pwn 0.4.652 → 0.4.654
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +1 -1
- data/README.md +2 -2
- data/lib/pwn/plugins/jira_server.rb +136 -0
- data/lib/pwn/plugins/open_ai.rb +2 -1
- data/lib/pwn/plugins.rb +1 -0
- data/lib/pwn/version.rb +1 -1
- data/spec/lib/pwn/plugins/jira_server_spec.rb +15 -0
- metadata +6 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 473473414ab3732072d2d6b8bdbf4eae1bfbb120da3c284f9c2febf1fea5cac3
|
|
4
|
+
data.tar.gz: 586707790ae9dc07d77582f5afaf38741d9b069f44aa07a59d9dfa078434e609
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 63661e592b625fcafb80c93444e68fdef6356a834e4e91615d9c0957584dcd7a4c50d3726ebcb61d692ad007407449eab84d8c94011106395d40ba1ee40d1105
|
|
7
|
+
data.tar.gz: 79791151d635d851bdb9f6aa0095deefe2ed3a9ef295c8740d4b05715e6cc9e4581889426dca0fd4840153c88f29f1f400b1d7049858e12a0810cf53d9d28e5b
|
data/Gemfile
CHANGED
data/README.md
CHANGED
|
@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
|
37
37
|
$ rvm list gemsets
|
|
38
38
|
$ gem install --verbose pwn
|
|
39
39
|
$ pwn
|
|
40
|
-
pwn[v0.4.
|
|
40
|
+
pwn[v0.4.654]:001 >>> PWN.help
|
|
41
41
|
```
|
|
42
42
|
|
|
43
43
|
[](https://youtu.be/G7iLUY4FzsI)
|
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
|
53
53
|
$ gem install --verbose pwn
|
|
54
54
|
$ pwn
|
|
55
|
-
pwn[v0.4.
|
|
55
|
+
pwn[v0.4.654]:001 >>> PWN.help
|
|
56
56
|
```
|
|
57
57
|
|
|
58
58
|
|
|
@@ -0,0 +1,136 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require 'json'
|
|
4
|
+
require 'tty-spinner'
|
|
5
|
+
|
|
6
|
+
module PWN
|
|
7
|
+
module Plugins
|
|
8
|
+
# This plugin is used for interacting w/ on-prem Jira Server's REST API using
|
|
9
|
+
# the 'rest' browser type of PWN::Plugins::TransparentBrowser.
|
|
10
|
+
# This is based on the following Jira API Specification:
|
|
11
|
+
# https://developer.atlassian.com/server/jira/platform/rest-apis/
|
|
12
|
+
module JiraServer
|
|
13
|
+
@@logger = PWN::Plugins::PWNLogger.create
|
|
14
|
+
|
|
15
|
+
# Supported Method Parameters::
|
|
16
|
+
# rest_call(
|
|
17
|
+
# token: 'required - bearer token',
|
|
18
|
+
# http_method: 'optional HTTP method (defaults to GET)',
|
|
19
|
+
# rest_call: 'required rest call to make per the schema',
|
|
20
|
+
# params: 'optional params passed in the URI or HTTP Headers',
|
|
21
|
+
# http_body: 'optional HTTP body sent in HTTP methods that support it e.g. POST'
|
|
22
|
+
# )
|
|
23
|
+
|
|
24
|
+
private_class_method def self.rest_call(opts = {})
|
|
25
|
+
http_method = if opts[:http_method].nil?
|
|
26
|
+
:get
|
|
27
|
+
else
|
|
28
|
+
opts[:http_method].to_s.scrub.to_sym
|
|
29
|
+
end
|
|
30
|
+
rest_call = opts[:rest_call].to_s.scrub
|
|
31
|
+
params = opts[:params]
|
|
32
|
+
http_body = opts[:http_body].to_s.scrub
|
|
33
|
+
base_api_uri = opts[:base_api_uri]
|
|
34
|
+
|
|
35
|
+
raise 'ERROR: base_api_uri cannot be nil.' if base_api_uri.nil?
