RubyGems - pwn - Versions diffs - 0.5.417 → 0.5.418 - Mend

pwn 0.5.417 → 0.5.418

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8cafc7549310f3dd64c9f8b8794ca996ee16c80d57617822cb3ef38bcd1a7f45
-  data.tar.gz: d5fd1a2dc3b8f901cd3cb2a9bcb5b131377cc0ed8c5fd63563757b991febfdf5
+  metadata.gz: ca843067a55f8abc4c2744c560005ae75c44e0d07bad83839c48759e746ac6bc
+  data.tar.gz: 6577dab55259135b26811501b909b391f343986ea197294f9439b951430a1f8a
 SHA512:
-  metadata.gz: 9fbc6c458031607bfaf7f400a68f0a887a8b42e95696a6708c1a6c8271edde502652b86e4cba63aee459b8b5ffb69c67d6c5b6080334a424263b890e8a29690c
-  data.tar.gz: 50e973dc9b275909a2100aed6986f19fba776a691313661bbf7d8101a8f742d32f7cca0620e6423510af8386dd147a3d51c9df91141f2bd1847609da4e827bd3
+  metadata.gz: 9d52aa68e7783c6e320a0cf860f2dc5bb562edade1aace4605541123895adf7d13cd0981f125aec2f6363fbd8776213ac7f17d44a85d7d81729c050118391263
+  data.tar.gz: 879351a157b957060cb663b34f1d3364afda5253b4eac0e724383967e06e541e0ab27bb715b99e6c95582fca775dd5492d63397013db6ef2d9ad0cf133a41c2a

data/Gemfile CHANGED Viewed

@@ -41,7 +41,7 @@ gem 'htmlentities', '4.3.4'
 gem 'ipaddress', '0.8.3'
 gem 'jenkins_api_client2', '1.9.0'
 gem 'js-beautify', '0.1.8'
-gem 'json', '2.13.2'
+gem 'json', '2.14.1'
 gem 'jsonpath', '1.1.5'
 gem 'json_schemer', '2.4.0'
 gem 'jwt', '3.1.2'

