RubyGems - pwn - Versions diffs - 0.5.352 → 0.5.353 - Mend

pwn 0.5.352 → 0.5.353

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (60) hide show

checksums.yaml +4 -4
data/README.md +3 -3
data/bin/pwn_fuzz_net_app_proto +4 -3
data/bin/pwn_phone +1 -2
data/bin/pwn_sast +1 -2
data/bin/pwn_www_uri_buster +1 -2
data/lib/pwn/plugins/burp_suite.rb +14 -17
data/lib/pwn/plugins/git.rb +3 -3
data/lib/pwn/plugins/sock.rb +2 -2
data/lib/pwn/reports/fuzz.rb +69 -24
data/lib/pwn/reports/phone.rb +82 -23
data/lib/pwn/reports/sast.rb +19 -18
data/lib/pwn/reports/uri_buster.rb +79 -23
data/lib/pwn/sast/amqp_connect_as_guest.rb +2 -2
data/lib/pwn/sast/apache_file_system_util_api.rb +2 -2
data/lib/pwn/sast/aws.rb +2 -2
data/lib/pwn/sast/banned_function_calls_c.rb +2 -2
data/lib/pwn/sast/base64.rb +2 -2
data/lib/pwn/sast/beef_hook.rb +2 -2
data/lib/pwn/sast/cmd_execution_java.rb +2 -2
data/lib/pwn/sast/cmd_execution_python.rb +2 -2
data/lib/pwn/sast/cmd_execution_ruby.rb +2 -2
data/lib/pwn/sast/cmd_execution_scala.rb +2 -2
data/lib/pwn/sast/csrf.rb +2 -2
data/lib/pwn/sast/deserial_java.rb +2 -2
data/lib/pwn/sast/emoticon.rb +2 -2
data/lib/pwn/sast/eval.rb +2 -2
data/lib/pwn/sast/factory.rb +2 -2
data/lib/pwn/sast/http_authorization_header.rb +2 -2
data/lib/pwn/sast/inner_html.rb +2 -2
data/lib/pwn/sast/keystore.rb +2 -2
data/lib/pwn/sast/local_storage.rb +2 -2
data/lib/pwn/sast/location_hash.rb +2 -2
data/lib/pwn/sast/log4j.rb +2 -2
data/lib/pwn/sast/logger.rb +2 -2
data/lib/pwn/sast/md5.rb +2 -2
data/lib/pwn/sast/outer_html.rb +2 -2
data/lib/pwn/sast/padding_oracle.rb +2 -2
data/lib/pwn/sast/password.rb +2 -2
data/lib/pwn/sast/php_input_mechanisms.rb +2 -2
data/lib/pwn/sast/php_type_juggling.rb +2 -2
data/lib/pwn/sast/pom_version.rb +2 -2
data/lib/pwn/sast/port.rb +2 -2
data/lib/pwn/sast/post_message.rb +2 -2
data/lib/pwn/sast/private_key.rb +2 -2
data/lib/pwn/sast/redirect.rb +2 -2
data/lib/pwn/sast/redos.rb +2 -2
data/lib/pwn/sast/shell.rb +2 -2
data/lib/pwn/sast/signature.rb +2 -2
data/lib/pwn/sast/sql.rb +2 -2
data/lib/pwn/sast/ssl.rb +2 -2
data/lib/pwn/sast/sudo.rb +2 -2
data/lib/pwn/sast/task_tag.rb +2 -2
data/lib/pwn/sast/throw_errors.rb +3 -2
data/lib/pwn/sast/token.rb +2 -2
data/lib/pwn/sast/type_script_type_juggling.rb +2 -2
data/lib/pwn/sast/version.rb +2 -2
data/lib/pwn/sast/window_location_hash.rb +2 -2
data/lib/pwn/version.rb +1 -1
metadata +1 -1

data/lib/pwn/sast/php_type_juggling.rb CHANGED Viewed

@@ -27,7 +27,7 @@ module PWN
             entry_beautified = false
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
@@ -35,7 +35,7 @@ module PWN
             test_case_filter = "
               grep -Fn \
               -e '==' \
-              -e '!=' #{entry} | \
+              -e '!=' #{entry} 2> /dev/null | \
               grep -v \
                 -e '===' \
                 -e '!=='

