pwn 0.4.651 → 0.4.653
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +2 -1
- data/README.md +2 -2
- data/lib/pwn/plugins/jira_server.rb +136 -0
- data/lib/pwn/plugins/open_ai.rb +5 -0
- data/lib/pwn/plugins.rb +1 -0
- data/lib/pwn/version.rb +1 -1
- data/spec/lib/pwn/plugins/jira_server_spec.rb +15 -0
- metadata +20 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: aa31a0685f4b71542d4de0c1ea82eca417150824926d001c0d2362430b205af8
|
4
|
+
data.tar.gz: 693cd87b5ff9b8718938aebeb311255a78dff482f89a1d80286065736dfaf039
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 562b20c192ca60805ea3adab4396383e7453e40daafaca11baae0bf546f69775f9ec1f0a27ddea680a05341a35b54507cc90d1ea6b69add60932e9f6033601b3
|
7
|
+
data.tar.gz: 784269b7048cd37a07e288608351597577cef43e48b69ac70453b9e0fe8b6895ca14c1974dcf530b9b34e5df1957f4eae5d19e2f422f02b48c824da6e9de62fb
|
data/Gemfile
CHANGED
@@ -52,7 +52,7 @@ gem 'oily_png', '1.2.1'
|
|
52
52
|
gem 'os', '1.1.4'
|
53
53
|
gem 'packetfu', '1.1.13'
|
54
54
|
gem 'pdf-reader', '2.11.0'
|
55
|
-
gem 'pg', '1.
|
55
|
+
gem 'pg', '1.5.0'
|
56
56
|
gem 'pry', '0.14.2'
|
57
57
|
gem 'pry-doc', '1.4.0'
|
58
58
|
gem 'rake', '13.0.6'
|
@@ -81,6 +81,7 @@ gem 'spreadsheet', '1.3.0'
|
|
81
81
|
gem 'sqlite3', '1.6.2'
|
82
82
|
gem 'thin', '1.8.2'
|
83
83
|
gem 'tty-prompt', '0.23.1'
|
84
|
+
gem 'tty-spinner', '0.9.3'
|
84
85
|
gem 'watir', '7.2.2'
|
85
86
|
gem 'waveform', '0.1.3'
|
86
87
|
gem 'webrick', '1.8.1'
|
data/README.md
CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
37
37
|
$ rvm list gemsets
|
38
38
|
$ gem install --verbose pwn
|
39
39
|
$ pwn
|
40
|
-
pwn[v0.4.
|
40
|
+
pwn[v0.4.653]:001 >>> PWN.help
|
41
41
|
```
|
42
42
|
|
43
43
|
[![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
53
53
|
$ gem install --verbose pwn
|
54
54
|
$ pwn
|
55
|
-
pwn[v0.4.
|
55
|
+
pwn[v0.4.653]:001 >>> PWN.help
|
56
56
|
```
|
57
57
|
|
58
58
|
|
@@ -0,0 +1,136 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'json'
|
4
|
+
require 'tty-spinner'
|
5
|
+
|
6
|
+
module PWN
|
7
|
+
module Plugins
|
8
|
+
# This plugin is used for interacting w/ on-prem Jira Server's REST API using
|
9
|
+
# the 'rest' browser type of PWN::Plugins::TransparentBrowser.
|
10
|
+
# This is based on the following Jira API Specification:
|
11
|
+
# https://developer.atlassian.com/server/jira/platform/rest-apis/
|
12
|
+
module JiraServer
|
13
|
+
@@logger = PWN::Plugins::PWNLogger.create
|
14
|
+
|
15
|
+
# Supported Method Parameters::
|
16
|
+
# rest_call(
|
17
|
+
# token: 'required - bearer token',
|
18
|
+
# http_method: 'optional HTTP method (defaults to GET)',
|
19
|
+
# rest_call: 'required rest call to make per the schema',
|
20
|
+
# params: 'optional params passed in the URI or HTTP Headers',
|
21
|
+
# http_body: 'optional HTTP body sent in HTTP methods that support it e.g. POST'
|
22
|
+
# )
|
23
|
+
|
24
|
+
private_class_method def self.rest_call(opts = {})
|
25
|
+
http_method = if opts[:http_method].nil?
|
26
|
+
:get
|
27
|
+
else
|
28
|
+
opts[:http_method].to_s.scrub.to_sym
|
29
|
+
end
|
30
|
+
rest_call = opts[:rest_call].to_s.scrub
|
31
|
+
params = opts[:params]
|
32
|
+
http_body = opts[:http_body].to_s.scrub
|
33
|
+
base_api_uri = opts[:base_api_uri]
|
34
|
+
|
35
|
+
raise 'ERROR: base_api_uri cannot be nil.' if base_api_uri.nil?
