pwn 0.4.946 → 0.4.948
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.ruby-version +1 -1
- data/Gemfile +2 -2
- data/README.md +5 -5
- data/lib/pwn/plugins/defect_dojo.rb +15 -5
- data/lib/pwn/version.rb +1 -1
- metadata +8 -8
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 3cb997e0e92cf072ea55948720785a4c72683d4cf09dfe8967c3c86fa898660e
|
4
|
+
data.tar.gz: cd175882aa77aad5d0850bf031dbca59ca3447076856cf5da7bc06fb1825111b
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 2a9e2bb004a9c984532e6bf59e406753d8e3f99a009fb7fbbd413ae9b18385be1e2cdda2eec3d51ca44f6a1783a8d6ab6ca1f83044dcd2c717a82924278ae0e0
|
7
|
+
data.tar.gz: '09c9a97349e0bcbe14ba10af211063a8c8169f4b71134d7502c7d89e3485269922e5f35782229773dc90b075e6223116c39c691e56100fb8daa8203695753d0c'
|
data/.ruby-version
CHANGED
@@ -1 +1 @@
|
|
1
|
-
3.
|
1
|
+
3.3.0
|
data/Gemfile
CHANGED
@@ -17,9 +17,9 @@ gem 'authy', '3.0.1'
|
|
17
17
|
gem 'aws-sdk', '3.2.0'
|
18
18
|
# gem 'bettercap', '1.6.2'
|
19
19
|
gem 'barby', '0.6.9'
|
20
|
-
gem 'brakeman', '6.1.
|
20
|
+
gem 'brakeman', '6.1.1'
|
21
21
|
gem 'bson', '4.15.0'
|
22
|
-
gem 'bundler', '>=2.5.
|
22
|
+
gem 'bundler', '>=2.5.3'
|
23
23
|
gem 'bundler-audit', '0.9.1'
|
24
24
|
gem 'bunny', '2.22.0'
|
25
25
|
gem 'colorize', '1.1.0'
|
data/README.md
CHANGED
@@ -37,7 +37,7 @@ $ cd /opt/pwn
|
|
37
37
|
$ ./install.sh
|
38
38
|
$ ./install.sh ruby-gem
|
39
39
|
$ pwn
|
40
|
-
pwn[v0.4.
|
40
|
+
pwn[v0.4.948]:001 >>> PWN.help
|
41
41
|
```
|
42
42
|
|
43
43
|
[](https://youtu.be/G7iLUY4FzsI)
|
@@ -48,21 +48,21 @@ pwn[v0.4.946]:001 >>> PWN.help
|
|
48
48
|
It's wise to update pwn often as numerous versions are released/week:
|
49
49
|
```
|
50
50
|
$ rvm list gemsets
|
51
|
-
$ rvm use ruby-3.
|
51
|
+
$ rvm use ruby-3.3.0@pwn
|
52
52
|
$ gem uninstall --all --executables pwn
|
53
53
|
$ gem install --verbose pwn
|
54
54
|
$ pwn
|
55
|
-
pwn[v0.4.
|
55
|
+
pwn[v0.4.948]:001 >>> PWN.help
|
56
56
|
```
|
57
57
|
|
58
58
|
If you're using a multi-user install of RVM do:
|
59
59
|
```
|
60
60
|
$ rvm list gemsets
|
61
|
-
$ rvm use ruby-3.
|
61
|
+
$ rvm use ruby-3.3.0@pwn
|
62
62
|
$ rvmsudo gem uninstall --all --executables pwn
|
63
63
|
$ rvmsudo gem install --verbose pwn
|
64
64
|
$ pwn
|
65
|
-
pwn[v0.4.
