pwn 0.5.241 → 0.5.242

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +4 -4
  3. data/README.md +3 -3
  4. data/lib/pwn/version.rb +1 -1
  5. data/lib/pwn/www/hacker_one.rb +139 -0
  6. metadata +10 -10
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 87a70683f83a05ea447fa1b9826119ddf9f600b0ecd8c726cfd5e2abc1fb92b3
4
- data.tar.gz: 24cc11b5d23b224eb2bde85d3334d30675b7b5e52b91573f5fb0bd744d6a7df5
3
+ metadata.gz: 9810178e96c5d2b02a9d5148bcfebca2356507be41a74fca1b293d23df006df6
4
+ data.tar.gz: 557726fc407d687c6457571841d72e919ed28b039d528a91340ff4b342311b77
5
5
  SHA512:
6
- metadata.gz: b82a1df9cb4b5728dc95888e48e2ce0d95293bc0973b8bd2cf0a8126b6f1396f133009d7596ec7d285d1cdc9e513e1ce89c9b43e936a98bac4ff5866f8bd865c
7
- data.tar.gz: 0dc2535ddccb00073480f7a70a30a3ffe916e574b6221ead32b4ff3ab7ae2f1d4da8c6d015309f94b66a943599d9fef77911a4ef1844328ea3ada4a0c8dd6201
6
+ metadata.gz: 4bba1ed04d3ee53de30126c0e5a073ef262d22fe81ad3c90961e0c280fad4c3a3e2fcd63b18bc682323ac7be6f06fdf79dfcb545d65a0b8cc663a0deba3d2e02
7
+ data.tar.gz: b44a47f14e9760f1926b4aad45c11e202ebd29358ccc63332f12e302ec902b4c0d4bd3e407a892cb0f660c2cdaedd265aae382b1a3baa0a0015768aa8ef0188f
data/Gemfile CHANGED
@@ -54,7 +54,7 @@ gem 'msfrpc-client', '1.1.2'
54
54
  gem 'netaddr', '2.0.6'
55
55
  gem 'net-ldap', '0.19.0'
56
56
  gem 'net-openvpn', '0.8.7'
57
- gem 'net-smtp', '0.5.0'
57
+ gem 'net-smtp', '0.5.1'
58
58
  gem 'nexpose', '7.3.0'
59
59
  gem 'nokogiri', '1.18.2'
60
60
  gem 'nokogiri-diff', '0.3.0'
@@ -65,21 +65,21 @@ gem 'os', '1.1.4'
65
65
  gem 'ostruct', '0.6.1'
66
66
  gem 'packetfu', '2.0.0'
67
67
  gem 'packetgen', '4.0.0'
68
- gem 'pdf-reader', '2.14.0'
68
+ gem 'pdf-reader', '2.14.1'
69
69
  gem 'pg', '1.5.9'
70
70
  gem 'pry', '0.15.2'
71
71
  gem 'pry-doc', '1.5.0'
72
72
  gem 'rake', '13.2.1'
73
73
  gem 'rb-readline', '0.5.5'
74
74
  gem 'rbvmomi2', '3.8.0'
75
- gem 'rdoc', '6.11.0'
75
+ gem 'rdoc', '6.12.0'
76
76
  gem 'rest-client', '2.1.0'
77
77
  gem 'rex', '2.0.13'
78
78
  gem 'rmagick', '6.1.1'
79
79
  gem 'rqrcode', '2.2.0'
80
80
  gem 'rspec', '3.13.0'
81
81
  gem 'rtesseract', '3.1.3'
82
- gem 'rubocop', '1.71.1'
82
+ gem 'rubocop', '1.71.2'
83
83
  gem 'rubocop-rake', '0.6.0'
84
84
  gem 'rubocop-rspec', '3.4.0'
85
85
  gem 'ruby-audio', '1.6.1'
data/README.md CHANGED
@@ -37,7 +37,7 @@ $ cd /opt/pwn
37
37
  $ ./install.sh
38
38
  $ ./install.sh ruby-gem
39
39
  $ pwn
40
- pwn[v0.5.241]:001 >>> PWN.help
40
+ pwn[v0.5.242]:001 >>> PWN.help
41
41
  ```
42
42
 
43
43
  [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.4.1@pwn
52
52
  $ gem uninstall --all --executables pwn
53
53
  $ gem install --verbose pwn
54
54
  $ pwn
55
- pwn[v0.5.241]:001 >>> PWN.help
55
+ pwn[v0.5.242]:001 >>> PWN.help
56
56
  ```
57
57
 
58
58
  If you're using a multi-user install of RVM do:
@@ -62,7 +62,7 @@ $ rvm use ruby-3.4.1@pwn
62
62
  $ rvmsudo gem uninstall --all --executables pwn
63
63
  $ rvmsudo gem install --verbose pwn
64
64
  $ pwn
65
- pwn[v0.5.241]:001 >>> PWN.help
65
+ pwn[v0.5.242]:001 >>> PWN.help
66
66
  ```
67
67
 
68
68
  PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
