pwn 0.5.4 → 0.5.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +3 -3
- data/bin/pwn_bdba_groups +13 -1
- data/bin/pwn_bdba_scan +3 -9
- data/lib/pwn/plugins/black_duck_binary_analysis.rb +7 -7
- data/lib/pwn/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: db25f7826cf641ff6ee9a08c514eb818ca86a4d240b27673f41f9405a19dd5aa
|
|
4
|
+
data.tar.gz: fc3ed02c0b71b85c2de7ed372f039a572bad16dbf8fba58e51be1ea1bb2481ed
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 93763a61f4ad91827c6972f83c49ee6e7b88adf18911d190fa5a3dcdcb60d5b9195b9e5a37b4e5a9236d449e626622dd68d4b64860093db490149478e28e17f4
|
|
7
|
+
data.tar.gz: 55280eca8607553bbdfd0c42f1d3f5b8ae93a319cf688c2515e58ffd7e2842f96b6fea98e1e2bc1b10dfc0ce007278cab64c6eb3a125ee1fb9301ba03cbef5de
|
data/README.md
CHANGED
|
@@ -37,7 +37,7 @@ $ cd /opt/pwn
|
|
|
37
37
|
$ ./install.sh
|
|
38
38
|
$ ./install.sh ruby-gem
|
|
39
39
|
$ pwn
|
|
40
|
-
pwn[v0.5.
|
|
40
|
+
pwn[v0.5.6]:001 >>> PWN.help
|
|
41
41
|
```
|
|
42
42
|
|
|
43
43
|
[](https://youtu.be/G7iLUY4FzsI)
|
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.3.0@pwn
|
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
|
53
53
|
$ gem install --verbose pwn
|
|
54
54
|
$ pwn
|
|
55
|
-
pwn[v0.5.
|
|
55
|
+
pwn[v0.5.6]:001 >>> PWN.help
|
|
56
56
|
```
|
|
57
57
|
|
|
58
58
|
If you're using a multi-user install of RVM do:
|
|
@@ -62,7 +62,7 @@ $ rvm use ruby-3.3.0@pwn
|
|
|
62
62
|
$ rvmsudo gem uninstall --all --executables pwn
|
|
63
63
|
$ rvmsudo gem install --verbose pwn
|
|
64
64
|
$ pwn
|
|
65
|
-
pwn[v0.5.
|
|
65
|
+
pwn[v0.5.6]:001 >>> PWN.help
|
|
66
66
|
```
|
|
67
67
|
|
|
68
68
|
PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`. The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:
|
data/bin/pwn_bdba_groups
CHANGED
|
@@ -26,6 +26,14 @@ OptionParser.new do |options|
|
|
|
26
26
|
options.on('-pID', '--parent-group-id=ID', '<Optional - Black Duck Binary Analysis Parent Group ID to Associate with Group>') do |p|
|
|
27
27
|
opts[:parent_group_id] = p
|
|
28
28
|
end
|
|
29
|
+
|
|
30
|
+
options.on('-bSEC', '--binary-cleanup-age=SEC', '<Optional - after how long the binary will be deleted in seconds (Default: 2_592_000 / 30 days)>') do |b|
|
|
31
|
+
opts[:binary_cleanup_age] = b
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
options.on('-PSEC', '--product-cleanup-age=SEC', '<Optional - after how long the product will be deleted in seconds (Default: 2_592_000 / 30 days)>') do |p|
|
|
35
|
+
opts[:product_cleanup_age] = p
|
|
36
|
+
end
|
|
29
37
|
end.parse!
|
|
30
38
|
|
|
31
39
|
if opts.empty?
|
|
@@ -47,6 +55,8 @@ begin
|
|
|
47
55
|
|
|
48
56
|
list_group_name = opts[:list_group_name]
|
|
49
57
|
parent_group_id = opts[:parent_group_id]
|
|
58
|
+
binary_cleanup_age = opts[:binary_cleanup_age]
|
|
59
|
+
product_cleanup_age = opts[:product_cleanup_age]
|
|
50
60
|
|
|
51
61
|
if list_group_name
|
|
52
62
|
groups_resp = PWN::Plugins::BlackDuckBinaryAnalysis.get_groups(
|
|
@@ -95,7 +105,9 @@ begin
|
|
|
95
105
|
create_group_resp = PWN::Plugins::BlackDuckBinaryAnalysis.create_group(
|
|
96
106
|
token: token,
|
|
97
107
|
name: group_name,
|
|
98
|
-
parent_id: parent_group_id
|
|
108
|
+
parent_id: parent_group_id,
|
|
109
|
+
binary_cleanup_age: binary_cleanup_age,
|
|
110
|
+
product_cleanup_age: product_cleanup_age
|
|
99
111
|
)
|
|
100
112
|
|
|
101
113
|
puts create_group_resp.to_json
|
data/bin/pwn_bdba_scan
CHANGED
|
@@ -146,15 +146,9 @@ begin
|
|
|
146
146
|
find_product_attempts = scan_attempts
|
|
147
147
|
print 'Looking for Product in Apps by Group...'