|
36
|
+
|
37
|
+
token = opts[:token]
|
38
|
+
|
39
|
+
rest_client = PWN::Plugins::TransparentBrowser.open(browser_type: :rest)::Request
|
40
|
+
|
41
|
+
spinner = TTY::Spinner.new
|
42
|
+
spinner.auto_spin
|
43
|
+
|
44
|
+
case http_method
|
45
|
+
when :get
|
46
|
+
response = rest_client.execute(
|
47
|
+
method: :get,
|
48
|
+
url: "#{base_api_uri}/#{rest_call}",
|
49
|
+
headers: {
|
50
|
+
content_type: 'application/json; charset=UTF-8',
|
51
|
+
authorization: "Bearer #{token}",
|
52
|
+
params: params
|
53
|
+
},
|
54
|
+
verify_ssl: false
|
55
|
+
)
|
56
|
+
|
57
|
+
when :post
|
58
|
+
response = rest_client.execute(
|
59
|
+
method: :post,
|
60
|
+
url: "#{base_api_uri}/#{rest_call}",
|
61
|
+
headers: {
|
62
|
+
content_type: 'application/json; charset=UTF-8',
|
63
|
+
authorization: "Bearer #{token}"
|
64
|
+
},
|
65
|
+
payload: http_body,
|
66
|
+
verify_ssl: false
|
67
|
+
)
|
68
|
+
|
69
|
+
else
|
70
|
+
raise @@logger.error("Unsupported HTTP Method #{http_method} for #{self} Plugin")
|
71
|
+
end
|
72
|
+
|
73
|
+
JSON.parse(response, symbolize_names: true)
|
74
|
+
rescue StandardError => e
|
75
|
+
case e.message
|
76
|
+
when '400 Bad Request', '404 Resource Not Found'
|
77
|
+
"#{e.message}: #{e.response}"
|
78
|
+
else
|
79
|
+
raise e
|
80
|
+
end
|
81
|
+
ensure
|
82
|
+
spinner.stop
|
83
|
+
end
|
84
|
+
|
85
|
+
# Supported Method Parameters::
|
86
|
+
# issue_resp = PWN::Plugins::JiraServer.get_issue(
|
87
|
+
# base_api_uri: 'required - base URI for Jira (e.g. https:/corp.jira.com/rest/api/latest)',
|
88
|
+
# token: 'required - bearer token',
|
89
|
+
# issue: 'required - issue to lookup'
|
90
|
+
# )
|
91
|
+
|
92
|
+
private_class_method def self.get_issue(opts = {})
|
93
|
+
base_api_uri = opts[:base_api_uri]
|
94
|
+
|
95
|
+
token = opts[:token]
|
96
|
+
token ||= PWN::Plugins::AuthenticationHelper.mask_password(
|
97
|
+
prompt: 'Personal Access Token'
|
98
|
+
)
|
99
|
+
|
100
|
+
issue = opts[:issue]
|
101
|
+
|
102
|
+
raise 'ERROR: issue cannot be nil.' if issue.nil?
|
103
|
+
|
104
|
+
rest_call(
|
105
|
+
base_api_uri: base_api_uri,
|
106
|
+
token: token,
|
107
|
+
rest_call: "/issue/#{issue}"
|
108
|
+
)
|
109
|
+
rescue StandardError => e
|
110
|
+
raise e
|
111
|
+
end
|
112
|
+
|
113
|
+
# Author(s):: 0day Inc. <request.pentest@0dayinc.com>
|
114
|
+
|
115
|
+
public_class_method def self.authors
|
116
|
+
"AUTHOR(S):
|
117
|
+
0day Inc. <request.pentest@0dayinc.com>
|
118
|
+
"
|
119
|
+
end
|
120
|
+
|
121
|
+
# Display Usage for this Module
|
122
|
+
|
123
|
+
public_class_method def self.help
|
124
|
+
puts "USAGE:
|
125
|
+
issue_resp = PWN::Plugins::JiraServer.get_issue(
|
126
|
+
base_api_uri: 'required - base URI for Jira (e.g. https:/corp.jira.com/rest/api/latest)',
|
127
|
+
token: 'required - bearer token',
|
128
|
+
issue: 'required - issue to lookup'
|
129
|
+
)
|
130
|
+
|
131
|
+
#{self}.authors
|
132
|
+
"
|
133
|
+
end
|
134
|
+
end
|
135
|
+
end
|
136
|
+
end
|
data/lib/pwn/plugins/open_ai.rb
CHANGED
@@ -2,6 +2,7 @@
|
|
2
2
|
|
3
3
|
require 'json'
|
4
4
|
require 'securerandom'
|
5
|
+
require 'tty-spinner'
|
5
6
|
|
6
7
|
module PWN
|
7
8
|
module Plugins
|
@@ -34,6 +35,8 @@ module PWN
|
|
34
35
|
token = opts[:token]
|
35
36
|
|
36
37
|
rest_client = PWN::Plugins::TransparentBrowser.open(browser_type: :rest)::Request
|
38
|
+
spinner = TTY::Spinner.new
|
39
|
+
spinner.auto_spin
|
37
40
|
|
38
41
|
case http_method
|
39
42
|
when :get
|
@@ -71,6 +74,8 @@ module PWN
|
|
