pwn 0.5.296 → 0.5.298

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 6084ce4228a703b5a63932418579de97831aef2fd80901f1a6d08d344a5e65a6
-  data.tar.gz: '09e4abc2b15e4568409e48f5354f1e7481ef6f498a85a6da4607ab47e613c510'
+  metadata.gz: be4a660a466617ce369499193c9480e167218321a3228cf93c330b7524f1b447
+  data.tar.gz: 005c66a5e7324753917f9af6e0928234348363e7b4e21afeef011e25fc3692aa
 SHA512:
-  metadata.gz: da596264507cc6fcf3a33e7a76296bc6cc7057cb4d2d739d702a80a50fa42f1956da53c6ff6ec9e428342caa204d03a0c42f916a0c514fe860aede361f1cc6ed
-  data.tar.gz: d7dacf9451bc8c44e3872bddbbafb32a113476fba5ac6199526b9993f2edff6bf6958ceb51687cf4f284b5c01d525b91e752a615539b080adea20b462bb61dea
+  metadata.gz: 35a10cb79b1cc2758faad2d95932e75b261993e0d6463fee4ecd3cc1213b0e94e8ab99ef1a03fb897c100986d8546c60925dd2f14bcd7718d87a1086199c4dad
+  data.tar.gz: e23f6cb197d77102e5bc19007c7d3bd06c38284f163b678c43d4e8e6a8ca9167dd53dd6e893a63273a591822067f5f312f612a0dca3316a42d92c30441191ff6

data/Gemfile

@@ -27,7 +27,7 @@ gem 'colorize', '1.1.0'
 gem 'credit_card_validations', '7.0.0'
 gem 'eventmachine', '1.2.7'
 gem 'executable-hooks', '1.7.1'
-gem 'faker', '3.5.1'
+gem 'faker', '3.5.2'
 gem 'faye-websocket', '0.12.0'
 gem 'ffi', '1.17.2'
 gem 'fftw3', '0.3'

data/README.md

@@ -37,7 +37,7 @@ $ cd /opt/pwn
 $ ./install.sh
 $ ./install.sh ruby-gem
 $ pwn
-pwn[v0.5.296]:001 >>> PWN.help
+pwn[v0.5.298]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.4.4@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.5.296]:001 >>> PWN.help
+pwn[v0.5.298]:001 >>> PWN.help
 ```
 
 If you're using a multi-user install of RVM do:
@@ -62,7 +62,7 @@ $ rvm use ruby-3.4.4@pwn
 $ rvmsudo gem uninstall --all --executables pwn
 $ rvmsudo gem install --verbose pwn
 $ pwn
-pwn[v0.5.296]:001 >>> PWN.help
+pwn[v0.5.298]:001 >>> PWN.help
 ```
 
 PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`.  The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:

data/lib/pwn/plugins/jira_server.rb

@@ -14,7 +14,7 @@ module PWN
 
       # Supported Method Parameters::
       # rest_call(
-      #   token: 'required - bearer token',
+      #   token: 'required - personal access token',
       #   http_method: 'optional HTTP method (defaults to GET)',
       #   rest_call: 'required rest call to make per the schema',
       #   params: 'optional params passed in the URI or HTTP Headers',
@@ -64,7 +64,7 @@ module PWN
           if http_body.is_a?(Hash)
             if http_body.key?(:multipart)
               headers[:content_type] = 'multipart/form-data'
-              headers[:x_atlassian_token] => 'no-check'
+              headers[:x_atlassian_token] = 'no-check'
             else
               http_body = http_body.to_json
             end
@@ -82,7 +82,10 @@ module PWN
           raise @@logger.error("Unsupported HTTP Method #{http_method} for #{self} Plugin")
         end
 
-        JSON.parse(response, symbolize_names: true)
+        jira_response = response if response.is_a?(RestClient::Response) && response.code == 204
+        jira_response = JSON.parse(response, symbolize_names: true) if response.is_a?(RestClient::Response) && response.code != 204
+
+        jira_response
       rescue RestClient::ExceptionWithResponse => e
         if e.response
           puts "HTTP BASE URL: #{base_api_uri}"
@@ -121,7 +124,7 @@ module PWN
       # Supported Method Parameters::
       # all_fields = PWN::Plugins::JiraServer.get_all_fields(
       #   base_api_uri: 'required - base URI for Jira (e.g. https:/jira.corp.com/rest/api/latest)',
-      #   token: 'required - bearer token'
+      #   token: 'required - personal access token'
       # )
 
       public_class_method def self.get_all_fields(opts = {})
@@ -141,10 +144,40 @@ module PWN
         raise e
       end
 
