pwn 0.4.719 → 0.4.721

Sign up to get free protection for your applications and to get access to all the features.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +1 -1
  3. data/README.md +2 -2
  4. data/bin/pwn_defectdojo_reimportscan +7 -1
  5. data/bin/pwn_www_uri_buster +2 -0
  6. data/lib/pwn/plugins/defect_dojo.rb +6 -2
  7. data/lib/pwn/version.rb +1 -1
  8. data/packer/provisioners/vmware_tools.sh +1 -1
  9. metadata +4 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d5a7a93b7b534675f369a97e9ab0654d485a9d6c0f6c1b954011d5a95c000391
4
- data.tar.gz: cbd332f8a8577d3438348ff5a6205152f4a432fc15071e7e0a92db9e90d7082b
3
+ metadata.gz: c955683b5eaf02952a897892a4ffb163e8e3d37e189774f8b6b947e9b0719091
4
+ data.tar.gz: 4d14d45e6e693a8264e817ae908dbee175aefe65808b616701bee56d8ee886ba
5
5
  SHA512:
6
- metadata.gz: 7227ac0c69e95f9362712d757db641959c3507fe17511c2f0dbd7a19b454e730c9a51c394a553f463b3d2e47020add3cb5548270524f00d0e0547e7dc09cefac
7
- data.tar.gz: 1c623f506c519b69fea6e602205e3c9ff8f20a618210ea524fd55f6870e7e5f0e33cf1a883936819a1dd6cbc8d4f3faf8879f28cd40de7e60f6b716a0f491d28
6
+ metadata.gz: c6b4f75c5a4f54a1ffc0b152ae2b3ef59f57f1a4e9cb3d4e4b0383ebb9cfd41fd4f1e9254c0c3d2129e43dbab7dca613b52421fec88ab5ed85cf091ab86b61a3
7
+ data.tar.gz: 5773b15cebf70e751af66483d374b9b50cfb819239492588059f40b1e9ff56a9631e8c370971bbd62714ed3c08d6927a862b6c22b3fbaafc428e7e19297e2055
data/Gemfile CHANGED
@@ -67,7 +67,7 @@ gem 'rex', '2.0.13'
67
67
  gem 'rmagick', '5.2.0'
68
68
  gem 'rspec', '3.12.0'
69
69
  gem 'rtesseract', '3.1.2'
70
- gem 'rubocop', '1.51.0'
70
+ gem 'rubocop', '1.52.0'
71
71
  gem 'rubocop-rake', '0.6.0'
72
72
  gem 'rubocop-rspec', '2.22.0'
73
73
  gem 'ruby-audio', '1.6.1'
data/README.md CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
37
37
  $ rvm list gemsets
38
38
  $ gem install --verbose pwn
39
39
  $ pwn
40
- pwn[v0.4.719]:001 >>> PWN.help
40
+ pwn[v0.4.721]:001 >>> PWN.help
41
41
  ```
42
42
 
43
43
  [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
52
52
  $ gem uninstall --all --executables pwn
53
53
  $ gem install --verbose pwn
54
54
  $ pwn
55
- pwn[v0.4.719]:001 >>> PWN.help
55
+ pwn[v0.4.721]:001 >>> PWN.help
56
56
  ```
57
57
 
58
58
 
data/bin/pwn_defectdojo_reimportscan CHANGED
@@ -57,6 +57,10 @@ OptionParser.new do |options|
57
57
  options.on('-v', '--[no-]verified', '<Optional - flag finding as verified by a tester (defaults to false)') do |v|
58
58
  opts[:verified] = v
59
59
  end
60
+
61
+ options.on('-g', '--create-finding-groups', '<Optional - group similar findings into one finding (defaults to false)') do |g|
62
+ opts[:create_finding_groups] = g
63
+ end
60
64
  end.parse!
61
65
 
62
66
  if opts.empty?
@@ -79,6 +83,7 @@ tags = opts[:tags]
79
83
  minimum_severity = opts[:minimum_severity]
80
84
  scan_date = opts[:scan_date]
81
85
  verified = opts[:verified]
86
+ create_finding_groups = opts[:create_finding_groups]
82
87
 
