pwn 0.4.921 → 0.4.924
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +4 -4
- data/README.md +4 -4
- data/bin/pwn_bdba_scan +22 -5
- data/lib/pwn/plugins/black_duck_binary_analysis.rb +1 -23
- data/lib/pwn/plugins/credit_card.rb +2 -2
- data/lib/pwn/version.rb +1 -1
- metadata +8 -22
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 8f52f5a00595e64e9969f0319067ab211cf3df8438274aa89efdbdc376f40804
|
4
|
+
data.tar.gz: c9e5d62d57d9083b22504b1c8ae4d70d8b05c890761a2d3dfea9a4cc32eb3e6c
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 42979a9a7df6d28c8108794f353b0a3c57f66faed8f051ccc2016d62d0b50a02c877cd2f73d76edad7b79f48361f365201c9d30613e88ee17de18e62dac2aef7
|
7
|
+
data.tar.gz: 0cda27394a59d9dd547501ff28371db33265872f2d8447ce5539235e74eb551a6674d06b57e2aa4475cc41fb45a8f0c857ea1aa8dca8259ac3bc8015d52ad5c6
|
data/Gemfile
CHANGED
@@ -11,7 +11,7 @@ gemspec
|
|
11
11
|
# In some circumstances custom flags are passed to gems in order
|
12
12
|
# to build appropriately. Defer to ./reinstall_pwn_gemset.sh
|
13
13
|
# to review these custom flags (e.g. pg, serialport, etc).
|
14
|
-
gem 'activesupport', '7.0
|
14
|
+
gem 'activesupport', '7.1.0'
|
15
15
|
gem 'anemone', '0.7.2'
|
16
16
|
gem 'authy', '3.0.1'
|
17
17
|
gem 'aws-sdk', '3.1.0'
|
@@ -23,12 +23,12 @@ gem 'bundler', '>=2.4.20'
|
|
23
23
|
gem 'bundler-audit', '0.9.1'
|
24
24
|
gem 'bunny', '2.22.0'
|
25
25
|
gem 'colorize', '1.1.0'
|
26
|
-
gem 'credit_card_validations', '6.0.0'
|
26
|
+
# gem 'credit_card_validations', '6.0.0'
|
27
27
|
gem 'eventmachine', '1.2.7'
|
28
28
|
gem 'executable-hooks', '1.6.1'
|
29
29
|
gem 'faker', '3.2.1'
|
30
30
|
gem 'faye-websocket', '0.11.3'
|
31
|
-
gem 'ffi', '1.16.
|
31
|
+
gem 'ffi', '1.16.3'
|
32
32
|
gem 'fftw3', '0.3'
|
33
33
|
gem 'gdb', '1.0.0'
|
34
34
|
gem 'gem-wrappers', '1.4.0'
|
@@ -68,7 +68,7 @@ gem 'rex', '2.0.13'
|
|
68
68
|
gem 'rmagick', '5.3.0'
|
69
69
|
gem 'rqrcode', '2.2.0'
|
70
70
|
gem 'rspec', '3.12.0'
|
71
|
-
gem 'rtesseract', '3.1.
|
71
|
+
gem 'rtesseract', '3.1.3'
|
72
72
|
gem 'rubocop', '1.56.4'
|
73
73
|
gem 'rubocop-rake', '0.6.0'
|
74
74
|
gem 'rubocop-rspec', '2.24.1'
|
data/README.md
CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
37
37
|
$ rvm list gemsets
|
38
38
|
$ gem install --verbose pwn
|
39
39
|
$ pwn
|
40
|
-
pwn[v0.4.
|
40
|
+
pwn[v0.4.924]:001 >>> PWN.help
|
41
41
|
```
|
42
42
|
|
43
43
|
If you're using a multi-user install of RVM do:
|
@@ -48,7 +48,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
48
48
|
$ rvm list gemsets
|
49
49
|
$ rvmsudo gem install --verbose pwn
|
50
50
|
$ pwn
|
51
|
-
pwn[v0.4.
|
51
|
+
pwn[v0.4.924]:001 >>> PWN.help
|
52
52
|
```
|
53
53
|
|
54
54
|
[![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
|
@@ -63,7 +63,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
63
63
|
$ gem uninstall --all --executables pwn
|
64
64
|
$ gem install --verbose pwn
|
65
65
|
$ pwn
|
66
|
-
pwn[v0.4.