+      # Supported Method Parameters::
+      # user = PWN::Plugins::JiraServer.get_user(
+      #   base_api_uri: 'required - base URI for Jira (e.g. https:/jira.corp.com/rest/api/latest)',
+      #   token: 'required - personal access token',
+      #   username: 'required - username to lookup (e.g. jane.doe)'
+      # )
+
+      public_class_method def self.get_user(opts = {})
+        base_api_uri = opts[:base_api_uri]
+
+        token = opts[:token]
+        token ||= PWN::Plugins::AuthenticationHelper.mask_password(
+          prompt: 'Personal Access Token'
+        )
+
+        username = opts[:username]
+        raise 'ERROR: username cannot be nil.' if username.nil?
+
+        params = { username: username }
+
+        rest_call(
+          base_api_uri: base_api_uri,
+          token: token,
+          rest_call: 'user',
+          params: params
+        )
+      rescue StandardError => e
+        raise e
+      end
+
       # Supported Method Parameters::
       # issue_resp = PWN::Plugins::JiraServer.get_issue(
       #   base_api_uri: 'required - base URI for Jira (e.g. https:/jira.corp.com/rest/api/latest)',
-      #   token: 'required - bearer token',
+      #   token: 'required - personal access token',
       #   issue: 'required - issue to lookup (e.g. Bug, Issue, Story, or Epic ID)',
       #   params: 'optional - additional parameters to pass in the URI (e.g. fields, expand, etc.)'
       # )
@@ -175,7 +208,7 @@ module PWN
       # Supported Method Parameters::
       # issue_resp = PWN::Plugins::JiraServer.create_issue(
       #   base_api_uri: 'required - base URI for Jira (e.g. https:/jira.corp.com/rest/api/latest)',
-      #   token: 'required - bearer token',
+      #   token: 'required - personal access token',
       #   project_key: 'required - project key (e.g. PWN)',
       #   summary: 'required - summary of the issue (e.g. Epic for PWN-1337)',
       #   issue_type: 'required - issue type (e.g. :epic, :story, :bug)',
@@ -263,8 +296,9 @@ module PWN
       # Supported Method Parameters::
       # issue_resp = PWN::Plugins::JiraServer.update_issue(
       #   base_api_uri: 'required - base URI for Jira (e.g. https:/jira.corp.com/rest/api/latest)',
-      #   token: 'required - bearer token',
-      #   fields: 'required - fields to update in the issue (e.g. summary, description, labels, components, custom fields, etc.)'
+      #   token: 'required - personal access token',
+      #   fields: 'required - fields to update in the issue (e.g. summary, description, labels, components, custom fields, etc.)',
+      #   attachments: 'optional - array of attachment paths to upload to the issue (e.g. ["/path/to/file1.txt", "/path/to/file2.png"])'
       # )
 
       public_class_method def self.update_issue(opts = {})
@@ -280,15 +314,34 @@ module PWN
         fields = opts[:fields] ||= { fields: {} }
         raise 'ERROR: fields Hash must contain a :fields key that is also a Hash.' unless fields.is_a?(Hash) && fields.key?(:fields) && fields[:fields].is_a?(Hash)
 
+        attachments = opts[:attachments] ||= []
+
         http_body = fields
 
-        rest_call(
+        issue_resp = rest_call(
           http_method: :put,
           base_api_uri: base_api_uri,
           token: token,
           rest_call: "issue/#{issue}",
           http_body: http_body
         )
+
+        if attachments.any?
+          http_body = {
+            multipart: true,
+            file: attachments.map { |attachment| File.new(attachment, 'rb') }
+          }
+
+          rest_call(
+            http_method: :post,
+            base_api_uri: base_api_uri,
+            token: token,
+            rest_call: "issue/#{issue}/attachments",
+            http_body: http_body
+          )
+        end
+
+        issue_resp
       rescue StandardError => e
         raise e
       end
@@ -296,7 +349,7 @@ module PWN
       # Supported Method Parameters::
       # issue_resp = PWN::Plugins::JiraServer.delete_issue(
       #   base_api_uri: 'required - base URI for Jira (e.g. https:/jira.corp.com/rest/api/latest)',
-      #   token: 'required - bearer token',
+      #   token: 'required - personal access token',
       #   issue: 'required - issue to delete (e.g. Bug, Issue, Story, or Epic ID)'
       # )
 
