pwn 0.4.787 → 0.4.789
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile +1 -1
- data/README.md +2 -2
- data/bin/pwn_bdba_scan +16 -7
- data/lib/pwn/version.rb +1 -1
- metadata +5 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: b231f48ef4272e0ce8d8b75621f4bcad6eccb10cbd408e3771351b9dfb2d1e86
|
|
4
|
+
data.tar.gz: 4d94b47564b8a5540662276ab3c92061e15d108575ad3e2b8423579cf247f734
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 7d41cd1d35316eac179c58acfd0e4bdc240be8d95b5255d246f8a5067c38795ce559f99dcbb3b7561656e622d402b745c742f364733b63ef8926b273e39c9630
|
|
7
|
+
data.tar.gz: f5176835ac69cf4aac341cdf334b09d8899884feba00d12f0e33a3cfcf6d0e2a1716408843535a4050702daf1f2d4da481cdb88b4821b11b1c21bc2a05bb35ba
|
data/Gemfile
CHANGED
data/README.md
CHANGED
|
@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
|
37
37
|
$ rvm list gemsets
|
|
38
38
|
$ gem install --verbose pwn
|
|
39
39
|
$ pwn
|
|
40
|
-
pwn[v0.4.
|
|
40
|
+
pwn[v0.4.789]:001 >>> PWN.help
|
|
41
41
|
```
|
|
42
42
|
|
|
43
43
|
[](https://youtu.be/G7iLUY4FzsI)
|
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
|
53
53
|
$ gem install --verbose pwn
|
|
54
54
|
$ pwn
|
|
55
|
-
pwn[v0.4.
|
|
55
|
+
pwn[v0.4.789]:001 >>> PWN.help
|
|
56
56
|
```
|
|
57
57
|
|
|
58
58
|
|
data/bin/pwn_bdba_scan
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
#!/usr/bin/env ruby
|
|
2
2
|
# frozen_string_literal: false
|
|
3
3
|
|
|
4
|
+
require 'cgi'
|
|
4
5
|
require 'optparse'
|
|
5
6
|
require 'pwn'
|
|
6
7
|
require 'yaml'
|
|
@@ -27,6 +28,10 @@ OptionParser.new do |options|
|
|
|
27
28
|
opts[:report_path] = r
|
|
28
29
|
end
|
|
29
30
|
|
|
31
|
+
options.on('-R', '--report-only', '<Optional - Only Generate a Black Duck Binary Analysis Scan Report for an Existing Scan (Default: false)>') do |o|
|
|
32
|
+
opts[:report_only] = o
|
|
33
|
+
end
|
|
34
|
+
|
|
30
35
|
options.on('-tTYPE', '--report-type=TYPE', '<Optional - Black Duck Binary Analysis Scan Report Type csv_libs|csv_vulns|pdf (Default: csv_vulns)>') do |t|
|
|
31
36
|
opts[:report_type] = t
|
|
32
37
|
end
|
|
@@ -58,6 +63,8 @@ begin
|
|
|
58
63
|
report_path = opts[:report_path]
|
|
59
64
|
raise "ERROR: BDBA Report Path Not Provided: #{report_path}" if report_path.nil?
|
|
60
65
|
|
|
66
|
+
report_only = opts[:report_only] ||= false
|
|
67
|
+
|
|
61
68
|
report_type_str = opts[:report_type] ||= 'csv_vulns'
|
|
62
69
|
report_type = report_type_str.to_s.to_sym
|
|
63
70
|
|
|
@@ -71,12 +78,14 @@ begin
|
|
|
71
78
|
sorted_parent_arr = parent_arr.sort_by { |g| g[:id] }
|
|
72
79
|
parent_id = sorted_parent_arr.last[:id]
|
|
73
80
|
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
81
|
+
unless report_only
|
|
82
|
+
puts "Uploading/Scanning: #{target_file}"
|
|
83
|
+
PWN::Plugins::BlackDuckBinaryAnalysis.upload_file(
|
|
84
|
+
token: token,
|
|
85
|
+
file: target_file,
|
|
86
|
+
group_id: parent_id
|
|
87
|
+
)
|
|
88
|
+
end
|
|
80
89
|
|
|
81
90
|
scan_progress_resp = {}
|
|
82
91
|
loop do
|
|
@@ -93,7 +102,7 @@ begin
|
|
|
93
102
|
break if scan_progress_resp[:products].none? { |p| p[:status] == 'B' }
|
|
94
103
|
end
|
|
95
104
|
|
|
96
|
-
product_id = scan_progress_resp[:products].find { |p| p[:name] == File.basename(target_file) }[:product_id]
|
|
105
|
+
product_id = scan_progress_resp[:products].find { |p| p[:name] == File.basename(CGI.escape(target_file)) }[:product_id]
|
|
97
106
|
|
|
98
107
|
scan_report_resp = PWN::Plugins::BlackDuckBinaryAnalysis.generate_product_report(
|
|
99
108
|
token: token,
|
data/lib/pwn/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: pwn
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.4.
|
|
4
|
+
version: 0.4.789
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- 0day Inc.
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-07-
|
|
11
|
+
date: 2023-07-11 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activesupport
|
|
@@ -100,14 +100,14 @@ dependencies:
|
|
|
100
100
|
requirements:
|
|
101
101
|
- - ">="
|
|
102
102
|
- !ruby/object:Gem::Version
|
|
103
|
-
version: 2.4.
|
|
103
|
+
version: 2.4.16
|
|
104
104
|
type: :development
|
|
105
105
|
prerelease: false
|
|
106
106
|
version_requirements: !ruby/object:Gem::Requirement
|
|
107
107
|
requirements:
|
|
108
108
|
- - ">="
|
|
109
109
|
- !ruby/object:Gem::Version
|
|
110
|
-
version: 2.4.
|
|
110
|
+
version: 2.4.16
|
|
111
111
|
- !ruby/object:Gem::Dependency
|
|
112
112
|
name: bundler-audit
|
|
113
113
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -2149,7 +2149,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
2149
2149
|
- !ruby/object:Gem::Version
|
|
2150
2150
|
version: '0'
|
|
2151
2151
|
requirements: []
|
|
2152
|
-
rubygems_version: 3.4.
|
|
2152
|
+
rubygems_version: 3.4.16
|
|
2153
2153
|
signing_key:
|
|
2154
2154
|
specification_version: 4
|
|
2155
2155
|
summary: Automated Security Testing for CI/CD Pipelines & Beyond
|