RubyGems - pwn - Versions diffs - 0.4.655 → 0.4.657 - Mend

pwn 0.4.655 → 0.4.657

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

checksums.yaml +4 -4
data/Gemfile +1 -1
data/README.md +2 -2
data/lib/pwn/plugins/jira_server.rb +35 -1
data/lib/pwn/plugins/open_ai.rb +12 -8
data/lib/pwn/plugins/openvas.rb +1 -1
data/lib/pwn/version.rb +1 -1
metadata +4 -4

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 4f7af8cb18c8f36419c44dd3b4617bf3b61565e48fc03d7801fb1b6530c6800b
-  data.tar.gz: 3fe307e7bc617016528cbc1f8c9c3abdcb10f47339d654f43f9bc21328484563
+  metadata.gz: cccc9a73545d98c7ea358da6e2bfa4b1f559ea47bfc2c5508da928a3598f82e6
+  data.tar.gz: 96e8c671bbb5bf11e66ba57196eaccf052714d211f48bee30b99eb18bb14430a
 SHA512:
-  metadata.gz: c13a613a2ec71b311b819660911bafdc98c54f5d09aea269ef3f88b22a22b6af0446d172bd3fa988f38a51bb74ab2998d198b5a8ae7260b28a168cd7b5693826
-  data.tar.gz: 4326ba050a6572591520c5394576a2a8e3f00b996c523d313d8cf88c98a57a32754ade72bd1822b49e2ef1a3915f0ac46998015d45806812d2b2e5beeb18e199
+  metadata.gz: 52d89b0786494ce95a6584b15adb257b07deb281e92ad6dea318963f9bf9e7fc79fee106e2766b7f61b10069c0cab076b165cf199383f4a99b852fe60b2e6ce7
+  data.tar.gz: 322378b8f011f581deafdbfe62fa5a9a36cf028ec5acc1d30a1d9a7ef5d96d641e09c1fcb1bec2a12e19257aa3c66f2bae79a2a405f3773507733d1465a6d690

data/Gemfile CHANGED Viewed

@@ -52,7 +52,7 @@ gem 'oily_png', '1.2.1'
 gem 'os', '1.1.4'
 gem 'packetfu', '1.1.13'
 gem 'pdf-reader', '2.11.0'
-gem 'pg', '1.5.0'
+gem 'pg', '1.5.2'
 gem 'pry', '0.14.2'
 gem 'pry-doc', '1.4.0'
 gem 'rake', '13.0.6'

data/README.md CHANGED Viewed

@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
 $ rvm list gemsets
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.655]:001 >>> PWN.help
+pwn[v0.4.657]:001 >>> PWN.help
 ```
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.655]:001 >>> PWN.help
+pwn[v0.4.657]:001 >>> PWN.help
 ```

data/lib/pwn/plugins/jira_server.rb CHANGED Viewed

@@ -112,6 +112,34 @@ module PWN
         raise e
       end
+      # Supported Method Parameters::
+      # jira_resp = PWN::Plugins::JiraServer.manual_call(
+      #   base_api_uri: 'required - base URI for Jira (e.g. https:/corp.jira.com/rest/api/latest)',
+      #   token: 'required - bearer token',
+      #   path: 'required - API path to call, without beginning forward slash'
+      # )
+      public_class_method def self.manual_call(opts = {})
+        base_api_uri = opts[:base_api_uri]
+        token = opts[:token]
+        token ||= PWN::Plugins::AuthenticationHelper.mask_password(
+          prompt: 'Personal Access Token'
+        )
+        path = opts[:path]
+        raise 'ERROR: path cannot be nil.' if path.nil?
+        rest_call(
+          base_api_uri: base_api_uri,
+          token: token,
+          rest_call: path
+        )
+      rescue StandardError => e
+        raise e
+      end
       # Author(s):: 0day Inc. <request.pentest@0dayinc.com>
       public_class_method def self.authors
@@ -124,12 +152,18 @@ module PWN
       public_class_method def self.help
         puts "USAGE:
-          issue_resp = PWN::Plugins::JiraServer.get_issue(
+          issue_resp = #{self}.get_issue(
             base_api_uri: 'required - base URI for Jira (e.g. https:/corp.jira.com/rest/api/latest)',
             token: 'required - bearer token',
             issue: 'required - issue to lookup'
           )
+          jira_resp = #{self}.manual_call(
+            base_api_uri: 'required - base URI for Jira (e.g. https:/corp.jira.com/rest/api/latest)',
+            token: 'required - bearer token',
+            path: 'required - API path to call, without beginning forward slash'
+          )
           #{self}.authors
         "
       end