@@ -336,38 +389,45 @@ module PWN
         puts "USAGE:
           all_fields = #{self}.get_all_fields(
             base_api_uri: 'required - base URI for Jira (e.g. https:/jira.corp.com/rest/api/latest)',
-            token: 'required - bearer token'
+            token: 'required - personal access token'
+          )
+
+          user = #{self}.get_user(
+            base_api_uri: 'required - base URI for Jira (e.g. https:/jira.corp.com/rest/api/latest)',
+            token: 'required - personal access token',
+            username: 'required - username to lookup (e.g. jane.doe')'
           )
 
           issue_resp = #{self}.get_issue(
             base_api_uri: 'required - base URI for Jira (e.g. https:/jira.corp.com/rest/api/latest)',
-            token: 'required - bearer token',
+            token: 'required - personal access token',
             issue: 'required - issue to lookup (e.g. Bug, Issue, Story, or Epic ID)',
             params: 'optional - additional parameters to pass in the URI'
           )
 
           issue_resp = #{self}.create_issue(
             base_api_uri: 'required - base URI for Jira (e.g. https:/jira.corp.com/rest/api/latest)',
-            token: 'required - bearer token',
+            token: 'required - personal access token',
             project_key: 'required - project key (e.g. PWN)',
             summary: 'required - summary of the issue (e.g. Epic for PWN-1337)',
             issue_type: 'required - issue type (e.g. :epic, :story, :bug)',
             description: 'optional - description of the issue',
             epic_name: 'optional - name of the epic',
             additional_fields: 'optional - additional fields to set in the issue (e.g. labels, components, custom fields, etc.)',
-            attachments: 'optional - array of attachment paths to upload to the issue (e.g. ['/path/to/file1.txt', '/path/to/file2.png'])'
+            attachments: 'optional - array of attachment paths to upload to the issue (e.g. [\"/path/to/file1.txt\", \"/path/to/file2.png\"])'
           )
 
           issue_resp = #{self}.update_issue(
             base_api_uri: 'required - base URI for Jira (e.g. https:/jira.corp.com/rest/api/latest)',
-            token: 'required - bearer token',
+            token: 'required - personal access token',
             issue: 'required - issue to update (e.g. Bug, Issue, Story, or Epic ID)',
-            fields: 'required - fields to update in the issue (e.g. summary, description, labels, components, custom fields, etc.)'
+            fields: 'required - fields to update in the issue (e.g. summary, description, labels, components, custom fields, etc.)',
+            attachments: 'optional - array of attachment paths to upload to the issue (e.g. [\"/path/to/file1.txt\", \"/path/to/file2.png\"])'
           )
 
           issue_resp = #{self}.delete_issue(
             base_api_uri: 'required - base URI for Jira (e.g. https:/jira.corp.com/rest/api/latest)',
-            token: 'required - bearer token',
+            token: 'required - personal access token',
             issue: 'required - issue to delete (e.g. Bug, Issue, Story, or Epic ID)'
           )
 

data/lib/pwn/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.5.296'
+  VERSION = '0.5.298'
 end

