pwn 0.4.719 → 0.4.721
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile +1 -1
- data/README.md +2 -2
- data/bin/pwn_defectdojo_reimportscan +7 -1
- data/bin/pwn_www_uri_buster +2 -0
- data/lib/pwn/plugins/defect_dojo.rb +6 -2
- data/lib/pwn/version.rb +1 -1
- data/packer/provisioners/vmware_tools.sh +1 -1
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c955683b5eaf02952a897892a4ffb163e8e3d37e189774f8b6b947e9b0719091
|
|
4
|
+
data.tar.gz: 4d14d45e6e693a8264e817ae908dbee175aefe65808b616701bee56d8ee886ba
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c6b4f75c5a4f54a1ffc0b152ae2b3ef59f57f1a4e9cb3d4e4b0383ebb9cfd41fd4f1e9254c0c3d2129e43dbab7dca613b52421fec88ab5ed85cf091ab86b61a3
|
|
7
|
+
data.tar.gz: 5773b15cebf70e751af66483d374b9b50cfb819239492588059f40b1e9ff56a9631e8c370971bbd62714ed3c08d6927a862b6c22b3fbaafc428e7e19297e2055
|
data/Gemfile
CHANGED
data/README.md
CHANGED
|
@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
|
37
37
|
$ rvm list gemsets
|
|
38
38
|
$ gem install --verbose pwn
|
|
39
39
|
$ pwn
|
|
40
|
-
pwn[v0.4.
|
|
40
|
+
pwn[v0.4.721]:001 >>> PWN.help
|
|
41
41
|
```
|
|
42
42
|
|
|
43
43
|
[](https://youtu.be/G7iLUY4FzsI)
|
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
|
53
53
|
$ gem install --verbose pwn
|
|
54
54
|
$ pwn
|
|
55
|
-
pwn[v0.4.
|
|
55
|
+
pwn[v0.4.721]:001 >>> PWN.help
|
|
56
56
|
```
|
|
57
57
|
|
|
58
58
|
|
|
@@ -57,6 +57,10 @@ OptionParser.new do |options|
|
|
|
57
57
|
options.on('-v', '--[no-]verified', '<Optional - flag finding as verified by a tester (defaults to false)') do |v|
|
|
58
58
|
opts[:verified] = v
|
|
59
59
|
end
|
|
60
|
+
|
|
61
|
+
options.on('-g', '--create-finding-groups', '<Optional - group similar findings into one finding (defaults to false)') do |g|
|
|
62
|
+
opts[:create_finding_groups] = g
|
|
63
|
+
end
|
|
60
64
|
end.parse!
|
|
61
65
|
|
|
62
66
|
if opts.empty?
|
|
@@ -79,6 +83,7 @@ tags = opts[:tags]
|
|
|
79
83
|
minimum_severity = opts[:minimum_severity]
|
|
80
84
|
scan_date = opts[:scan_date]
|
|
81
85
|
verified = opts[:verified]
|
|
86
|
+
create_finding_groups = opts[:create_finding_groups]
|
|
82
87
|
|
|
83
88
|
begin
|
|
84
89
|
dd_obj = PWN::Plugins::DefectDojo.login(
|
|
@@ -97,7 +102,8 @@ begin
|
|
|
97
102
|
tags: tags,
|
|
98
103
|
minimum_severity: minimum_severity,
|
|
99
104
|
scan_date: scan_date,
|
|
100
|
-
verified: verified
|
|
105
|
+
verified: verified,
|
|
106
|
+
create_finding_groups: create_finding_groups
|
|
101
107
|
)
|
|
102
108
|
rescue StandardError => e
|
|
103
109
|
raise e
|
data/bin/pwn_www_uri_buster
CHANGED
|
@@ -101,6 +101,8 @@ def request_path(opts = {})
|
|
|
101
101
|
http_resp_length: response.body.length,
|
|
102
102
|
http_resp: "#{response.body[0..300]}..."
|
|
103
103
|
}
|
|
104
|
+
rescue Errno::ECONNREFUSED
|
|
105
|
+
raise 'ERROR: Connection(s) Refused. Try lowering the --max-threads value.'
