pwn 0.4.910 → 0.4.912

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0e5b5fcff5cfcc3cd255ad4002d83e380cddcbad9a292f6f49f6b661b9c99042
-  data.tar.gz: b2b9f09b64164da56b798af7ab4d11d0fb5874ad35295cf32d5aacbdcd3f683a
+  metadata.gz: baed6325120cef1f9949f64c8b3db9eb4d29848203993f7c054b85a3c0c82cd7
+  data.tar.gz: 402a515d8f3d10e6a7014eed698e3b2f96549bdf181c66dd9594147a9d350681
 SHA512:
-  metadata.gz: 68afcd359bf5660e29902575849e58239717d4116e2673828592c2b39135a780197e059405effd1b752b52c0f621095a269b413d82f789f8a0d992629f794b70
-  data.tar.gz: 3402edfa4ad389f09753638959884d99055ccb4b0465f09e01684da69185e6125e985aa74c33a1aa7ad28a5d45fe2702d67b1b03e56b8f124143c181277f42ad
+  metadata.gz: 7f2212034da2843f9ee0ad9112fb77312ad420f9d36b918e8dd483ae7c2f23e8db378f5e4ce6b836e5d70975a465e2ba6aeecb54656db6094043d126f2f51a3e
+  data.tar.gz: 7557293dd1ff55d37bfcfc5bb18f7fa9bd43437ed601947d1b4ce10a8c6632d7955c934e7192269efe5c814d99cf4b16c2899a1ba2131c15ca46bd60ed3a43bf

data/CHANGELOG_BETWEEN_TAGS.txt

@@ -1,168 +1,13 @@
-b47ecb4 PWN::Plugins::Sock module - use lowest supported proto version when attempting to connect to a socket via the #connect method #try_again
-fa1760e Merge pull request #428 from ninp0/master
-2bd5d5e PWN::Plugins::Sock module - use lowest supported proto version when attempting to connect to a socket via the #connect method #try_again
-7967c6f PWN::Plugins::Sock module - use lowest supported proto version when attempting to connect to a socket via the #connect method #try_again
-14d80f3 Merge pull request #427 from ninp0/master
-1c887ec PWN::Plugins::Sock module - use lowest supported proto version when attempting to connect to a socket via the #connect method #try_again
-be15999 Merge pull request #426 from ninp0/master
-b085855 PWN::Plugins::Sock module - use lowest supported proto version when attempting to connect to a socket via the #connect method #try_again
-7652edd PWN::Plugins::Sock module - use lowest supported proto version when attempting to connect to a socket via the #connect method #try_again
-f359109 PWN::Plugins::Sock module - use lowest supported proto version when attempting to connect to a socket via the #connect method #try_again
-9c88be9 Merge pull request #425 from ninp0/master
-2dfcf91 PWN::Plugins::Sock module - use lowest supported proto version when attempting to connect to a socket via the #connect method #try_again
-f101f43 Merge pull request #424 from ninp0/master
-946ed64 PWN::Plugins::Sock module - use lowest supported proto version when attempting to connect to a socket via the #connect method #bugfix
-2e9c789 PWN::Plugins::Sock module - use lowest supported proto version when attempting to connect to a socket via the #connect method #bugfix
-d15459e PWN::Plugins::Sock module - use lowest supported proto version when attempting to connect to a socket via the #connect method
-4279ce0 Merge pull request #423 from ninp0/master
-67a340a pwn_graphql_introspection_detector Driver - rename to pwn_shodan_graphql_introspection to better reflect its purpose
-be974d9 Merge pull request #422 from ninp0/master
-aeac8e7 pwn_graphql_introspection_detector Driver - initial commit
-ba6ec74 Merge pull request #421 from ninp0/master
-7c5a237 PWN::Plugins::IPInfo module - prefer specific common key values from cert_obj for this module.  If additonal functionality is required, defer to using PWN::Plugins::Sock.get_tls_cert directly
-a65d92e pwn_www_checkip Driver - JSON.pretty_generate when returning IP information via -i flag
-63894da PWN::Plugins::IPInfo module - remove redundant cert_txt key from ip_info_resp, preferring a return of cert object which can call #to_text, #subject, #issuer, etc.
