pwn 0.4.616 → 0.4.618
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +4 -4
- data/README.md +2 -2
- data/bin/pwn_diff_csv_files_w_column_exclude +114 -0
- data/lib/pwn/plugins/jenkins.rb +1 -1
- data/lib/pwn/version.rb +1 -1
- metadata +25 -9
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 46b245ad4f639c970cf5840e137c9d55deb5d6d79d46b423a9cec6c84048237d
|
4
|
+
data.tar.gz: '082bff94ad45ee0891caaab8ce17b0e17e9f95180eacfaedb7ea8f62800e901b'
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 6aadac951190c38f228965ccff85b3af1c7e87053173ba0965ed39df4a96143ec398a45eeaad9cfc5ba1a064dab349a0f6965c6e1a2d4cdc0593df95662aa374
|
7
|
+
data.tar.gz: e0b8483c95d6c1717dcce9127f5575aabd88aeb5bfad5760a920f559f0b50cc7135c358da2e827db7b6e8ff16cbfec702e09cd21488e597db16101a0185598dd
|
data/Gemfile
CHANGED
@@ -18,7 +18,7 @@ gem 'aws-sdk', '3.1.0'
|
|
18
18
|
gem 'bettercap', '1.6.2'
|
19
19
|
gem 'brakeman', '5.4.1'
|
20
20
|
gem 'bson', '4.15.0'
|
21
|
-
gem 'bundler', '>=2.4.
|
21
|
+
gem 'bundler', '>=2.4.8'
|
22
22
|
gem 'bundler-audit', '0.9.1'
|
23
23
|
gem 'bunny', '2.20.3'
|
24
24
|
gem 'colorize', '0.8.1'
|
@@ -33,7 +33,7 @@ gem 'gem-wrappers', '1.4.0'
|
|
33
33
|
gem 'gist', '6.0.0'
|
34
34
|
gem 'htmlentities', '4.3.4'
|
35
35
|
gem 'ipaddress', '0.8.3'
|
36
|
-
|
36
|
+
gem 'jenkins_api_client2', '1.9.0'
|
37
37
|
gem 'js-beautify', '0.1.8'
|
38
38
|
gem 'json', '2.6.3'
|
39
39
|
gem 'jsonpath', '1.1.2'
|
@@ -61,10 +61,10 @@ gem 'rbvmomi', '3.0.0'
|
|
61
61
|
gem 'rdoc', '6.5.0'
|
62
62
|
gem 'rest-client', '2.1.0'
|
63
63
|
gem 'rex', '2.0.13'
|
64
|
-
gem 'rmagick', '5.
|
64
|
+
gem 'rmagick', '5.2.0'
|
65
65
|
gem 'rspec', '3.12.0'
|
66
66
|
gem 'rtesseract', '3.1.2'
|
67
|
-
gem 'rubocop', '1.48.
|
67
|
+
gem 'rubocop', '1.48.1'
|
68
68
|
gem 'rubocop-rake', '0.6.0'
|
69
69
|
gem 'rubocop-rspec', '2.19.0'
|
70
70
|
gem 'ruby-audio', '1.6.1'
|
data/README.md
CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-ruby-3.2.1@pwn
|
|
37
37
|
$ rvm list gemsets
|
38
38
|
$ gem install --verbose pwn
|
39
39
|
$ pwn
|
40
|
-
pwn[v0.4.
|
40
|
+
pwn[v0.4.618]:001 >>> PWN.help
|
41
41
|
```
|
42
42
|
|
43
43
|
[![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
|
@@ -52,7 +52,7 @@ $ rvm use ruby-ruby-3.2.1@pwn
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
53
53
|
$ gem install --verbose pwn
|
54
54
|
$ pwn
|
55
|
-
pwn[v0.4.