data/lib/pwn/sast/pom_version.rb CHANGED Viewed

@@ -28,14 +28,14 @@ module PWN
             entry_beautified = false
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
             test_case_filter = "
               grep -in -B2 \
-              -e 'version' #{entry}
+              -e 'version' #{entry} 2> /dev/null
             "
             str = `#{test_case_filter}`.to_s.scrub

data/lib/pwn/sast/port.rb CHANGED Viewed

@@ -29,7 +29,7 @@ module PWN
             entry_beautified = false
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
@@ -41,7 +41,7 @@ module PWN
               -e "port\\s=\\s([0-9]{1,4}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])" \
               -e "port=([0-9]{1,4}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])" \
               -e "port:([0-9]{1,4}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])" \
-              -e "port:\\s([0-9]{1,4}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])" #{entry}
+              -e "port:\\s([0-9]{1,4}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])" #{entry} 2> /dev/null
             )
             str = `#{test_case_filter}`.to_s.scrub

data/lib/pwn/sast/post_message.rb CHANGED Viewed

@@ -28,14 +28,14 @@ module PWN
             entry_beautified = false
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
             test_case_filter = "
               grep -n \
-              -e 'postMessage(' #{entry}
+              -e 'postMessage(' #{entry} 2> /dev/null
             "
             str = `#{test_case_filter}`.to_s.scrub

data/lib/pwn/sast/private_key.rb CHANGED Viewed

@@ -27,14 +27,14 @@ module PWN
             entry_beautified = false
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
             test_case_filter = "
               grep -n \
-              -e 'PRIVATE KEY' #{entry}
+              -e 'PRIVATE KEY' #{entry} 2> /dev/null
             "
             str = `#{test_case_filter}`.to_s.scrub

data/lib/pwn/sast/redirect.rb CHANGED Viewed

@@ -27,7 +27,7 @@ module PWN
             entry_beautified = false
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
@@ -36,7 +36,7 @@ module PWN
               grep -Ein \
               -e "redirect(\\s=|=)" \
               -e "redirect_url(\\s=|=)" \
-              -e "redirect_uri(\\s=|=)" #{entry}
+              -e "redirect_uri(\\s=|=)" #{entry} 2> /dev/null
             )
             str = `#{test_case_filter}`.to_s.scrub

data/lib/pwn/sast/redos.rb CHANGED Viewed

@@ -28,7 +28,7 @@ module PWN
             entry_beautified = false
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
@@ -41,7 +41,7 @@ module PWN
               -e '(a|a?)+' \
               -e '(([a-z])' \
               -e '([a-zA-Z0-9])' \
-              -e '(.*a)\{' #{entry}
+              -e '(.*a)\{' #{entry} 2> /dev/null
             "
             str = `#{test_case_filter}`.to_s.scrub

data/lib/pwn/sast/shell.rb CHANGED Viewed

@@ -27,7 +27,7 @@ module PWN
             entry_beautified = false
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
@@ -42,7 +42,7 @@ module PWN
               -e '/bin/sh' \
               -e '/bin/tcsh' \
               -e '/usr/bin/screen' \
-              -e '/bin/zsh' #{entry}
+              -e '/bin/zsh' #{entry} 2> /dev/null
             "
             str = `#{test_case_filter}`.to_s.scrub

data/lib/pwn/sast/signature.rb CHANGED Viewed

@@ -27,14 +27,14 @@ module PWN
             entry_beautified = false
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
             test_case_filter = "
               grep -n \
-              -e 'Signature' #{entry}
+              -e 'Signature' #{entry} 2> /dev/null
             "
             str = `#{test_case_filter}`.to_s.scrub

data/lib/pwn/sast/sql.rb CHANGED Viewed

@@ -28,7 +28,7 @@ module PWN
             entry_beautified = false
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
@@ -38,7 +38,7 @@ module PWN
               -e 'select .*from ' \
               -e 'insert into .*values' \
               -e 'update .*set ' \
-              -e 'delete from ' #{entry}
+              -e 'delete from ' #{entry} 2> /dev/null
             "
             str = `#{test_case_filter}`.to_s.scrub

