pwn 0.4.719 → 0.4.721
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +1 -1
- data/README.md +2 -2
- data/bin/pwn_defectdojo_reimportscan +7 -1
- data/bin/pwn_www_uri_buster +2 -0
- data/lib/pwn/plugins/defect_dojo.rb +6 -2
- data/lib/pwn/version.rb +1 -1
- data/packer/provisioners/vmware_tools.sh +1 -1
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: c955683b5eaf02952a897892a4ffb163e8e3d37e189774f8b6b947e9b0719091
|
4
|
+
data.tar.gz: 4d14d45e6e693a8264e817ae908dbee175aefe65808b616701bee56d8ee886ba
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: c6b4f75c5a4f54a1ffc0b152ae2b3ef59f57f1a4e9cb3d4e4b0383ebb9cfd41fd4f1e9254c0c3d2129e43dbab7dca613b52421fec88ab5ed85cf091ab86b61a3
|
7
|
+
data.tar.gz: 5773b15cebf70e751af66483d374b9b50cfb819239492588059f40b1e9ff56a9631e8c370971bbd62714ed3c08d6927a862b6c22b3fbaafc428e7e19297e2055
|
data/Gemfile
CHANGED
data/README.md
CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
37
37
|
$ rvm list gemsets
|
38
38
|
$ gem install --verbose pwn
|
39
39
|
$ pwn
|
40
|
-
pwn[v0.4.
|
40
|
+
pwn[v0.4.721]:001 >>> PWN.help
|
41
41
|
```
|
42
42
|
|
43
43
|
[![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
53
53
|
$ gem install --verbose pwn
|
54
54
|
$ pwn
|
55
|
-
pwn[v0.4.
|
55
|
+
pwn[v0.4.721]:001 >>> PWN.help
|
56
56
|
```
|
57
57
|
|
58
58
|
|
@@ -57,6 +57,10 @@ OptionParser.new do |options|
|
|
57
57
|
options.on('-v', '--[no-]verified', '<Optional - flag finding as verified by a tester (defaults to false)') do |v|
|
58
58
|
opts[:verified] = v
|
59
59
|
end
|
60
|
+
|
61
|
+
options.on('-g', '--create-finding-groups', '<Optional - group similar findings into one finding (defaults to false)') do |g|
|
62
|
+
opts[:create_finding_groups] = g
|
63
|
+
end
|
60
64
|
end.parse!
|
61
65
|
|
62
66
|
if opts.empty?
|
@@ -79,6 +83,7 @@ tags = opts[:tags]
|
|
79
83
|
minimum_severity = opts[:minimum_severity]
|
80
84
|
scan_date = opts[:scan_date]
|
81
85
|
verified = opts[:verified]
|
86
|
+
create_finding_groups = opts[:create_finding_groups]
|
82
87
|
|
83
88
|
begin
|
84
89
|
dd_obj = PWN::Plugins::DefectDojo.login(
|
@@ -97,7 +102,8 @@ begin
|
|
97
102
|
tags: tags,
|
98
103
|
minimum_severity: minimum_severity,
|
99
104
|
scan_date: scan_date,
|
100
|
-
verified: verified
|
105
|
+
verified: verified,
|
106
|
+
create_finding_groups: create_finding_groups
|
101
107
|
)
|
102
108
|
rescue StandardError => e
|
103
109
|
raise e
|
data/bin/pwn_www_uri_buster
CHANGED
@@ -101,6 +101,8 @@ def request_path(opts = {})
|
|
101
101
|
http_resp_length: response.body.length,
|
102
102
|
http_resp: "#{response.body[0..300]}..."
|
103
103
|
}
|
104
|
+
rescue Errno::ECONNREFUSED
|
105
|
+
raise 'ERROR: Connection(s) Refused. Try lowering the --max-threads value.'
|
104
106
|
rescue Errno::ECONNRESET,
|
105
107
|
RestClient::Exceptions::ReadTimeout,
|
106
108
|
RestClient::ServerBrokeConnection => e
|
@@ -488,7 +488,8 @@ module PWN
|
|
488
488
|
# test_resource_uri: 'optional - alternative to tag names to know which test to reimport',
|
489
489
|
# minimum_severity: 'optional - minimum finding severity Info||Low||Medium||High||Critical (Defaults to Info)',
|
490
490
|
# scan_date: 'optional - date in which scan was kicked off (defaults to now)',
|
491
|
-
# verified: 'optional - flag finding as verified by a tester (defaults to false)'
|
491
|
+
# verified: 'optional - flag finding as verified by a tester (defaults to false)',
|
492
|
+
# create_finding_groups: 'optional - flag to create finding groups (defaults to false)'
|
492
493
|
# )
|
493
494
|
|
494
495
|
public_class_method def self.reimportscan(opts = {})
|
@@ -567,6 +568,8 @@ module PWN
|
|
567
568
|
# Defaults to false
|
568
569
|
opts[:verified] ? (http_body[:verified] = true) : (http_body[:verified] = false)
|
569
570
|
|
571
|
+
opts[:create_finding_groups] ? (http_body[:create_finding_groups_for_all_findings] = true) : (http_body[:create_finding_groups_for_all_findings] = false)
|
572
|
+
|
570
573
|
api_path = 'reimport-scan/'
|
571
574
|
api_path = 'reimportscan/' if api_version == 'v1'
|
572
575
|
|
@@ -735,7 +738,8 @@ module PWN
|
|
735
738
|
test_resource_uri: 'optional - alternative to tag names to know which test to reimport',
|
736
739
|
minimum_severity: 'optional - minimum finding severity Info||Low||Medium||High||Critical (Defaults to Info)',
|
737
740
|
scan_date: 'optional - date in which scan was kicked off (defaults to now)',
|
738
|
-
verified: 'optional - flag finding as verified by a tester (defaults to false)'
|
741
|
+
verified: 'optional - flag finding as verified by a tester (defaults to false)',
|
742
|
+
create_finding_groups: 'optional - flag to create finding groups (defaults to false)'
|
739
743
|
)
|
740
744
|
|
741
745
|
finding_list = #{self}.finding_list(
|
data/lib/pwn/version.rb
CHANGED
@@ -4,5 +4,5 @@ source /etc/profile.d/globals.sh
|
|
4
4
|
$screen_cmd "${apt} install -y linux-headers-$(uname -r) ${assess_update_errors}"
|
5
5
|
grok_error
|
6
6
|
|
7
|
-
$screen_cmd "${apt} install --reinstall -y open-vm-tools-desktop
|
7
|
+
$screen_cmd "${apt} install --reinstall -y open-vm-tools-desktop fuse3 ${assess_update_errors}"
|
8
8
|
grok_error
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: pwn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.4.
|
4
|
+
version: 0.4.721
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- 0day Inc.
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-
|
11
|
+
date: 2023-06-02 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|
@@ -800,14 +800,14 @@ dependencies:
|
|
800
800
|
requirements:
|
801
801
|
- - '='
|
802
802
|
- !ruby/object:Gem::Version
|
803
|
-
version: 1.
|
803
|
+
version: 1.52.0
|
804
804
|
type: :runtime
|
805
805
|
prerelease: false
|
806
806
|
version_requirements: !ruby/object:Gem::Requirement
|
807
807
|
requirements:
|
808
808
|
- - '='
|
809
809
|
- !ruby/object:Gem::Version
|
810
|
-
version: 1.
|
810
|
+
version: 1.52.0
|
811
811
|
- !ruby/object:Gem::Dependency
|
812
812
|
name: rubocop-rake
|
813
813
|
requirement: !ruby/object:Gem::Requirement
|