pwn 0.4.934 → 0.4.936

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 96d55da9eae5abee0f896f6f9a898e2ebf9036ca825dc26f6144b28528ea68db
-  data.tar.gz: 153e4ae9326f7096d3b6c77009d83c5ed8a619d9b76538870f4bd6345509507d
+  metadata.gz: 224c9ba60d1bae836ead32f4e27e6bb8f6a5c3381abb0750a9046e2e8fa12205
+  data.tar.gz: c638b4fbe4b5bffa404eb0fdb1d7fd54c06a4ac5470a824529402731407837cb
 SHA512:
-  metadata.gz: 62ca84a8b9542e62b14f507588e335a3a8ac5f8b057b41ad89e502cd14b25e1ab59b0c00e30c932388ff853420f30593d3c20da0b7d664cb7a272cc69f56dad9
-  data.tar.gz: 8a64989b3da05b11525f3baa282d0b1dc240c01decd35441a60ff42b68af90aa9545f5bb5d5d0e6cd72bd0f49b42016a9eddd55376eab8afc9a89daf5718c5af
+  metadata.gz: 346f987258a48e33648e432bf347f64e1d2e79b5b8971ed4b71bc4196fa0dbc4a334c2e16eb830f1afcbbb3403bfcebece53ddfea8bce832194811092a0a18ec
+  data.tar.gz: 49866a0646a393f89067937ae52529cb6abe4cc02058811b3b066379f44c4cf52d12552cdbdbedd831b955f173216052a06d8f19deb0bded9fdd9383d1963914

data/Gemfile

@@ -16,10 +16,10 @@ gem 'anemone', '0.7.2'
 gem 'authy', '3.0.1'
 gem 'aws-sdk', '3.2.0'
 # gem 'bettercap', '1.6.2'
-gem 'barby', '0.6.8'
-gem 'brakeman', '6.0.1'
+gem 'barby', '0.6.9'
+gem 'brakeman', '6.1.0'
 gem 'bson', '4.15.0'
-gem 'bundler', '>=2.4.22'
+gem 'bundler', '>=2.5.0'
 gem 'bundler-audit', '0.9.1'
 gem 'bunny', '2.22.0'
 gem 'colorize', '1.1.0'
@@ -33,13 +33,15 @@ gem 'fftw3', '0.3'
 gem 'gdb', '1.0.0'
 gem 'gem-wrappers', '1.4.0'
 gem 'gist', '6.0.0'
+gem 'gruff', '0.23.0'
 gem 'htmlentities', '4.3.4'
 gem 'ipaddress', '0.8.3'
 gem 'jenkins_api_client2', '1.9.0'
 gem 'js-beautify', '0.1.8'
-gem 'json', '2.6.3'
+gem 'json', '2.7.1'
 gem 'jsonpath', '1.1.5'
 gem 'jwt', '2.7.1'
+gem 'libusb', '0.6.4'
 gem 'luhn', '1.0.2'
 gem 'mail', '2.8.1'
 gem 'mongo', '2.19.3'
@@ -55,6 +57,7 @@ gem 'oily_png', '1.2.1'
 gem 'open3', '0.2.0'
 gem 'os', '1.1.4'
 gem 'packetfu', '2.0.0'
+gem 'packetgen', '3.3.0'
 gem 'pdf-reader', '2.11.0'
 gem 'pg', '1.5.4'
 gem 'pry', '0.14.2'
@@ -62,14 +65,14 @@ gem 'pry-doc', '1.4.0'
 gem 'rake', '13.1.0'
 gem 'rb-readline', '0.5.5'
 gem 'rbvmomi', '3.0.0'
-gem 'rdoc', '6.6.0'
+gem 'rdoc', '6.6.1'
 gem 'rest-client', '2.1.0'
 gem 'rex', '2.0.13'
 gem 'rmagick', '5.3.0'
 gem 'rqrcode', '2.2.0'
 gem 'rspec', '3.12.0'
 gem 'rtesseract', '3.1.3'
-gem 'rubocop', '1.57.2'
+gem 'rubocop', '1.59.0'
 gem 'rubocop-rake', '0.6.0'
 gem 'rubocop-rspec', '2.25.0'
 gem 'ruby-audio', '1.6.1'
@@ -77,7 +80,7 @@ gem 'ruby-nmap', '1.0.2'
 gem 'ruby-saml', '1.16.0'
 gem 'rvm', '1.11.3.9'
 gem 'savon', '2.14.0'
-gem 'selenium-devtools', '0.119.0'
+gem 'selenium-devtools', '0.120.0'
 gem 'serialport', '1.3.2'
 gem 'sinatra', '3.1.0'
 gem 'slack-ruby-client', '2.2.0'

