pwn 0.5.352 → 0.5.353

data/lib/pwn/reports/uri_buster.rb

@@ -71,8 +71,8 @@ module PWN
                 word-wrap: break-word !important;
               }
 
-              .highlighted {
-                background-color: #F2F5A9 !important;
+              tr.highlighted td {
+                background-color: #FFF396 !important;
               }
             </style>
 
@@ -92,7 +92,11 @@ module PWN
             </h1><br /><br />
             <h2 id="report_name"></h2><br />
 
-            <div><button type="button" id="button">Rows Selected</button></div><br />
+            <div>
+              <!--<button type="button" id="button">Rows Selected</button>-->
+              <button type="button" id="export_selected">Export Selected to JSON</button>
+            </div><br />
+
             <div>
               <b>Toggle Column(s):</b>&nbsp;
               <a class="toggle-vis" data-column="1" href="#">Request Time</a>&nbsp;|&nbsp;
@@ -127,6 +131,16 @@ module PWN
                     <th>HTTP Response Body (300 bytes)</th>
                   </tr>
                 </thead>
+                <col width="30px" />
+                <col width="60px" />
+                <col width="60px" />
+                <col width="30px" />
+                <col width="90px" />
+                <col width="30px" />
+                <col width="30px" />
+                <col width="30px" />
+                <col width="300px" />
+                <col width="300px" />
                 <!-- DataTables <tbody> -->
               </table>
             </div>
@@ -153,17 +167,6 @@ module PWN
                       $('html,body').animate({scrollTop: targetOffset}, 500);
                       oldStart = oSettings._iDisplayStart;
                     }
-                    // Select individual lines in a row
-                    $('#multi_line_select tbody').on('click', 'tr', function () {
-                      $(this).toggleClass('highlighted');
-                      if ($('#multi_line_select tr.highlighted').length > 0) {
-                        $('#multi_line_select tr td button').attr('disabled', 'disabled');
-                        // Remove multi-line bug button
-                      } else {
-                        $('#multi_line_select tr td button').removeAttr('disabled');
-                        // Add multi-line bug button
-                      }
-                    });
                   },
                   "ajax": "#{report_name}.json",
                   //"deferRender": true,
@@ -272,19 +275,72 @@ module PWN
                   column.visible( ! column.visible() );
                 });
 
-                // TODO: Open bug for highlighted rows ;)
                 $('#button').click( function () {
-                  alert($('#multi_line_select tr.highlighted').length +' row(s) highlighted');
+                  alert($('.multi_line_select tr.highlighted').length +' row(s) highlighted');
                 });
-              });
 
-              function multi_line_select() {
-                // Select all lines in a row
-                //$('#pwn_www_uri_buster_results tbody').on('click', 'tr', function () {
-                //  $(this).children('td').children('#multi_line_select').children('tbody').children('tr').toggleClass('highlighted');
-                //});
+                $('#export_selected').click( function () {
+                  if ($('.multi_line_select tr.highlighted').length === 0) {
+                    alert('No rows selected');
+                    return;
+                  }
 
-              }
+                  $.getJSON(table.ajax.url(), function(original_json) {
+                    var selected_results = {};
+
+                    $('.multi_line_select tr.highlighted').each(function() {
+                      var inner_tr = $(this);
+                      var main_tr = inner_tr.closest('td').parent();
+                      var row = table.row(main_tr);
+                      var row_index = row.index();
+                      var line_index = inner_tr.index();
+
+                      if (selected_results[row_index] === undefined) {
+                        selected_results[row_index] = {
+                          row: row,
+                          lines: []
+                        };
+                      }
+
+                      selected_results[row_index].lines.push(line_index);
+                    });
+
+                    var new_data = [];
+
+                    Object.keys(selected_results).forEach(function(ri) {
+                      var sel = selected_results[ri];
+                      var orig_row_data = sel.row.data();
+                      var new_row_data = JSON.parse(JSON.stringify(orig_row_data));
+
+                      sel.lines.sort((a, b) => a - b);
+                      new_row_data.line_no_and_contents = sel.lines.map(function(li) {
+                        return orig_row_data.line_no_and_contents[li];
+                      });
+
+                      new_row_data.raw_content = new_row_data.line_no_and_contents.map(l => l.contents).join('\\n');
+
+                      new_data.push(new_row_data);
+                    });
+
+                    original_json.data = new_data;
+
+                    if (original_json.report_name) {
+                      original_json.report_name += '_selected';
+                    }
+
+                    var json_str = JSON.stringify(original_json, null, 2);
+                    var blob = new Blob([json_str], { type: 'application/json' });
+                    var url = URL.createObjectURL(blob);
+                    var a = document.createElement('a');
+                    a.href = url;
+                    a.download = (original_json.report_name || 'selected') + '.json';
+                    document.body.appendChild(a);
+                    a.click();
+                    document.body.removeChild(a);
+                    URL.revokeObjectURL(url);
+                  });
+                });
+              });
             </script>
           </body>
         </html>