|
|
36
|
+
|
|
37
|
+
token = opts[:token]
|
|
38
|
+
|
|
39
|
+
rest_client = PWN::Plugins::TransparentBrowser.open(browser_type: :rest)::Request
|
|
40
|
+
|
|
41
|
+
spinner = TTY::Spinner.new
|
|
42
|
+
spinner.auto_spin
|
|
43
|
+
|
|
44
|
+
case http_method
|
|
45
|
+
when :get
|
|
46
|
+
response = rest_client.execute(
|
|
47
|
+
method: :get,
|
|
48
|
+
url: "#{base_api_uri}/#{rest_call}",
|
|
49
|
+
headers: {
|
|
50
|
+
content_type: 'application/json; charset=UTF-8',
|
|
51
|
+
authorization: "Bearer #{token}",
|
|
52
|
+
params: params
|
|
53
|
+
},
|
|
54
|
+
verify_ssl: false
|
|
55
|
+
)
|
|
56
|
+
|
|
57
|
+
when :post
|
|
58
|
+
response = rest_client.execute(
|
|
59
|
+
method: :post,
|
|
60
|
+
url: "#{base_api_uri}/#{rest_call}",
|
|
61
|
+
headers: {
|
|
62
|
+
content_type: 'application/json; charset=UTF-8',
|
|
63
|
+
authorization: "Bearer #{token}"
|
|
64
|
+
},
|
|
65
|
+
payload: http_body,
|
|
66
|
+
verify_ssl: false
|
|
67
|
+
)
|
|
68
|
+
|
|
69
|
+
else
|
|
70
|
+
raise @@logger.error("Unsupported HTTP Method #{http_method} for #{self} Plugin")
|
|
71
|
+
end
|
|
72
|
+
|
|
73
|
+
JSON.parse(response, symbolize_names: true)
|
|
74
|
+
rescue StandardError => e
|
|
75
|
+
case e.message
|
|
76
|
+
when '400 Bad Request', '404 Resource Not Found'
|
|
77
|
+
"#{e.message}: #{e.response}"
|
|
78
|
+
else
|
|
79
|
+
raise e
|
|
80
|
+
end
|
|
81
|
+
ensure
|
|
82
|
+
spinner.stop
|
|
83
|
+
end
|
|
84
|
+
|
|
85
|
+
# Supported Method Parameters::
|
|
86
|
+
# issue_resp = PWN::Plugins::JiraServer.get_issue(
|
|
87
|
+
# base_api_uri: 'required - base URI for Jira (e.g. https:/corp.jira.com/rest/api/latest)',
|
|
88
|
+
# token: 'required - bearer token',
|
|
89
|
+
# issue: 'required - issue to lookup'
|
|
90
|
+
# )
|
|
91
|
+
|
|
92
|
+
public_class_method def self.get_issue(opts = {})
|
|
93
|
+
base_api_uri = opts[:base_api_uri]
|
|
94
|
+
|
|
95
|
+
token = opts[:token]
|
|
96
|
+
token ||= PWN::Plugins::AuthenticationHelper.mask_password(
|
|
97
|
+
prompt: 'Personal Access Token'
|
|
98
|
+
)
|
|
99
|
+
|
|
100
|
+
issue = opts[:issue]
|
|
101
|
+
|
|
102
|
+
raise 'ERROR: issue cannot be nil.' if issue.nil?
|
|
103
|
+
|
|
104
|
+
rest_call(
|
|
105
|
+
base_api_uri: base_api_uri,
|
|
106
|
+
token: token,
|
|
107
|
+
rest_call: "/issue/#{issue}"
|
|
108
|
+
)
|
|
109
|
+
rescue StandardError => e
|
|
110
|
+
raise e
|
|
111
|
+
end
|
|
112
|
+
|
|
113
|
+
# Author(s):: 0day Inc. <request.pentest@0dayinc.com>
|
|
114
|
+
|
|
115
|
+
public_class_method def self.authors
|
|
116
|
+
"AUTHOR(S):
|
|
117
|
+
0day Inc. <request.pentest@0dayinc.com>
|
|
118
|
+
"
|
|
119
|
+
end
|
|
120
|
+
|
|
121
|
+
# Display Usage for this Module
|
|
122
|
+
|
|
123
|
+
public_class_method def self.help
|
|
124
|
+
puts "USAGE:
|
|
125
|
+
issue_resp = PWN::Plugins::JiraServer.get_issue(
|
|
126
|
+
base_api_uri: 'required - base URI for Jira (e.g. https:/corp.jira.com/rest/api/latest)',
|
|
127
|
+
token: 'required - bearer token',
|
|
128
|
+
issue: 'required - issue to lookup'
|
|
129
|
+
)
|
|
130
|
+
|
|
131
|
+
#{self}.authors
|
|
132
|
+
"
|
|
133
|
+
end
|
|
134
|
+
end
|
|
135
|
+
end
|
|
136
|
+
end
|
data/lib/pwn/plugins/open_ai.rb
CHANGED
|
@@ -66,7 +66,6 @@ module PWN