data/third_party/pwn_rdoc.jsonl

@@ -665,11 +665,13 @@
 {"messages":[{"role":"user","content":"PWN::Plugins::Jenkins.list_nested_jobs Usage"},{"role":"assistant","content":"`PWN::Plugins::Jenkins.list_nested_jobs`: Supported Method Parameters\n\nPWN::Plugins::Jenkins.list_nested_jobs(\n\njenkins_obj: 'required jenkins_obj returned from #connect method',\nview_path: 'required view path to list jobs'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::Jenkins.list_nested_views Usage"},{"role":"assistant","content":"`PWN::Plugins::Jenkins.list_nested_views`: Supported Method Parameters\n\nPWN::Plugins::Jenkins.list_nested_views(\n\njenkins_obj: 'required jenkins_obj returned from #connect method',\nview_path: 'required view path list sub-views'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::JiraServer.authors Usage"},{"role":"assistant","content":"`PWN::Plugins::JiraServer.authors`: Author(s)\n\n0day Inc. <support@0dayinc.com>\n"}]}
-{"messages":[{"role":"user","content":"PWN::Plugins::JiraServer.create_issue Usage"},{"role":"assistant","content":"`PWN::Plugins::JiraServer.create_issue`: Supported Method Parameters\n\nissue_resp = PWN::Plugins::JiraServer.create_issue(\n\nbase_api_uri: 'required - base URI for Jira (e.g. https:/jira.corp.com/rest/api/latest)',\ntoken: 'required - bearer token',\nproject_key: 'required - project key (e.g. PWN)',\nsummary: 'required - summary of the issue (e.g. Epic for PWN-1337)',\nissue_type: 'required - issue type (e.g. :epic, :story, :bug)',\ndescription: 'optional - description of the issue',\nepic_name: 'optional - name of the epic',\nadditional_fields: 'optional - additional fields to set in the issue (e.g. labels, components, custom fields, etc.)'\n\n)\n"}]}
+{"messages":[{"role":"user","content":"PWN::Plugins::JiraServer.create_issue Usage"},{"role":"assistant","content":"`PWN::Plugins::JiraServer.create_issue`: Supported Method Parameters\n\nissue_resp = PWN::Plugins::JiraServer.create_issue(\n\nbase_api_uri: 'required - base URI for Jira (e.g. https:/jira.corp.com/rest/api/latest)',\ntoken: 'required - bearer token',\nproject_key: 'required - project key (e.g. PWN)',\nsummary: 'required - summary of the issue (e.g. Epic for PWN-1337)',\nissue_type: 'required - issue type (e.g. :epic, :story, :bug)',\ndescription: 'optional - description of the issue',\nepic_name: 'optional - name of the epic',\nadditional_fields: 'optional - additional fields to set in the issue (e.g. labels, components, custom fields, etc.)'\nattachments: 'optional - array of attachment paths to upload to the issue (e.g. [\"/path/to/file1.txt\", \"/path/to/file2.png\"])'\n\n)\n"}]}
+{"messages":[{"role":"user","content":"PWN::Plugins::JiraServer.delete_issue Usage"},{"role":"assistant","content":"`PWN::Plugins::JiraServer.delete_issue`: Supported Method Parameters\n\nissue_resp = PWN::Plugins::JiraServer.delete_issue(\n\nbase_api_uri: 'required - base URI for Jira (e.g. https:/jira.corp.com/rest/api/latest)',\ntoken: 'required - bearer token',\nissue: 'required - issue to delete (e.g. Bug, Issue, Story, or Epic ID)'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::JiraServer.get_all_fields Usage"},{"role":"assistant","content":"`PWN::Plugins::JiraServer.get_all_fields`: Supported Method Parameters\n\nall_fields = PWN::Plugins::JiraServer.get_all_fields(\n\nbase_api_uri: 'required - base URI for Jira (e.g. https:/jira.corp.com/rest/api/latest)',\ntoken: 'required - bearer token'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::JiraServer.get_issue Usage"},{"role":"assistant","content":"`PWN::Plugins::JiraServer.get_issue`: Supported Method Parameters\n\nissue_resp = PWN::Plugins::JiraServer.get_issue(\n\nbase_api_uri: 'required - base URI for Jira (e.g. https:/jira.corp.com/rest/api/latest)',\ntoken: 'required - bearer token',\nissue: 'required - issue to lookup (e.g. Bug, Issue, Story, or Epic ID)',\nparams: 'optional - additional parameters to pass in the URI (e.g. fields, expand, etc.)'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::JiraServer.help Usage"},{"role":"assistant","content":"`PWN::Plugins::JiraServer.help`: "}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::JiraServer.rest_call Usage"},{"role":"assistant","content":"`PWN::Plugins::JiraServer.rest_call`: Supported Method Parameters\n\nrest_call(\n\ntoken: 'required - bearer token',\nhttp_method: 'optional HTTP method (defaults to GET)',\nrest_call: 'required rest call to make per the schema',\nparams: 'optional params passed in the URI or HTTP Headers',\nhttp_body: 'optional HTTP body sent in HTTP methods that support it e.g. POST'\n\n)\n"}]}
+{"messages":[{"role":"user","content":"PWN::Plugins::JiraServer.update_issue Usage"},{"role":"assistant","content":"`PWN::Plugins::JiraServer.update_issue`: Supported Method Parameters\n\nissue_resp = PWN::Plugins::JiraServer.update_issue(\n\nbase_api_uri: 'required - base URI for Jira (e.g. https:/jira.corp.com/rest/api/latest)',\ntoken: 'required - bearer token',\nfields: 'required - fields to update in the issue (e.g. summary, description, labels, components, custom fields, etc.)'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::Log.append Usage"},{"role":"assistant","content":"`PWN::Plugins::Log.append`: Supported Method Parameters\n\nPWN::Log.create( )\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::Log.authors Usage"},{"role":"assistant","content":"`PWN::Plugins::Log.authors`: Author(s)\n\n0day Inc. <support@0dayinc.com>\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::Log.help Usage"},{"role":"assistant","content":"`PWN::Plugins::Log.help`: "}]}

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.5.296
+  version: 0.5.298
 platform: ruby
 authors:
 - 0day Inc.
@@ -225,14 +225,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 3.5.1
+        version: 3.5.2
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 3.5.1
+        version: 3.5.2
 - !ruby/object:Gem::Dependency
   name: faye-websocket
   requirement: !ruby/object:Gem::Requirement