83
88
  begin
84
89
  dd_obj = PWN::Plugins::DefectDojo.login(
@@ -97,7 +102,8 @@ begin
97
102
  tags: tags,
98
103
  minimum_severity: minimum_severity,
99
104
  scan_date: scan_date,
100
- verified: verified
105
+ verified: verified,
106
+ create_finding_groups: create_finding_groups
101
107
  )
102
108
  rescue StandardError => e
103
109
  raise e
data/bin/pwn_www_uri_buster CHANGED
@@ -101,6 +101,8 @@ def request_path(opts = {})
101
101
  http_resp_length: response.body.length,
102
102
  http_resp: "#{response.body[0..300]}..."
103
103
  }
104
+ rescue Errno::ECONNREFUSED
105
+ raise 'ERROR: Connection(s) Refused. Try lowering the --max-threads value.'
104
106
  rescue Errno::ECONNRESET,
105
107
  RestClient::Exceptions::ReadTimeout,
106
108
  RestClient::ServerBrokeConnection => e
data/lib/pwn/plugins/defect_dojo.rb CHANGED
@@ -488,7 +488,8 @@ module PWN
488
488
  # test_resource_uri: 'optional - alternative to tag names to know which test to reimport',
489
489
  # minimum_severity: 'optional - minimum finding severity Info||Low||Medium||High||Critical (Defaults to Info)',
490
490
  # scan_date: 'optional - date in which scan was kicked off (defaults to now)',
491
- # verified: 'optional - flag finding as verified by a tester (defaults to false)'
491
+ # verified: 'optional - flag finding as verified by a tester (defaults to false)',
492
+ # create_finding_groups: 'optional - flag to create finding groups (defaults to false)'
492
493
  # )
493
494
 
494
495
  public_class_method def self.reimportscan(opts = {})
@@ -567,6 +568,8 @@ module PWN
567
568
  # Defaults to false
568
569
  opts[:verified] ? (http_body[:verified] = true) : (http_body[:verified] = false)
569
570
 
571
+ opts[:create_finding_groups] ? (http_body[:create_finding_groups_for_all_findings] = true) : (http_body[:create_finding_groups_for_all_findings] = false)
572
+
570
573
  api_path = 'reimport-scan/'
571
574
  api_path = 'reimportscan/' if api_version == 'v1'
572
575
 
@@ -735,7 +738,8 @@ module PWN
735
738
  test_resource_uri: 'optional - alternative to tag names to know which test to reimport',
736
739
  minimum_severity: 'optional - minimum finding severity Info||Low||Medium||High||Critical (Defaults to Info)',
737
740
  scan_date: 'optional - date in which scan was kicked off (defaults to now)',
738
- verified: 'optional - flag finding as verified by a tester (defaults to false)'
741
+ verified: 'optional - flag finding as verified by a tester (defaults to false)',
742
+ create_finding_groups: 'optional - flag to create finding groups (defaults to false)'
739
743
  )
740
744
 
741
745
  finding_list = #{self}.finding_list(
data/lib/pwn/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module PWN
4
- VERSION = '0.4.719'
4
+ VERSION = '0.4.721'
5
5
  end
data/packer/provisioners/vmware_tools.sh CHANGED
@@ -4,5 +4,5 @@ source /etc/profile.d/globals.sh
4
4
  $screen_cmd "${apt} install -y linux-headers-$(uname -r) ${assess_update_errors}"
5
5
  grok_error
6
6
 
7
- $screen_cmd "${apt} install --reinstall -y open-vm-tools-desktop fuse ${assess_update_errors}"
7
+ $screen_cmd "${apt} install --reinstall -y open-vm-tools-desktop fuse3 ${assess_update_errors}"
8
8
  grok_error
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pwn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.719
4
+ version: 0.4.721
5
5
  platform: ruby
6
6
  authors:
7
7
  - 0day Inc.
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-05-31 00:00:00.000000000 Z
11
+ date: 2023-06-02 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -800,14 +800,14 @@ dependencies:
800
800
  requirements:
801
801
  - - '='
802
802
  - !ruby/object:Gem::Version
803
- version: 1.51.0
803
+ version: 1.52.0
804
804
  type: :runtime
805
805
  prerelease: false
806
806
  version_requirements: !ruby/object:Gem::Requirement
807
807
  requirements:
808
808
  - - '='
809
809
  - !ruby/object:Gem::Version
810
- version: 1.51.0
810
+ version: 1.52.0
811
811
  - !ruby/object:Gem::Dependency
812
812
  name: rubocop-rake
813
813
  requirement: !ruby/object:Gem::Requirement