-0733e4b Merge pull request #420 from ninp0/master
-70baa71 PWN::Plugins::IPInfo module - #bugfix in returned object from #get_tls_cert method
-068f2d6 PWN::Plugins::IPInfo module - #bugfixes
-b60a94c PWN::Plugins::IPInfo module - get TLS cert if possible in attempt to obtain valid domain from IP addresses cert info #bugfix when checking for open tls port
-e055792 PWN::Plugins::Sock module - add #get_tls_cert method
-0d9bb3f PWN::Plugins::IPInfo module - get TLS cert if possible in attempt to obtain valid domain from IP addresses cert info
-7f150c6 Merge pull request #419 from ninp0/master
-647e5f3 pwn_shodan_search Driver - isolate objects in results that are causing JSON::GeneratorError: source sequence is illegal/malformed utf-8 messages when serializing to JSON strings #dont_use_gets
-9ad051c pwn_shodan_search Driver - isolate objects in results that are causing JSON::GeneratorError: source sequence is illegal/malformed utf-8 messages when serializing to JSON strings #serialization_issue
-0d166ee pwn_shodan_search Driver - #bugfix in JSON::GeneratorError where invalid UTF-8 sequences prevent writing to JSON file #nope_gotta_revert_that
-3f84e71 pwn_shodan_search Driver - #bugfix in JSON::GeneratorError where invalid UTF-8 sequences prevent writing to JSON file
-7721af4 Merge pull request #418 from ninp0/master
-02b8719 PWN::Plugins::Shodan module - need to return specific hash when JSON::ParserError is resccued (related to invalid UTF-8 sequences) #bugfix
-34df5ea Merge pull request #417 from ninp0/master
-ea99612 pwn_shodan_search Driver - add RAW.arr results file containing raw_results_arr object prior to attempting to cast the object as JSON #bugfix / #cast_to_string
-6104b15 Merge pull request #416 from ninp0/master
-09b0ad9 pwn_shodan_search Driver - add RAW.arr results file containing raw_results_arr object prior to attempting to cast the object as JSON
-705da0a Merge pull request #415 from ninp0/master
-e63cee6 pwn_shodan_search Driver - add RAW.arr results file containing raw_results_arr object prior to attempting to cast the object as JSON
-2e45a04 pwn_shodan_search Driver - strip comments when loading query file #rubocop_fix
-5f9598a Merge pull request #414 from ninp0/master
-4dfa34f pwn_shodan_search Driver - strip comments when loading query file
-217800b Merge pull request #413 from ninp0/master
-a473732 PWN::WWW::HackerOne module - #rubocop_fix
-5a9296e Merge pull request #412 from ninp0/master
-35236cc PWN::Plugins::Shodan module - scrub response.body for malformed UTF-8 characters that would otherwise prevent saving JSON results to file within pwn_shodan_search driver #attemptN
-cb17de9 Merge pull request #411 from ninp0/master
-afea697 PWN::Plugins::Shodan module - scrub response.body for malformed UTF-8 characters that would otherwise prevent saving JSON results to file within pwn_shodan_search driver
-bd7fd57 Merge pull request #410 from ninp0/master
-ca87dec pwn_shodan_search Driver - rescue JSON::Generator error in rare cases #pretty_generate method cant save out results
-6babce2 Merge pull request #409 from ninp0/master
-9675c6d PWN::Plugins::BurpSuite module - add #uri_in_scope method to compare URI to URI regexes in / out of scope per burp suite target scope config JSON file, like those produced by H1 (returns boolean)
-e20e0ee Merge pull request #408 from ninp0/master
-12ba09b Merge branch 'master' of ssh://github.com/ninp0/pwn
-f28066d PWN::WWW::TransparentBrowser module - add #find_element_by_text method #bugfix_again
-cd8db7a Merge pull request #407 from ninp0/master
