pwn 0.4.652 → 0.4.654
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile +1 -1
- data/README.md +2 -2
- data/lib/pwn/plugins/jira_server.rb +136 -0
- data/lib/pwn/plugins/open_ai.rb +2 -1
- data/lib/pwn/plugins.rb +1 -0
- data/lib/pwn/version.rb +1 -1
- data/spec/lib/pwn/plugins/jira_server_spec.rb +15 -0
- metadata +6 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 473473414ab3732072d2d6b8bdbf4eae1bfbb120da3c284f9c2febf1fea5cac3
|
|
4
|
+
data.tar.gz: 586707790ae9dc07d77582f5afaf38741d9b069f44aa07a59d9dfa078434e609
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 63661e592b625fcafb80c93444e68fdef6356a834e4e91615d9c0957584dcd7a4c50d3726ebcb61d692ad007407449eab84d8c94011106395d40ba1ee40d1105
|
|
7
|
+
data.tar.gz: 79791151d635d851bdb9f6aa0095deefe2ed3a9ef295c8740d4b05715e6cc9e4581889426dca0fd4840153c88f29f1f400b1d7049858e12a0810cf53d9d28e5b
|
data/Gemfile
CHANGED
data/README.md
CHANGED
|
@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
|
37
37
|
$ rvm list gemsets
|
|
38
38
|
$ gem install --verbose pwn
|
|
39
39
|
$ pwn
|
|
40
|
-
pwn[v0.4.
|
|
40
|
+
pwn[v0.4.654]:001 >>> PWN.help
|
|
41
41
|
```
|
|
42
42
|
|
|
43
43
|
[](https://youtu.be/G7iLUY4FzsI)
|
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
|
53
53
|
$ gem install --verbose pwn
|
|
54
54
|
$ pwn
|
|
55
|
-
pwn[v0.4.
|
|
55
|
+
pwn[v0.4.654]:001 >>> PWN.help
|
|
56
56
|
```
|
|
57
57
|
|
|
58
58
|
|
|
@@ -0,0 +1,136 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require 'json'
|
|
4
|
+
require 'tty-spinner'
|
|
5
|
+
|
|
6
|
+
module PWN
|
|
7
|
+
module Plugins
|
|
8
|
+
# This plugin is used for interacting w/ on-prem Jira Server's REST API using
|
|
9
|
+
# the 'rest' browser type of PWN::Plugins::TransparentBrowser.
|
|
10
|
+
# This is based on the following Jira API Specification:
|
|
11
|
+
# https://developer.atlassian.com/server/jira/platform/rest-apis/
|
|
12
|
+
module JiraServer
|
|
13
|
+
@@logger = PWN::Plugins::PWNLogger.create
|
|
14
|
+
|
|
15
|
+
# Supported Method Parameters::
|
|
16
|
+
# rest_call(
|
|
17
|
+
# token: 'required - bearer token',
|
|
18
|
+
# http_method: 'optional HTTP method (defaults to GET)',
|
|
19
|
+
# rest_call: 'required rest call to make per the schema',
|
|
20
|
+
# params: 'optional params passed in the URI or HTTP Headers',
|
|
21
|
+
# http_body: 'optional HTTP body sent in HTTP methods that support it e.g. POST'
|
|
22
|
+
# )
|
|
23
|
+
|
|
24
|
+
private_class_method def self.rest_call(opts = {})
|
|
25
|
+
http_method = if opts[:http_method].nil?
|
|
26
|
+
:get
|
|
27
|
+
else
|
|
28
|
+
opts[:http_method].to_s.scrub.to_sym
|
|
29
|
+
end
|
|
30
|
+
rest_call = opts[:rest_call].to_s.scrub
|
|
31
|
+
params = opts[:params]
|
|
32
|
+
http_body = opts[:http_body].to_s.scrub
|
|
33
|
+
base_api_uri = opts[:base_api_uri]
|
|
34
|
+
|
|
35
|
+
raise 'ERROR: base_api_uri cannot be nil.' if base_api_uri.nil?
