+ #{$PROGRAM_NAME} \\
13
+ --csv-a vuln_scan1.csv \\
14
+ --csv-b vuln_scan2.csv \\
15
+ --csv-diff vuln_scan_diff.csv \\
16
+ --exclude-column-names 'Synopsis,Description,Solution,See Also,Plugin Output,Asset UUID,Vulnerability State,IP Address,FQDN,NetBios,OS,MAC Address,Plugin Family,CVSS Base Score,CVSS Temporal Score,CVSS Temporal Vector,CVSS Vector,CVSS3 Base Score,CVSS3 Temporal Score,CVSS3 Temporal Vector,CVSS3 Vector,System Type,Host Start,Host End,Vulnerability Priority Rating (VPR),First Found,Last Found,Host Scan Schedule ID,Host Scan ID,Indexed At,Last Authenticated Results Date,Last Unauthenticated Results Date,Tracked,Risk Factor,Severity,Original Severity,Modification,Plugin Family ID,Plugin Type,Plugin Version,Service,Plugin Modification Date,Plugin Publication Date,Checks for Malware,Exploit Available,Exploited by Malware,Exploited by Nessus,CANVAS,D2 Elliot,Metasploit,Core Exploits,ExploitHub,Default Account,Patch Available,In The News,Unsupported By Vendor,Last Fixed'
17
+ "
18
+
19
+ options.on('-aCSV', '--csv-a=CSV', '<Required - First CSV to Compare)>') do |c1|
20
+ opts[:c1_path] = c1
21
+ end
22
+
23
+ options.on('-bCSV', '--csv-b=CSV', '<Required - Second CSV to Compare)>') do |c2|
24
+ opts[:c2_path] = c2
25
+ end
26
+
27
+ options.on('-dDIFF', '--csv-diff=DIFF', '<Required - Path of CSV Diff to Generate)>') do |d|
28
+ opts[:diff_path] = d
29
+ end
30
+
31
+ options.on('-eNAMES', '--exclude-column-names=NAMES', '<Optional - Comma-Delimited List of Column Names to Exclude)>') do |n|
32
+ opts[:column_names_to_exclude] = n
33
+ end
34
+
35
+ options.on('-n', '--no-headers', '<Optional - Redact CSV Headers in CSV Diff>') do |h|
36
+ opts[:no_headers] = h
37
+ end
38
+ end.parse!
39
+
40
+ if opts.empty?
41
+ puts `#{$PROGRAM_NAME} --help`
42
+ exit 1
43
+ end
44
+
45
+ def csv_diff(opts = {})
46
+ larger_csv = opts[:larger_csv]
47
+ smaller_csv = opts[:smaller_csv]
48
+ diff_path = opts[:diff_path]
49
+ include_csv_headers = opts[:include_csv_headers]
50
+ column_names_to_exclude = opts[:column_names_to_exclude]
51
+
52
+ columns_index_arr = []
53
+ column_names_to_exclude&.each do |column_name|
54
+ column_index = smaller_csv.first.find_index(column_name)
55
+ columns_index_arr.push(column_index)
56
+ end
57
+
58
+ if columns_index_arr.any?
59
+ larger_csv.each do |line_arr|
60
+ line_arr.delete_if.with_index do |_, index|
61
+ columns_index_arr.include?(index)
62
+ end
63
+ end
64
+
65
+ smaller_csv.each do |line_arr|
66
+ line_arr.delete_if.with_index do |_, index|
67
+ columns_index_arr.include?(index)
68
+ end
69
+ end
70
+ end
71
+
72
+ csv_headers = larger_csv.first.join(',')
73
+ File.open(diff_path, 'w') do |f|
74
+ f.puts csv_headers if include_csv_headers
75
+ larger_csv.each do |line_arr|
76
+ line = line_arr.join(',')
77
+ f.puts line unless smaller_csv.include?(line_arr)
78
+ end
79
+ end
80
+ end
81
+
82
+ c1_path = opts[:c1_path]
83
+ csv1 = CSV.read(c1_path)
84
+
85
+ c2_path = opts[:c2_path]
86
+ csv2 = CSV.read(c2_path)
87
+
88
+ diff_path = opts[:diff_path]
89
+
90
+ column_names_to_exclude = opts[:column_names_to_exclude].to_s.split(',')
91
+
92
+ include_csv_headers = false if opts[:no_headers]
93
+ include_csv_headers ||= true
94
+
95
+ # Compare which two is larger
96
+ if csv1.length > csv2.length
97
+ csv_diff(
98
+ larger_csv: csv1,
99
+ smaller_csv: csv2,
100
+ diff_path: diff_path,
101
+ include_csv_headers: include_csv_headers,
102
+ column_names_to_exclude: column_names_to_exclude
103
+ )
104
+ elsif csv1.length < csv2.length
105
+ csv_diff(
106
+ larger_csv: csv2,
107
+ smaller_csv: csv1,
108
+ diff_path: diff_path,
109
+ include_csv_headers: include_csv_headers,
110
+ column_names_to_exclude: column_names_to_exclude
111
+ )
112
+ else
113
+ puts "#{c1_path} and #{c2_path} are the same size."
