pwn 0.4.803 → 0.4.805

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +9 -9
  3. data/README.md +2 -2
  4. data/bin/pwn_bdba_groups +22 -5
  5. data/bin/pwn_bdba_scan +12 -15
  6. data/lib/pwn/version.rb +1 -1
  7. metadata +21 -21
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: b018f6d15b17f497666cf15464f43bd6a1e02e20c0ad87633bb45425ddef3ad7
4
- data.tar.gz: 75fb48990f0526ff22180cb53e51efa5e6cb0b0c897235523f17f341698916e3
3
+ metadata.gz: df24a7741ae10182398e97d2c9246f610c2a34b0fc49937302639e3b7841f2be
4
+ data.tar.gz: 046ff60cd9d8ac8e71e463104a8c26399d1fb7efacae051bd57ff61a6e063b57
5
5
  SHA512:
6
- metadata.gz: ff29882c206b0dd096fa946a60b79890344aaac8b6b5f64d854b029be674bccf9aa98545ca3f41e7ff2d3da2dab60d66474a7a8cd68aaa35aae5c31f5f7a39b9
7
- data.tar.gz: b26643bdc27c4695f9d7672ce27aa596b7e21aa1370a9aa14e45dd52b029000de0d7f6edd27090641c8e6e4c38ee5961a278450390e10be73ad4610a2827519b
6
+ metadata.gz: 2450129fc4ade765a470e1493c707b21b518f546db44989b633377f0e3f114047a1b964a6bdcd27805c0d54c754ebfb8e0018b70289604ed27cb4cd0c967ba2b
7
+ data.tar.gz: a94197fa28bee16dafe03e13695f00c12e62ca7ef48e5718dbab1ff3a0da9d626f426532032da368f9a46d34e59a7dc8669bb165a36b845a07317880ddfe4da3
data/Gemfile CHANGED
@@ -16,16 +16,16 @@ gem 'anemone', '0.7.2'
16
16
  gem 'authy', '3.0.1'
17
17
  gem 'aws-sdk', '3.1.0'
18
18
  # gem 'bettercap', '1.6.2'
19
- gem 'brakeman', '6.0.0'
19
+ gem 'brakeman', '6.0.1'
20
20
  gem 'bson', '4.15.0'
21
- gem 'bundler', '>=2.4.17'
21
+ gem 'bundler', '>=2.4.18'
22
22
  gem 'bundler-audit', '0.9.1'
23
23
  gem 'bunny', '2.22.0'
24
24
  gem 'colorize', '1.1.0'
25
25
  gem 'credit_card_validations', '6.0.0'
26
26
  gem 'eventmachine', '1.2.7'
27
27
  gem 'executable-hooks', '1.6.1'
28
- gem 'faye-websocket', '0.11.2'
28
+ gem 'faye-websocket', '0.11.3'
29
29
  gem 'ffi', '1.15.5'
30
30
  gem 'fftw3', '0.3'
31
31
  gem 'gdb', '1.0.0'
@@ -40,7 +40,7 @@ gem 'jsonpath', '1.1.3'
40
40
  gem 'jwt', '2.7.1'
41
41
  gem 'luhn', '1.0.2'
42
42
  gem 'mail', '2.8.1'
43
- gem 'mongo', '2.19.0'
43
+ gem 'mongo', '2.19.1'
44
44
  gem 'msfrpc-client', '1.1.2'
45
45
  gem 'neovim', '0.9.0'
46
46
  gem 'netaddr', '2.0.6'
@@ -64,18 +64,18 @@ gem 'rbvmomi', '3.0.0'
64
64
  gem 'rdoc', '6.5.0'
65
65
  gem 'rest-client', '2.1.0'
66
66
  gem 'rex', '2.0.13'
67
- gem 'rmagick', '5.2.0'
67
+ gem 'rmagick', '5.3.0'
68
68
  gem 'rspec', '3.12.0'
69
69
  gem 'rtesseract', '3.1.2'
70
- gem 'rubocop', '1.54.2'
70
+ gem 'rubocop', '1.55.1'
71
71
  gem 'rubocop-rake', '0.6.0'
72
- gem 'rubocop-rspec', '2.22.0'
72
+ gem 'rubocop-rspec', '2.23.0'
73
73
  gem 'ruby-audio', '1.6.1'
74
74
  gem 'ruby-nmap', '1.0.1'
75
75
  gem 'ruby-saml', '1.15.0'
76
76
  gem 'rvm', '1.11.3.9'
77
77
  gem 'savon', '2.14.0'
78
- gem 'selenium-devtools', '0.114.0'
78
+ gem 'selenium-devtools', '0.115.0'
79
79
  gem 'serialport', '1.3.2'
80
80
  gem 'sinatra', '3.0.6'
81
81
  gem 'slack-ruby-client', '2.1.0'
@@ -85,7 +85,7 @@ gem 'sqlite3', '1.6.3'
85
85
  gem 'thin', '1.8.2'
86
86
  gem 'tty-prompt', '0.23.1'
87
87
  gem 'tty-spinner', '0.9.3'
88
- gem 'watir', '7.2.2'
88
+ gem 'watir', '7.3.0'
89
89
  gem 'waveform', '0.1.3'
90
90
  gem 'webrick', '1.8.1'
91
91
  gem 'whois', '5.1.0'
data/README.md CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
37
37
  $ rvm list gemsets
38
38
  $ gem install --verbose pwn
39
39
  $ pwn
40
- pwn[v0.4.803]:001 >>> PWN.help
40
+ pwn[v0.4.805]:001 >>> PWN.help
41
41
  ```
42
42
 
43
43
  [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
52
52
  $ gem uninstall --all --executables pwn
53
53
  $ gem install --verbose pwn
54
54
  $ pwn
55
- pwn[v0.4.803]:001 >>> PWN.help
55
+ pwn[v0.4.805]:001 >>> PWN.help
56
56
  ```
57
57
 