71
74
|
else
|
72
75
|
raise e
|
73
76
|
end
|
77
|
+
ensure
|
78
|
+
spinner.stop
|
74
79
|
end
|
75
80
|
|
76
81
|
# Supported Method Parameters::
|
data/lib/pwn/plugins.rb
CHANGED
@@ -31,6 +31,7 @@ module PWN
|
|
31
31
|
autoload :IBMAppscan, 'pwn/plugins/ibm_appscan'
|
32
32
|
autoload :IPInfo, 'pwn/plugins/ip_info'
|
33
33
|
autoload :Jenkins, 'pwn/plugins/jenkins'
|
34
|
+
autoload :JiraServer, 'pwn/plugins/jira_server'
|
34
35
|
autoload :JSONPathify, 'pwn/plugins/json_pathify'
|
35
36
|
autoload :MailAgent, 'pwn/plugins/mail_agent'
|
36
37
|
autoload :Metasploit, 'pwn/plugins/metasploit'
|
data/lib/pwn/version.rb
CHANGED
@@ -0,0 +1,15 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'spec_helper'
|
4
|
+
|
5
|
+
describe PWN::Plugins::JiraServer do
|
6
|
+
it 'should display information for authors' do
|
7
|
+
authors_response = PWN::Plugins::JiraServer
|
8
|
+
expect(authors_response).to respond_to :authors
|
9
|
+
end
|
10
|
+
|
11
|
+
it 'should display information for existing help method' do
|
12
|
+
help_response = PWN::Plugins::JiraServer
|
13
|
+
expect(help_response).to respond_to :help
|
14
|
+
end
|
15
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: pwn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.4.
|
4
|
+
version: 0.4.653
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- 0day Inc.
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-04-
|
11
|
+
date: 2023-04-24 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|
@@ -590,14 +590,14 @@ dependencies:
|
|
590
590
|
requirements:
|
591
591
|
- - '='
|
592
592
|
- !ruby/object:Gem::Version
|
593
|
-
version: 1.
|
593
|
+
version: 1.5.0
|
594
594
|
type: :runtime
|
595
595
|
prerelease: false
|
596
596
|
version_requirements: !ruby/object:Gem::Requirement
|
597
597
|
requirements:
|
598
598
|
- - '='
|
599
599
|
- !ruby/object:Gem::Version
|
600
|
-
version: 1.
|
600
|
+
version: 1.5.0
|
601
601
|
- !ruby/object:Gem::Dependency
|
602
602
|
name: pry
|
603
603
|
requirement: !ruby/object:Gem::Requirement
|
@@ -990,6 +990,20 @@ dependencies:
|
|
990
990
|
- - '='
|
991
991
|
- !ruby/object:Gem::Version
|
992
992
|
version: 0.23.1
|
993
|
+
- !ruby/object:Gem::Dependency
|
994
|
+
name: tty-spinner
|
995
|
+
requirement: !ruby/object:Gem::Requirement
|
996
|
+
requirements:
|
997
|
+
- - '='
|
998
|
+
- !ruby/object:Gem::Version
|
999
|
+
version: 0.9.3
|
1000
|
+
type: :runtime
|
1001
|
+
prerelease: false
|
1002
|
+
version_requirements: !ruby/object:Gem::Requirement
|
1003
|
+
requirements:
|
1004
|
+
- - '='
|
1005
|
+
- !ruby/object:Gem::Version
|
1006
|
+
version: 0.9.3
|
993
1007
|
- !ruby/object:Gem::Dependency
|
994
1008
|
name: watir
|
995
1009
|
requirement: !ruby/object:Gem::Requirement
|
@@ -1641,6 +1655,7 @@ files:
|
|
1641
1655
|
- lib/pwn/plugins/ibm_appscan.rb
|
1642
1656
|
- lib/pwn/plugins/ip_info.rb
|
1643
1657
|
- lib/pwn/plugins/jenkins.rb
|
1658
|
+
- lib/pwn/plugins/jira_server.rb
|
1644
1659
|
- lib/pwn/plugins/json_pathify.rb
|
1645
1660
|
- lib/pwn/plugins/mail_agent.rb
|
1646
1661
|
- lib/pwn/plugins/metasploit.rb
|
@@ -1947,6 +1962,7 @@ files:
|
|
1947
1962
|
- spec/lib/pwn/plugins/ibm_appscan_spec.rb
|
1948
1963
|
- spec/lib/pwn/plugins/ip_info_spec.rb
|
1949
1964
|
- spec/lib/pwn/plugins/jenkins_spec.rb
|
1965
|
+
- spec/lib/pwn/plugins/jira_server_spec.rb
|
1950
1966
|
- spec/lib/pwn/plugins/json_pathify_spec.rb
|
1951
1967
|
- spec/lib/pwn/plugins/mail_agent_spec.rb
|
1952
1968
|
- spec/lib/pwn/plugins/metasploit_spec.rb
|