RubyGems - pwn - Versions diffs - 0.5.368 → 0.5.370 - Mend

pwn 0.5.368 → 0.5.370

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

checksums.yaml +4 -4
data/README.md +3 -3
data/lib/pwn/plugins/burp_suite.rb +9 -6
data/lib/pwn/version.rb +1 -1
metadata +1 -1

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: cbb1ebc03f171e4f4b9498d84f1b1b0177cf6652147292d3679525f3e43e9eaf
-  data.tar.gz: b6844d284f8e798aafc8a75f8976fdbab870ee5f38e309ca27f2fe07854e60e6
+  metadata.gz: bbe3ea837ad8701fa7cc40891fd921e1569dea2dedcce3d96132151a470a4bf3
+  data.tar.gz: a87bde8ab4961eba10b1e4786943febd1bcc4cb14bed8f1ed8f250445e3089d4
 SHA512:
-  metadata.gz: 7d7e16bbe5abb0e87510f6a3be69285bc3b9e0ce70f0d55d73e05f9febff08f0818be4a83057d6474375df7824c8c7e894ae8f76b9e03e9f0115b9283baddc3e
-  data.tar.gz: d2c85ceff2de84967685befad732448bd38161eb7a6be5d86071c3b6240c2b39ece9f121c9e08f8ca2bef4c23eecc52c236b5e150055bac6cb74bad7b8bfb31e
+  metadata.gz: 1e17221331a7eb7df66fd50eeaf93c18766a1fa952fb656051e9229a187f45eab4fe1bf69ea1e0dfc0e1825e0e4be268a667fa75e1fbe26a5609af6f54b77849
+  data.tar.gz: 34a54b2495245294e3513105c8d6600f76a864369cfd4c436f533554618b11d6087b9cb2b7f086c4b6bc8e0f2941b7f524b824fb1d69ea6503c96f998342eedd

data/README.md CHANGED Viewed

@@ -37,7 +37,7 @@ $ cd /opt/pwn
 $ ./install.sh
 $ ./install.sh ruby-gem
 $ pwn
-pwn[v0.5.368]:001 >>> PWN.help
+pwn[v0.5.370]:001 >>> PWN.help
 ```
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.4.4@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.5.368]:001 >>> PWN.help
+pwn[v0.5.370]:001 >>> PWN.help
 ```
 If you're using a multi-user install of RVM do:
@@ -62,7 +62,7 @@ $ rvm use ruby-3.4.4@pwn
 $ rvmsudo gem uninstall --all --executables pwn
 $ rvmsudo gem install --verbose pwn
 $ pwn
-pwn[v0.5.368]:001 >>> PWN.help
+pwn[v0.5.370]:001 >>> PWN.help
 ```
 PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`.  The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:

data/lib/pwn/plugins/burp_suite.rb CHANGED Viewed

@@ -416,7 +416,7 @@ module PWN
           url: "http://#{pwn_burp_api}/sitemap",
           payload: sitemap.to_json,
           headers: { content_type: 'application/json; charset=UTF-8' },
-          timeout: 540
+          timeout: 30
         )
         if debug
@@ -428,7 +428,8 @@ module PWN
         # Return response body (assumed to be JSON)
         JSON.parse(response.body, symbolize_names: true)
       rescue RestClient::ExceptionWithResponse => e
-        raise StandardError, "HTTP error adding to sitemap: Status #{e.response.code}, Response: #{e.response.body}"
+        puts "ERROR: Failed to add to sitemap: #{e.message}"
+        puts "HTTP error adding to sitemap: Status #{e.response.code}, Response: #{e.response.body}" if e.responds_to?(:response) && e.response.respond_to?(:code) && e.response.respond_to?(:body)
       rescue StandardError => e
         stop(burp_obj: burp_obj) unless burp_obj.nil?
         raise e
@@ -437,7 +438,7 @@ module PWN
       # Supported Method Parameters:
       # json_sitemap = PWN::Plugins::BurpSuite.import_openapi_to_sitemap(
       #   burp_obj: 'required - burp_obj returned by #start method',
-      #   openapi_spec: 'required - path to OpenAPI JSON specification file',
+      #   openapi_spec: 'required - path to OpenAPI JSON or YAML specification file',
       #   additional_http_headers: 'optional - hash of additional HTTP headers to include in requests (default: {})',
       #   highlight: 'optional - highlight color for the sitemap entry (default: "NONE")',
       #   comment: 'optional - comment for the sitemap entry (default: "")',
@@ -458,8 +459,10 @@ module PWN
         debug = opts[:debug] || false
-        # Parse the OpenAPI JSON
-        openapi = JSON.parse(File.read(openapi_spec), symbolize_names: true)
+        # Parse the OpenAPI JSON or YAML specification file
+        # If the opeenapi_spec is YAML, convert it to JSON
+        openapi = JSON.parse(File.read(openapi_spec), symbolize_names: true) if openapi_spec.end_with?('.json')
+        openapi = YAML.safe_load_file(openapi_spec, permitted_classes: [Symbol, Date, Time], aliases: true, symbolize_names: true) if openapi_spec.end_with?('.yaml', '.yml')
         # Initialize result array
         sitemap_arr = []
@@ -1083,7 +1086,7 @@ module PWN
           json_sitemap = #{self}.import_openapi_to_sitemap(
             burp_obj: 'required - burp_obj returned by #start method',
-            openapi_spec: 'required - path to OpenAPI JSON specification file',
+            openapi_spec: 'required - path to OpenAPI JSON or YAML specification file',
             additional_http_headers: 'optional - hash of additional HTTP headers to include in requests (default: {})',
             debug: 'optional - boolean to enable debug logging (default: false)',
             highlight: 'optional - highlight color for the sitemap entry (default: \"NONE\")',

data/lib/pwn/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module PWN
-  VERSION = '0.5.368'
+  VERSION = '0.5.370'
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.5.368
+  version: 0.5.370
 platform: ruby
 authors:
 - 0day Inc.