data/lib/pwn/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module PWN
4
- VERSION = '0.5.241'
4
+ VERSION = '0.5.242'
5
5
  end
data/lib/pwn/www/hacker_one.rb CHANGED
@@ -212,6 +212,145 @@ module PWN
212
212
  rest_client = nil if rest_client
213
213
  rest_request = nil if rest_request
214
214
  end
215
+
216
+ # Supported Method Parameters::
217
+ # hacktivity = PWN::WWW::HackerOne.get_hacktivity(
218
+ # program_name: 'required - program name from #get_bounty_programs method',
219
+ # proxy: 'optional - scheme://proxy_host:port || tor'
220
+ # )
221
+
222
+ public_class_method def self.get_hacktivity(opts = {})
223
+ program_name = opts[:program_name]
224
+ proxy = opts[:proxy]
225
+
226
+ browser_obj = PWN::Plugins::TransparentBrowser.open(
227
+ browser_type: :rest,
228
+ proxy: proxy
229
+ )
230
+ rest_client = browser_obj[:browser]
231
+ rest_request = rest_client::Request
232
+
233
+ graphql_endpoint = 'https://hackerone.com/graphql'
234
+ headers = { content_type: 'application/json' }
235
+ # NOTE: If you copy this payload to the pwn REPL
236
+ # the triple dots ... attempt to execute commands
237
+ # <cough>Pry CE</cough>
238
+ payload = {
239
+ operationName: 'HacktivitySearchQuery',
240
+ variables: {
241
+ from: 0,
242
+ product_area: 'other',
243
+ product_feature: 'other',
244
+ queryString: "team:(\"#{program_name}\")",
245
+ size: 100,
246
+ sort: {
247
+ field: 'disclosed_at',
248
+ direction: 'DESC'
249
+ }
250
+ },
251
+ query: 'query HacktivitySearchQuery(
252
+ $queryString: String!,
253
+ $from: Int,
254
+ $size: Int,
255
+ $sort: SortInput!
256
+ ) {
257
+ me {
258
+ id
259
+ __typename
260
+ }
261
+ search(
262
+ index: CompleteHacktivityReportIndex
263
+ query_string: $queryString
264
+ from: $from
265
+ size: $size
266
+ sort: $sort
267
+ ) {
268
+ __typename
269
+ total_count
270
+ nodes {
271
+ __typename
272
+ ... on HacktivityDocument {
273
+ id
274
+ _id
275
+ reporter {
276
+ id
277
+ username
278
+ name
279
+ __typename
280
+ }
281
+ cve_ids
282
+ cwe
283
+ severity_rating
284
+ upvoted: upvoted_by_current_user
285
+ public
286
+ report {
287
+ id
288
+ databaseId: _id
289
+ title
290
+ substate
291
+ url
292
+ disclosed_at
293
+ report_generated_content {
294
+ id
295
+ hacktivity_summary
296
+ __typename
297
+ }
298
+ __typename
299
+ }
300
+ votes
301
+ team {
302
+ id
303
+ handle
304
+ name
305
+ medium_profile_picture: profile_picture(size: medium)
306
+ url
307
+ currency
308
+ __typename
309
+ }
310
+ total_awarded_amount
311
+ latest_disclosable_action
312
+ latest_disclosable_activity_at
313
+ submitted_at
314
+ disclosed
315
+ has_collaboration
316
+ __typename
317
+ }
318
+ }
319
+ }
320
+ }
321
+ '
322
+ }
323
+
324
+ rest_response = rest_request.execute(
325
+ method: :post,
326
+ url: graphql_endpoint,
327
+ headers: headers,
328
+ payload: payload.to_json.delete("\n"),
329
+ verify_ssl: false
330
+ )
331
+
332
+ json_resp_hash = JSON.parse(rest_response.body, symbolize_names: true)
333
+
334
+ json_resp = {
335
+ name: program_name,
336
+ hacktivity: json_resp_hash
337
+ }
338
+ rescue RestClient::ExceptionWithResponse => e
339
+ if e.response