114
+ end
data/lib/pwn/plugins/jenkins.rb CHANGED
@@ -1,7 +1,7 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  # Until jenkins_api_client is Updated
4
- # require 'jenkins_api_client'
4
+ require 'jenkins_api_client2'
5
5
 
6
6
  module PWN
7
7
  module Plugins
data/lib/pwn/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module PWN
4
- VERSION = '0.4.616'
4
+ VERSION = '0.4.618'
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pwn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.616
4
+ version: 0.4.618
5
5
  platform: ruby
6
6
  authors:
7
7
  - 0day Inc.
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-03-07 00:00:00.000000000 Z
11
+ date: 2023-03-13 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -114,14 +114,14 @@ dependencies:
114
114
  requirements:
115
115
  - - ">="
116
116
  - !ruby/object:Gem::Version
117
- version: 2.4.7
117
+ version: 2.4.8
118
118
  type: :development
119
119
  prerelease: false
120
120
  version_requirements: !ruby/object:Gem::Requirement
121
121
  requirements:
122
122
  - - ">="
123
123
  - !ruby/object:Gem::Version
124
- version: 2.4.7
124
+ version: 2.4.8
125
125
  - !ruby/object:Gem::Dependency
126
126
  name: bundler-audit
127
127
  requirement: !ruby/object:Gem::Requirement
@@ -318,6 +318,20 @@ dependencies:
318
318
  - - '='
319
319
  - !ruby/object:Gem::Version
320
320
  version: 0.8.3
321
+ - !ruby/object:Gem::Dependency
322
+ name: jenkins_api_client2
323
+ requirement: !ruby/object:Gem::Requirement
324
+ requirements:
325
+ - - '='
326
+ - !ruby/object:Gem::Version
327
+ version: 1.9.0
328
+ type: :runtime
329
+ prerelease: false
330
+ version_requirements: !ruby/object:Gem::Requirement
331
+ requirements:
332
+ - - '='
333
+ - !ruby/object:Gem::Version
334
+ version: 1.9.0
321
335
  - !ruby/object:Gem::Dependency
322
336
  name: js-beautify
323
337
  requirement: !ruby/object:Gem::Requirement
@@ -702,14 +716,14 @@ dependencies:
702
716
  requirements:
703
717
  - - '='
704
718
  - !ruby/object:Gem::Version
705
- version: 5.1.0
719
+ version: 5.2.0
706
720
  type: :runtime
707
721
  prerelease: false
708
722
  version_requirements: !ruby/object:Gem::Requirement
709
723
  requirements:
710
724
  - - '='
711
725
  - !ruby/object:Gem::Version
712
- version: 5.1.0
726
+ version: 5.2.0
713
727
  - !ruby/object:Gem::Dependency
714
728
  name: rspec
715
729
  requirement: !ruby/object:Gem::Requirement
@@ -744,14 +758,14 @@ dependencies:
744
758
  requirements:
745
759
  - - '='
746
760
  - !ruby/object:Gem::Version
747
- version: 1.48.0
761
+ version: 1.48.1
748
762
  type: :runtime
749
763
  prerelease: false
750
764
  version_requirements: !ruby/object:Gem::Requirement
751
765
  requirements:
752
766
  - - '='
753
767
  - !ruby/object:Gem::Version
754
- version: 1.48.0
768
+ version: 1.48.1
755
769
  - !ruby/object:Gem::Dependency
756
770
  name: rubocop-rake
757
771
  requirement: !ruby/object:Gem::Requirement
@@ -1080,6 +1094,7 @@ executables:
1080
1094
  - pwn_defectdojo_engagement_create
1081
1095
  - pwn_defectdojo_importscan
1082
1096
  - pwn_defectdojo_reimportscan
1097
+ - pwn_diff_csv_files_w_column_exclude
1083
1098
  - pwn_domain_reversewhois
1084
1099
  - pwn_fuzz_net_app_proto
1085
1100
  - pwn_ibm_appscan_enterprise
@@ -1146,6 +1161,7 @@ files:
1146
1161
  - bin/pwn_defectdojo_engagement_create
1147
1162
  - bin/pwn_defectdojo_importscan
1148
1163
  - bin/pwn_defectdojo_reimportscan
1164
+ - bin/pwn_diff_csv_files_w_column_exclude
1149
1165
  - bin/pwn_domain_reversewhois
1150
1166
  - bin/pwn_fuzz_net_app_proto
1151
1167
  - bin/pwn_ibm_appscan_enterprise
@@ -2079,7 +2095,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
2079
2095
  - !ruby/object:Gem::Version
2080
2096
  version: '0'
2081
2097
  requirements: []
2082
- rubygems_version: 3.4.7
2098
+ rubygems_version: 3.4.8
2083
2099
  signing_key:
2084
2100
  specification_version: 4
2085
2101
  summary: Automated Security Testing for CI/CD Pipelines & Beyond