-607e1de PWN::WWW::TransparentBrowser module - add #find_element_by_text method #bugfix
-b191e1c Merge pull request #406 from ninp0/master
-3a4d68a PWN::WWW::TransparentBrowser module - add #find_element_by_text method
-e0e7ecc Merge pull request #405 from ninp0/master
-adaebc5 PWN::WWW::HackerOne module - #slight_tweak to #save_burp_target_config_file method...replace random user_agent w/ fixed known supported user agent
-bcc814f Merge pull request #404 from ninp0/master
-9bd7c1b PWN::WWW::HackerOne module - #slight_tweak to #save_burp_target_config_file method...replace random user_agent w/ fixed known supported user agent
-8dfff4d PWN::WWW::HackerOne module - #slight_tweak to #save_burp_target_config_file method
-f2b0a55 Merge pull request #403 from ninp0/master
-48f47ff PWN::Plugins::BurpSuite module && pwn_burp_suite_pro_active_scan Driver - implement target_config capability to consume Burp Suite Pro Target Scope config JSON file
-e1b9345 PWN::WWW::HackerOne module - add #save_burp_project_file method
-b33caa7 Merge pull request #402 from ninp0/master
-7e7942f PWN::WWW::HackerOne module - add burp_project link to object returned from #get_bounty_programs method #bugfix
-13d3615 PWN::WWW::HackerOne module - add burp_project link to object returned from #get_bounty_programs method #bugfix
-049681e PWN::WWW::HackerOne module - add burp_project link to object returned from #get_bounty_programs method
-2f1e787 PWN::WWW::HackerOne module - add policy, scope, hacktivity, thanks, updates, collaborator links to object returned from #get_bounty_programs method / #minor_bugfix / #rubocop_fixes
-81bb4c3 Merge pull request #401 from ninp0/master
-cb7e893 PWN::WWW::HackerOne module - implement min_payouts_enabled parameter for #get_bounty_programs method
-22cff1b Merge pull request #400 from ninp0/master
-fcafa7e PWN::WWW::HackerOne module - best approarch to snag links after DOM loads #bugfix
-368a4df PWN::WWW::HackerOne module - best approarch to snag links after DOM loads #again
-bea57c0 PWN::WWW::HackerOne module - replace brittle sleep with more resilient .div(class: full-width-inner-container).wait_until(&:present?) to snag links after DOM loads #again
-1617603 PWN::WWW::HackerOne module - replace brittle sleep with more resilient .div(class: full-width-inner-container).wait_until(&:present?) to snag links after DOM loads
-9386f03 Merge pull request #399 from ninp0/master
-2058b3c PWN::WWW::HackerOne module - add method to return all bug bounty program links #bugfixes
-152022c Merge pull request #398 from ninp0/master
-67fe8a6 PWN::WWW::HackerOne module - add method to return all bug bounty program links #bugfixes
-a18b5ae PWN::WWW::HackerOne module - add method to return all bug bounty program links #bugfixes
-a688297 Merge pull request #397 from ninp0/master
-cff4ad0 PWN::WWW::HackerOne module - add method to return all bug bounty program links #bugfixes
-a3af8cf Merge pull request #396 from ninp0/master
-055eccb PWN::WWW::HackerOne module - add method to return all bug bounty program links #bugfixes
-33b3c82 Merge pull request #395 from ninp0/master
-3c1837b PWN::WWW::HackerOne module - add method to return all bug bounty program links #bugfixes
-208c8a4 Merge pull request #394 from ninp0/master
-773ad2f PWN::WWW::HackerOne module - add method to return all bug bounty program links #rubocop_fixes
-91252c7 Merge pull request #393 from ninp0/master
-fb80ad0 PWN::WWW::HackerOne module - add method to return all bug bounty program links #rubocop_fixes
-598aa2b Merge pull request #392 from ninp0/master
