pwn 0.4.802 → 0.4.804

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +5 -5
  3. data/README.md +2 -2
  4. data/bin/pwn_bdba_scan +22 -1
  5. data/lib/pwn/plugins/black_duck_binary_analysis.rb +26 -0
  6. data/lib/pwn/version.rb +1 -1
  7. metadata +12 -12
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 5dd6ac362c796433cbdeb21b3f13ebd7e9b72a3bf3995c9fd203d5b6739f2e58
4
- data.tar.gz: c704e7044aeeac624db2bfda416d78022d3cef3a211b8a170625063e0ce397e6
3
+ metadata.gz: '09721e5fe360b1b68f75194406792bf3ce99d8b0d907dbf3ec21e853f34792ba'
4
+ data.tar.gz: 32438ee4f0cfff658da7657c420602d0c4261909dc0d6cb28055ace5fae28252
5
5
  SHA512:
6
- metadata.gz: f99b1bfbbbc00e3acca8eecfea0a57df37c75ec8473936c0ed61397573f12c1347405bbd142a24e1606987aa57a7ed8615379a27d492961cb692724add353032
7
- data.tar.gz: aeb3e52dfd502b296274bc9cfb91acdf1400101dca4452d6da9fc5c45bf8b41cb7c76c1653dd135945b7a069ddb2258f82dcf7cea4605307f045b12ce58c6f59
6
+ metadata.gz: 83c3dcbfce05ac2fcae70a94a88a4431f5191920f6ccc3f1412440609ca6b9a1b04b78107cd24541188e3e2eb80a13ca452b410f838dca8684535d46aa89e8ac
7
+ data.tar.gz: ff0b6e00e2b210d0249eedbcdd55e99bdd91b641dd0a611807e46342b6f91c709257d1b9dbd11e51b6d7bc690f21c3dcd86d29360fd44102093b6a8705a904f1
data/Gemfile CHANGED
@@ -16,7 +16,7 @@ gem 'anemone', '0.7.2'
16
16
  gem 'authy', '3.0.1'
17
17
  gem 'aws-sdk', '3.1.0'
18
18
  # gem 'bettercap', '1.6.2'
19
- gem 'brakeman', '6.0.0'
19
+ gem 'brakeman', '6.0.1'
20
20
  gem 'bson', '4.15.0'
21
21
  gem 'bundler', '>=2.4.17'
22
22
  gem 'bundler-audit', '0.9.1'
@@ -40,7 +40,7 @@ gem 'jsonpath', '1.1.3'
40
40
  gem 'jwt', '2.7.1'
41
41
  gem 'luhn', '1.0.2'
42
42
  gem 'mail', '2.8.1'
43
- gem 'mongo', '2.19.0'
43
+ gem 'mongo', '2.19.1'
44
44
  gem 'msfrpc-client', '1.1.2'
45
45
  gem 'neovim', '0.9.0'
46
46
  gem 'netaddr', '2.0.6'
@@ -64,10 +64,10 @@ gem 'rbvmomi', '3.0.0'
64
64
  gem 'rdoc', '6.5.0'
65
65
  gem 'rest-client', '2.1.0'
66
66
  gem 'rex', '2.0.13'
67
- gem 'rmagick', '5.2.0'
67
+ gem 'rmagick', '5.3.0'
68
68
  gem 'rspec', '3.12.0'
69
69
  gem 'rtesseract', '3.1.2'
70
- gem 'rubocop', '1.54.2'
70
+ gem 'rubocop', '1.55.0'
71
71
  gem 'rubocop-rake', '0.6.0'
72
72
  gem 'rubocop-rspec', '2.22.0'
73
73
  gem 'ruby-audio', '1.6.1'
@@ -75,7 +75,7 @@ gem 'ruby-nmap', '1.0.1'
75
75
  gem 'ruby-saml', '1.15.0'
76
76
  gem 'rvm', '1.11.3.9'
77
77
  gem 'savon', '2.14.0'
78
- gem 'selenium-devtools', '0.114.0'
78
+ gem 'selenium-devtools', '0.115.0'
79
79
  gem 'serialport', '1.3.2'
80
80
  gem 'sinatra', '3.0.6'
81
81
  gem 'slack-ruby-client', '2.1.0'
data/README.md CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
37
37
  $ rvm list gemsets
38
38
  $ gem install --verbose pwn
39
39
  $ pwn
40
- pwn[v0.4.802]:001 >>> PWN.help
40
+ pwn[v0.4.804]:001 >>> PWN.help
41
41
  ```
42
42
 
43
43
  [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
52
52
  $ gem uninstall --all --executables pwn
53
53
  $ gem install --verbose pwn
54
54
  $ pwn
55
- pwn[v0.4.802]:001 >>> PWN.help
55
+ pwn[v0.4.804]:001 >>> PWN.help
56
56
  ```
57
57
 
