pwn 0.4.787 → 0.4.789
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +1 -1
- data/README.md +2 -2
- data/bin/pwn_bdba_scan +16 -7
- data/lib/pwn/version.rb +1 -1
- metadata +5 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: b231f48ef4272e0ce8d8b75621f4bcad6eccb10cbd408e3771351b9dfb2d1e86
|
4
|
+
data.tar.gz: 4d94b47564b8a5540662276ab3c92061e15d108575ad3e2b8423579cf247f734
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 7d41cd1d35316eac179c58acfd0e4bdc240be8d95b5255d246f8a5067c38795ce559f99dcbb3b7561656e622d402b745c742f364733b63ef8926b273e39c9630
|
7
|
+
data.tar.gz: f5176835ac69cf4aac341cdf334b09d8899884feba00d12f0e33a3cfcf6d0e2a1716408843535a4050702daf1f2d4da481cdb88b4821b11b1c21bc2a05bb35ba
|
data/Gemfile
CHANGED
data/README.md
CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
37
37
|
$ rvm list gemsets
|
38
38
|
$ gem install --verbose pwn
|
39
39
|
$ pwn
|
40
|
-
pwn[v0.4.
|
40
|
+
pwn[v0.4.789]:001 >>> PWN.help
|
41
41
|
```
|
42
42
|
|
43
43
|
[![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
53
53
|
$ gem install --verbose pwn
|
54
54
|
$ pwn
|
55
|
-
pwn[v0.4.
|
55
|
+
pwn[v0.4.789]:001 >>> PWN.help
|
56
56
|
```
|
57
57
|
|
58
58
|
|
data/bin/pwn_bdba_scan
CHANGED
@@ -1,6 +1,7 @@
|
|
1
1
|
#!/usr/bin/env ruby
|
2
2
|
# frozen_string_literal: false
|
3
3
|
|
4
|
+
require 'cgi'
|
4
5
|
require 'optparse'
|
5
6
|
require 'pwn'
|
6
7
|
require 'yaml'
|
@@ -27,6 +28,10 @@ OptionParser.new do |options|
|
|
27
28
|
opts[:report_path] = r
|
28
29
|
end
|
29
30
|
|
31
|
+
options.on('-R', '--report-only', '<Optional - Only Generate a Black Duck Binary Analysis Scan Report for an Existing Scan (Default: false)>') do |o|
|
32
|
+
opts[:report_only] = o
|
33
|
+
end
|
34
|
+
|
30
35
|
options.on('-tTYPE', '--report-type=TYPE', '<Optional - Black Duck Binary Analysis Scan Report Type csv_libs|csv_vulns|pdf (Default: csv_vulns)>') do |t|
|
31
36
|
opts[:report_type] = t
|
32
37
|
end
|
@@ -58,6 +63,8 @@ begin
|
|
58
63
|
report_path = opts[:report_path]
|
59
64
|
raise "ERROR: BDBA Report Path Not Provided: #{report_path}" if report_path.nil?
|
60
65
|
|
66
|
+
report_only = opts[:report_only] ||= false
|
67
|
+
|
61
68
|
report_type_str = opts[:report_type] ||= 'csv_vulns'
|
62
69
|
report_type = report_type_str.to_s.to_sym
|
63
70
|
|
@@ -71,12 +78,14 @@ begin
|
|
71
78
|
sorted_parent_arr = parent_arr.sort_by { |g| g[:id] }
|
72
79
|
parent_id = sorted_parent_arr.last[:id]
|
73
80
|
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
|
78
|
-
|
79
|
-
|
81
|
+
unless report_only
|
82
|
+
puts "Uploading/Scanning: #{target_file}"
|
83
|
+
PWN::Plugins::BlackDuckBinaryAnalysis.upload_file(
|
84
|
+
token: token,
|
85
|
+
file: target_file,
|
86
|
+
group_id: parent_id
|
87
|
+
)
|
88
|
+
end
|
80
89
|
|
81
90
|
scan_progress_resp = {}
|
82
91
|
loop do
|
@@ -93,7 +102,7 @@ begin
|
|
93
102
|
break if scan_progress_resp[:products].none? { |p| p[:status] == 'B' }
|
94
103
|
end
|
95
104
|
|
96
|
-
product_id = scan_progress_resp[:products].find { |p| p[:name] == File.basename(target_file) }[:product_id]
|
105
|
+
product_id = scan_progress_resp[:products].find { |p| p[:name] == File.basename(CGI.escape(target_file)) }[:product_id]
|
97
106
|
|
98
107
|
scan_report_resp = PWN::Plugins::BlackDuckBinaryAnalysis.generate_product_report(
|
99
108
|
token: token,
|
data/lib/pwn/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: pwn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.4.
|
4
|
+
version: 0.4.789
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- 0day Inc.
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-07-
|
11
|
+
date: 2023-07-11 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|
@@ -100,14 +100,14 @@ dependencies:
|
|
100
100
|
requirements:
|
101
101
|
- - ">="
|
102
102
|
- !ruby/object:Gem::Version
|
103
|
-
version: 2.4.
|
103
|
+
version: 2.4.16
|
104
104
|
type: :development
|
105
105
|
prerelease: false
|
106
106
|
version_requirements: !ruby/object:Gem::Requirement
|
107
107
|
requirements:
|
108
108
|
- - ">="
|
109
109
|
- !ruby/object:Gem::Version
|
110
|
-
version: 2.4.
|
110
|
+
version: 2.4.16
|
111
111
|
- !ruby/object:Gem::Dependency
|
112
112
|
name: bundler-audit
|
113
113
|
requirement: !ruby/object:Gem::Requirement
|
@@ -2149,7 +2149,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
2149
2149
|
- !ruby/object:Gem::Version
|
2150
2150
|
version: '0'
|
2151
2151
|
requirements: []
|
2152
|
-
rubygems_version: 3.4.
|
2152
|
+
rubygems_version: 3.4.16
|
2153
2153
|
signing_key:
|
2154
2154
|
specification_version: 4
|
2155
2155
|
summary: Automated Security Testing for CI/CD Pipelines & Beyond
|