-cabcb83 PWN::WWW::HackerOne module - add method to return all bug bounty program links
-662e05f PWN::WWW::HackerOne module - add method to return all bug bounty program links
-94cf6d0 Merge pull request #391 from ninp0/master
-22a696e PWN::WWW::HackerOne module - add method to return all bug bounty program links
-69884d7 Merge pull request #390 from ninp0/master
-51cbfca PWN::Plugins::Shodan module - add #get_uris method to extract URI strings from search results returned from #search method #bugfixes
-57c18ee Merge pull request #389 from ninp0/master
-0161122 PWN::Plugins::Shodan module - add #get_uris method to extract URI strings from search results returned from #search method #bugfixes
-1f63683 Merge pull request #388 from ninp0/master
-d6e5e41 PWN::Plugins::Shodan module - add #get_uris method to extract URI strings from search results returned from #search method #bugfixes
-635d7d2 PWN::Plugins::Shodan module - add #get_uris method to extract URI strings from search results returned from #search method #bugfixes #add_usage
-2691a6f PWN::Plugins::Shodan module - add #get_uris method to extract URI strings from search results returned from #search method
-b83eed4 Merge pull request #387 from ninp0/master
-e0d6850 pwn_shodan_search Driver - change default output-results-file to reside in CWD instead of /tmp
-f19a02f Merge pull request #386 from ninp0/master
-04d3f97 pwn_shodan_search Driver - implement a --rate-limit flag to allow for customized rate limiting when API gets grumpy
-cff4d3c Merge pull request #385 from ninp0/master
-a949aa6 PWN::Plugins::ScannableCodes module - #bugfix in #help method
-e4b5a19 Merge pull request #384 from ninp0/master
-216bb34 PWN::Plugins::ScannableCodes module - initial commit
-04bc64e PWN::Plugins::ScannableCodes module - initial commit
-ae9ece4 Merge pull request #383 from ninp0/master
-594808b pwn_www_uri_buster Driver - JSON.pretty_generate(response.headers) #bugfix, cast hash to pretty JSON string
-810ee16 Merge pull request #382 from ninp0/master
-0adff45 pwn_www_uri_buster Driver - incorporate randomized user-agent string in HTTP requests
-b429bca Merge pull request #381 from ninp0/master
-8afb64a PWN::Reports::SAST module - #bugfix in escaped newline
-3ac73eb Merge pull request #380 from ninp0/master
-54e8fe1 PWN::Reports::* - #bufix in "ajax" key where report_name is now dynamic
-5fb8eb6 pwn_www_uri_buster Driver - #bugfix in retrieving random available ephemeral port via PWN::Plugins::Sock module in #get_random_unused_port method
-6c0d1be Merge pull request #379 from ninp0/master
-c3964c0 pwn_www_uri_buster Driver - include HTTP response headers in results && #bugfix
-1edc9d7 Merge pull request #378 from ninp0/master
-4cbd086 pwn_www_uri_buster Driver - include HTTP response headers in results && #bugfix when using tor as proxy
-1d8a60d Merge pull request #377 from ninp0/master
-4e0f5be pwn_www_uri_buster - implement tor support #more_bugfixes
-cf1a932 Merge pull request #376 from ninp0/master
-c845e1f pwn_www_uri_buster - implement tor support #bugfixes
-0e88ef7 Merge pull request #375 from ninp0/master
-e2e1de4 pwn_www_uri_buster - implement tor support
-5f4c2e3 Merge pull request #374 from ninp0/master
-720eec2 Custom report names for all reports in PWN::Reports namespace #bugfix
-7a77a69 Merge pull request #373 from ninp0/master
-61cc8a9 Custom report names for all reports in PWN::Reports namespace #bugfix
-e45c36e Merge pull request #372 from ninp0/master
-35b6623 Custom report names for all reports in PWN::Reports namespace
-c169f48 Merge pull request #371 from ninp0/master