|
66
|
+
pwn[v0.4.924]:001 >>> PWN.help
|
67
67
|
```
|
68
68
|
|
69
69
|
If you're using a multi-user install of RVM do:
|
@@ -73,7 +73,7 @@ $ rvm use ruby-3.2.2@pwn
|
|
73
73
|
$ rvmsudo gem uninstall --all --executables pwn
|
74
74
|
$ rvmsudo gem install --verbose pwn
|
75
75
|
$ pwn
|
76
|
-
pwn[v0.4.
|
76
|
+
pwn[v0.4.924]:001 >>> PWN.help
|
77
77
|
```
|
78
78
|
|
79
79
|
|
data/bin/pwn_bdba_scan
CHANGED
@@ -4,7 +4,6 @@
|
|
4
4
|
require 'cgi'
|
5
5
|
require 'optparse'
|
6
6
|
require 'pwn'
|
7
|
-
require 'timeout'
|
8
7
|
require 'yaml'
|
9
8
|
|
10
9
|
opts = {}
|
@@ -33,10 +32,14 @@ OptionParser.new do |options|
|
|
33
32
|
opts[:queue_timeout] = q
|
34
33
|
end
|
35
34
|
|
36
|
-
options.on('-a', '--scan-attempts', '<Optional - Number of Attempts to Scan a File if the Scan was Aborted Due to Queue Timeouts (Default: 3)>') do |a|
|
35
|
+
options.on('-a', '--scan-attempts', '<Optional - Number of Attempts to Scan a File if the Scan was Aborted Due to Queue Timeouts or RestClient Exceptions (Default: 3)>') do |a|
|
37
36
|
opts[:scan_attempts] = a
|
38
37
|
end
|
39
38
|
|
39
|
+
options.on('-S', '--sleep-between-scan-attempts', '<Optional - Seconds to Sleep Between Attempts to Scan a File if the Scan was Aborted Due to Queue Timeouts or RestClient Exceptions (Default: 60)>') do |s|
|
40
|
+
opts[:sleep_between_scan_attempts] = s
|
41
|
+
end
|
42
|
+
|
40
43
|
options.on('-R', '--report-only', '<Optional - Only Generate a Black Duck Binary Analysis Scan Report for an Existing Scan (Default: false)>') do |o|
|
41
44
|
opts[:report_only] = o
|
42
45
|
end
|
@@ -80,6 +83,7 @@ begin
|
|
80
83
|
queue_timeout = opts[:queue_timeout] ||= 5_400
|
81
84
|
|
82
85
|
scan_attempts = opts[:scan_attempts] ||= 3
|
86
|
+
sleep_between_scan_attempts = opts[:sleep_between_scan_attempts] ||= 60
|
83
87
|
|
84
88
|
report_only = opts[:report_only] ||= false
|
85
89
|
|
@@ -120,7 +124,7 @@ begin
|
|
120
124
|
)
|
121
125
|
end
|
122
126
|
|
123
|
-
raise
|
127
|
+
raise IO::TimeoutError, "ERROR: BDBA Scan Aborted: #{target_file}"
|
124
128
|
end
|
125
129
|
|
126
130
|
10.times do
|
@@ -140,10 +144,23 @@ begin
|
|
140
144
|
)
|
141
145
|
|
142
146
|
puts "\nReport Saved to: #{report_path}"
|
143
|
-
rescue
|
147
|
+
rescue IO::TimeoutError,
|
148
|
+
RestClient::Unauthorized,
|
149
|
+
RestClient::Forbidden,
|
150
|
+
RestClient::BadRequest,
|
151
|
+
RestClient::ResourceNotFound,
|
152
|
+
RestClient::InternalServerError,
|
153
|
+
RestClient::BadGateway,
|
154
|
+
RestClient::ServiceUnavailable,
|
155
|
+
RestClient::GatewayTimeout
|
156
|
+
|
144
157
|
abort_total += 1
|
145
158
|
|
146
|
-
|
159
|
+
if abort_total <= scan_attempts.to_i
|
160
|
+
puts 'Sleeping for 60 Seconds and Retrying...'
|
161
|
+
sleep sleep_between_scan_attempts.to_i
|
162
|
+
retry
|
163
|
+
end
|
147
164
|
|
148
165
|
puts 'Scan Attempts Reached - Goodbye.'