|
|
36
|
+
|
|
37
|
+
token = opts[:token]
|
|
38
|
+
|
|
39
|
+
rest_client = PWN::Plugins::TransparentBrowser.open(browser_type: :rest)::Request
|
|
40
|
+
|
|
41
|
+
spinner = TTY::Spinner.new
|
|
42
|
+
spinner.auto_spin
|
|
43
|
+
|
|
44
|
+
case http_method
|
|
45
|
+
when :get
|
|
46
|
+
response = rest_client.execute(
|
|
47
|
+
method: :get,
|
|
48
|
+
url: "#{base_api_uri}/#{rest_call}",
|
|
49
|
+
headers: {
|
|
50
|
+
content_type: 'application/json; charset=UTF-8',
|
|
51
|
+
authorization: "Bearer #{token}",
|
|
52
|
+
params: params
|
|
53
|
+
},
|
|
54
|
+
verify_ssl: false
|
|
55
|
+
)
|
|
56
|
+
|
|
57
|
+
when :post
|
|
58
|
+
response = rest_client.execute(
|
|
59
|
+
method: :post,
|
|
60
|
+
url: "#{base_api_uri}/#{rest_call}",
|
|
61
|
+
headers: {
|
|
62
|
+
content_type: 'application/json; charset=UTF-8',
|
|
63
|
+
authorization: "Bearer #{token}"
|
|
64
|
+
},
|
|
65
|
+
payload: http_body,
|
|
66
|
+
verify_ssl: false
|
|
67
|
+
)
|
|
68
|
+
|
|
69
|
+
else
|
|
70
|
+
raise @@logger.error("Unsupported HTTP Method #{http_method} for #{self} Plugin")
|
|
71
|
+
end
|
|
72
|
+
|
|
73
|
+
JSON.parse(response, symbolize_names: true)
|
|
74
|
+
rescue StandardError => e
|
|
75
|
+
case e.message
|
|
76
|
+
when '400 Bad Request', '404 Resource Not Found'
|
|
77
|
+
"#{e.message}: #{e.response}"
|
|
78
|
+
else
|
|
79
|
+
raise e
|
|
80
|
+
end
|
|
81
|
+
ensure
|
|
82
|
+
spinner.stop
|
|
83
|
+
end
|
|
84
|
+
|
|
85
|
+
# Supported Method Parameters::
|
|
86
|
+
# issue_resp = PWN::Plugins::JiraServer.get_issue(
|
|
87
|
+
# base_api_uri: 'required - base URI for Jira (e.g. https:/corp.jira.com/rest/api/latest)',
|
|
88
|
+
# token: 'required - bearer token',
|
|
89
|
+
# issue: 'required - issue to lookup'
|
|
90
|
+
# )
|
|
91
|
+
|
|
92
|
+
public_class_method def self.get_issue(opts = {})
|
|
93
|
+
base_api_uri = opts[:base_api_uri]
|
|
94
|
+
|
|
95
|
+
token = opts[:token]
|
|
96
|
+
token ||= PWN::Plugins::AuthenticationHelper.mask_password(
|
|
97
|
+
prompt: 'Personal Access Token'
|
|
98
|
+
)
|
|
99
|
+
|
|
100
|
+
issue = opts[:issue]
|
|
101
|
+
|
|
102
|
+
raise 'ERROR: issue cannot be nil.' if issue.nil?
|
|
103
|
+
|
|
104
|
+
rest_call(
|
|
105
|
+
base_api_uri: base_api_uri,
|
|
106
|
+
token: token,
|
|
107
|
+
rest_call: "/issue/#{issue}"
|
|
108
|
+
)
|
|
109
|
+
rescue StandardError => e
|
|
110
|
+
raise e
|
|
111
|
+
end
|
|
112
|
+
|
|
113
|
+
# Author(s):: 0day Inc. <request.pentest@0dayinc.com>
|
|
114
|
+
|
|
115
|
+
public_class_method def self.authors
|
|
116
|
+
"AUTHOR(S):
|
|
117
|
+
0day Inc. <request.pentest@0dayinc.com>
|
|
118
|
+
"
|
|
119
|
+
end
|
|
120
|
+
|
|
121
|
+
# Display Usage for this Module
|
|
122
|
+
|
|
123
|
+
public_class_method def self.help
|
|
124
|
+
puts "USAGE:
|
|
125
|
+
issue_resp = PWN::Plugins::JiraServer.get_issue(
|
|
126
|
+
base_api_uri: 'required - base URI for Jira (e.g. https:/corp.jira.com/rest/api/latest)',
|
|
127
|
+
token: 'required - bearer token',
|
|
128
|
+
issue: 'required - issue to lookup'
|
|
129
|
+
)
|
|
130
|
+
|
|
131
|
+
#{self}.authors
|
|
132
|
+
"
|
|
133
|
+
end
|
|
134
|
+
end
|
|
135
|
+
end
|
|
136
|
+
end
|
data/lib/pwn/plugins/open_ai.rb
CHANGED
|
@@ -66,7 +66,6 @@ module PWN