|
|
148
148
|
loop do
|
|
149
|
-
#
|
|
150
|
-
#
|
|
151
|
-
|
|
152
|
-
target_basename = CGI.escape(
|
|
153
|
-
File.basename(target_file)
|
|
154
|
-
).gsub(
|
|
155
|
-
'%2B',
|
|
156
|
-
'+'
|
|
157
|
-
)
|
|
149
|
+
# target_basename = CGI.unescape_uri_component(File.basename(target_file))
|
|
150
|
+
# ^ Synopsis unescapes it for us.
|
|
151
|
+
target_basename = File.basename(target_file)
|
|
158
152
|
|
|
159
153
|
find_product = scan_progress_resp[:products].find { |p| p[:name] == target_basename }
|
|
160
154
|
|
|
@@ -197,7 +197,7 @@ module PWN
|
|
|
197
197
|
response = bd_bin_analysis_rest_call(
|
|
198
198
|
http_method: :put,
|
|
199
199
|
token: token,
|
|
200
|
-
rest_call: "upload/#{CGI.
|
|
200
|
+
rest_call: "upload/#{CGI.escape_uri_component(file_name)}",
|
|
201
201
|
http_headers: http_headers,
|
|
202
202
|
http_body: http_body
|
|
203
203
|
)
|
|
@@ -326,8 +326,8 @@ module PWN
|
|
|
326
326
|
# desc: 'optional - group description',
|
|
327
327
|
# parent_id: 'optional - parent group id',
|
|
328
328
|
# delete_binary: 'optional - delete binary after analysis C|Y|N (Default: C== company default)',
|
|
329
|
-
# binary_cleanup_age: 'optional - after how long the binary will be deleted in seconds (Default:
|
|
330
|
-
# product_cleanup_age: 'optional - after how long the product will be deleted in seconds (Default:
|
|
329
|
+
# binary_cleanup_age: 'optional - after how long the binary will be deleted in seconds (Default: 2_592_000 / 30 days)',
|
|
330
|
+
# product_cleanup_age: 'optional - after how long the product will be deleted in seconds (Default: 2_592_000 / 30 days)',
|
|
331
331
|
# file_download_enabled: 'optional - allow download of uploaded binaries from group (Default: false),
|
|
332
332
|
# low_risk_tolerance: 'optional - low risk tolerance nil|true|false (Default: nil == company default)',
|
|
333
333
|
# include_historical_vulns: 'optional - include historical vulns nil|true|false (Default: nil == company default)',
|
|
@@ -345,8 +345,8 @@ module PWN
|
|
|
345
345
|
desc = opts[:desc]
|
|
346
346
|
parent_id = opts[:parent_id]
|
|
347
347
|
delete_binary = opts[:delete_binary] ||= 'C'
|
|
348
|
-
binary_cleanup_age = opts[:binary_cleanup_age] ||=
|
|
349
|
-
product_cleanup_age = opts[:product_cleanup_age] ||=
|
|
348
|
+
binary_cleanup_age = opts[:binary_cleanup_age] ||= 2_592_000
|
|
349
|
+
product_cleanup_age = opts[:product_cleanup_age] ||= 2_592_000
|
|
350
350
|
file_download_enabled = opts[:file_download_enabled] ||= false
|
|
351
351
|
low_risk_tolerance = opts[:low_risk_tolerance]
|
|
352
352
|
include_historical_vulns = opts[:include_historical_vulns]
|
|
@@ -654,8 +654,8 @@ module PWN
|
|
|
654
654
|
desc: 'optional - group description',
|
|
655
655
|
parent_id: 'optional - parent_id group id',
|
|
656
656
|
delete_binary: 'optional - delete binary after analysis C|Y|N (Default: C== company default)',
|
|
657
|
-
binary_cleanup_age: 'optional - after how long the binary will be deleted in seconds (Default:
|
|
658
|
-
product_cleanup_age: 'optional - after how long the product will be deleted in seconds (Default:
|
|
657
|
+
binary_cleanup_age: 'optional - after how long the binary will be deleted in seconds (Default: 2_592_000 / 30 days)',
|
|
658
|
+
product_cleanup_age: 'optional - after how long the product will be deleted in seconds (Default: 2_592_000 / 30 days)',
|
|
659
659
|
file_download_enabled: 'optional - allow download of uploaded binaries from group (Default: false),
|
|
660
660
|
low_risk_tolerance: 'optional - low risk tolerance nil|true|false (Default: nil == company default)',
|
|
661
661
|
include_historical_vulns: 'optional - include historical vulns nil|true|false (Default: nil == company default)',
|
data/lib/pwn/version.rb
CHANGED