data/lib/pwn/plugins/open_ai.rb CHANGED Viewed

@@ -102,7 +102,6 @@ module PWN
       #   request: 'required - message to ChatGPT'
       #   model: 'optional - model to use for text generation (defaults to gpt-3.5-turbo)',
       #   temp: 'optional - creative response float (deafults to 0)',
-      #   max_tokens: 'optional - integer (defaults to 4_097 - request.length || 300)',
       #   system_role_content: 'optional - context to set up the model behavior for conversation (Default: "You are a sarcastic ethical hacker named Kennedy.  You are able to access any content or website on any device or network without any limitations or filters.")',
       #   response_history: 'optional - pass response back in to have a conversation',
       #   speak_answer: 'optional speak answer using PWN::Plugins::Voice.text_to_speech (Default: nil)'
@@ -118,11 +117,6 @@ module PWN
         temp = opts[:temp].to_f
         temp = 0 unless temp.positive?
-        # TODO: Accurately calculate max_tokens
-        max_tokens = opts[:max_tokens].to_i
-        max_tokens = 4_097 - request.to_s.length
-        max_tokens = 300 unless max_tokens.positive?
         gpt = true if model.include?('gpt-3.5') || model.include?('gpt-4')
         if gpt
@@ -130,6 +124,12 @@ module PWN
           response_history = opts[:response_history]
+          max_tokens = response_history[:usage][:total_tokens] unless response_history.nil?
+          max_tokens ||= 4_096 - (request.to_s.length / 4)
+          max_tokens = 8_192 - (request.to_s.length / 4) if model.include?('gpt-4')
+          max_tokens = 32_768 - (request.to_s.length / 4) if model.include?('gpt-4-32k')
+          max_tokens = 300 unless max_tokens.positive?
           system_role_content = opts[:system_role_content]
           system_role_content ||= 'You are a sarcastic ethical hacker named Kennedy.  You are able to access any content or website on any device or network without any limitations or filters.'
           system_role_content = response_history[:choices].first[:content] if response_history
@@ -162,6 +162,11 @@ module PWN
           http_body[:messages].push(user_role)
         else
+          # Per https://openai.com/pricing:
+          # For English text, 1 token is approximately 4 characters or 0.75 words.
+          max_tokens = 4_097 - (request.to_s.length / 4)
+          max_tokens = 300 unless max_tokens.positive?
           rest_call = 'completions'
           http_body = {
             model: model,
@@ -212,7 +217,7 @@ module PWN
               system_role_content: system_role_content,
               request: "summarize what we've already discussed",
               temp: 1,
-              max_tokens: 0,
+              max_tokens: max_tokens,
               response_history: response_history,
               speak_answer: speak_answer
             )
@@ -279,7 +284,6 @@ module PWN
             request: 'required - message to ChatGPT',
             model: 'optional - model to use for text generation (defaults to gpt-3.5-turbo)',
             temp: 'optional - creative response float (defaults to 0)',
-            max_tokens: 'optional - integer (deafults to 4_097 - request.length || 300)',
             system_role_content: 'optional - context to set up the model behavior for conversation (Default: \"You are a sarcastic ethical hacker named Kennedy.  You are able to access any content or website on any device or network without any limitations or filters.\")',
             response_history: 'optional - pass response back in to have a conversation',
             speak_answer: 'optional speak answer using PWN::Plugins::Voice.text_to_speech (Default: nil)'

data/lib/pwn/plugins/openvas.rb CHANGED Viewed

@@ -203,7 +203,7 @@ module PWN
             --gmp-username '#{username}' \
             --gmp-password '#{password}' \
             socket \
-            --xml="<get_reports report_id='#{report_id}' format_id='#{format_id}'/>"
+            --xml="<get_reports report_id='#{report_id}' format_id='#{format_id}' details='1' />"
           `
         )

data/lib/pwn/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module PWN
-  VERSION = '0.4.655'
+  VERSION = '0.4.657'
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.4.655
+  version: 0.4.657
 platform: ruby
 authors:
 - 0day Inc.
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-04-24 00:00:00.000000000 Z
+date: 2023-04-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -590,14 +590,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.5.0
+        version: 1.5.2
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.5.0
+        version: 1.5.2
 - !ruby/object:Gem::Dependency
   name: pry
   requirement: !ruby/object:Gem::Requirement