|
|
|
66
66
|
else
|
|
67
67
|
raise @@logger.error("Unsupported HTTP Method #{http_method} for #{self} Plugin")
|
|
68
68
|
end
|
|
69
|
-
spinner.stop
|
|
70
69
|
response
|
|
71
70
|
rescue StandardError => e
|
|
72
71
|
case e.message
|
|
@@ -75,6 +74,8 @@ module PWN
|
|
|
75
74
|
else
|
|
76
75
|
raise e
|
|
77
76
|
end
|
|
77
|
+
ensure
|
|
78
|
+
spinner.stop
|
|
78
79
|
end
|
|
79
80
|
|
|
80
81
|
# Supported Method Parameters::
|
data/lib/pwn/plugins.rb
CHANGED
|
@@ -31,6 +31,7 @@ module PWN
|
|
|
31
31
|
autoload :IBMAppscan, 'pwn/plugins/ibm_appscan'
|
|
32
32
|
autoload :IPInfo, 'pwn/plugins/ip_info'
|
|
33
33
|
autoload :Jenkins, 'pwn/plugins/jenkins'
|
|
34
|
+
autoload :JiraServer, 'pwn/plugins/jira_server'
|
|
34
35
|
autoload :JSONPathify, 'pwn/plugins/json_pathify'
|
|
35
36
|
autoload :MailAgent, 'pwn/plugins/mail_agent'
|
|
36
37
|
autoload :Metasploit, 'pwn/plugins/metasploit'
|
data/lib/pwn/version.rb
CHANGED
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require 'spec_helper'
|
|
4
|
+
|
|
5
|
+
describe PWN::Plugins::JiraServer do
|
|
6
|
+
it 'should display information for authors' do
|
|
7
|
+
authors_response = PWN::Plugins::JiraServer
|
|
8
|
+
expect(authors_response).to respond_to :authors
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
it 'should display information for existing help method' do
|
|
12
|
+
help_response = PWN::Plugins::JiraServer
|
|
13
|
+
expect(help_response).to respond_to :help
|
|
14
|
+
end
|
|
15
|
+
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: pwn
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.4.
|
|
4
|
+
version: 0.4.654
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- 0day Inc.
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-04-
|
|
11
|
+
date: 2023-04-24 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activesupport
|
|
@@ -590,14 +590,14 @@ dependencies:
|
|
|
590
590
|
requirements:
|
|
591
591
|
- - '='
|
|
592
592
|
- !ruby/object:Gem::Version
|
|
593
|
-
version: 1.
|
|
593
|
+
version: 1.5.0
|
|
594
594
|
type: :runtime
|
|
595
595
|
prerelease: false
|
|
596
596
|
version_requirements: !ruby/object:Gem::Requirement
|
|
597
597
|
requirements:
|
|
598
598
|
- - '='
|
|
599
599
|
- !ruby/object:Gem::Version
|
|
600
|
-
version: 1.
|
|
600
|
+
version: 1.5.0
|
|
601
601
|
- !ruby/object:Gem::Dependency
|
|
602
602
|
name: pry
|
|
603
603
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -1655,6 +1655,7 @@ files:
|
|
|
1655
1655
|
- lib/pwn/plugins/ibm_appscan.rb
|
|
1656
1656
|
- lib/pwn/plugins/ip_info.rb
|
|
1657
1657
|
- lib/pwn/plugins/jenkins.rb
|
|
1658
|
+
- lib/pwn/plugins/jira_server.rb
|
|
1658
1659
|
- lib/pwn/plugins/json_pathify.rb
|
|
1659
1660
|
- lib/pwn/plugins/mail_agent.rb
|
|
1660
1661
|
- lib/pwn/plugins/metasploit.rb
|
|
@@ -1961,6 +1962,7 @@ files:
|
|
|
1961
1962
|
- spec/lib/pwn/plugins/ibm_appscan_spec.rb
|
|
1962
1963
|
- spec/lib/pwn/plugins/ip_info_spec.rb
|
|
1963
1964
|
- spec/lib/pwn/plugins/jenkins_spec.rb
|
|
1965
|
+
- spec/lib/pwn/plugins/jira_server_spec.rb
|
|
1964
1966
|
- spec/lib/pwn/plugins/json_pathify_spec.rb
|
|
1965
1967
|
- spec/lib/pwn/plugins/mail_agent_spec.rb
|
|
1966
1968
|
- spec/lib/pwn/plugins/metasploit_spec.rb
|