pwn 0.5.385 → 0.5.386

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/.rubocop.yml +1 -1
  3. data/README.md +3 -3
  4. data/lib/pwn/reports/sast.rb +105 -31
  5. data/lib/pwn/version.rb +1 -1
  6. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 61e60f508b27ca061c1f0f97a99fe9bca5eb88bcc67955ca5aa6ed51db9eb3d8
4
- data.tar.gz: 46a8e1ff43dc2b765f11c9e533b6629eea1d429181a6b18dfac08b3991a58772
3
+ metadata.gz: 32574f1d485c5d56361798bda3224919973f8347bbb3190797d9da2aee93c850
4
+ data.tar.gz: f539be698f7167a78fbc79f8769df47886e3f7a2a53746fa4d2468432212fef5
5
5
  SHA512:
6
- metadata.gz: 12d600b05e5ca5eb69debef6e7874fcb4bf5f85f9baefa1555280fa8f7269c98ad20102fb723a0126571bd4492a819b2b735d6400ec02c36352504b2a38d9402
7
- data.tar.gz: d2feddfaa93b5540250d77fd9baf4cd7036dfaa2e0847b43d825c9040f953e516ba95290191963b896eaff610679ff7e8f8c63bf0d09246565c6bddeeabf948d
6
+ metadata.gz: 469d75064ee55c3c2ab4bfc355f1970585204c3b449f43623aa8e951783194dee1f71e8650474750bcc56bd082a8ada97a54f525bdbc25803eea7b7a42ace9c5
7
+ data.tar.gz: 41b084795147fdc31fc344b4b6e82b31537f65a1562b64a898548170e7b8b971afbcacb798e9c434e2dd497c0d8ceeea895f5132556c91f79a54385912c2e804
data/.rubocop.yml CHANGED
@@ -16,7 +16,7 @@ Metrics/ClassLength:
16
16
  Metrics/CyclomaticComplexity:
17
17
  Max: 157
18
18
  Metrics/MethodLength:
19
- Max: 596
19
+ Max: 663
20
20
  Metrics/ModuleLength:
21
21
  Max: 1000
22
22
  Metrics/PerceivedComplexity:
data/README.md CHANGED
@@ -37,7 +37,7 @@ $ cd /opt/pwn
37
37
  $ ./install.sh
38
38
  $ ./install.sh ruby-gem
39
39
  $ pwn
40
- pwn[v0.5.385]:001 >>> PWN.help
40
+ pwn[v0.5.386]:001 >>> PWN.help
41
41
  ```
42
42
 
43
43
  [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.4.4@pwn
52
52
  $ gem uninstall --all --executables pwn
53
53
  $ gem install --verbose pwn
54
54
  $ pwn
55
- pwn[v0.5.385]:001 >>> PWN.help
55
+ pwn[v0.5.386]:001 >>> PWN.help
56
56
  ```
57
57
 
58
58
  If you're using a multi-user install of RVM do:
@@ -62,7 +62,7 @@ $ rvm use ruby-3.4.4@pwn
62
62
  $ rvmsudo gem uninstall --all --executables pwn
63
63
  $ rvmsudo gem install --verbose pwn
64
64
  $ pwn
65
- pwn[v0.5.385]:001 >>> PWN.help
65
+ pwn[v0.5.386]:001 >>> PWN.help
66
66
  ```
67
67
 
68
68
  PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
data/lib/pwn/reports/sast.rb CHANGED
@@ -431,19 +431,19 @@ module PWN
431
431
  {
432
432
  text: 'Export to JSON',
433
433
  action: function () {
434
- export_selected();
434
+ export_json();
435
435
  }
436
436
  },
437
437
  {
438
- text: 'Export to Excel',
438
+ text: 'Export to XLSX',
439
439
  action: function () {
440
- exportToExcelOrPdf('excel');
440
+ export_xlsx_or_pdf('xlsx');
441
441
  }
442
442
  },
443
443
  {
444
444
  text: 'Export to PDF',
445
445
  action: function () {
446
- exportToExcelOrPdf('pdf');
446
+ export_xlsx_or_pdf('pdf');
447
447
  }
448
448
  }
449
449
  ]
@@ -578,7 +578,7 @@ module PWN
578
578
  });
579
579
  }
580
580
 
581
- function export_selected() {
