pwn 0.5.275 → 0.5.276

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1083ea73f73a01610719111219f8c3e7915de2af83fb6b0828d512fb18d5f7bb
-  data.tar.gz: aec2a143fb5101c1a2ea4a2074cd8bc46c7389396be33aea90b7714b171732c9
+  metadata.gz: 15271f10bdb70966b130167ec81a81249c8db3e818587f4231fef33c8bf49c65
+  data.tar.gz: c7840a304777f72a2184f95fa202d21526aafa7462aac074df0fc0279154797d
 SHA512:
-  metadata.gz: a600e3fc61a73d010bc991099061542b43b7216f266c07466b6539f4ee2496f2eb24e87795d32c16ddf4d227d0bee2f59bf518c35150117f4ffe5bee02a5a005
-  data.tar.gz: 705b0d90b32f586731f1601ff79fbb24183bb3aad1548c692c56ded73d05f7426e7e81905e42418d1d017e99539c1e0dda1e3d21fde166f78f4bb8bb1013db05
+  metadata.gz: 585a7622370f8b8d818e79c4fd64d71265ca5a8a3427cfc9ea5508a4b081f54d80a01eb14503b74c72b89e1c8b61bda702739322615d008b5bf23b811b1e9381
+  data.tar.gz: e044ef3c7427ca5cdf4ef228646f3c373825d4b339df344f37c8abd57bfb05abe320171892f398a7ed121ba4a239862ccc11333076642bcc20c4078644043eda

data/Gemfile

@@ -28,14 +28,14 @@ gem 'credit_card_validations', '7.0.0'
 gem 'eventmachine', '1.2.7'
 gem 'executable-hooks', '1.7.1'
 gem 'faker', '3.5.1'
-gem 'faye-websocket', '0.11.3'
+gem 'faye-websocket', '0.12.0'
 gem 'ffi', '1.17.2'
 gem 'fftw3', '0.3'
 gem 'gdb', '1.0.0'
 gem 'gem-wrappers', '1.4.0'
 gem 'geocoder', '1.8.5'
 gem 'gist', '6.0.0'
-gem 'gruff', '0.26.0'
+gem 'gruff', '0.27.0'
 # gem 'hidapi', '0.1.9'
 gem 'htmlentities', '4.3.4'
 gem 'ipaddress', '0.8.3'
@@ -77,9 +77,9 @@ gem 'rest-client', '2.1.0'
 gem 'rex', '2.0.13'
 gem 'rmagick', '6.1.1'
 gem 'rqrcode', '3.1.0'
-gem 'rspec', '3.13.0'
+gem 'rspec', '3.13.1'
 gem 'rtesseract', '3.1.4'
-gem 'rubocop', '1.75.7'
+gem 'rubocop', '1.75.8'
 gem 'rubocop-rake', '0.7.1'
 gem 'rubocop-rspec', '3.6.0'
 gem 'ruby-audio', '1.6.1'
@@ -90,7 +90,7 @@ gem 'savon', '2.15.1'
 gem 'selenium-devtools', '0.137.0'
 # gem 'serialport', '1.3.2'
 # gem 'sinatra', '4.0.0'
-gem 'slack-ruby-client', '2.5.2'
+gem 'slack-ruby-client', '2.6.0'
 gem 'socksify', '1.7.1'
 gem 'spreadsheet', '1.3.4'
 gem 'sqlite3', '2.6.0'

data/README.md

@@ -37,7 +37,7 @@ $ cd /opt/pwn
 $ ./install.sh
 $ ./install.sh ruby-gem
 $ pwn
-pwn[v0.5.275]:001 >>> PWN.help
+pwn[v0.5.276]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.4.4@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.5.275]:001 >>> PWN.help
+pwn[v0.5.276]:001 >>> PWN.help
 ```
 
 If you're using a multi-user install of RVM do:
@@ -62,7 +62,7 @@ $ rvm use ruby-3.4.4@pwn
 $ rvmsudo gem uninstall --all --executables pwn
 $ rvmsudo gem install --verbose pwn
 $ pwn
-pwn[v0.5.275]:001 >>> PWN.help
+pwn[v0.5.276]:001 >>> PWN.help
 ```
 
 PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`.  The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:

data/bin/pwn_bdba_scan

@@ -44,7 +44,7 @@ OptionParser.new do |options|
     opts[:report_only] = o
   end
 
-  options.on('-tTYPE', '--report-type=TYPE', '<Optional - Black Duck Binary Analysis Scan Report Type csv_libs|csv_vulns|pdf (Default: csv_vulns)>') do |t|
+  options.on('-tTYPE', '--report-type=TYPE', '<Optional - Black Duck Binary Analysis Scan Report Type csv_libs|csv_vulns|pdf|spdx (Default: csv_vulns)>') do |t|
     opts[:report_type] = t
   end
 

data/lib/pwn/plugins/black_duck_binary_analysis.rb

@@ -269,7 +269,7 @@ module PWN
       #   token: 'required - Bearer token',
       #   product_id: 'required - product id',
       #   output_path: 'required - path to output file',
-      #   type: 'optional - report type csv_libs||csv_vulns|pdf (Defaults to csv_vulns)'
+      #   type: 'optional - report type csv_libs||csv_vulns|pdf|spdx (Defaults to csv_vulns)'
       # )
 
       public_class_method def self.generate_product_report(opts = {})
@@ -278,6 +278,7 @@ module PWN
         output_path = opts[:output_path]
         type = opts[:type] ||= :csv_vulns
 
+        params = {}
         case type.to_s.downcase.to_sym
         when :csv_libs
           rest_call = "product/#{product_id}/csv-libs"
@@ -285,13 +286,18 @@ module PWN
           rest_call = "product/#{product_id}/csv-vulns"
         when :pdf
           rest_call = "product/#{product_id}/pdf-report"
+        when :spdx
+          rest_call = "product/#{product_id}/"
+          params[:format] = 'spdx-2.3'
+          params[:include_paths] = 'true'
         else
           raise "ERROR: Invalid report type #{type}"
         end
 
         response = bd_bin_analysis_rest_call(
           token: token,
-          rest_call: rest_call
+          rest_call: rest_call,
+          params: params
         )
 
         File.write(output_path, response.body)
@@ -689,7 +695,7 @@ module PWN
             token: 'required - Bearer token',
             product_id: 'required - product id',
             output_path: 'required - path to output file',
-            type: 'optional - report type csv_libs||csv_vulns|pdf (Defaults to csv_vulns)'
+            type: 'optional - report type csv_libs||csv_vulns|pdf|spdx (Defaults to csv_vulns)'
           )
 
           response = #{self}.get_tasks(

data/lib/pwn/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.5.275'
+  VERSION = '0.5.276'
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.5.275
+  version: 0.5.276
 platform: ruby
 authors:
 - 0day Inc.
@@ -239,14 +239,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.11.3
+        version: 0.12.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.11.3
+        version: 0.12.0
 - !ruby/object:Gem::Dependency
   name: ffi
   requirement: !ruby/object:Gem::Requirement
@@ -337,14 +337,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.26.0
+        version: 0.27.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.26.0
+        version: 0.27.0
 - !ruby/object:Gem::Dependency
   name: htmlentities
   requirement: !ruby/object:Gem::Requirement
@@ -897,14 +897,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 3.13.0
+        version: 3.13.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 3.13.0
+        version: 3.13.1
 - !ruby/object:Gem::Dependency
   name: rtesseract
   requirement: !ruby/object:Gem::Requirement
@@ -925,14 +925,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.75.7
+        version: 1.75.8
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.75.7
+        version: 1.75.8
 - !ruby/object:Gem::Dependency
   name: rubocop-rake
   requirement: !ruby/object:Gem::Requirement
@@ -1051,14 +1051,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.5.2
+        version: 2.6.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.5.2
+        version: 2.6.0
 - !ruby/object:Gem::Dependency
   name: socksify
   requirement: !ruby/object:Gem::Requirement