340
+ puts "HTTP RESPONSE CODE: #{e.response.code}"
341
+ puts "HTTP RESPONSE HEADERS:\n#{e.response.headers}"
342
+ puts "HTTP RESPONSE BODY:\n#{e.response.body}\n\n\n"
343
+ end
344
+
345
+ raise e
346
+ rescue StandardError => e
347
+ raise e
348
+ ensure
349
+ browser_obj = PWN::Plugins::TransparentBrowser.close(browser_obj: browser_obj) if browser_obj
350
+ rest_client = nil if rest_client
351
+ rest_request = nil if rest_request
352
+ end
353
+
215
354
  # Supported Method Parameters::
216
355
  # PWN::WWW::HackerOne.save_burp_target_config_file(
217
356
  # programs_arr: 'required - array of hashes returned from #get_bounty_programs method',
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pwn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.5.241
4
+ version: 0.5.242
5
5
  platform: ruby
6
6
  authors:
7
7
  - 0day Inc.
8
8
  bindir: bin
9
9
  cert_chain: []
10
- date: 2025-02-03 00:00:00.000000000 Z
10
+ date: 2025-02-07 00:00:00.000000000 Z
11
11
  dependencies:
12
12
  - !ruby/object:Gem::Dependency
13
13
  name: activesupport
@@ -589,14 +589,14 @@ dependencies:
589
589
  requirements:
590
590
  - - '='
591
591
  - !ruby/object:Gem::Version
592
- version: 0.5.0
592
+ version: 0.5.1
593
593
  type: :runtime
594
594
  prerelease: false
595
595
  version_requirements: !ruby/object:Gem::Requirement
596
596
  requirements:
597
597
  - - '='
598
598
  - !ruby/object:Gem::Version
599
- version: 0.5.0
599
+ version: 0.5.1
600
600
  - !ruby/object:Gem::Dependency
601
601
  name: nexpose
602
602
  requirement: !ruby/object:Gem::Requirement
@@ -729,14 +729,14 @@ dependencies:
729
729
  requirements:
730
730
  - - '='
731
731
  - !ruby/object:Gem::Version
732
- version: 2.14.0
732
+ version: 2.14.1
733
733
  type: :runtime
734
734
  prerelease: false
735
735
  version_requirements: !ruby/object:Gem::Requirement
736
736
  requirements:
737
737
  - - '='
738
738
  - !ruby/object:Gem::Version
739
- version: 2.14.0
739
+ version: 2.14.1
740
740
  - !ruby/object:Gem::Dependency
741
741
  name: pg
742
742
  requirement: !ruby/object:Gem::Requirement
@@ -827,14 +827,14 @@ dependencies:
827
827
  requirements:
828
828
  - - '='
829
829
  - !ruby/object:Gem::Version
830
- version: 6.11.0
830
+ version: 6.12.0
831
831
  type: :development
832
832
  prerelease: false
833
833
  version_requirements: !ruby/object:Gem::Requirement
834
834
  requirements:
835
835
  - - '='
836
836
  - !ruby/object:Gem::Version
837
- version: 6.11.0
837
+ version: 6.12.0
838
838
  - !ruby/object:Gem::Dependency
839
839
  name: rest-client
840
840
  requirement: !ruby/object:Gem::Requirement
@@ -925,14 +925,14 @@ dependencies:
925
925
  requirements:
926
926
  - - '='
927
927
  - !ruby/object:Gem::Version
928
- version: 1.71.1
928
+ version: 1.71.2
929
929
  type: :runtime
930
930
  prerelease: false
931
931
  version_requirements: !ruby/object:Gem::Requirement
932
932
  requirements:
933
933
  - - '='
934
934
  - !ruby/object:Gem::Version
935
- version: 1.71.1
935
+ version: 1.71.2
936
936
  - !ruby/object:Gem::Dependency
937
937
  name: rubocop-rake
938
938
  requirement: !ruby/object:Gem::Requirement