581
+ function export_json() {
582
582
  if ($('.multi_line_select tr.highlighted').length === 0 && !confirm('No lines selected. Export all records?')) {
583
583
  return;
584
584
  }
@@ -599,7 +599,7 @@ module PWN
599
599
  });
600
600
  }
601
601
 
602
- function exportToExcelOrPdf(type) {
602
+ function export_xlsx_or_pdf(type) {
603
603
  if ($('.multi_line_select tr.highlighted').length === 0 && !confirm('No lines selected. Export all records?')) {
604
604
  return;
605
605
  }
@@ -623,8 +623,64 @@ module PWN
623
623
  });
624
624
  });
625
625
 
626
- if (type === 'excel') {
627
- var ws = XLSX.utils.json_to_sheet(flatData);
626
+ var exportDate = new Date().toLocaleString();
627
+ var title = '~ pwn sast >>> ' + report_name + ' (Exported on ' + exportDate + ')';
628
+
629
+ if (type === 'xlsx') {
630
+ // Add title row
631
+ var titleRow = [{ v: title, t: 's', s: { font: { sz: 14, bold: true }, alignment: { horizontal: 'center' } } }];
632
+ var ws = XLSX.utils.json_to_sheet(flatData, {skipHeader: true});
633
+ XLSX.utils.sheet_add_aoa(ws, [titleRow], {origin: 'A1'});
634
+ XLSX.utils.sheet_add_json(ws, flatData, {origin: 'A2', skipHeader: false});
635
+
636
+ // Merge title cell across columns
637
+ if (!ws['!merges']) ws['!merges'] = [];
638
+ ws['!merges'].push({s: {r:0, c:0}, e: {r:0, c:8}}); // A1 to I1
639
+
640
+ // Set column widths by dividing desired column inches by 0.135
641
+ // column inches observed with Exce
642
+ // e.g 2.83 inches / 0.135 ~ 209px
643
+ ws['!cols'] = [
644
+ {wpx: 209},
645
+ {wpx: 130},
646
+ {wpx: 350},
647
+ {wpx: 40},
648
+ {wpx: 110},
649
+ {wpx: 40},
650
+ {wpx: 370},
651
+ {wpx: 370},
652
+ {wpx: 185}
653
+ ];
654
+
655
+ // Style header row (row 2, since title at 1, header at 2, data from 3)
656
+ var headerStyle = {
657
+ font: { bold: true, color: { rgb: "000000" } },
658
+ fill: { fgColor: { rgb: "999999" } },
659
+ alignment: { horizontal: 'center', wrapText: true }
660
+ };
661
+ for (var col = 0; col < 9; col++) {
662
+ var cellRef = XLSX.utils.encode_cell({r:1, c:col}); // Row 2 (0-based)
663
+ if (ws[cellRef]) ws[cellRef].s = headerStyle;
664
+ }
665
+
666
+ // Alternate row colors for data rows (starting from row 3)
667
+ var grayFill = { fgColor: { rgb: "DEDEDE" } };
668
+ var whiteFill = { fgColor: { rgb: "FFFFFF" } };
669
+ for (var rowNum = 3; rowNum < flatData.length + 2; rowNum++) { // Data rows 2-based from 3
670
+ var fill = (rowNum % 2 === 0) ? whiteFill : grayFill;
671
+ for (var col = 0; col < 9; col++) {
672
+ var cellRef = XLSX.utils.encode_cell({r: rowNum, c: col});
673
+ if (ws[cellRef]) {
674
+ if (!ws[cellRef].s) ws[cellRef].s = {};
675
+ ws[cellRef].s.fill = fill;
676
+ ws[cellRef].s.alignment = { wrapText: true, vertical: 'top' };
677
+ }
678
+ }
679
+ }
680
+
681
+ // Freeze header
682
+ ws['!freeze'] = { xSplit: 0, ySplit: 2 };
683
+
628
684
  var wb = XLSX.utils.book_new();
629
685
  XLSX.utils.book_append_sheet(wb, ws, 'PWN SAST Results');