|
55
|
+
pwn[v0.4.618]:001 >>> PWN.help
|
56
56
|
```
|
57
57
|
|
58
58
|
|
@@ -0,0 +1,114 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
require 'optparse'
|
5
|
+
require 'csv'
|
6
|
+
|
7
|
+
opts = {}
|
8
|
+
OptionParser.new do |options|
|
9
|
+
options.banner = "USAGE:
|
10
|
+
#{$PROGRAM_NAME} [opts]
|
11
|
+
EXAMPLE w/ Tenable Nessus Results:
|
12
|
+
#{$PROGRAM_NAME} \\
|
13
|
+
--csv-a vuln_scan1.csv \\
|
14
|
+
--csv-b vuln_scan2.csv \\
|
15
|
+
--csv-diff vuln_scan_diff.csv \\
|
16
|
+
--exclude-column-names 'Synopsis,Description,Solution,See Also,Plugin Output,Asset UUID,Vulnerability State,IP Address,FQDN,NetBios,OS,MAC Address,Plugin Family,CVSS Base Score,CVSS Temporal Score,CVSS Temporal Vector,CVSS Vector,CVSS3 Base Score,CVSS3 Temporal Score,CVSS3 Temporal Vector,CVSS3 Vector,System Type,Host Start,Host End,Vulnerability Priority Rating (VPR),First Found,Last Found,Host Scan Schedule ID,Host Scan ID,Indexed At,Last Authenticated Results Date,Last Unauthenticated Results Date,Tracked,Risk Factor,Severity,Original Severity,Modification,Plugin Family ID,Plugin Type,Plugin Version,Service,Plugin Modification Date,Plugin Publication Date,Checks for Malware,Exploit Available,Exploited by Malware,Exploited by Nessus,CANVAS,D2 Elliot,Metasploit,Core Exploits,ExploitHub,Default Account,Patch Available,In The News,Unsupported By Vendor,Last Fixed'
|
17
|
+
"
|
18
|
+
|
19
|
+
options.on('-aCSV', '--csv-a=CSV', '<Required - First CSV to Compare)>') do |c1|
|
20
|
+
opts[:c1_path] = c1
|
21
|
+
end
|
22
|
+
|
23
|
+
options.on('-bCSV', '--csv-b=CSV', '<Required - Second CSV to Compare)>') do |c2|
|
24
|
+
opts[:c2_path] = c2
|
25
|
+
end
|
26
|
+
|
27
|
+
options.on('-dDIFF', '--csv-diff=DIFF', '<Required - Path of CSV Diff to Generate)>') do |d|
|
28
|
+
opts[:diff_path] = d
|
29
|
+
end
|
30
|
+
|
31
|
+
options.on('-eNAMES', '--exclude-column-names=NAMES', '<Optional - Comma-Delimited List of Column Names to Exclude)>') do |n|
|
32
|
+
opts[:column_names_to_exclude] = n
|
33
|
+
end
|
34
|
+
|
35
|
+
options.on('-n', '--no-headers', '<Optional - Redact CSV Headers in CSV Diff>') do |h|
|
36
|
+
opts[:no_headers] = h
|
37
|
+
end
|
38
|
+
end.parse!
|
39
|
+
|
40
|
+
if opts.empty?
|
41
|
+
puts `#{$PROGRAM_NAME} --help`
|
42
|
+
exit 1
|
43
|
+
end
|
44
|
+
|
45
|
+
def csv_diff(opts = {})
|
46
|
+
larger_csv = opts[:larger_csv]
|
47
|
+
smaller_csv = opts[:smaller_csv]
|
48
|
+
diff_path = opts[:diff_path]
|
49
|
+
include_csv_headers = opts[:include_csv_headers]
|
50
|
+
column_names_to_exclude = opts[:column_names_to_exclude]
|
51
|
+
|
52
|
+
columns_index_arr = []
|
53
|
+
column_names_to_exclude&.each do |column_name|
|
54
|
+
column_index = smaller_csv.first.find_index(column_name)
|
55
|
+
columns_index_arr.push(column_index)
|
56
|
+
end
|
57
|
+
|
58
|
+
if columns_index_arr.any?