58
58
 
data/bin/pwn_bdba_groups CHANGED
@@ -15,7 +15,7 @@ OptionParser.new do |options|
15
15
  opts[:config] = c
16
16
  end
17
17
 
18
- options.on('-CGROUP', '--create=GROUP', '<Required - Group/Sub-Group to Create>') do |g|
18
+ options.on('-CGROUP', '--create=GROUP', '<Optional - Group/Sub-Group to Create>') do |g|
19
19
  opts[:group_name] = g
20
20
  end
21
21
 
@@ -60,14 +60,29 @@ begin
60
60
  list_or_parent = parent_group_name unless parent_group_name.nil?
61
61
 
62
62
  group_arr = groups_resp[:groups].select { |g| g[:name] == list_or_parent }
63
- group_arr_sorted = group_arr.sort_by { |g| g[:id] }
64
- group = group_arr_sorted.last
65
63
 
66
- if list_group_name && group.nil?
64
+ if list_group_name && group_arr.empty?
67
65
  puts 'BDBA Group Not Found.'
68
66
  exit 1
69
67
  end
70
68
 
69
+ group_arr_sorted = group_arr.sort_by { |g| g[:id] }
70
+ if group_arr_sorted.length > 1
71
+ dup_groups_arr = []
72
+ group_arr_sorted.each do |group|
73
+ this_group_id = group[:id]
74
+ this_group_details = PWN::Plugins::BlackDuckBinaryAnalysis.get_group_details(
75
+ token: token,
76
+ group_id: this_group_id
77
+ )
78
+ dup_groups_arr.push(this_group_details[:group])
79
+ end
80
+
81
+ puts "ERROR: Multiple BDBA Groups Found:\n#{dup_groups_arr}"
82
+ exit 1
83
+ end
84
+
85
+ group = group_arr_sorted.last
71
86
  parent_id = group[:id]
72
87
 
73
88
  if list_group_name
@@ -84,11 +99,13 @@ begin
84
99
  group_name = opts[:group_name]
85
100
  raise "ERROR: BDBA Group Name Not Provided: #{group_name}" if group_name.nil?
86
101
 
87
- PWN::Plugins::BlackDuckBinaryAnalysis.create_group(
102
+ create_group_resp = PWN::Plugins::BlackDuckBinaryAnalysis.create_group(
88
103
  token: token,
89
104
  name: group_name,
90
105
  parent_id: parent_id
91
106
  )
107
+
108
+ puts create_group_resp.to_json
92
109
  rescue SystemExit, Interrupt
93
110
  puts "\nGoodbye."
94
111
  rescue StandardError => e
data/bin/pwn_bdba_scan CHANGED
@@ -16,8 +16,8 @@ OptionParser.new do |options|
16
16
  opts[:config] = g
17
17
  end
18
18
 
19
- options.on('-pNAME', '--parent-group=NAME', '<Required - Black Duck Binary Analysis Parent Group Name to Associate with Binary Scan>') do |p|
20
- opts[:parent_group_name] = p
19
+ options.on('-pID', '--parent-group-id=ID', '<Required - Black Duck Binary Analysis Parent Group ID to Associate with Binary Scan>') do |p|
20
+ opts[:parent_group_id] = p
21
21
  end
22
22
 