-eb6de5e pwn_www_uri_buster Driver - add --append parameter to append pattern to end of entries in wordlist
-8a05fca pwn_www_uri_buster Driver - add --append parameter to append pattern to end of entries in wordlist
-5d04eab Merge pull request #370 from ninp0/master
-491898e PWN::Plugins::DetectOS module - #rubocop_fixes
-c752179 pwn_nmap_discover_tcp_udp Driver - implement --target-file flag (i.e. you can use either --target-file OR --target-range, not both and not neither) / slight discovery tweaks
-a320df1 Merge pull request #369 from ninp0/master
-9e16d30 pwn_bdba_scan && pwn_bdba_groups Drivers - change both drivers to support --parent-group-id flow (i.e. to avoid wrong group association when duplicate group names reside under different search-paths) #bugfix2_revert
-0bc80c1 Merge pull request #368 from ninp0/master
-1f92631 pwn_bdba_scan && pwn_bdba_groups Drivers - change both drivers to support --parent-group-id flow (i.e. to avoid wrong group association when duplicate group names reside under different search-paths) #bugfix
-663f3d9 Merge pull request #367 from ninp0/master
-50a4c48 pwn_bdba_scan && pwn_bdba_groups Drivers - change both drivers to support --parent-group-id flow (i.e. to avoid wrong group association when duplicate group names reside under different search-paths)
-02432d4 Merge pull request #366 from ninp0/master
-6afd3fc pwn_bdba_scan Driver - change --parent-group-name parameter to --parent-group-id to avoid wrong group association when duplicate group names reside under different search-paths
-9517452 Merge pull request #365 from ninp0/master
-0c326b8 pwn_bdba_scan Driver - incorporate optional --version parameter
-e96cb62 Merge pull request #364 from ninp0/master
-5324605 PWN::Plugins::BlackDuckBinaryAnalysis module && pwn_bdba_scans Driver - implement #abort_product_scan method && abort product scan results if they have been sitting in a queue status for more than 90 minutes.
-f36af42 Merge pull request #363 from ninp0/master
-f308dba git_commit_test_reinit_gem.sh - #more_tag_bugfixes
-31e8c06 Merge pull request #362 from ninp0/master
-38835e3 git_commit_test_reinit_gem.sh - Address off-by-one tagging #bugfix
-2f31697 Merge pull request #361 from ninp0/master
+b4b509b PWN::Plugins::IPInfo module - #bugfixes
+d89a977 PWN::Plugins::IPInfo module - committing any last minute changes
+30227da PWN::Plugins::IPInfo module - #bugfixes in cert key:value pairs when values should be arrays
+6265d2c pwn_www_checkip Driver - add optional --target parameter to provide info on hosts/IPs other than just a given source public IP
+fab43f7 PWN::Plugins::IPInfo module - add a few more cert attributes in detailed info response
+3114fa2 PWN::Plugins::Sock module - minor code cleanup #got_it_working
+aa01f39 PWN::Plugins::Sock module - add hostname to tls_sock object prior to connecting
+8c78ee4 Merge branch 'master' of ssh://github.com/ninp0/pwn
+2f3377e PWN::Plugins::Sock module - use lowest supported proto version when attempting to connect to a socket via the #connect method #ciphers
+4c792e8 Merge pull request #429 from ninp0/master
+813780b PWN::Plugins::Sock module - use lowest supported proto version when attempting to connect to a socket via the #connect method #ciphers
+997b2d0 PWN::Plugins::Sock module - use lowest supported proto version when attempting to connect to a socket via the #connect method #ciphers
+c0a5524 PWN::Plugins::Sock module - use lowest supported proto version when attempting to connect to a socket via the #connect method #ciphers

data/Gemfile