data/lib/pwn/sast/amqp_connect_as_guest.rb

@@ -28,7 +28,7 @@ module PWN
             entry_beautified = false
 
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
@@ -36,7 +36,7 @@ module PWN
             test_case_filter = "
               grep -in \
               -e amqp \
-              -e rabbit #{entry} | \
+              -e rabbit #{entry} 2> /dev/null | \
               grep guest
             "
 

data/lib/pwn/sast/apache_file_system_util_api.rb

@@ -27,7 +27,7 @@ module PWN
             entry_beautified = false
 
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
@@ -35,7 +35,7 @@ module PWN
             test_case_filter = "
               grep -n \
               -e 'import org.apache.commons.io.FileSystemUtils' \
-              -e 'freeSpaceKb' #{entry}
+              -e 'freeSpaceKb' #{entry} 2> /dev/null
             "
 
             str = `#{test_case_filter}`.to_s.scrub

data/lib/pwn/sast/aws.rb

@@ -26,7 +26,7 @@ module PWN
             entry_beautified = false
 
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
@@ -36,7 +36,7 @@ module PWN
               -e 'ec2-' \
               -e 'access.key' \
               -e 'secret.access' \
-              -e 'secret.key' #{entry}
+              -e 'secret.key' #{entry} 2> /dev/null
             "
 
             str = `#{test_case_filter}`.to_s.scrub

data/lib/pwn/sast/banned_function_calls_c.rb

@@ -28,7 +28,7 @@ module PWN
             entry_beautified = false
 
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
@@ -163,7 +163,7 @@ module PWN
               -e 'memcpy' \
               -e 'RtlCopyMemory' \
               -e 'CopyMemory' \
-              -e 'wmemcpy' #{entry}
+              -e 'wmemcpy' #{entry} 2> /dev/null
             "
 
             str = `#{test_case_filter}`.to_s.scrub

data/lib/pwn/sast/base64.rb

@@ -27,7 +27,7 @@ module PWN
             entry_beautified = false
 
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
@@ -35,7 +35,7 @@ module PWN
             # TODO: Include regex to search for Base64 strings
             test_case_filter = "
               grep -Ein \
-              -e 'BASE64' #{entry}
+              -e 'BASE64' #{entry} 2> /dev/null
             "
 
             str = `#{test_case_filter}`.to_s.scrub

data/lib/pwn/sast/beef_hook.rb

@@ -27,14 +27,14 @@ module PWN
             entry_beautified = false
 
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
 
             test_case_filter = "
               grep -Fin \
-              -e 'hook.js' #{entry}
+              -e 'hook.js' #{entry} 2> /dev/null
             "
 
             str = `#{test_case_filter}`.to_s.scrub

data/lib/pwn/sast/cmd_execution_java.rb

@@ -27,7 +27,7 @@ module PWN
             entry_beautified = false
 
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
@@ -36,7 +36,7 @@ module PWN
               grep -Fn \
               -e 'getEngineByName(' \
               -e 'ProcessBuilder(' \
-              -e '.exec(' #{entry}
+              -e '.exec(' #{entry} 2> /dev/null
             "
 
             str = `#{test_case_filter}`.to_s.scrub

data/lib/pwn/sast/cmd_execution_python.rb

@@ -27,7 +27,7 @@ module PWN
             entry_beautified = false
 
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
@@ -38,7 +38,7 @@ module PWN
               -e 'os.popen' \
               -e 'os.system' \
               -e 'subprocess.call' \
-              -e 'subprocess.Popen' #{entry}
+              -e 'subprocess.Popen' #{entry} 2> /dev/null
             "
 