|
59
|
+
larger_csv.each do |line_arr|
|
60
|
+
line_arr.delete_if.with_index do |_, index|
|
61
|
+
columns_index_arr.include?(index)
|
62
|
+
end
|
63
|
+
end
|
64
|
+
|
65
|
+
smaller_csv.each do |line_arr|
|
66
|
+
line_arr.delete_if.with_index do |_, index|
|
67
|
+
columns_index_arr.include?(index)
|
68
|
+
end
|
69
|
+
end
|
70
|
+
end
|
71
|
+
|
72
|
+
csv_headers = larger_csv.first.join(',')
|
73
|
+
File.open(diff_path, 'w') do |f|
|
74
|
+
f.puts csv_headers if include_csv_headers
|
75
|
+
larger_csv.each do |line_arr|
|
76
|
+
line = line_arr.join(',')
|
77
|
+
f.puts line unless smaller_csv.include?(line_arr)
|
78
|
+
end
|
79
|
+
end
|
80
|
+
end
|
81
|
+
|
82
|
+
c1_path = opts[:c1_path]
|
83
|
+
csv1 = CSV.read(c1_path)
|
84
|
+
|
85
|
+
c2_path = opts[:c2_path]
|
86
|
+
csv2 = CSV.read(c2_path)
|
87
|
+
|
88
|
+
diff_path = opts[:diff_path]
|
89
|
+
|
90
|
+
column_names_to_exclude = opts[:column_names_to_exclude].to_s.split(',')
|
91
|
+
|
92
|
+
include_csv_headers = false if opts[:no_headers]
|
93
|
+
include_csv_headers ||= true
|
94
|
+
|
95
|
+
# Compare which two is larger
|
96
|
+
if csv1.length > csv2.length
|
97
|
+
csv_diff(
|
98
|
+
larger_csv: csv1,
|
99
|
+
smaller_csv: csv2,
|
100
|
+
diff_path: diff_path,
|
101
|
+
include_csv_headers: include_csv_headers,
|
102
|
+
column_names_to_exclude: column_names_to_exclude
|
103
|
+
)
|
104
|
+
elsif csv1.length < csv2.length
|
105
|
+
csv_diff(
|
106
|
+
larger_csv: csv2,
|
107
|
+
smaller_csv: csv1,
|
108
|
+
diff_path: diff_path,
|
109
|
+
include_csv_headers: include_csv_headers,
|
110
|
+
column_names_to_exclude: column_names_to_exclude
|
111
|
+
)
|
112
|
+
else
|
113
|
+
puts "#{c1_path} and #{c2_path} are the same size."
|
114
|
+
end
|
data/lib/pwn/plugins/jenkins.rb
CHANGED
data/lib/pwn/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: pwn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.4.
|
4
|
+
version: 0.4.618
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- 0day Inc.
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-03-
|
11
|
+
date: 2023-03-13 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|
@@ -114,14 +114,14 @@ dependencies:
|
|
114
114
|
requirements:
|
115
115
|
- - ">="
|
116
116
|
- !ruby/object:Gem::Version
|
117
|
-
version: 2.4.
|
117
|
+
version: 2.4.8
|
118
118
|
type: :development
|
119
119
|
prerelease: false
|
120
120
|
version_requirements: !ruby/object:Gem::Requirement
|
121
121
|
requirements:
|
122
122
|
- - ">="
|
123
123
|
- !ruby/object:Gem::Version
|
124
|
-
version: 2.4.