|
65
|
+
pwn[v0.4.948]:001 >>> PWN.help
|
66
66
|
```
|
67
67
|
|
68
68
|
|
@@ -1,6 +1,7 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
3
|
require 'json'
|
4
|
+
require 'securerandom'
|
4
5
|
|
5
6
|
module PWN
|
6
7
|
module Plugins
|
@@ -76,11 +77,12 @@ module PWN
|
|
76
77
|
)
|
77
78
|
end
|
78
79
|
|
79
|
-
rest_client = browser_obj[:browser]
|
80
|
+
rest_client = browser_obj[:browser]
|
81
|
+
rest_request = rest_client::Request
|
80
82
|
|
81
83
|
case http_method
|
82
84
|
when :get
|
83
|
-
response =
|
85
|
+
response = rest_request.execute(
|
84
86
|
method: :get,
|
85
87
|
url: "#{base_dd_api_uri}/#{rest_call}",
|
86
88
|
headers: {
|
@@ -95,13 +97,21 @@ module PWN
|
|
95
97
|
|
96
98
|
when :post
|
97
99
|
if http_body.key?(:multipart)
|
98
|
-
|
99
|
-
payload = http_body
|
100
|
+
# Hack to fix name="tags[]" to name="tags" to allow for multi-tag submission
|
101
|
+
# otherwise we could just used payload = http_body
|
102
|
+
multipart = rest_client::Payload::Multipart.new(http_body)
|
103
|
+
content_type = multipart.headers['Content-Type']
|
104
|
+
multipart_massaged = multipart.to_s.gsub(
|
105
|
+
'Content-Disposition: form-data; name="tags[]"',
|
106
|
+
'Content-Disposition: form-data; name="tags"'
|
107
|
+
)
|
108
|
+
base = rest_client::Payload::Base.new(multipart_massaged)
|
109
|
+
payload = base.to_s
|
100
110
|
else
|
101
111
|
payload = http_body.to_json
|
102
112
|
end
|
103
113
|
|
104
|
-
response =
|
114
|
+
response = rest_request.execute(
|
105
115
|
method: :post,
|
106
116
|
url: "#{base_dd_api_uri}/#{rest_call}",
|
107
117
|
headers: {
|
data/lib/pwn/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: pwn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.4.
|
4
|
+
version: 0.4.948
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- 0day Inc.
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-12-
|
11
|
+
date: 2023-12-25 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|
@@ -86,14 +86,14 @@ dependencies:
|
|
86
86
|
requirements:
|
87
87
|
- - '='
|
88
88
|
- !ruby/object:Gem::Version
|
89
|
-
version: 6.1.
|
89
|
+
version: 6.1.1
|
90
90
|
type: :runtime
|
91
91
|
prerelease: false
|
92
92
|
version_requirements: !ruby/object:Gem::Requirement
|
93
93
|
requirements:
|
94
94
|
- - '='
|
95
95
|
- !ruby/object:Gem::Version
|
96
|
-
version: 6.1.
|
96
|
+
version: 6.1.1
|
97
97
|
- !ruby/object:Gem::Dependency
|
98
98
|
name: bson
|
99
99
|
requirement: !ruby/object:Gem::Requirement
|
@@ -114,14 +114,14 @@ dependencies:
|
|
114
114
|
requirements:
|
115
115
|
- - ">="
|
116
116
|
- !ruby/object:Gem::Version
|
117
|
-
version: 2.5.
|
117
|
+
version: 2.5.3
|
118
118
|
type: :development
|
119
119
|
prerelease: false
|
120
120
|
version_requirements: !ruby/object:Gem::Requirement
|
121
121
|
requirements:
|
122
122
|
- - ">="
|
123
123
|
- !ruby/object:Gem::Version
|
124
|
-
version: 2.5.
|
124
|
+
version: 2.5.3
|
125
125
|
- !ruby/object:Gem::Dependency
|
126
126
|
name: bundler-audit
|
127
127
|
requirement: !ruby/object:Gem::Requirement
|
@@ -2219,14 +2219,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
2219
2219
|
requirements:
|
2220
2220
|
- - ">="
|
2221
2221
|
- !ruby/object:Gem::Version
|
2222
|
-
version: 3.
|
2222
|
+
version: 3.3.0
|
2223
2223
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
2224
2224
|
requirements:
|
2225
2225
|
- - ">="
|
2226
2226
|
- !ruby/object:Gem::Version
|
2227
2227
|
version: '0'
|
2228
2228
|
requirements: []
|
2229
|
-
rubygems_version: 3.5.
|
2229
|
+
rubygems_version: 3.5.3
|
2230
2230
|
signing_key:
|
2231
2231
|
specification_version: 4
|
2232
2232
|
summary: Automated Security Testing for CI/CD Pipelines & Beyond
|