data/README.md

@@ -37,7 +37,7 @@ $ cd /opt/pwn
 $ ./install.sh
 $ ./install.sh ruby-gem
 $ pwn
-pwn[v0.4.934]:001 >>> PWN.help
+pwn[v0.4.936]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.2.2@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.4.934]:001 >>> PWN.help
+pwn[v0.4.936]:001 >>> PWN.help
 ```
 
 If you're using a multi-user install of RVM do:
@@ -62,7 +62,7 @@ $ rvm use ruby-3.2.2@pwn
 $ rvmsudo gem uninstall --all --executables pwn
 $ rvmsudo gem install --verbose pwn
 $ pwn
-pwn[v0.4.934]:001 >>> PWN.help
+pwn[v0.4.936]:001 >>> PWN.help
 ```
 
 

data/bin/pwn_defectdojo_importscan

@@ -61,6 +61,18 @@ OptionParser.new do |options|
   options.on('-g', '--create-finding-groups', '<Optional - group similar findings into one finding (defaults to false)') do |g|
     opts[:create_finding_groups] = g
   end
+
+  options.on('-c', '--close-old-findings-product-scope', '<Optional - close old findings from the engagement (defaults to false)') do |c|
+    opts[:close_old_findings_product_scope] = c
+  end
+
+  options.on('-C', '--close-old-findings', '<Optional - close old findings, regardless of engagement (defaults to false)') do |c|
+    opts[:close_old_findings] = c
+  end
+
+  options.on('-j', '--push-to-jira', '<Optional - push findings to JIRA (defaults to false)') do |j|
+    opts[:push_to_jira] = j
+  end
 end.parse!
 
 if opts.empty?
@@ -84,6 +96,9 @@ minimum_severity = opts[:minimum_severity]
 scan_date = opts[:scan_date]
 verified = opts[:verified]
 create_findings_groups = opts[:create_finding_groups]
+close_old_findings_product_scope = opts[:close_old_findings_product_scope]
+close_old_findings = opts[:close_old_findings]
+push_to_jira = opts[:push_to_jira]
 
 begin
   dd_obj = PWN::Plugins::DefectDojo.login(
@@ -103,7 +118,10 @@ begin
     minimum_severity: minimum_severity,
     scan_date: scan_date,
     verified: verified,
-    create_findings_groups: create_findings_groups
+    create_findings_groups: create_findings_groups,
+    close_old_findings_product_scope: close_old_findings_product_scope,
+    close_old_findings: close_old_findings,
+    push_to_jira: push_to_jira
   )
 rescue StandardError => e
   raise e

data/bin/pwn_defectdojo_reimportscan

@@ -61,6 +61,18 @@ OptionParser.new do |options|
   options.on('-g', '--create-finding-groups', '<Optional - group similar findings into one finding (defaults to false)') do |g|
     opts[:create_finding_groups] = g
   end
+
+  options.on('-c', '--close-old-findings-product-scope', '<Optional - close old findings from the engagement (defaults to false)') do |c|
+    opts[:close_old_findings_product_scope] = c
+  end
+
+  options.on('-C', '--close-old-findings', '<Optional - close old findings, regardless of engagement (defaults to false)') do |c|
+    opts[:close_old_findings] = c
+  end
+
+  options.on('-j', '--push-to-jira', '<Optional - push findings to JIRA (defaults to false)') do |j|
+    opts[:push_to_jira] = j
+  end
 end.parse!
 