data/lib/pwn/sast/ssl.rb CHANGED Viewed

@@ -27,7 +27,7 @@ module PWN
             entry_beautified = false
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
@@ -38,7 +38,7 @@ module PWN
               -e 'tls' \
               -e 'trustAll' \
               -e 'trustmanager' \
-              -e 'ssl_version' #{entry}
+              -e 'ssl_version' #{entry} 2> /dev/null
             "
             str = `#{test_case_filter}`.to_s.scrub

data/lib/pwn/sast/sudo.rb CHANGED Viewed

@@ -27,14 +27,14 @@ module PWN
             entry_beautified = false
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
             test_case_filter = "
               grep -niE \
-              -e 'sudo' #{entry}
+              -e 'sudo' #{entry} 2> /dev/null
             "
             str = `#{test_case_filter}`.to_s.scrub

data/lib/pwn/sast/task_tag.rb CHANGED Viewed

@@ -28,7 +28,7 @@ module PWN
             entry_beautified = false
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
@@ -38,7 +38,7 @@ module PWN
               -e '//' \
               -e '<!--' \
               -e '/**' \
-              -e '#' #{entry} | \
+              -e '#' #{entry} 2> /dev/null | \
               grep -i \
               -e SECURITY \
               -e TODO \

data/lib/pwn/sast/throw_errors.rb CHANGED Viewed

@@ -27,14 +27,15 @@ module PWN
             entry_beautified = false
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
             test_case_filter = %(
               grep -in \
-              -e throw #{entry} | grep '"'
+              -e throw #{entry} 2> /dev/null | \
+              grep '"'
             )
             str = `#{test_case_filter}`.to_s.scrub

data/lib/pwn/sast/token.rb CHANGED Viewed

@@ -27,7 +27,7 @@ module PWN
             entry_beautified = false
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
@@ -36,7 +36,7 @@ module PWN
               grep -Fin \
               -e 'token' \
               -e 'oauth' \
-              -e 'decodeAndVerify' #{entry}
+              -e 'decodeAndVerify' #{entry} 2> /dev/null
             "
             str = `#{test_case_filter}`.to_s.scrub

data/lib/pwn/sast/type_script_type_juggling.rb CHANGED Viewed

@@ -27,7 +27,7 @@ module PWN
             entry_beautified = false
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
@@ -35,7 +35,7 @@ module PWN
             test_case_filter = "
               grep -Fn \
               -e '==' \
-              -e '!=' #{entry} | \
+              -e '!=' #{entry} 2>/dev/null | \
               grep -v \
                 -e '===' \
                 -e '!=='

data/lib/pwn/sast/version.rb CHANGED Viewed

@@ -27,14 +27,14 @@ module PWN
             entry_beautified = false
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
             test_case_filter = %(
               grep -in \
-              -e "version\\s=\\s" #{entry} | \
+              -e "version\\s=\\s" #{entry} 2> /dev/null | \
               grep -F '"'
             )

data/lib/pwn/sast/window_location_hash.rb CHANGED Viewed

@@ -27,14 +27,14 @@ module PWN
             entry_beautified = false
             if File.extname(entry) == '.js' && (`wc -l #{entry}`.split.first.to_i < 20 || entry.include?('.min.js') || entry.include?('-all.js'))
-              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED`.to_s.scrub
+              js_beautify = `js-beautify #{entry} > #{entry}.JS-BEAUTIFIED 2> /dev/null`.to_s.scrub
               entry = "#{entry}.JS-BEAUTIFIED"
               entry_beautified = true
             end
             test_case_filter = "
               grep -n \
-              -e 'window.location.hash' #{entry}
+              -e 'window.location.hash' #{entry} 2> /dev/null
             "
             str = `#{test_case_filter}`.to_s.scrub

data/lib/pwn/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module PWN
-  VERSION = '0.5.352'
+  VERSION = '0.5.353'
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.5.352
+  version: 0.5.353
 platform: ruby
 authors:
 - 0day Inc.