data/README.md CHANGED Viewed

@@ -37,7 +37,7 @@ $ cd /opt/pwn
 $ ./install.sh
 $ ./install.sh ruby-gem
 $ pwn
-pwn[v0.5.417]:001 >>> PWN.help
+pwn[v0.5.418]:001 >>> PWN.help
 ```
 [![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
@@ -52,7 +52,7 @@ $ rvm use ruby-3.4.4@pwn
 $ gem uninstall --all --executables pwn
 $ gem install --verbose pwn
 $ pwn
-pwn[v0.5.417]:001 >>> PWN.help
+pwn[v0.5.418]:001 >>> PWN.help
 ```
 If you're using a multi-user install of RVM do:
@@ -62,7 +62,7 @@ $ rvm use ruby-3.4.4@pwn
 $ rvmsudo gem uninstall --all --executables pwn
 $ rvmsudo gem install --verbose pwn
 $ pwn
-pwn[v0.5.417]:001 >>> PWN.help
+pwn[v0.5.418]:001 >>> PWN.help
 ```
 PWN periodically upgrades to the latest version of Ruby which is reflected in `/opt/pwn/.ruby-version`.  The easiest way to upgrade to the latest version of Ruby from a previous PWN installation is to run the following script:

data/bin/pwn_sast CHANGED Viewed

@@ -51,7 +51,7 @@ OptionParser.new do |options|
     opts[:ai_key] = k
   end
-  options.on('-SCONTENT', '--ai-system-content=CONTENT', '<Optional AI System Role Content for Respective AI Engine>') do |s|
+  options.on('-SCONTENT', '--ai-system-content=CONTENT', '<Optional AI System Role Content for Respective AI Engine (Defaults to, "Confidence score of 0-10 this is vulnerable (0 being not vulnerable, moving upwards in confidence of exploitation). Provide additional context to assist penetration tester assessment.")>') do |s|
     opts[:ai_system_role_content] = s
   end

data/lib/pwn/plugins/open_api.rb CHANGED Viewed

@@ -348,7 +348,8 @@ module PWN
           File.write(output_json_path, JSON.pretty_generate(merged_spec))
           log("Merged OpenAPI specification written to: #{output_json_path}", debug: debug)
-          { individual_specs: specs, merged_spec: merged_spec }
+          # { individual_specs: specs, merged_spec: merged_spec }
+          output_json_path
         rescue Errno::ENOENT => e
           raise "Error accessing file: #{e.message}"
         rescue StandardError => e
@@ -882,7 +883,7 @@ module PWN
           openapi_spec = #{self}.generate_spec(
             spec_paths: 'required - array of OpenAPI file paths to merge',
             base_url: 'required - base URL for OpenAPI endpoints (e.g., http://fqdn.com)',
-            output_json_path: 'optional - path to save the merged OpenAPI JSON file',
+            output_json_path: 'required - path to save the merged OpenAPI JSON file',
             target_version: 'optional - target OpenAPI version (default: 3.0.3)',
             debug: 'optional - boolean to enable debug logging (default: false)'
           )

data/lib/pwn/reports/sast.rb CHANGED Viewed

@@ -19,7 +19,7 @@ module PWN
       #   ai_model: 'optionnal - AI Model to Use for Respective AI Engine (e.g., grok-4i-0709, chargpt-4o-latest, llama-3.1, etc.)',
       #   ai_key: 'optional -  AI Key/Token for Respective AI Engine',
       #   ai_fqdn: 'optional -  AI FQDN (Only Required for "ollama" AI Engine)',
-      #   ai_system_role_content: 'optional - AI System Role Content (Defaults to "Is this code vulnerable or a false positive?  Valid responses are only: "VULNERABLE" or "FALSE+". DO NOT PROVIDE ANY OTHER TEXT OR EXPLANATIONS.")',
+      #   ai_system_role_content: 'optional - AI System Role Content (Defaults to "Confidence score of 0-10 this is vulnerable (0 being not vulnerable, moving upwards in confidence of exploitation). Provide additional context to assist penetration tester assessment.")',
       #   ai_temp: 'optional - AI Temperature (Defaults to 0.9)'
       # )
@@ -44,7 +44,7 @@ module PWN
           raise 'ERROR: AI Model is required for AI engine ollama.' if ai_engine == :ollama && ai_model.nil?
           ai_key = opts[:ai_key] ||= PWN::Plugins::AuthenticationHelper.mask_password(prompt: "#{ai_engine} Token")
-          ai_system_role_content = opts[:ai_system_role_content] ||= 'Is this code vulnerable or a false positive?  Valid responses are only: "VULNERABLE" or "FALSE+". If this code is VULNERABLE, why?'
+          ai_system_role_content = opts[:ai_system_role_content] ||= 'Confidence score of 0-10 this is vulnerable (0 being not vulnerable, moving upwards in confidence of exploitation). Provide additional context to assist penetration tester assessment.'
           ai_temp = opts[:ai_temp] ||= 0.9
           puts "Analyzing source code using AI engine: #{ai_engine}\nModel: #{ai_model}\nSystem Role Content: #{ai_system_role_content}\nTemperature: #{ai_temp}"

data/lib/pwn/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module PWN
-  VERSION = '0.5.417'
+  VERSION = '0.5.418'
 end

data/third_party/pwn_rdoc.jsonl CHANGED Viewed

@@ -536,7 +536,7 @@