             str = `#{test_case_filter}`.to_s.scrub

data/lib/pwn/sast/cmd_execution_ruby.rb

@@ -27,7 +27,7 @@ module PWN
             entry_beautified = false
 
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
@@ -46,7 +46,7 @@ module PWN
               -e 'Facter::Util::Resolution::exec' \
               -e 'PTY.spawn' \
               -e 'Process.fork' \
-              -e '%x' #{entry}
+              -e '%x' #{entry} 2> /dev/null
             "
 
             str = `#{test_case_filter}`.to_s.scrub

data/lib/pwn/sast/cmd_execution_scala.rb

@@ -27,7 +27,7 @@ module PWN
             entry_beautified = false
 
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
@@ -36,7 +36,7 @@ module PWN
               grep -Fn \
               -e 'Process(' \
               -e '.!' \
-              -e '.!!' #{entry}
+              -e '.!!' #{entry} 2> /dev/null
             "
 
             str = `#{test_case_filter}`.to_s.scrub

data/lib/pwn/sast/csrf.rb

@@ -28,14 +28,14 @@ module PWN
             entry_beautified = false
 
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
 
             test_case_filter = "
               grep -ni \
-              -e 'csrf' #{entry}
+              -e 'csrf' #{entry} 2> /dev/null
             "
 
             str = `#{test_case_filter}`.to_s.scrub

data/lib/pwn/sast/deserial_java.rb

@@ -29,7 +29,7 @@ module PWN
             entry_beautified = false
 
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
@@ -43,7 +43,7 @@ module PWN
               -e readResolve \
               -e readExternal \
               -e readUnshared \
-              -e Serializable #{entry}
+              -e Serializable #{entry} 2> /dev/null
             "
 
             str = `#{test_case_filter}`.to_s.scrub

data/lib/pwn/sast/emoticon.rb

@@ -27,7 +27,7 @@ module PWN
             entry_beautified = false
 
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
@@ -41,7 +41,7 @@ module PWN
               -e '\_o_/' \
               -e '\_O_/' \
               -e '\_0_/' \
-              -e ':-O' #{entry}
+              -e ':-O' #{entry} 2> /dev/null
             "
 
             str = `#{test_case_filter}`.to_s.scrub

data/lib/pwn/sast/eval.rb

@@ -28,14 +28,14 @@ module PWN
             entry_beautified = false
 
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
 
             test_case_filter = "
               grep -n \
-              -e 'eval(' #{entry}
+              -e 'eval(' #{entry} 2> /dev/null
             "
 
             str = `#{test_case_filter}`.to_s.scrub

data/lib/pwn/sast/factory.rb

@@ -29,7 +29,7 @@ module PWN
             entry_beautified = false
 
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
@@ -38,7 +38,7 @@ module PWN
               grep -in \
               -e DocumentBuilderFactory \
               -e XMLInputFactory \
-              -e SAXParserFactory #{entry}
+              -e SAXParserFactory #{entry} 2> /dev/null
             "
 
             str = `#{test_case_filter}`.to_s.scrub

data/lib/pwn/sast/http_authorization_header.rb

@@ -27,7 +27,7 @@ module PWN
             entry_beautified = false
 
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
@@ -43,7 +43,7 @@ module PWN
               -e "Authorization:(\\sVapid|Vapid)" \
               -e "Authorization:(\\sSCRAM|SCRAM)" \
               -e "Authorization:(\\sAWS|AWS)" \
-              -e "authorization(\\s=|=)" #{entry}
+              -e "authorization(\\s=|=)" #{entry} 2> /dev/null
             )
 
             str = `#{test_case_filter}`.to_s.scrub

data/lib/pwn/sast/inner_html.rb

@@ -28,14 +28,14 @@ module PWN
             entry_beautified = false
 
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
 
             test_case_filter = "
               grep -n \
-              -e 'innerHTML' #{entry}
+              -e 'innerHTML' #{entry} 2> /dev/null
             "
 