@@ -11,7 +11,7 @@ gemspec
 # In some circumstances custom flags are passed to gems in order
 # to build appropriately.  Defer to ./reinstall_pwn_gemset.sh
 # to review these custom flags (e.g. pg, serialport, etc).
-gem 'activesupport', '7.0.7.2'
+gem 'activesupport', '7.0.8'
 gem 'anemone', '0.7.2'
 gem 'authy', '3.0.1'
 gem 'aws-sdk', '3.1.0'
@@ -19,7 +19,7 @@ gem 'aws-sdk', '3.1.0'
 gem 'barby', '0.6.8'
 gem 'brakeman', '6.0.1'
 gem 'bson', '4.15.0'
-gem 'bundler', '>=2.4.19'
+gem 'bundler', '>=2.4.20'
 gem 'bundler-audit', '0.9.1'
 gem 'bunny', '2.22.0'
 gem 'colorize', '1.1.0'
@@ -28,7 +28,7 @@ gem 'eventmachine', '1.2.7'
 gem 'executable-hooks', '1.6.1'
 gem 'faker', '3.2.1'
 gem 'faye-websocket', '0.11.3'
-gem 'ffi', '1.15.5'
+gem 'ffi', '1.16.2'
 gem 'fftw3', '0.3'
 gem 'gdb', '1.0.0'
 gem 'gem-wrappers', '1.4.0'
@@ -47,7 +47,7 @@ gem 'msfrpc-client', '1.1.2'
 gem 'netaddr', '2.0.6'
 gem 'net-ldap', '0.18.0'
 gem 'net-openvpn', '0.8.7'
-gem 'net-smtp', '0.3.3'
+gem 'net-smtp', '0.4.0'
 gem 'nexpose', '7.3.0'
 gem 'nokogiri', '1.15.4'
 gem 'nokogiri-diff', '0.2.0'
@@ -56,7 +56,7 @@ gem 'open3', '0.1.2'
 gem 'os', '1.1.4'
 gem 'packetfu', '2.0.0'
 gem 'pdf-reader', '2.11.0'
-gem 'pg', '1.5.3'
+gem 'pg', '1.5.4'
 gem 'pry', '0.14.2'
 gem 'pry-doc', '1.4.0'
 gem 'rake', '13.0.6'
@@ -69,21 +69,21 @@ gem 'rmagick', '5.3.0'
 gem 'rqrcode', '2.2.0'
 gem 'rspec', '3.12.0'
 gem 'rtesseract', '3.1.2'
-gem 'rubocop', '1.56.2'
+gem 'rubocop', '1.56.3'
 gem 'rubocop-rake', '0.6.0'
-gem 'rubocop-rspec', '2.23.2'
+gem 'rubocop-rspec', '2.24.1'
 gem 'ruby-audio', '1.6.1'
-gem 'ruby-nmap', '1.0.1'
+gem 'ruby-nmap', '1.0.2'
 gem 'ruby-saml', '1.15.0'
 gem 'rvm', '1.11.3.9'
 gem 'savon', '2.14.0'
-gem 'selenium-devtools', '0.115.0'
+gem 'selenium-devtools', '0.117.0'
 gem 'serialport', '1.3.2'
 gem 'sinatra', '3.1.0'
-gem 'slack-ruby-client', '2.1.0'
+gem 'slack-ruby-client', '2.2.0'
 gem 'socksify', '1.7.1'
 gem 'spreadsheet', '1.3.0'
-gem 'sqlite3', '1.6.4'
+gem 'sqlite3', '1.6.6'
 gem 'thin', '1.8.2'
 gem 'tty-prompt', '0.23.1'
 gem 'tty-spinner', '0.9.3'

data/README.md

@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
 $ rvm list gemsets
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.910]:001 >>> PWN.help
+pwn[v0.4.912]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.910]:001 >>> PWN.help
+pwn[v0.4.912]:001 >>> PWN.help
 ```
 
 
@@ -66,7 +66,7 @@ Additional documentation on using PWN can be found on [RubyGems.org](https://www
 I hope you enjoy PWN and remember...ensure you always have permission prior to carrying out any sort of hacktivities.  Now - go pwn all the things!
