pwn 0.4.787 → 0.4.789

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f35306bdb225847ae25667d82732b50a9a5112ae1d11734b05c8d1f6a6fa15cf
4
- data.tar.gz: f15ff310aab91ecf8fefd3ff661b6abf091b190c5f3e1b24c9aa56c6da034e93
3
+ metadata.gz: b231f48ef4272e0ce8d8b75621f4bcad6eccb10cbd408e3771351b9dfb2d1e86
4
+ data.tar.gz: 4d94b47564b8a5540662276ab3c92061e15d108575ad3e2b8423579cf247f734
5
5
  SHA512:
6
- metadata.gz: 523cfc67f6e9e2f386de251d9923a43eed2aa081d162705a9b2e0e78eaab15f8e0631217ca1ddc24ba017dd4eff2d83ea860a6431dde91dbab637a69ec53d5f1
7
- data.tar.gz: c5960eb73849a7542dca3cdef8cf1599433c86fbf6d18df5c9033ec2e0622f008d261f2ee3f387857424c83dcaeadf9cde241a2a16bdb9e35d3cc34ab303edbd
6
+ metadata.gz: 7d41cd1d35316eac179c58acfd0e4bdc240be8d95b5255d246f8a5067c38795ce559f99dcbb3b7561656e622d402b745c742f364733b63ef8926b273e39c9630
7
+ data.tar.gz: f5176835ac69cf4aac341cdf334b09d8899884feba00d12f0e33a3cfcf6d0e2a1716408843535a4050702daf1f2d4da481cdb88b4821b11b1c21bc2a05bb35ba
data/Gemfile CHANGED
@@ -18,7 +18,7 @@ gem 'aws-sdk', '3.1.0'
18
18
  # gem 'bettercap', '1.6.2'
19
19
  gem 'brakeman', '6.0.0'
20
20
  gem 'bson', '4.15.0'
21
- gem 'bundler', '>=2.4.15'
21
+ gem 'bundler', '>=2.4.16'
22
22
  gem 'bundler-audit', '0.9.1'
23
23
  gem 'bunny', '2.22.0'
24
24
  gem 'colorize', '1.1.0'
data/README.md CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
37
37
  $ rvm list gemsets
38
38
  $ gem install --verbose pwn
39
39
  $ pwn
40
- pwn[v0.4.787]:001 >>> PWN.help
40
+ pwn[v0.4.789]:001 >>> PWN.help
41
41
  ```
42
42
 
43
43
  [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
52
52
  $ gem uninstall --all --executables pwn
53
53
  $ gem install --verbose pwn
54
54
  $ pwn
55
- pwn[v0.4.787]:001 >>> PWN.help
55
+ pwn[v0.4.789]:001 >>> PWN.help
56
56
  ```
57
57
 
58
58
 
data/bin/pwn_bdba_scan CHANGED
@@ -1,6 +1,7 @@
1
1
  #!/usr/bin/env ruby
2
2
  # frozen_string_literal: false
3
3
 
4
+ require 'cgi'
4
5
  require 'optparse'
5
6
  require 'pwn'
6
7
  require 'yaml'
@@ -27,6 +28,10 @@ OptionParser.new do |options|
27
28
  opts[:report_path] = r
28
29
  end
29
30
 
31
+ options.on('-R', '--report-only', '<Optional - Only Generate a Black Duck Binary Analysis Scan Report for an Existing Scan (Default: false)>') do |o|
32
+ opts[:report_only] = o
33
+ end
34
+
30
35
  options.on('-tTYPE', '--report-type=TYPE', '<Optional - Black Duck Binary Analysis Scan Report Type csv_libs|csv_vulns|pdf (Default: csv_vulns)>') do |t|
31
36
  opts[:report_type] = t
32
37
  end
@@ -58,6 +63,8 @@ begin
58
63
  report_path = opts[:report_path]
59
64
  raise "ERROR: BDBA Report Path Not Provided: #{report_path}" if report_path.nil?
60
65
 
66
+ report_only = opts[:report_only] ||= false
67
+
61
68
  report_type_str = opts[:report_type] ||= 'csv_vulns'
62
69
  report_type = report_type_str.to_s.to_sym
63
70
 
@@ -71,12 +78,14 @@ begin
71
78
  sorted_parent_arr = parent_arr.sort_by { |g| g[:id] }
72
79
  parent_id = sorted_parent_arr.last[:id]
73
80
 
74
- puts "Uploading/Scanning: #{target_file}"
75
- PWN::Plugins::BlackDuckBinaryAnalysis.upload_file(
76
- token: token,
77
- file: target_file,
78
- group_id: parent_id
79
- )
81
+ unless report_only
82
+ puts "Uploading/Scanning: #{target_file}"
83
+ PWN::Plugins::BlackDuckBinaryAnalysis.upload_file(
84
+ token: token,
85
+ file: target_file,
86
+ group_id: parent_id
87
+ )
88
+ end
80
89
 
81
90
  scan_progress_resp = {}
82
91
  loop do
@@ -93,7 +102,7 @@ begin
93
102
  break if scan_progress_resp[:products].none? { |p| p[:status] == 'B' }
94
103
  end
95
104
 
96
- product_id = scan_progress_resp[:products].find { |p| p[:name] == File.basename(target_file) }[:product_id]
105
+ product_id = scan_progress_resp[:products].find { |p| p[:name] == File.basename(CGI.escape(target_file)) }[:product_id]
97
106
 
98
107
  scan_report_resp = PWN::Plugins::BlackDuckBinaryAnalysis.generate_product_report(
99
108
  token: token,
data/lib/pwn/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module PWN
4
- VERSION = '0.4.787'
4
+ VERSION = '0.4.789'
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pwn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.787
4
+ version: 0.4.789
5
5
  platform: ruby
6
6
  authors:
7
7
  - 0day Inc.
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-07-10 00:00:00.000000000 Z
11
+ date: 2023-07-11 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -100,14 +100,14 @@ dependencies:
100
100
  requirements:
101
101
  - - ">="
102
102
  - !ruby/object:Gem::Version
103
- version: 2.4.15
103
+ version: 2.4.16
104
104
  type: :development
105
105
  prerelease: false
106
106
  version_requirements: !ruby/object:Gem::Requirement
107
107
  requirements:
108
108
  - - ">="
109
109
  - !ruby/object:Gem::Version
110
- version: 2.4.15
110
+ version: 2.4.16
111
111
  - !ruby/object:Gem::Dependency
112
112
  name: bundler-audit
113
113
  requirement: !ruby/object:Gem::Requirement
@@ -2149,7 +2149,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
2149
2149
  - !ruby/object:Gem::Version
2150
2150
  version: '0'
2151
2151
  requirements: []
2152
- rubygems_version: 3.4.15
2152
+ rubygems_version: 3.4.16
2153
2153
  signing_key:
2154
2154
  specification_version: 4
2155
2155
  summary: Automated Security Testing for CI/CD Pipelines & Beyond