|
|
104
106
|
rescue Errno::ECONNRESET,
|
|
105
107
|
RestClient::Exceptions::ReadTimeout,
|
|
106
108
|
RestClient::ServerBrokeConnection => e
|
|
@@ -488,7 +488,8 @@ module PWN
|
|
|
488
488
|
# test_resource_uri: 'optional - alternative to tag names to know which test to reimport',
|
|
489
489
|
# minimum_severity: 'optional - minimum finding severity Info||Low||Medium||High||Critical (Defaults to Info)',
|
|
490
490
|
# scan_date: 'optional - date in which scan was kicked off (defaults to now)',
|
|
491
|
-
# verified: 'optional - flag finding as verified by a tester (defaults to false)'
|
|
491
|
+
# verified: 'optional - flag finding as verified by a tester (defaults to false)',
|
|
492
|
+
# create_finding_groups: 'optional - flag to create finding groups (defaults to false)'
|
|
492
493
|
# )
|
|
493
494
|
|
|
494
495
|
public_class_method def self.reimportscan(opts = {})
|
|
@@ -567,6 +568,8 @@ module PWN
|
|
|
567
568
|
# Defaults to false
|
|
568
569
|
opts[:verified] ? (http_body[:verified] = true) : (http_body[:verified] = false)
|
|
569
570
|
|
|
571
|
+
opts[:create_finding_groups] ? (http_body[:create_finding_groups_for_all_findings] = true) : (http_body[:create_finding_groups_for_all_findings] = false)
|
|
572
|
+
|
|
570
573
|
api_path = 'reimport-scan/'
|
|
571
574
|
api_path = 'reimportscan/' if api_version == 'v1'
|
|
572
575
|
|
|
@@ -735,7 +738,8 @@ module PWN
|
|
|
735
738
|
test_resource_uri: 'optional - alternative to tag names to know which test to reimport',
|
|
736
739
|
minimum_severity: 'optional - minimum finding severity Info||Low||Medium||High||Critical (Defaults to Info)',
|
|
737
740
|
scan_date: 'optional - date in which scan was kicked off (defaults to now)',
|
|
738
|
-
verified: 'optional - flag finding as verified by a tester (defaults to false)'
|
|
741
|
+
verified: 'optional - flag finding as verified by a tester (defaults to false)',
|
|
742
|
+
create_finding_groups: 'optional - flag to create finding groups (defaults to false)'
|
|
739
743
|
)
|
|
740
744
|
|
|
741
745
|
finding_list = #{self}.finding_list(
|
data/lib/pwn/version.rb
CHANGED
|
@@ -4,5 +4,5 @@ source /etc/profile.d/globals.sh
|
|
|
4
4
|
$screen_cmd "${apt} install -y linux-headers-$(uname -r) ${assess_update_errors}"
|
|
5
5
|
grok_error
|
|
6
6
|
|
|
7
|
-
$screen_cmd "${apt} install --reinstall -y open-vm-tools-desktop
|
|
7
|
+
$screen_cmd "${apt} install --reinstall -y open-vm-tools-desktop fuse3 ${assess_update_errors}"
|
|
8
8
|
grok_error
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: pwn
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.4.
|
|
4
|
+
version: 0.4.721
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- 0day Inc.
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-
|
|
11
|
+
date: 2023-06-02 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activesupport
|
|
@@ -800,14 +800,14 @@ dependencies:
|
|
|
800
800
|
requirements:
|
|
801
801
|
- - '='
|
|
802
802
|
- !ruby/object:Gem::Version
|
|
803
|
-
version: 1.
|
|
803
|
+
version: 1.52.0
|
|
804
804
|
type: :runtime
|
|
805
805
|
prerelease: false
|
|
806
806
|
version_requirements: !ruby/object:Gem::Requirement
|
|
807
807
|
requirements:
|
|
808
808
|
- - '='
|
|
809
809
|
- !ruby/object:Gem::Version
|
|
810
|
-
version: 1.
|
|
810
|
+
version: 1.52.0
|
|
811
811
|
- !ruby/object:Gem::Dependency
|
|
812
812
|
name: rubocop-rake
|
|
813
813
|
requirement: !ruby/object:Gem::Requirement
|