pwn 0.4.803 → 0.4.805

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b018f6d15b17f497666cf15464f43bd6a1e02e20c0ad87633bb45425ddef3ad7
-  data.tar.gz: 75fb48990f0526ff22180cb53e51efa5e6cb0b0c897235523f17f341698916e3
+  metadata.gz: df24a7741ae10182398e97d2c9246f610c2a34b0fc49937302639e3b7841f2be
+  data.tar.gz: 046ff60cd9d8ac8e71e463104a8c26399d1fb7efacae051bd57ff61a6e063b57
 SHA512:
-  metadata.gz: ff29882c206b0dd096fa946a60b79890344aaac8b6b5f64d854b029be674bccf9aa98545ca3f41e7ff2d3da2dab60d66474a7a8cd68aaa35aae5c31f5f7a39b9
-  data.tar.gz: b26643bdc27c4695f9d7672ce27aa596b7e21aa1370a9aa14e45dd52b029000de0d7f6edd27090641c8e6e4c38ee5961a278450390e10be73ad4610a2827519b
+  metadata.gz: 2450129fc4ade765a470e1493c707b21b518f546db44989b633377f0e3f114047a1b964a6bdcd27805c0d54c754ebfb8e0018b70289604ed27cb4cd0c967ba2b
+  data.tar.gz: a94197fa28bee16dafe03e13695f00c12e62ca7ef48e5718dbab1ff3a0da9d626f426532032da368f9a46d34e59a7dc8669bb165a36b845a07317880ddfe4da3

data/Gemfile

@@ -16,16 +16,16 @@ gem 'anemone', '0.7.2'
 gem 'authy', '3.0.1'
 gem 'aws-sdk', '3.1.0'
 # gem 'bettercap', '1.6.2'
-gem 'brakeman', '6.0.0'
+gem 'brakeman', '6.0.1'
 gem 'bson', '4.15.0'
-gem 'bundler', '>=2.4.17'
+gem 'bundler', '>=2.4.18'
 gem 'bundler-audit', '0.9.1'
 gem 'bunny', '2.22.0'
 gem 'colorize', '1.1.0'
 gem 'credit_card_validations', '6.0.0'
 gem 'eventmachine', '1.2.7'
 gem 'executable-hooks', '1.6.1'
-gem 'faye-websocket', '0.11.2'
+gem 'faye-websocket', '0.11.3'
 gem 'ffi', '1.15.5'
 gem 'fftw3', '0.3'
 gem 'gdb', '1.0.0'
@@ -40,7 +40,7 @@ gem 'jsonpath', '1.1.3'
 gem 'jwt', '2.7.1'
 gem 'luhn', '1.0.2'
 gem 'mail', '2.8.1'
-gem 'mongo', '2.19.0'
+gem 'mongo', '2.19.1'
 gem 'msfrpc-client', '1.1.2'
 gem 'neovim', '0.9.0'
 gem 'netaddr', '2.0.6'
@@ -64,18 +64,18 @@ gem 'rbvmomi', '3.0.0'
 gem 'rdoc', '6.5.0'
 gem 'rest-client', '2.1.0'
 gem 'rex', '2.0.13'
-gem 'rmagick', '5.2.0'
+gem 'rmagick', '5.3.0'
 gem 'rspec', '3.12.0'
 gem 'rtesseract', '3.1.2'
-gem 'rubocop', '1.54.2'
+gem 'rubocop', '1.55.1'
 gem 'rubocop-rake', '0.6.0'
-gem 'rubocop-rspec', '2.22.0'
+gem 'rubocop-rspec', '2.23.0'
 gem 'ruby-audio', '1.6.1'
 gem 'ruby-nmap', '1.0.1'
 gem 'ruby-saml', '1.15.0'
 gem 'rvm', '1.11.3.9'
 gem 'savon', '2.14.0'
-gem 'selenium-devtools', '0.114.0'
+gem 'selenium-devtools', '0.115.0'
 gem 'serialport', '1.3.2'
 gem 'sinatra', '3.0.6'
 gem 'slack-ruby-client', '2.1.0'
@@ -85,7 +85,7 @@ gem 'sqlite3', '1.6.3'
 gem 'thin', '1.8.2'
 gem 'tty-prompt', '0.23.1'
 gem 'tty-spinner', '0.9.3'
-gem 'watir', '7.2.2'
+gem 'watir', '7.3.0'
 gem 'waveform', '0.1.3'
 gem 'webrick', '1.8.1'
 gem 'whois', '5.1.0'

