pwn 0.5.403 → 0.5.404

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3e5390f3bf6209a6f425edc5c920dbd6869add40979a7f25e8962356d5c9a6bd
-  data.tar.gz: 5cf631f4bc2838ed8f016bc0da2d34c4543b4610300783ce39ace423d501be57
+  metadata.gz: 43c98ee49b32ce9b04d3fdc660599c8b7fc47db6f5b5042169a1ffe96eb6bb77
+  data.tar.gz: a577bdac165bd2e96ec1ed87bb51c0d434276a00e8234f58c200e037ef1b83c0
 SHA512:
-  metadata.gz: 36181bae24a6d150c6badf0f42a5c1e7a76fc0f385ffe775eaf0b1d2403fbbcb577aaf5dd746b0f5f6cacbcd34fdd3b40be5bf31006f1a701499906236f38b21
-  data.tar.gz: cabc729dc772df80d270bc43192db6127cf1f6c418f580031d909a1c66488d8e75c24212e137758b01fe94eb45ae955fdee2d803a1ca6da553c38a3966e7ed27
+  metadata.gz: 6bad0c2f1b20916b4245dc95a8b7a42f9a686e386fe475238b3890ea2287331e737d794b2a88e32437b50355fe4a3786420b3a756b40bc3f99b5fd76f3ce0496
+  data.tar.gz: fd6cb93dad15d5e55e824a6bdbe13a3260612a015054d4cff6637b5469f5aa88ce7bdbe5409f83f4102f0023ba4ba2c9ca486ffaf3bddd8a94db37d98c761506

data/README.md

@@ -37,7 +37,7 @@ $ cd /opt/pwn
 $ ./install.sh
 $ ./install.sh ruby-gem
 $ pwn
-pwn[v0.5.403]:001 >>> PWN.help
+pwn[v0.5.404]:001 >>> PWN.help
 ```
 
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.4.4@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.5.403]:001 >>> PWN.help
+pwn[v0.5.404]:001 >>> PWN.help
 ```
 
 If you're using a multi-user install of RVM do:
@@ -62,7 +62,7 @@ $ rvm use ruby-3.4.4@pwn
 $ rvmsudo gem uninstall --all --executables pwn
 $ rvmsudo gem install --verbose pwn
 $ pwn
-pwn[v0.5.403]:001 >>> PWN.help
+pwn[v0.5.404]:001 >>> PWN.help
 ```
 
 PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`.  The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:

data/bin/pwn_zaproxy_active_rest_api_scan

@@ -133,20 +133,20 @@ begin
   )
   raise "ERROR: Failed to import OpenAPI/Swagger spec #{openapi_spec} into ZAP's Sitemap." if json_sitemap.nil? || json_sitemap.empty?
 
+  PWN::Plugins::Zaproxy.add_to_scope(
+    zap_obj: zap_obj,
+    target_regex: in_scope
+  )
+
   if additional_http_headers.is_a?(String)
     additional_http_headers = JSON.parse(additional_http_headers, symbolize_names: true)
     PWN::Plugins::Zaproxy.inject_additional_http_headers(
       zap_obj: zap_obj,
       target_regex: in_scope,
-      additional_http_headers: additional_http_headers
+      headers: additional_http_headers
     )
   end
 
-  PWN::Plugins::Zaproxy.add_to_scope(
-    zap_obj: zap_obj,
-    target_regex: in_scope
-  )
-
   PWN::Plugins::Zaproxy.active_scan(
     zap_obj: zap_obj,
     target_url: in_scope,

data/lib/pwn/plugins/zaproxy.rb

@@ -282,7 +282,7 @@ module PWN
             matchType: 'REQ_HEADER',
             matchRegex: false,
             matchString: header_key,
-            replacement: "#{header_key}: #{headers[header_key]}",
+            replacement: headers[header_key],
             initiators: '',
             url: target_regex
           }

data/lib/pwn/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PWN
-  VERSION = '0.5.403'
+  VERSION = '0.5.404'
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.5.403
+  version: 0.5.404
 platform: ruby
 authors:
 - 0day Inc.