|
124
|
+
version: 2.4.8
|
125
125
|
- !ruby/object:Gem::Dependency
|
126
126
|
name: bundler-audit
|
127
127
|
requirement: !ruby/object:Gem::Requirement
|
@@ -318,6 +318,20 @@ dependencies:
|
|
318
318
|
- - '='
|
319
319
|
- !ruby/object:Gem::Version
|
320
320
|
version: 0.8.3
|
321
|
+
- !ruby/object:Gem::Dependency
|
322
|
+
name: jenkins_api_client2
|
323
|
+
requirement: !ruby/object:Gem::Requirement
|
324
|
+
requirements:
|
325
|
+
- - '='
|
326
|
+
- !ruby/object:Gem::Version
|
327
|
+
version: 1.9.0
|
328
|
+
type: :runtime
|
329
|
+
prerelease: false
|
330
|
+
version_requirements: !ruby/object:Gem::Requirement
|
331
|
+
requirements:
|
332
|
+
- - '='
|
333
|
+
- !ruby/object:Gem::Version
|
334
|
+
version: 1.9.0
|
321
335
|
- !ruby/object:Gem::Dependency
|
322
336
|
name: js-beautify
|
323
337
|
requirement: !ruby/object:Gem::Requirement
|
@@ -702,14 +716,14 @@ dependencies:
|
|
702
716
|
requirements:
|
703
717
|
- - '='
|
704
718
|
- !ruby/object:Gem::Version
|
705
|
-
version: 5.
|
719
|
+
version: 5.2.0
|
706
720
|
type: :runtime
|
707
721
|
prerelease: false
|
708
722
|
version_requirements: !ruby/object:Gem::Requirement
|
709
723
|
requirements:
|
710
724
|
- - '='
|
711
725
|
- !ruby/object:Gem::Version
|
712
|
-
version: 5.
|
726
|
+
version: 5.2.0
|
713
727
|
- !ruby/object:Gem::Dependency
|
714
728
|
name: rspec
|
715
729
|
requirement: !ruby/object:Gem::Requirement
|
@@ -744,14 +758,14 @@ dependencies:
|
|
744
758
|
requirements:
|
745
759
|
- - '='
|
746
760
|
- !ruby/object:Gem::Version
|
747
|
-
version: 1.48.
|
761
|
+
version: 1.48.1
|
748
762
|
type: :runtime
|
749
763
|
prerelease: false
|
750
764
|
version_requirements: !ruby/object:Gem::Requirement
|
751
765
|
requirements:
|
752
766
|
- - '='
|
753
767
|
- !ruby/object:Gem::Version
|
754
|
-
version: 1.48.
|
768
|
+
version: 1.48.1
|
755
769
|
- !ruby/object:Gem::Dependency
|
756
770
|
name: rubocop-rake
|
757
771
|
requirement: !ruby/object:Gem::Requirement
|
@@ -1080,6 +1094,7 @@ executables:
|
|
1080
1094
|
- pwn_defectdojo_engagement_create
|
1081
1095
|
- pwn_defectdojo_importscan
|
1082
1096
|
- pwn_defectdojo_reimportscan
|
1097
|
+
- pwn_diff_csv_files_w_column_exclude
|
1083
1098
|
- pwn_domain_reversewhois
|
1084
1099
|
- pwn_fuzz_net_app_proto
|
1085
1100
|
- pwn_ibm_appscan_enterprise
|
@@ -1146,6 +1161,7 @@ files:
|
|
1146
1161
|
- bin/pwn_defectdojo_engagement_create
|
1147
1162
|
- bin/pwn_defectdojo_importscan
|
1148
1163
|
- bin/pwn_defectdojo_reimportscan
|
1164
|
+
- bin/pwn_diff_csv_files_w_column_exclude
|
1149
1165
|
- bin/pwn_domain_reversewhois
|
1150
1166
|
- bin/pwn_fuzz_net_app_proto
|
1151
1167
|
- bin/pwn_ibm_appscan_enterprise
|
@@ -2079,7 +2095,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
2079
2095
|
- !ruby/object:Gem::Version
|
2080
2096
|
version: '0'
|
2081
2097
|
requirements: []
|
2082
|
-
rubygems_version: 3.4.
|
2098
|
+
rubygems_version: 3.4.8
|
2083
2099
|
signing_key:
|
2084
2100
|
specification_version: 4
|
2085
2101
|
summary: Automated Security Testing for CI/CD Pipelines & Beyond
|