             str = `#{test_case_filter}`.to_s.scrub

data/lib/pwn/sast/keystore.rb

@@ -27,14 +27,14 @@ module PWN
             entry_beautified = false
 
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
 
             test_case_filter = "
               grep -Fin \
-              -e 'keystore' #{entry}
+              -e 'keystore' #{entry} 2> /dev/null
             "
 
             str = `#{test_case_filter}`.to_s.scrub

data/lib/pwn/sast/local_storage.rb

@@ -28,7 +28,7 @@ module PWN
             entry_beautified = false
 
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
@@ -36,7 +36,7 @@ module PWN
             test_case_filter = "
               grep -n \
               -e 'localStorage.getItem(' \
-              -e 'localStorage.setItem(' #{entry}
+              -e 'localStorage.setItem(' #{entry} 2> /dev/null
             "
 
             str = `#{test_case_filter}`.to_s.scrub

data/lib/pwn/sast/location_hash.rb

@@ -28,14 +28,14 @@ module PWN
             entry_beautified = false
 
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
 
             test_case_filter = "
               grep -n \
-              -e 'location.hash' #{entry}
+              -e 'location.hash' #{entry} 2> /dev/null
             "
 
             str = `#{test_case_filter}`.to_s.scrub

data/lib/pwn/sast/log4j.rb

@@ -27,14 +27,14 @@ module PWN
             entry_beautified = false
 
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
 
             test_case_filter = "
               grep -Fin \
-              -e 'log4j' #{entry}
+              -e 'log4j' #{entry} 2> /dev/null
             "
 
             str = `#{test_case_filter}`.to_s.scrub

data/lib/pwn/sast/logger.rb

@@ -28,7 +28,7 @@ module PWN
             entry_beautified = false
 
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
@@ -38,7 +38,7 @@ module PWN
               -e '.warn' \
               -e '.info' \
               -e '.error' \
-              -e '.debug' #{entry} | grep -i \
+              -e '.debug' #{entry} > /dev/null | grep -i \
               -e log | grep -i \
               -e pass \
               -e pwd \

data/lib/pwn/sast/md5.rb

@@ -27,14 +27,14 @@ module PWN
             entry_beautified = false
 
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
 
             test_case_filter = "
               grep -in \
-              -e 'md5' #{entry}
+              -e 'md5' #{entry} 2> /dev/null
             "
 
             str = `#{test_case_filter}`.to_s.scrub

data/lib/pwn/sast/outer_html.rb

@@ -28,14 +28,14 @@ module PWN
             entry_beautified = false
 
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
 
             test_case_filter = "
               grep -n \
-              -e 'outerHTML' #{entry}
+              -e 'outerHTML' #{entry} 2> /dev/null
             "
 
             str = `#{test_case_filter}`.to_s.scrub

data/lib/pwn/sast/padding_oracle.rb

@@ -26,7 +26,7 @@ module PWN
             entry_beautified = false
 
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
@@ -34,7 +34,7 @@ module PWN
             # TODO: Include regex to search for weak CBC block cipher padding
             test_case_filter = "
               grep -Ein \
-              -e 'AES/CBC/PKCS' #{entry}
+              -e 'AES/CBC/PKCS' #{entry} 2> /dev/null
             "
 
             str = `#{test_case_filter}`.to_s.scrub

data/lib/pwn/sast/password.rb

@@ -27,7 +27,7 @@ module PWN
             entry_beautified = false
 
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
@@ -38,7 +38,7 @@ module PWN
               -e "passwd(\\s=|=)" \
               -e "pass(\\s=|=)" \
               -e "password:\\s" \
-              -e "pwd(\\s=|=)" #{entry}
+              -e "pwd(\\s=|=)" #{entry} 2> /dev/null
             )
 
             str = `#{test_case_filter}`.to_s.scrub

data/lib/pwn/sast/php_input_mechanisms.rb

@@ -27,7 +27,7 @@ module PWN
             entry_beautified = false
 
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
@@ -40,7 +40,7 @@ module PWN
               -e '$_POST' \
               -e '$_REQUEST' \
               -e '$_SERVER' \
-              -e '$_SESSION' #{entry}
+              -e '$_SESSION' #{entry} 2> /dev/null
             "
 
             str = `#{test_case_filter}`.to_s.scrub