 if opts.empty?
@@ -84,6 +96,9 @@ minimum_severity = opts[:minimum_severity]
 scan_date = opts[:scan_date]
 verified = opts[:verified]
 create_finding_groups = opts[:create_finding_groups]
+close_old_findings_product_scope = opts[:close_old_findings_product_scope]
+close_old_findings = opts[:close_old_findings]
+push_to_jira = opts[:push_to_jira]
 
 begin
   dd_obj = PWN::Plugins::DefectDojo.login(
@@ -103,7 +118,10 @@ begin
     minimum_severity: minimum_severity,
     scan_date: scan_date,
     verified: verified,
-    create_finding_groups: create_finding_groups
+    create_finding_groups: create_finding_groups,
+    close_old_findings_product_scope: close_old_findings_product_scope,
+    close_old_findings: close_old_findings,
+    push_to_jira: push_to_jira
   )
 rescue StandardError => e
   raise e

data/lib/pwn/plugins/defect_dojo.rb

@@ -388,6 +388,9 @@ module PWN
       #   scan_date: 'optional - date in which scan was kicked off (defaults to now)',
       #   verified: 'optional - flag finding as verified by a tester (defaults to false)',
       #   create_finding_groups: 'optional - flag to create finding groups (defaults to false)'
+      #   close_old_findings_product_scope: 'optional - flag to close old findings from engagement (defaults to false)',
+      #   close_old_findings: 'optional - flag to close old findings, regardless of engagement (defaults to false)',
+      #   push_to_jira: 'optional - flag to push findings to JIRA (defaults to false)'
       # )
 
       public_class_method def self.importscan(opts = {})
@@ -465,6 +468,12 @@ module PWN
 
         opts[:create_finding_groups] ? (http_body[:create_finding_groups_for_all_findings] = true) : (http_body[:create_finding_groups_for_all_findings] = false)
 
+        opts[:close_old_findings_product_scope] ? (http_body[:close_old_findings_product_scope] = true) : (http_body[:close_old_findings_product_scope] = false)
+
+        opts[:close_old_findings] ? (http_body[:close_old_findings] = true) : (http_body[:close_old_findings] = false)
+
+        opts[:push_to_jira] ? (http_body[:push_to_jira] = true) : (http_body[:push_to_jira] = false)
+
         api_path = 'import-scan/'
         api_path = 'importscan/' if api_version == 'v1'
 
@@ -489,7 +498,10 @@ module PWN
       #   minimum_severity: 'optional - minimum finding severity Info||Low||Medium||High||Critical (Defaults to Info)',
       #   scan_date: 'optional - date in which scan was kicked off (defaults to now)',
       #   verified: 'optional - flag finding as verified by a tester (defaults to false)',
-      #   create_finding_groups: 'optional - flag to create finding groups (defaults to false)'
+      #   create_finding_groups: 'optional - flag to create finding groups (defaults to false)',
+      #   close_old_findings_product_scope: 'optional - flag to close old findings from engagement (defaults to false)',
+      #   close_old_findings: 'optional - flag to close old findings, regardless of engagement (defaults to false)',
+      #   push_to_jira: 'optional - flag to push findings to JIRA (defaults to false)'
       # )
 
       public_class_method def self.reimportscan(opts = {})
@@ -570,6 +582,12 @@ module PWN
 
         opts[:create_finding_groups] ? (http_body[:create_finding_groups_for_all_findings] = true) : (http_body[:create_finding_groups_for_all_findings] = false)
 
+        opts[:close_old_findings_product_scope] ? (http_body[:close_old_findings_product_scope] = true) : (http_body[:close_old_findings_product_scope] = false)
+
+        opts[:close_old_findings] ? (http_body[:close_old_findings] = true) : (http_body[:close_old_findings] = false)
+
+        opts[:push_to_jira] ? (http_body[:push_to_jira] = true) : (http_body[:push_to_jira] = false)
+
         api_path = 'reimport-scan/'
         api_path = 'reimportscan/' if api_version == 'v1'
 