 {"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.get_proxy_listeners Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.get_proxy_listeners`: Supported Method Parameters\n\njson_proxy_listeners = PWN::Plugins::BurpSuite.get_proxy_listeners(\n\nburp_obj: 'required - burp_obj returned by #start method'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.get_repeater_tab Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.get_repeater_tab`: Supported Method Parameters\n\nrepeater_tab = PWN::Plugins::BurpSuite.get_repeater_tab(\n\nburp_obj: 'required - burp_obj returned by #start method',\nid: 'required - id of the repeater tab to get'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.get_scan_issues Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.get_scan_issues`: Supported Method Parameters\n\njson_scan_issues = PWN::Plugins::BurpSuite.get_scan_issues(\n\nburp_obj: 'required - burp_obj returned by #start method'\n\n)\n"}]}
-{"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.get_sitemap Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.get_sitemap`: Supported Method Parameters\n\njson_sitemap = PWN::Plugins::BurpSuite.get_sitemap(\n\nburp_obj: 'required - burp_obj returned by #start method',\nkeyword: 'optional - keyword to filter sitemap entries (default: nil)',\n\n)\n"}]}
+{"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.get_sitemap Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.get_sitemap`: Supported Method Parameters\n\njson_sitemap = PWN::Plugins::BurpSuite.get_sitemap(\n\nburp_obj: 'required - burp_obj returned by #start method',\nkeyword: 'optional - keyword to filter sitemap entries (default: nil)'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.help Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.help`: "}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.import_openapi_to_sitemap Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.import_openapi_to_sitemap`: "}]}
 {"messages":[{"role":"user","content":"PWN::Plugins::BurpSuite.in_scope Usage"},{"role":"assistant","content":"`PWN::Plugins::BurpSuite.in_scope`: Supported Method Parameters\n\nuri_in_scope = PWN::Plugins::BurpSuite.in_scope(\n\nburp_obj: 'required - burp_obj returned by #start method',\nuri: 'required - URI to determine if in scope'\n\n)\n"}]}
@@ -1303,7 +1303,7 @@
 {"messages":[{"role":"user","content":"PWN::WWW::Google.search_linkedin_for_employees_by_company Usage"},{"role":"assistant","content":"`PWN::WWW::Google.search_linkedin_for_employees_by_company`: Supported Method Parameters\n\nbrowser_obj = PWN::WWW::Google.search_linkedin_for_employees_by_company(\n\nbrowser_obj: 'required - browser_obj returned from #open method',\ncompany: 'required - company string'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::WWW::HackerOne.authors Usage"},{"role":"assistant","content":"`PWN::WWW::HackerOne.authors`: Author(s)\n\n0day Inc. <support@0dayinc.com>\n"}]}
 {"messages":[{"role":"user","content":"PWN::WWW::HackerOne.close Usage"},{"role":"assistant","content":"`PWN::WWW::HackerOne.close`: Supported Method Parameters\n\nbrowser_obj = PWN::WWW::HackerOne.close(\n\nbrowser_obj: 'required - browser_obj returned from #open method'\n\n)\n"}]}
-{"messages":[{"role":"user","content":"PWN::WWW::HackerOne.get_bounty_programs Usage"},{"role":"assistant","content":"`PWN::WWW::HackerOne.get_bounty_programs`: Supported Method Parameters\n\nprograms_arr = PWN::WWW::HackerOne.get_bounty_programs(\n\nbrowser_obj: 'required - browser_obj returned from #open method',\nproxy: 'optional - scheme://proxy_host:port || tor',\nmin_payouts_enabled: 'optional - only display programs where payouts are > $0.00 (defaults to false)',\nsuppress_progress: 'optional - suppress output (defaults to false)'\n\n)\n"}]}
+{"messages":[{"role":"user","content":"PWN::WWW::HackerOne.get_bounty_programs Usage"},{"role":"assistant","content":"`PWN::WWW::HackerOne.get_bounty_programs`: Supported Method Parameters\n\nprograms_arr = PWN::WWW::HackerOne.get_bounty_programs(\n\nmin_payouts_enabled: 'optional - only display programs where payouts are > $0.00 (defaults to false)',\nsuppress_progress: 'optional - suppress output (defaults to false)',\nproxy: 'optional - scheme://proxy_host:port || tor'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::WWW::HackerOne.get_hacktivity Usage"},{"role":"assistant","content":"`PWN::WWW::HackerOne.get_hacktivity`: Supported Method Parameters\n\nhacktivity = PWN::WWW::HackerOne.get_hacktivity(\n\nprogram_name: 'required - program name from #get_bounty_programs method',\nproxy: 'optional - scheme://proxy_host:port || tor'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::WWW::HackerOne.get_scope_details Usage"},{"role":"assistant","content":"`PWN::WWW::HackerOne.get_scope_details`: Supported Method Parameters\n\nscope_details = PWN::WWW::HackerOne.get_scope_details(\n\nprogram_name: 'required - program name from #get_bounty_programs method',\nproxy: 'optional - scheme://proxy_host:port || tor'\n\n)\n"}]}
 {"messages":[{"role":"user","content":"PWN::WWW::HackerOne.help Usage"},{"role":"assistant","content":"`PWN::WWW::HackerOne.help`: "}]}

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: pwn
 version: !ruby/object:Gem::Version
-  version: 0.5.417
+  version: 0.5.418
 platform: ruby
 authors:
 - 0day Inc.
@@ -407,14 +407,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.13.2
+        version: 2.14.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.13.2
+        version: 2.14.1
 - !ruby/object:Gem::Dependency
   name: jsonpath
   requirement: !ruby/object:Gem::Requirement