23
23
  options.on('-sFILE', '--scan=FILE', '<Required - File to Scan in Black Duck Binary Analysis>') do |f|
@@ -35,6 +35,10 @@ OptionParser.new do |options|
35
35
  options.on('-tTYPE', '--report-type=TYPE', '<Optional - Black Duck Binary Analysis Scan Report Type csv_libs|csv_vulns|pdf (Default: csv_vulns)>') do |t|
36
36
  opts[:report_type] = t
37
37
  end
38
+
39
+ options.on('-vVERSION', '--version=VERSION', '<Optional - Version to Associate w/ Specific Scan (Default: nil)>') do |v|
40
+ opts[:version] = v
41
+ end
38
42
  end.parse!
39
43
 
40
44
  if opts.empty?
@@ -54,8 +58,8 @@ begin
54
58
  token = yaml_config[:token]
55
59
  raise "ERROR: BDBA Token Not Found: #{token}" if token.nil?
56
60
 
57
- parent_group_name = opts[:parent_group_name]
58
- raise "ERROR: BDBA Parent Group Name Not Provided: #{parent_group_name}" if parent_group_name.nil?
61
+ parent_group_id = opts[:parent_group_id]
62
+ raise "ERROR: BDBA Parent Group ID Not Provided: #{parent_group_id}" if parent_group_id.nil?
59
63
 
60
64
  target_file = opts[:target_file]
61
65
  raise "ERROR: BDBA Target File Not Found: #{target_file}" unless File.exist?(target_file)
@@ -68,22 +72,15 @@ begin
68
72
  report_type_str = opts[:report_type] ||= 'csv_vulns'
69
73
  report_type = report_type_str.to_s.to_sym
70
74
 
71
- groups_resp = PWN::Plugins::BlackDuckBinaryAnalysis.get_groups(
72
- token: token
73
- )
74
-
75
- parent_arr = groups_resp[:groups].select { |g| g[:name] == parent_group_name }
76
- raise "ERROR: BDBA Parent Group Not Found: #{parent_group_name}" if parent_arr.nil?
77
-
78
- sorted_parent_arr = parent_arr.sort_by { |g| g[:id] }
79
- parent_id = sorted_parent_arr.last[:id]
75
+ version = opts[:version]
80
76
 
81
77
  unless report_only
82
78
  puts "Uploading/Scanning: #{target_file}"
83
79
  PWN::Plugins::BlackDuckBinaryAnalysis.upload_file(
84
80
  token: token,
85
81
  file: target_file,
86
- group_id: parent_id
82
+ group_id: parent_group_id,
83
+ version: version
87
84
  )
88
85
  end
89
86
 
@@ -92,7 +89,7 @@ begin
92
89
  loop do
93
90
  scan_progress_resp = PWN::Plugins::BlackDuckBinaryAnalysis.get_apps_by_group(
94
91
  token: token,
95
- group_id: parent_id
92
+ group_id: parent_group_id
96
93
  )
97
94
 