@@ -726,7 +744,10 @@ module PWN
             minimum_severity: 'optional - minimum finding severity Info||Low||Medium||High||Critical (Defaults to Info)',
             scan_date: 'optional - date in which scan was kicked off (defaults to now)',
             verified: 'optional - flag finding as verified by a tester (defaults to false)',
-            create_finding_groups: 'optional - flag to create finding groups (defaults to false)'
+            create_finding_groups: 'optional - flag to create finding groups (defaults to false)',
+            close_old_findings_product_scope: 'optional - flag to close old findings from engagement (defaults to false)',
+            close_old_findings: 'optional - flag to close old findings, regardless of engagement (defaults to false)',
+            push_to_jira: 'optional - flag to push findings to JIRA (defaults to false)'
           )
 
           reimportscan_response = #{self}.reimportscan(
@@ -739,7 +760,10 @@ module PWN
             minimum_severity: 'optional - minimum finding severity Info||Low||Medium||High||Critical (Defaults to Info)',
             scan_date: 'optional - date in which scan was kicked off (defaults to now)',
             verified: 'optional - flag finding as verified by a tester (defaults to false)',
-            create_finding_groups: 'optional - flag to create finding groups (defaults to false)'
+            create_finding_groups: 'optional - flag to create finding groups (defaults to false)',
+            close_old_findings_product_scope: 'optional - flag to close old findings from engagement (defaults to false)',
+            close_old_findings: 'optional - flag to close old findings, regardless of engagement (defaults to false)',
+            push_to_jira: 'optional - flag to push findings to JIRA (defaults to false)'
           )
 
           finding_list = #{self}.finding_list(

data/lib/pwn/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.4.934'
+  VERSION = '0.4.936'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.4.934
+  version: 0.4.936
 platform: ruby
 authors:
 - 0day Inc.
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-11-29 00:00:00.000000000 Z
+date: 2023-12-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -72,28 +72,28 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.6.8
+        version: 0.6.9
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.6.8
+        version: 0.6.9
 - !ruby/object:Gem::Dependency
   name: brakeman
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 6.0.1
+        version: 6.1.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 6.0.1
+        version: 6.1.0
 - !ruby/object:Gem::Dependency
   name: bson
   requirement: !ruby/object:Gem::Requirement
@@ -114,14 +114,14 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 2.4.22
+        version: 2.5.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 2.4.22
+        version: 2.5.0
 - !ruby/object:Gem::Dependency
   name: bundler-audit
   requirement: !ruby/object:Gem::Requirement
@@ -304,6 +304,20 @@ dependencies:
     - - '='
       - !ruby/object:Gem::Version
         version: 6.0.0
+- !ruby/object:Gem::Dependency
+  name: gruff
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.23.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.23.0
 - !ruby/object:Gem::Dependency
   name: htmlentities
   requirement: !ruby/object:Gem::Requirement
@@ -366,14 +380,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.6.3
+        version: 2.7.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.6.3
+        version: 2.7.1
 - !ruby/object:Gem::Dependency
   name: jsonpath
   requirement: !ruby/object:Gem::Requirement
@@ -402,6 +416,20 @@ dependencies:
     - - '='
       - !ruby/object:Gem::Version
         version: 2.7.1
+- !ruby/object:Gem::Dependency
+  name: libusb
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.6.4
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.6.4
 - !ruby/object:Gem::Dependency
   name: luhn
   requirement: !ruby/object:Gem::Requirement
@@ -612,6 +640,20 @@ dependencies:
     - - '='
       - !ruby/object:Gem::Version
         version: 2.0.0
+- !ruby/object:Gem::Dependency
+  name: packetgen
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 3.3.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 3.3.0
 - !ruby/object:Gem::Dependency
   name: pdf-reader
   requirement: !ruby/object:Gem::Requirement
@@ -716,14 +758,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 6.6.0
+        version: 6.6.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 6.6.0
+        version: 6.6.1
 - !ruby/object:Gem::Dependency
   name: rest-client
   requirement: !ruby/object:Gem::Requirement
@@ -814,14 +856,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.57.2
+        version: 1.59.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.57.2
+        version: 1.59.0
 - !ruby/object:Gem::Dependency
   name: rubocop-rake
   requirement: !ruby/object:Gem::Requirement
@@ -926,14 +968,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.119.0
+        version: 0.120.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.119.0
+        version: 0.120.0
 - !ruby/object:Gem::Dependency
   name: serialport
   requirement: !ruby/object:Gem::Requirement
@@ -2184,7 +2226,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.4.22
+rubygems_version: 3.5.0
 signing_key:
 specification_version: 4
 summary: Automated Security Testing for CI/CD Pipelines & Beyond