data/README.md

@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
 $ rvm list gemsets
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.803]:001 >>> PWN.help
+pwn[v0.4.805]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.803]:001 >>> PWN.help
+pwn[v0.4.805]:001 >>> PWN.help
 ```
 
 

data/bin/pwn_bdba_groups

@@ -15,7 +15,7 @@ OptionParser.new do |options|
     opts[:config] = c
   end
 
-  options.on('-CGROUP', '--create=GROUP', '<Required - Group/Sub-Group to Create>') do |g|
+  options.on('-CGROUP', '--create=GROUP', '<Optional - Group/Sub-Group to Create>') do |g|
     opts[:group_name] = g
   end
 
@@ -60,14 +60,29 @@ begin
     list_or_parent = parent_group_name unless parent_group_name.nil?
 
     group_arr = groups_resp[:groups].select { |g| g[:name] == list_or_parent }
-    group_arr_sorted = group_arr.sort_by { |g| g[:id] }
-    group = group_arr_sorted.last
 
-    if list_group_name && group.nil?
+    if list_group_name && group_arr.empty?
       puts 'BDBA Group Not Found.'
       exit 1
     end
 
+    group_arr_sorted = group_arr.sort_by { |g| g[:id] }
+    if group_arr_sorted.length > 1
+      dup_groups_arr = []
+      group_arr_sorted.each do |group|
+        this_group_id = group[:id]
+        this_group_details = PWN::Plugins::BlackDuckBinaryAnalysis.get_group_details(
+          token: token,
+          group_id: this_group_id
+        )
+        dup_groups_arr.push(this_group_details[:group])
+      end
+
+      puts "ERROR: Multiple BDBA Groups Found:\n#{dup_groups_arr}"
+      exit 1
+    end
+
+    group = group_arr_sorted.last
     parent_id = group[:id]
 
     if list_group_name
@@ -84,11 +99,13 @@ begin
   group_name = opts[:group_name]
   raise "ERROR: BDBA Group Name Not Provided: #{group_name}" if group_name.nil?
 
-  PWN::Plugins::BlackDuckBinaryAnalysis.create_group(
+  create_group_resp = PWN::Plugins::BlackDuckBinaryAnalysis.create_group(
     token: token,
     name: group_name,
     parent_id: parent_id
   )
+
+  puts create_group_resp.to_json
 rescue SystemExit, Interrupt
   puts "\nGoodbye."
 rescue StandardError => e

data/bin/pwn_bdba_scan

@@ -16,8 +16,8 @@ OptionParser.new do |options|
     opts[:config] = g
   end
 
-  options.on('-pNAME', '--parent-group=NAME', '<Required - Black Duck Binary Analysis Parent Group Name to Associate with Binary Scan>') do |p|
-    opts[:parent_group_name] = p
+  options.on('-pID', '--parent-group-id=ID', '<Required - Black Duck Binary Analysis Parent Group ID to Associate with Binary Scan>') do |p|
+    opts[:parent_group_id] = p
   end
 
   options.on('-sFILE', '--scan=FILE', '<Required - File to Scan in Black Duck Binary Analysis>') do |f|
@@ -35,6 +35,10 @@ OptionParser.new do |options|
   options.on('-tTYPE', '--report-type=TYPE', '<Optional - Black Duck Binary Analysis Scan Report Type csv_libs|csv_vulns|pdf (Default: csv_vulns)>') do |t|
     opts[:report_type] = t
   end
+
+  options.on('-vVERSION', '--version=VERSION', '<Optional - Version to Associate w/ Specific Scan (Default: nil)>') do |v|
+    opts[:version] = v
+  end
 end.parse!
 
 if opts.empty?
@@ -54,8 +58,8 @@ begin
   token = yaml_config[:token]
   raise "ERROR: BDBA Token Not Found: #{token}" if token.nil?
 
-  parent_group_name = opts[:parent_group_name]
-  raise "ERROR: BDBA Parent Group Name Not Provided: #{parent_group_name}" if parent_group_name.nil?
+  parent_group_id = opts[:parent_group_id]
+  raise "ERROR: BDBA Parent Group ID Not Provided: #{parent_group_id}" if parent_group_id.nil?
 
   target_file = opts[:target_file]
   raise "ERROR: BDBA Target File Not Found: #{target_file}" unless File.exist?(target_file)
@@ -68,22 +72,15 @@ begin
   report_type_str = opts[:report_type] ||= 'csv_vulns'
   report_type = report_type_str.to_s.to_sym
 
-  groups_resp = PWN::Plugins::BlackDuckBinaryAnalysis.get_groups(
-    token: token
-  )
-