58
58
 
data/bin/pwn_bdba_scan CHANGED
@@ -35,6 +35,10 @@ OptionParser.new do |options|
35
35
  options.on('-tTYPE', '--report-type=TYPE', '<Optional - Black Duck Binary Analysis Scan Report Type csv_libs|csv_vulns|pdf (Default: csv_vulns)>') do |t|
36
36
  opts[:report_type] = t
37
37
  end
38
+
39
+ options.on('-vVERSION', '--version=VERSION', '<Optional - Version to Associate w/ Specific Scan (Default: nil)>') do |v|
40
+ opts[:version] = v
41
+ end
38
42
  end.parse!
39
43
 
40
44
  if opts.empty?
@@ -68,6 +72,8 @@ begin
68
72
  report_type_str = opts[:report_type] ||= 'csv_vulns'
69
73
  report_type = report_type_str.to_s.to_sym
70
74
 
75
+ version = opts[:version]
76
+
71
77
  groups_resp = PWN::Plugins::BlackDuckBinaryAnalysis.get_groups(
72
78
  token: token
73
79
  )
@@ -83,11 +89,13 @@ begin
83
89
  PWN::Plugins::BlackDuckBinaryAnalysis.upload_file(
84
90
  token: token,
85
91
  file: target_file,
86
- group_id: parent_id
92
+ group_id: parent_id,
93
+ version: version
87
94
  )
88
95
  end
89
96
 
90
97
  scan_progress_resp = {}
98
+ scan_progress_busy_duration = 0
91
99
  loop do
92
100
  scan_progress_resp = PWN::Plugins::BlackDuckBinaryAnalysis.get_apps_by_group(
93
101
  token: token,
@@ -96,10 +104,23 @@ begin
96
104
 
97
105
  break if scan_progress_resp[:products].none? { |p| p[:status] == 'B' } || report_only
98
106
 
107
+ # Cancel queued scan if it's been queued for more than 90 minutes
108
+ if scan_progress_busy_duration > 5_400
109
+ scan_progress_resp[:products].select { |p| p[:status] == 'B' }.each do |p|
110
+ puts "Abort Queued Scan: #{p[:name]}"
111
+ PWN::Plugins::BlackDuckBinaryAnalysis.abort_product_scan(
112
+ token: token,
113
+ product_id: p[:product_id]
114
+ )
115
+ end
116
+ raise "ERROR: BDBA Scan Queued for More than 90 Minutes: #{target_file}"
117
+ end
118
+
99
119
  10.times do
100
120
  print '.'
101
121
  sleep 1
102
122
  end
123
+ scan_progress_busy_duration += 10
103
124
  end
104
125
 
105
126
  product_id = scan_progress_resp[:products].find { |p| p[:name] == CGI.escape(File.basename(target_file)) }[:product_id]
data/lib/pwn/plugins/black_duck_binary_analysis.rb CHANGED
@@ -209,6 +209,27 @@ module PWN
209
209
  raise e
210
210
  end
211
211
 
212
+ # Supported Method Parameters::
213
+ # response = PWN::Plugins::BlackDuckBinaryAnalysis.abort_product_scan(
214
+ # token: 'required - Bearer token',
215
+ # product_id: 'required - product id'
216
+ # )
217
+
218
+ public_class_method def self.abort_product_scan(opts = {})
219
+ token = opts[:token]
220
+ product_id = opts[:product_id]
221
+
222
+ response = bd_bin_analysis_rest_call(
223
+ http_method: :post,
224
+ token: token,
225
+ rest_call: "product/#{product_id}/abort"
226
+ )
227
+
228
+ JSON.parse(response, symbolize_names: true)
229
+ rescue StandardError => e
230
+ raise e
231
+ end
232
+
212
233
  # Supported Method Parameters::
213
234
  # response = PWN::Plugins::BlackDuckBinaryAnalysis.generate_product_report(
214
235
  # token: 'required - Bearer token',
@@ -584,6 +605,11 @@ module PWN
584
605
  product_id: 'required - product id'
585
606
  )
586
607
 