|
|
|
66
66
|
else
|
|
67
67
|
raise @@logger.error("Unsupported HTTP Method #{http_method} for #{self} Plugin")
|
|
68
68
|
end
|
|
69
|
-
spinner.stop
|
|
70
69
|
response
|
|
71
70
|
rescue StandardError => e
|
|
72
71
|
case e.message
|
|
@@ -75,6 +74,8 @@ module PWN
|
|
|
75
74
|
else
|
|
76
75
|
raise e
|
|
77
76
|
end
|
|
77
|
+
ensure
|
|
78
|
+
spinner.stop
|
|
78
79
|
end
|
|
79
80
|
|
|
80
81
|
# Supported Method Parameters::
|
data/lib/pwn/plugins.rb
CHANGED
|
@@ -31,6 +31,7 @@ module PWN
|
|
|
31
31
|
autoload :IBMAppscan, 'pwn/plugins/ibm_appscan'
|
|
32
32
|
autoload :IPInfo, 'pwn/plugins/ip_info'
|
|
33
33
|
autoload :Jenkins, 'pwn/plugins/jenkins'
|
|
34
|
+
autoload :JiraServer, 'pwn/plugins/jira_server'
|
|
34
35
|
autoload :JSONPathify, 'pwn/plugins/json_pathify'
|
|
35
36
|
autoload :MailAgent, 'pwn/plugins/mail_agent'
|
|
36
37
|
autoload :Metasploit, 'pwn/plugins/metasploit'
|
data/lib/pwn/version.rb
CHANGED
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require 'spec_helper'
|
|
4
|
+
|
|
5
|
+
describe PWN::Plugins::JiraServer do
|
|
6
|
+
it 'should display information for authors' do
|
|
7
|
+
authors_response = PWN::Plugins::JiraServer
|
|
8
|
+
expect(authors_response).to respond_to :authors
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
it 'should display information for existing help method' do
|
|
12
|
+
help_response = PWN::Plugins::JiraServer
|
|
13
|
+
expect(help_response).to respond_to :help
|
|
14
|
+
end
|
|
15
|
+
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: pwn
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.4.
|
|
4
|
+
version: 0.4.654
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- 0day Inc.
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-04-
|
|
11
|
+
date: 2023-04-24 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activesupport
|
|
@@ -590,14 +590,14 @@ dependencies:
|
|
|
590
590
|
requirements:
|
|
591
591
|
- - '='
|
|
592
592
|
- !ruby/object:Gem::Version
|
|
593
|
-
version: 1.
|
|
593
|
+
version: 1.5.0
|
|
594
594
|
type: :runtime
|
|
595
595
|
prerelease: false
|
|
596
596
|
version_requirements: !ruby/object:Gem::Requirement
|
|
597
597
|
requirements:
|
|
598
598
|
- - '='
|
|
599
599
|
- !ruby/object:Gem::Version
|
|
600
|
-
version: 1.
|
|
600
|
+
version: 1.5.0
|
|
601
601
|
- !ruby/object:Gem::Dependency
|
|
602
602
|
name: pry
|
|
603
603
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -1655,6 +1655,7 @@ files:
|
|
|
1655
1655
|
- lib/pwn/plugins/ibm_appscan.rb
|
|
1656
1656
|
- lib/pwn/plugins/ip_info.rb
|
|
1657
1657
|
- lib/pwn/plugins/jenkins.rb
|
|
1658
|
+
- lib/pwn/plugins/jira_server.rb
|
|
1658
1659
|
- lib/pwn/plugins/json_pathify.rb
|
|
1659
1660
|
- lib/pwn/plugins/mail_agent.rb
|
|
1660
1661
|
- lib/pwn/plugins/metasploit.rb
|
|
@@ -1961,6 +1962,7 @@ files:
|
|
|
1961
1962
|
- spec/lib/pwn/plugins/ibm_appscan_spec.rb
|
|
1962
1963
|
- spec/lib/pwn/plugins/ip_info_spec.rb
|
|
1963
1964
|
- spec/lib/pwn/plugins/jenkins_spec.rb
|
|
1965
|
+
- spec/lib/pwn/plugins/jira_server_spec.rb
|
|
1964
1966
|
- spec/lib/pwn/plugins/json_pathify_spec.rb
|
|
1965
1967
|
- spec/lib/pwn/plugins/mail_agent_spec.rb
|
|
1966
1968
|
- spec/lib/pwn/plugins/metasploit_spec.rb
|