 
 ### **Keep Us Caffeinated** ###
-If you've found this framework useful and you're interested in supporting as many new features as possible, we invite you to take a brief moment to keep us caffeinated:
+If you've found this project useful and you're interested in supporting our efforts, we invite you to take a brief moment to keep us caffeinated:
 
 [![Coffee](https://www.buymeacoffee.com/assets/img/custom_images/orange_img.png)](https://buymeacoff.ee/0dayinc)
 

data/bin/pwn_bdba_scan

@@ -28,6 +28,14 @@ OptionParser.new do |options|
     opts[:report_path] = r
   end
 
+  options.on('-q', '--queue-timeout', '<Optional - Duration in Seconds for a File to Remain in Queue Prior to Aborting (Default: 5_400)>') do |q|
+    opts[:queue_timeout] = q
+  end
+
+  options.on('-a', '--scan-attempts', '<Optional - Number of Attempts to Scan a File if the Scan was Aborted Due to Queue Timeouts (Default: 3)>') do |a|
+    opts[:scan_attempts] = a
+  end
+
   options.on('-R', '--report-only', '<Optional - Only Generate a Black Duck Binary Analysis Scan Report for an Existing Scan (Default: false)>') do |o|
     opts[:report_only] = o
   end
@@ -46,6 +54,7 @@ if opts.empty?
   exit 1
 end
 
+abort_total = 0
 begin
   pwn_provider = 'ruby-gem'
   pwn_provider = ENV.fetch('PWN_PROVIDER') if ENV.keys.any? { |s| s == 'PWN_PROVIDER' }
@@ -67,6 +76,10 @@ begin
   report_path = opts[:report_path]
   raise "ERROR: BDBA Report Path Not Provided: #{report_path}" if report_path.nil?
 
+  queue_timeout = opts[:queue_timeout] ||= 5_400
+
+  scan_attempts = opts[:scan_attempts] ||= 3
+
   report_only = opts[:report_only] ||= false
 
   report_type_str = opts[:report_type] ||= 'csv_vulns'
@@ -95,7 +108,9 @@ begin
     break if scan_progress_resp[:products].none? { |p| p[:status] == 'B' } || report_only
 
     # Cancel queued scan if it's been queued for more than 90 minutes
-    if scan_progress_busy_duration > 5_400
+    if scan_progress_busy_duration > queue_timeout.to_i
+      abort_total += 1
+      puts "Scan Queued for More than #{queue_timeout} Seconds. Aborting and Re-Queuing."
       scan_progress_resp[:products].select { |p| p[:status] == 'B' }.each do |p|
         puts "Abort Queued Scan: #{p[:name]}"
         PWN::Plugins::BlackDuckBinaryAnalysis.abort_product_scan(
@@ -103,6 +118,9 @@ begin
           product_id: p[:product_id]
         )
       end
+
+      retry if abort_total <= scan_attempts.to_i
+
       raise "ERROR: BDBA Scan Queued for More than 90 Minutes: #{target_file}"
     end
 

data/bin/pwn_www_checkip

@@ -53,7 +53,7 @@ begin
     ).to_s.chomp
   end
 
-  puts "[ { \"query\": \"#{target}\" } ]" if ipinfo.nil? && opts[:target].nil?
+  puts "[ { \"target\": \"#{target}\" } ]" if ipinfo.nil? && opts[:target].nil?
 
   ipinfo = true if ipinfo.nil? && opts[:target]
   if ipinfo

data/lib/pwn/plugins/ip_info.rb

@@ -60,16 +60,14 @@ module PWN
 
         ip_info_resp = []
         if IPAddress.valid?(target)
-          if proxy
-            ip_resp_json = ip_info_rest_call(ip: target, proxy: proxy)
-          else
-            ip_resp_json = ip_info_rest_call(ip: target)
-          end
-
+          ip_resp_json = ip_info_rest_call(ip: target, proxy: proxy)
+          ip_resp_json[:target] = target
           ip_info_resp.push(ip_resp_json)
         else
           Resolv::DNS.new.each_address(target) do |ip|
-            ip_info_resp.push(ip_info_rest_call(ip: ip))
+            ip_resp_json = ip_info_rest_call(ip: ip, proxy: proxy)
+            ip_resp_json[:target] = target
+            ip_info_resp.push(ip_resp_json)
           end
         end
 

data/lib/pwn/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.4.910'
+  VERSION = '0.4.912'
 end

data/packer/provisioners/vim.sh

@@ -1,7 +1,7 @@
 #!/bin/bash
 source /etc/profile.d/globals.sh
 
-default_vimrc='/usr/share/vim/vim82/defaults.vim'
+default_vimrc='/usr/share/vim/vim90/defaults.vim'
 global_vimrc='/etc/vim/vimrc'
 
 $screen_cmd "${apt} install -y vim ${assess_update_errors}"

data/vagrant/provisioners/metasploit.rb

@@ -2,7 +2,7 @@
 # frozen_string_literal: true
 
 print 'Updating Metasploit...'