608
+ response = #{self}.abort_product_scan(
609
+ token: 'required - Bearer token',
610
+ product_id: 'required - product id'
611
+ )
612
+
587
613
  response = #{self}.generate_product_report(
588
614
  token: 'required - Bearer token',
589
615
  product_id: 'required - product id',
data/lib/pwn/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module PWN
4
- VERSION = '0.4.802'
4
+ VERSION = '0.4.804'
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pwn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.802
4
+ version: 0.4.804
5
5
  platform: ruby
6
6
  authors:
7
7
  - 0day Inc.
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-07-17 00:00:00.000000000 Z
11
+ date: 2023-07-25 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -72,14 +72,14 @@ dependencies:
72
72
  requirements:
73
73
  - - '='
74
74
  - !ruby/object:Gem::Version
75
- version: 6.0.0
75
+ version: 6.0.1
76
76
  type: :runtime
77
77
  prerelease: false
78
78
  version_requirements: !ruby/object:Gem::Requirement
79
79
  requirements:
80
80
  - - '='
81
81
  - !ruby/object:Gem::Version
82
- version: 6.0.0
82
+ version: 6.0.1
83
83
  - !ruby/object:Gem::Dependency
84
84
  name: bson
85
85
  requirement: !ruby/object:Gem::Requirement
@@ -408,14 +408,14 @@ dependencies:
408
408
  requirements:
409
409
  - - '='
410
410
  - !ruby/object:Gem::Version
411
- version: 2.19.0
411
+ version: 2.19.1
412
412
  type: :runtime
413
413
  prerelease: false
414
414
  version_requirements: !ruby/object:Gem::Requirement
415
415
  requirements:
416
416
  - - '='
417
417
  - !ruby/object:Gem::Version
418
- version: 2.19.0
418
+ version: 2.19.1
419
419
  - !ruby/object:Gem::Dependency
420
420
  name: msfrpc-client
421
421
  requirement: !ruby/object:Gem::Requirement
@@ -744,14 +744,14 @@ dependencies:
744
744
  requirements:
745
745
  - - '='
746
746
  - !ruby/object:Gem::Version
747
- version: 5.2.0
747
+ version: 5.3.0
748
748
  type: :runtime
749
749
  prerelease: false
750
750
  version_requirements: !ruby/object:Gem::Requirement
751
751
  requirements:
752
752
  - - '='
753
753
  - !ruby/object:Gem::Version
754
- version: 5.2.0
754
+ version: 5.3.0
755
755
  - !ruby/object:Gem::Dependency
756
756
  name: rspec
757
757
  requirement: !ruby/object:Gem::Requirement
@@ -786,14 +786,14 @@ dependencies:
786
786
  requirements:
787
787
  - - '='
788
788
  - !ruby/object:Gem::Version
789
- version: 1.54.2
789
+ version: 1.55.0
790
790
  type: :runtime
791
791
  prerelease: false
792
792
  version_requirements: !ruby/object:Gem::Requirement
793
793
  requirements:
794
794
  - - '='
795
795
  - !ruby/object:Gem::Version
796
- version: 1.54.2
796
+ version: 1.55.0
797
797
  - !ruby/object:Gem::Dependency
798
798
  name: rubocop-rake
799
799
  requirement: !ruby/object:Gem::Requirement
@@ -898,14 +898,14 @@ dependencies:
898
898
  requirements:
899
899
  - - '='
900
900
  - !ruby/object:Gem::Version
901
- version: 0.114.0
901
+ version: 0.115.0
902
902
  type: :runtime
903
903
  prerelease: false
904
904
  version_requirements: !ruby/object:Gem::Requirement
905
905
  requirements:
906
906
  - - '='
907
907
  - !ruby/object:Gem::Version
908
- version: 0.114.0
908
+ version: 0.115.0
909
909
  - !ruby/object:Gem::Dependency
910
910
  name: serialport
911
911
  requirement: !ruby/object:Gem::Requirement