630
686
  XLSX.writeFile(wb, report_name + '.xlsx');
@@ -632,12 +688,29 @@ module PWN
632
688
  var docDefinition = {
633
689
  pageOrientation: 'landscape',
634
690
  pageSize: 'LETTER',
691
+ pageMargins: [10, 10, 10, 10],
692
+ header: {
693
+ text: title, margin: [20, 10, 20, 0],
694
+ fontSize: 12, bold: true,
695
+ alignment: 'center'
696
+ },
697
+ footer: function(currentPage, pageCount) {
698
+ return {
699
+ text: 'Page ' + currentPage.toString() + ' of ' + pageCount + ' | Exported on ' + exportDate,
700
+ alignment: 'center',
701
+ fontSize: 8,
702
+ margin: [0, 0, 0, 10]
703
+ };
704
+ },
635
705
  content: [
636
- { text: '~ pwn sast: ' + report_name, style: 'header' },
706
+ {
707
+ text: title,
708
+ style: 'header'
709
+ },
637
710
  {
638
711
  table: {
639
712
  headerRows: 1,
640
- widths: [40, 30, 50, 30, 75, 30, 155, 155, 50],
713
+ widths: [45, 40, 70, 30, 80, 30, 165, 165, 70],
641
714
  body: [
642
715
  ['Timestamp', 'Test Case', 'NIST 800-53', 'CWE', 'Path', 'Line#', 'Content', 'AI Analysis', 'Author'],
643
716
  ...flatData.map(r => [
@@ -653,34 +726,35 @@ module PWN
653
726
  ])
654
727
  ]
655
728
  },
656
- layout: 'lightHorizontalLines'
729
+ layout: {
730
+ hLineWidth: function(i, node) { return (i === 0 || i === node.table.body.length) ? 1 : 0.5; },
731
+ vLineWidth: function(i, node) { return 0.5; },
732
+ hLineColor: function(i, node) { return '#aaaaaa'; },
733
+ vLineColor: function(i, node) { return '#aaaaaa'; },
734
+ fillColor: function (rowIndex, node, columnIndex) {
735
+ if (rowIndex === 0) {
736
+ return '#999999'; // Dark header
737
+ }
738
+ return (rowIndex % 2 === 0) ? '#ffffff' : '#dedede'; // White even, gray odd
739
+ },
740
+ paddingLeft: function(i, node) { return 4; },
741
+ paddingRight: function(i, node) { return 4; },
742
+ paddingTop: function(i, node) { return 2; },
743
+ paddingBottom: function(i, node) { return 2; }
744
+ }
657
745
  }
658
746
  ],
659
747
  styles: {
660
- title: {
661
- alignment: 'center',
662
- fontSize: 15
663
- },
664
- tableHeader: {
665
- bold: true,
748
+ header: {
666
749
  fontSize: 12,
667
- color: 'white',
668
- fillColor: '#2d4154',
669
- alignment: 'center'
670
- },
671
- tableBodyEven: {},
672
- tableBodyOdd: {
673
- fillColor: '#dedede'
674
- },
675
- tableFooter: {
676
750
  bold: true,
677
- fontSize: 8,
678
- color: 'white',
679
- fillColor: '#2d4154'
680
- },
751
+ margin: [0, 0, 0, 10]
752
+ }
681
753
  },
682
754
  defaultStyle: {
683
- fontSize: 6
755
+ fontSize: 8,
756
+ color: '#000000',
757
+ columnGap: 20
684
758
  }
685
759
  };
686
760
  pdfMake.createPdf(docDefinition).download(report_name + '.pdf');
data/lib/pwn/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module PWN
4
- VERSION = '0.5.385'
4
+ VERSION = '0.5.386'
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: pwn
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.5.385
4
+ version: 0.5.386
5
5
  platform: ruby
6
6
  authors:
7
7
  - 0day Inc.