|
149
166
|
exit 1
|
@@ -84,29 +84,7 @@ module PWN
|
|
84
84
|
puts "HTTP RESPONSE BODY:\n#{e.response.body.inspect}\n\n\n"
|
85
85
|
end
|
86
86
|
|
87
|
-
|
88
|
-
# type of RestClient::ExceptionWithResponse
|
89
|
-
# and handle accordingly.
|
90
|
-
case e
|
91
|
-
when RestClient::Unauthorized
|
92
|
-
raise "ERROR: #{e.message} - Invalid token."
|
93
|
-
when RestClient::Forbidden
|
94
|
-
raise "ERROR: #{e.message} - Insufficient permissions."
|
95
|
-
when RestClient::BadRequest
|
96
|
-
raise "ERROR: #{e.message} - Invalid request."
|
97
|
-
when RestClient::ResourceNotFound
|
98
|
-
raise "ERROR: #{e.message} - Resource not found."
|
99
|
-
when RestClient::InternalServerError
|
100
|
-
raise "ERROR: #{e.message} - Internal server error."
|
101
|
-
when RestClient::BadGateway
|
102
|
-
raise "ERROR: #{e.message} - Bad gateway."
|
103
|
-
when RestClient::ServiceUnavailable
|
104
|
-
raise "ERROR: #{e.message} - Service unavailable."
|
105
|
-
when RestClient::GatewayTimeout
|
106
|
-
raise "ERROR: #{e.message} - Gateway timeout."
|
107
|
-
else
|
108
|
-
raise e
|
109
|
-
end
|
87
|
+
raise e
|
110
88
|
rescue StandardError => e
|
111
89
|
case e.message
|
112
90
|
when '400 Bad Request', '404 Resource Not Found'
|
data/lib/pwn/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: pwn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.4.
|
4
|
+
version: 0.4.924
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- 0day Inc.
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-10-
|
11
|
+
date: 2023-10-05 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 7.0
|
19
|
+
version: 7.1.0
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 7.0
|
26
|
+
version: 7.1.0
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: anemone
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -164,20 +164,6 @@ dependencies:
|
|
164
164
|
- - '='
|
165
165
|
- !ruby/object:Gem::Version
|
166
166
|
version: 1.1.0
|
167
|
-
- !ruby/object:Gem::Dependency
|
168
|
-
name: credit_card_validations
|
169
|
-
requirement: !ruby/object:Gem::Requirement
|
170
|
-
requirements:
|
171
|
-
- - '='
|
172
|
-
- !ruby/object:Gem::Version
|
173
|
-
version: 6.0.0
|
174
|
-
type: :runtime
|
175
|
-
prerelease: false
|
176
|
-
version_requirements: !ruby/object:Gem::Requirement
|
177
|
-
requirements:
|
178
|
-
- - '='
|
179
|
-
- !ruby/object:Gem::Version
|
180
|
-
version: 6.0.0
|
181
167
|
- !ruby/object:Gem::Dependency
|
182
168
|
name: eventmachine
|
183
169
|
requirement: !ruby/object:Gem::Requirement
|
@@ -240,14 +226,14 @@ dependencies:
|
|
240
226
|
requirements:
|
241
227
|
- - '='
|
242
228
|
- !ruby/object:Gem::Version
|
243
|
-
version: 1.16.
|
229
|
+
version: 1.16.3
|
244
230
|
type: :runtime
|
245
231
|
prerelease: false
|
246
232
|
version_requirements: !ruby/object:Gem::Requirement
|
247
233
|
requirements:
|
248
234
|
- - '='
|
249
235
|
- !ruby/object:Gem::Version
|
250
|
-
version: 1.16.
|
236
|
+
version: 1.16.3
|
251
237
|
- !ruby/object:Gem::Dependency
|
252
238
|
name: fftw3
|
253
239
|
requirement: !ruby/object:Gem::Requirement
|
@@ -800,14 +786,14 @@ dependencies:
|
|
800
786
|
requirements:
|
801
787
|
- - '='
|
802
788
|
- !ruby/object:Gem::Version
|
803
|
-
version: 3.1.
|
789
|
+
version: 3.1.3
|
804
790
|
type: :runtime
|
805
791
|
prerelease: false
|
806
792
|
version_requirements: !ruby/object:Gem::Requirement
|
807
793
|
requirements:
|
808
794
|
- - '='
|
809
795
|
- !ruby/object:Gem::Version
|
810
|
-
version: 3.1.
|
796
|
+
version: 3.1.3
|
811
797
|
- !ruby/object:Gem::Dependency
|
812
798
|
name: rubocop
|
813
799
|
requirement: !ruby/object:Gem::Requirement
|