98
95
  break if scan_progress_resp[:products].none? { |p| p[:status] == 'B' } || report_only
data/lib/pwn/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module PWN
4
- VERSION = '0.4.803'
4
+ VERSION = '0.4.805'
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pwn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.803
4
+ version: 0.4.805
5
5
  platform: ruby
6
6
  authors:
7
7
  - 0day Inc.
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-07-18 00:00:00.000000000 Z
11
+ date: 2023-08-06 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport
@@ -72,14 +72,14 @@ dependencies:
72
72
  requirements:
73
73
  - - '='
74
74
  - !ruby/object:Gem::Version
75
- version: 6.0.0
75
+ version: 6.0.1
76
76
  type: :runtime
77
77
  prerelease: false
78
78
  version_requirements: !ruby/object:Gem::Requirement
79
79
  requirements:
80
80
  - - '='
81
81
  - !ruby/object:Gem::Version
82
- version: 6.0.0
82
+ version: 6.0.1
83
83
  - !ruby/object:Gem::Dependency
84
84
  name: bson
85
85
  requirement: !ruby/object:Gem::Requirement
@@ -100,14 +100,14 @@ dependencies:
100
100
  requirements:
101
101
  - - ">="
102
102
  - !ruby/object:Gem::Version
103
- version: 2.4.17
103
+ version: 2.4.18
104
104
  type: :development
105
105
  prerelease: false
106
106
  version_requirements: !ruby/object:Gem::Requirement
107
107
  requirements:
108
108
  - - ">="
109
109
  - !ruby/object:Gem::Version
110
- version: 2.4.17
110
+ version: 2.4.18
111
111
  - !ruby/object:Gem::Dependency
112
112
  name: bundler-audit
113
113
  requirement: !ruby/object:Gem::Requirement
@@ -198,14 +198,14 @@ dependencies:
198
198
  requirements:
199
199
  - - '='
200
200
  - !ruby/object:Gem::Version
201
- version: 0.11.2
201
+ version: 0.11.3
202
202
  type: :runtime
203
203
  prerelease: false
204
204
  version_requirements: !ruby/object:Gem::Requirement
205
205
  requirements:
206
206
  - - '='
207
207
  - !ruby/object:Gem::Version
208
- version: 0.11.2
208
+ version: 0.11.3
209
209
  - !ruby/object:Gem::Dependency
210
210
  name: ffi
211
211
  requirement: !ruby/object:Gem::Requirement
@@ -408,14 +408,14 @@ dependencies:
408
408
  requirements:
409
409
  - - '='
410
410
  - !ruby/object:Gem::Version
411
- version: 2.19.0
411
+ version: 2.19.1
412
412
  type: :runtime
413
413
  prerelease: false
414
414
  version_requirements: !ruby/object:Gem::Requirement
415
415
  requirements:
416
416
  - - '='
417
417
  - !ruby/object:Gem::Version
418
- version: 2.19.0
418
+ version: 2.19.1
419
419
  - !ruby/object:Gem::Dependency
420
420
  name: msfrpc-client
421
421
  requirement: !ruby/object:Gem::Requirement
@@ -744,14 +744,14 @@ dependencies:
744
744
  requirements:
745
745
  - - '='
746
746
  - !ruby/object:Gem::Version
747
- version: 5.2.0
747
+ version: 5.3.0
748
748
  type: :runtime
749
749
  prerelease: false
750
750
  version_requirements: !ruby/object:Gem::Requirement
751
751
  requirements:
752
752
  - - '='
753
753
  - !ruby/object:Gem::Version
754
- version: 5.2.0
754
+ version: 5.3.0
755
755
  - !ruby/object:Gem::Dependency
756
756
  name: rspec
757
757
  requirement: !ruby/object:Gem::Requirement
@@ -786,14 +786,14 @@ dependencies:
786
786
  requirements:
787
787
  - - '='
788
788
  - !ruby/object:Gem::Version
789
- version: 1.54.2
789
+ version: 1.55.1
790
790
  type: :runtime
791
791
  prerelease: false
792
792
  version_requirements: !ruby/object:Gem::Requirement
793
793
  requirements:
794
794
  - - '='
795
795
  - !ruby/object:Gem::Version
796
- version: 1.54.2
796
+ version: 1.55.1
797
797
  - !ruby/object:Gem::Dependency
798
798
  name: rubocop-rake
799
799
  requirement: !ruby/object:Gem::Requirement
@@ -814,14 +814,14 @@ dependencies:
814
814
  requirements:
815
815
  - - '='
816
816
  - !ruby/object:Gem::Version
817
- version: 2.22.0
817
+ version: 2.23.0
818
818
  type: :runtime
819
819
  prerelease: false
820
820
  version_requirements: !ruby/object:Gem::Requirement
821
821
  requirements:
822
822
  - - '='
823
823
  - !ruby/object:Gem::Version
824
- version: 2.22.0
824
+ version: 2.23.0
825
825
  - !ruby/object:Gem::Dependency
826
826
  name: ruby-audio
827
827
  requirement: !ruby/object:Gem::Requirement
@@ -898,14 +898,14 @@ dependencies:
898
898
  requirements:
899
899
  - - '='
900
900
  - !ruby/object:Gem::Version
901
- version: 0.114.0
901
+ version: 0.115.0
902
902
  type: :runtime
903
903
  prerelease: false
904
904
  version_requirements: !ruby/object:Gem::Requirement
905
905
  requirements:
906
906
  - - '='
907
907
  - !ruby/object:Gem::Version
908
- version: 0.114.0
908
+ version: 0.115.0
909
909
  - !ruby/object:Gem::Dependency
910
910
  name: serialport
911
911
  requirement: !ruby/object:Gem::Requirement
@@ -1038,14 +1038,14 @@ dependencies:
1038
1038
  requirements:
1039
1039
  - - '='
1040
1040
  - !ruby/object:Gem::Version
1041
- version: 7.2.2
1041
+ version: 7.3.0
1042
1042
  type: :runtime
1043
1043
  prerelease: false
1044
1044
  version_requirements: !ruby/object:Gem::Requirement
1045
1045
  requirements:
1046
1046
  - - '='
1047
1047
  - !ruby/object:Gem::Version
1048
- version: 7.2.2
1048
+ version: 7.3.0
1049
1049
  - !ruby/object:Gem::Dependency
1050
1050
  name: waveform
1051
1051
  requirement: !ruby/object:Gem::Requirement
@@ -2149,7 +2149,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
2149
2149
  - !ruby/object:Gem::Version
2150
2150
  version: '0'
2151
2151
  requirements: []
2152
- rubygems_version: 3.4.17
2152
+ rubygems_version: 3.4.18
2153
2153
  signing_key:
2154
2154
  specification_version: 4
2155
2155
  summary: Automated Security Testing for CI/CD Pipelines & Beyond