pwn 0.4.787 → 0.4.789

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +1 -1
  3. data/README.md +2 -2
  4. data/bin/pwn_bdba_scan +16 -7
  5. data/lib/pwn/version.rb +1 -1
  6. metadata +5 -5
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f35306bdb225847ae25667d82732b50a9a5112ae1d11734b05c8d1f6a6fa15cf
4
- data.tar.gz: f15ff310aab91ecf8fefd3ff661b6abf091b190c5f3e1b24c9aa56c6da034e93
3
+ metadata.gz: b231f48ef4272e0ce8d8b75621f4bcad6eccb10cbd408e3771351b9dfb2d1e86
4
+ data.tar.gz: 4d94b47564b8a5540662276ab3c92061e15d108575ad3e2b8423579cf247f734
5
5
  SHA512:
6
- metadata.gz: 523cfc67f6e9e2f386de251d9923a43eed2aa081d162705a9b2e0e78eaab15f8e0631217ca1ddc24ba017dd4eff2d83ea860a6431dde91dbab637a69ec53d5f1
7
- data.tar.gz: c5960eb73849a7542dca3cdef8cf1599433c86fbf6d18df5c9033ec2e0622f008d261f2ee3f387857424c83dcaeadf9cde241a2a16bdb9e35d3cc34ab303edbd
6
+ metadata.gz: 7d41cd1d35316eac179c58acfd0e4bdc240be8d95b5255d246f8a5067c38795ce559f99dcbb3b7561656e622d402b745c742f364733b63ef8926b273e39c9630
7
+ data.tar.gz: f5176835ac69cf4aac341cdf334b09d8899884feba00d12f0e33a3cfcf6d0e2a1716408843535a4050702daf1f2d4da481cdb88b4821b11b1c21bc2a05bb35ba
data/Gemfile CHANGED
@@ -18,7 +18,7 @@ gem 'aws-sdk', '3.1.0'
18
18
  # gem 'bettercap', '1.6.2'
19
19
  gem 'brakeman', '6.0.0'
20
20
  gem 'bson', '4.15.0'
21
- gem 'bundler', '>=2.4.15'
21
+ gem 'bundler', '>=2.4.16'
22
22
  gem 'bundler-audit', '0.9.1'
23
23
  gem 'bunny', '2.22.0'
24
24
  gem 'colorize', '1.1.0'
data/README.md CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
37
37
  $ rvm list gemsets
38
38
  $ gem install --verbose pwn
39
39
  $ pwn
40
- pwn[v0.4.787]:001 >>> PWN.help
40
+ pwn[v0.4.789]:001 >>> PWN.help
41
41
  ```
42
42
 
43
43
  [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
52
52
  $ gem uninstall --all --executables pwn
53
53
  $ gem install --verbose pwn
54
54
  $ pwn
55
- pwn[v0.4.787]:001 >>> PWN.help
55
+ pwn[v0.4.789]:001 >>> PWN.help
56
56
  ```
57
57
 
58
58
 
data/bin/pwn_bdba_scan CHANGED
@@ -1,6 +1,7 @@
1
1
  #!/usr/bin/env ruby
2
2
  # frozen_string_literal: false
3
3
 
4
+ require 'cgi'
4
5
  require 'optparse'
5
6
  require 'pwn'
6
7
  require 'yaml'
@@ -27,6 +28,10 @@ OptionParser.new do |options|
27
28
  opts[:report_path] = r
28
29
  end
29
30
 
31
+ options.on('-R', '--report-only', '<Optional - Only Generate a Black Duck Binary Analysis Scan Report for an Existing Scan (Default: false)>') do |o|
32
+ opts[:report_only] = o
33
+ end
34
+
30
35
  options.on('-tTYPE', '--report-type=TYPE', '<Optional - Black Duck Binary Analysis Scan Report Type csv_libs|csv_vulns|pdf (Default: csv_vulns)>') do |t|
31
36
  opts[:report_type] = t
32
37
  end
@@ -58,6 +63,8 @@ begin
58
63
  report_path = opts[:report_path]
59
64
  raise "ERROR: BDBA Report Path Not Provided: #{report_path}" if report_path.nil?
60
65
 
66
+ report_only = opts[:report_only] ||= false
67
+
61
68
  report_type_str = opts[:report_type] ||= 'csv_vulns'
62
69
  report_type = report_type_str.to_s.to_sym
63
70
 
@@ -71,12 +78,14 @@ begin
71
78
  sorted_parent_arr = parent_arr.sort_by { |g| g[:id] }
72
79
  parent_id = sorted_parent_arr.last[:id]
73
80
 
74
- puts "Uploading/Scanning: #{target_file}"
75
- PWN::Plugins::BlackDuckBinaryAnalysis.upload_file(
76
- token: token,
77
- file: target_file,
78
- group_id: parent_id
79
- )
81
+ unless report_only
82
+ puts "Uploading/Scanning: #{target_file}"
83
+ PWN::Plugins::BlackDuckBinaryAnalysis.upload_file(
84
+ token: token,
85
+ file: target_file,
86
+ group_id: parent_id
87
+ )
88
+ end
80
89
 
81
90
  scan_progress_resp = {}
82
91
  loop do
@@ -93,7 +102,7 @@ begin
93
102
  break if scan_progress_resp[:products].none? { |p| p[:status] == 'B' }
94
103
  end
95
104
 
96
- product_id = scan_progress_resp[:products].find { |p| p[:name] == File.basename(target_file) }[:product_id]
105
+ product_id = scan_progress_resp[:products].find { |p| p[:name] == File.basename(CGI.escape(target_file)) }[:product_id]
97
106
 
98
107
  scan_report_resp = PWN::Plugins::BlackDuckBinaryAnalysis.generate_product_report(
99
108
  token: token,
data/lib/pwn/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module PWN
4
- VERSION = '0.4.787'
4
+ VERSION = '0.4.789'
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pwn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.787
4
+ version: 0.4.789
5
5
  platform: ruby
6
6
  authors:
7
7
  - 0day Inc.
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-07-10 00:00:00.000000000 Z
11
+ date: 2023-07-11 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -100,14 +100,14 @@ dependencies:
100
100
  requirements:
101
101
  - - ">="
102
102
  - !ruby/object:Gem::Version
103
- version: 2.4.15
103
+ version: 2.4.16
104
104
  type: :development
105
105
  prerelease: false
106
106
  version_requirements: !ruby/object:Gem::Requirement
107
107
  requirements:
108
108
  - - ">="
109
109
  - !ruby/object:Gem::Version
110
- version: 2.4.15
110
+ version: 2.4.16
111
111
  - !ruby/object:Gem::Dependency
112
112
  name: bundler-audit
113
113
  requirement: !ruby/object:Gem::Requirement
@@ -2149,7 +2149,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
2149
2149
  - !ruby/object:Gem::Version
2150
2150
  version: '0'
2151
2151
  requirements: []
2152
- rubygems_version: 3.4.15
2152
+ rubygems_version: 3.4.16
2153
2153
  signing_key:
2154
2154
  specification_version: 4
2155
2155
  summary: Automated Security Testing for CI/CD Pipelines & Beyond