-  parent_arr = groups_resp[:groups].select { |g| g[:name] == parent_group_name }
-  raise "ERROR: BDBA Parent Group Not Found: #{parent_group_name}" if parent_arr.nil?
-
-  sorted_parent_arr = parent_arr.sort_by { |g| g[:id] }
-  parent_id = sorted_parent_arr.last[:id]
+  version = opts[:version]
 
   unless report_only
     puts "Uploading/Scanning: #{target_file}"
     PWN::Plugins::BlackDuckBinaryAnalysis.upload_file(
       token: token,
       file: target_file,
-      group_id: parent_id
+      group_id: parent_group_id,
+      version: version
     )
   end
 
@@ -92,7 +89,7 @@ begin
   loop do
     scan_progress_resp = PWN::Plugins::BlackDuckBinaryAnalysis.get_apps_by_group(
       token: token,
-      group_id: parent_id
+      group_id: parent_group_id
     )
 
     break if scan_progress_resp[:products].none? { |p| p[:status] == 'B' } || report_only

data/lib/pwn/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.4.803'
+  VERSION = '0.4.805'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.4.803
+  version: 0.4.805
 platform: ruby
 authors:
 - 0day Inc.
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-07-18 00:00:00.000000000 Z
+date: 2023-08-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -72,14 +72,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 6.0.0
+        version: 6.0.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 6.0.0
+        version: 6.0.1
 - !ruby/object:Gem::Dependency
   name: bson
   requirement: !ruby/object:Gem::Requirement
@@ -100,14 +100,14 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 2.4.17
+        version: 2.4.18
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 2.4.17
+        version: 2.4.18
 - !ruby/object:Gem::Dependency
   name: bundler-audit
   requirement: !ruby/object:Gem::Requirement
@@ -198,14 +198,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.11.2
+        version: 0.11.3
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.11.2
+        version: 0.11.3
 - !ruby/object:Gem::Dependency
   name: ffi
   requirement: !ruby/object:Gem::Requirement
@@ -408,14 +408,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.19.0
+        version: 2.19.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.19.0
+        version: 2.19.1
 - !ruby/object:Gem::Dependency
   name: msfrpc-client
   requirement: !ruby/object:Gem::Requirement
@@ -744,14 +744,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 5.2.0
+        version: 5.3.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 5.2.0
+        version: 5.3.0
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
@@ -786,14 +786,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.54.2
+        version: 1.55.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.54.2
+        version: 1.55.1
 - !ruby/object:Gem::Dependency
   name: rubocop-rake
   requirement: !ruby/object:Gem::Requirement
@@ -814,14 +814,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.22.0
+        version: 2.23.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.22.0
+        version: 2.23.0
 - !ruby/object:Gem::Dependency
   name: ruby-audio
   requirement: !ruby/object:Gem::Requirement
@@ -898,14 +898,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.114.0
+        version: 0.115.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.114.0
+        version: 0.115.0
 - !ruby/object:Gem::Dependency
   name: serialport
   requirement: !ruby/object:Gem::Requirement
@@ -1038,14 +1038,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 7.2.2
+        version: 7.3.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 7.2.2
+        version: 7.3.0
 - !ruby/object:Gem::Dependency
   name: waveform
   requirement: !ruby/object:Gem::Requirement
@@ -2149,7 +2149,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.4.17
+rubygems_version: 3.4.18
 signing_key:
 specification_version: 4
 summary: Automated Security Testing for CI/CD Pipelines & Beyond