-metasploit_root = '/opt/metasploit-framework-dev/'
+metasploit_root = '/opt/metasploit-framework-dev'
 puts `sudo /bin/bash --login -c "cd #{metasploit_root} && rm Gemfile.lock && git pull"`
 metasploit_ruby_version = File.readlines("#{metasploit_root}/.ruby-version")[0].to_s.scrub.strip.chomp
 puts `

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.4.910
+  version: 0.4.912
 platform: ruby
 authors:
 - 0day Inc.
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-08-29 00:00:00.000000000 Z
+date: 2023-09-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 7.0.7.2
+        version: 7.0.8
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 7.0.7.2
+        version: 7.0.8
 - !ruby/object:Gem::Dependency
   name: anemone
   requirement: !ruby/object:Gem::Requirement
@@ -114,14 +114,14 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 2.4.19
+        version: 2.4.20
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 2.4.19
+        version: 2.4.20
 - !ruby/object:Gem::Dependency
   name: bundler-audit
   requirement: !ruby/object:Gem::Requirement
@@ -240,14 +240,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.15.5
+        version: 1.16.2
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.15.5
+        version: 1.16.2
 - !ruby/object:Gem::Dependency
   name: fftw3
   requirement: !ruby/object:Gem::Requirement
@@ -506,14 +506,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.3.3
+        version: 0.4.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.3.3
+        version: 0.4.0
 - !ruby/object:Gem::Dependency
   name: nexpose
   requirement: !ruby/object:Gem::Requirement
@@ -632,14 +632,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.5.3
+        version: 1.5.4
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.5.3
+        version: 1.5.4
 - !ruby/object:Gem::Dependency
   name: pry
   requirement: !ruby/object:Gem::Requirement
@@ -814,14 +814,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.56.2
+        version: 1.56.3
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.56.2
+        version: 1.56.3
 - !ruby/object:Gem::Dependency
   name: rubocop-rake
   requirement: !ruby/object:Gem::Requirement
@@ -842,14 +842,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.23.2
+        version: 2.24.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.23.2
+        version: 2.24.1
 - !ruby/object:Gem::Dependency
   name: ruby-audio
   requirement: !ruby/object:Gem::Requirement
@@ -870,14 +870,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.0.1
+        version: 1.0.2
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.0.1
+        version: 1.0.2
 - !ruby/object:Gem::Dependency
   name: ruby-saml
   requirement: !ruby/object:Gem::Requirement
@@ -926,14 +926,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.115.0
+        version: 0.117.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.115.0
+        version: 0.117.0
 - !ruby/object:Gem::Dependency
   name: serialport
   requirement: !ruby/object:Gem::Requirement
@@ -968,14 +968,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.1.0
+        version: 2.2.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.1.0
+        version: 2.2.0
 - !ruby/object:Gem::Dependency
   name: socksify
   requirement: !ruby/object:Gem::Requirement
@@ -1010,14 +1010,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.6.4
+        version: 1.6.6
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.6.4
+        version: 1.6.6
 - !ruby/object:Gem::Dependency
   name: thin
   requirement: !ruby/object:Gem::Requirement
@@ -2179,7 +2179,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.4.19
+rubygems_version: 3.4.20
 signing_key:
 specification_version: 4
 summary: Automated Security Testing for CI/CD Pipelines & Beyond