pwn 0.4.431 → 0.4.432
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +3 -3
- data/README.md +2 -2
- data/bin/pwn_nessus_cloud_create_scan +142 -11
- data/lib/pwn/plugins/nessus_cloud.rb +158 -21
- data/lib/pwn/version.rb +1 -1
- metadata +8 -8
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: b53a054a6de64ad97760f3d1fe8e6dedbac6fd173d66600dcf08301635d88990
|
4
|
+
data.tar.gz: 459e0d3b96d8e297f0f48827202912f49e9e275c6f88bf242095c6bfbf3b33c7
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 2094fcfe3d226dd7cea5dd8a9be4593ba853b968be90c657cfae828b74aebde36f3fe654aaf693782320a882fcfc2e18cf937998aff1dcf11cc04c4c655a79ec
|
7
|
+
data.tar.gz: 3b6dcdb9d2fc4fc65028485aa87418e5a1f0858c4475ab120d4f8e53b183f9c8d62d73ed3134a2648547a8e21fd41271b1a58e4f2785e13258b19a00406b9789
|
data/Gemfile
CHANGED
@@ -18,7 +18,7 @@ gem 'aws-sdk', '3.1.0'
|
|
18
18
|
gem 'bettercap', '1.6.2'
|
19
19
|
gem 'brakeman', '5.2.3'
|
20
20
|
gem 'bson', '4.15.0'
|
21
|
-
gem 'bundler', '>=2.3.
|
21
|
+
gem 'bundler', '>=2.3.14'
|
22
22
|
gem 'bundler-audit', '0.9.0.1'
|
23
23
|
gem 'bunny', '2.19.0'
|
24
24
|
gem 'colorize', '0.8.1'
|
@@ -61,7 +61,7 @@ gem 'rspec', '3.11.0'
|
|
61
61
|
gem 'rtesseract', '3.1.2'
|
62
62
|
gem 'rubocop', '1.29.1'
|
63
63
|
gem 'rubocop-rake', '0.6.0'
|
64
|
-
gem 'rubocop-rspec', '2.11.
|
64
|
+
gem 'rubocop-rspec', '2.11.1'
|
65
65
|
gem 'ruby-audio', '1.6.1'
|
66
66
|
gem 'ruby-nmap', '0.10.0'
|
67
67
|
gem 'ruby-saml', '1.14.0'
|
@@ -79,5 +79,5 @@ gem 'tty-prompt', '0.23.1'
|
|
79
79
|
gem 'watir', '7.1.0'
|
80
80
|
gem 'waveform', '0.1.2'
|
81
81
|
gem 'webrick', '1.7.0'
|
82
|
-
gem 'wicked_pdf', '2.6.
|
82
|
+
gem 'wicked_pdf', '2.6.3'
|
83
83
|
gem 'yard', '0.9.27'
|
data/README.md
CHANGED
@@ -37,7 +37,7 @@ $ rvm use ruby-3.1.2@pwn
|
|
37
37
|
$ rvm list gemsets
|
38
38
|
$ gem install --verbose pwn
|
39
39
|
$ pwn
|
40
|
-
pwn[v0.4.
|
40
|
+
pwn[v0.4.432]:001 >>> PWN.help
|
41
41
|
```
|
42
42
|
|
43
43
|
[![Installing the pwn Security Automation Framework](https://raw.githubusercontent.com/0dayInc/pwn/master/documentation/pwn_install.png)](https://youtu.be/G7iLUY4FzsI)
|
@@ -52,7 +52,7 @@ $ rvm use ruby-3.1.2@pwn
|
|
52
52
|
$ gem uninstall --all --executables pwn
|
53
53
|
$ gem install --verbose pwn
|
54
54
|
$ pwn
|
55
|
-
pwn[v0.4.
|
55
|
+
pwn[v0.4.432]:001 >>> PWN.help
|
56
56
|
```
|
57
57
|
|
58
58
|
|
@@ -19,15 +19,19 @@ OptionParser.new do |options|
|
|
19
19
|
opts[:scan_name] = n
|
20
20
|
end
|
21
21
|
|
22
|
+
options.on('-TTARGETS', '--text-targets=TARGETS', '<Required - Comma-delimited list of targets to scan>') do |t|
|
23
|
+
opts[:text_targets] = t
|
24
|
+
end
|
25
|
+
|
22
26
|
options.on('-tVALUE', '--scan-template=VALUE', '<Optional - Canned Scan Template to Use for Scan Creation (Defaults to "Basic Network Scan">') do |t|
|
23
27
|
opts[:scan_template] = t
|
24
28
|
end
|
25
29
|
|
26
|
-
options.on('-pPOLICY', '--policy-name=POLICY', '<Optional - Policy to Use to Create the Scan
|
30
|
+
options.on('-pPOLICY', '--policy-name=POLICY', '<Optional - Policy to Use to Create the Scan>') do |p|
|
27
31
|
opts[:policy_name] = p
|
28
32
|
end
|
29
33
|
|
30
|
-
options.on('-fFOLDER', '--folder-name=FOLDER', '<Optional - Where to Store the Scan (Defaults to "
|
34
|
+
options.on('-fFOLDER', '--folder-name=FOLDER', '<Optional - Where to Store the Scan (Defaults to "My Scans")>') do |f|
|
31
35
|
opts[:folder_name] = f
|
32
36
|
end
|
33
37
|
|
@@ -35,17 +39,33 @@ OptionParser.new do |options|
|
|
35
39
|
opts[:scanner_name] = s
|
36
40
|
end
|
37
41
|
|
38
|
-
options.on('-
|
39
|
-
opts[:
|
42
|
+
options.on('-D', '--disable-scan', '<Optional - If true, the schedule for the scan is disabled (Defaults to false)>') do |d|
|
43
|
+
opts[:disabled] = d
|
40
44
|
end
|
41
45
|
|
42
|
-
options.on('-
|
43
|
-
opts[:
|
46
|
+
options.on('-NTARGET', '--target-network-name=TARGET', '<Optional - If --scanner other than AUTO-ROUTED, Otherwise Required - Network to Scan (Defaults to "Default")>') do |n|
|
47
|
+
opts[:target_network_name] = n
|
44
48
|
end
|
45
49
|
|
46
|
-
options.on('-
|
50
|
+
options.on('-lWHEN', '--launch=WHEN', '<Optional - When to Launch Scan - ON_DEMAND || DAILY || WEEKLY || MONTHLY || YEARLY (Defaults to "ON_DEMAND")>') do |l|
|
47
51
|
opts[:launch] = l
|
48
52
|
end
|
53
|
+
|
54
|
+
options.on('-wTIME', '--scan-time-window=TIME', '<Optional - Scan Time Window in Minutes - (Defaults to 0 if nessus scanner scan || 180 if nessus agent scan)>') do |t|
|
55
|
+
opts[:scan_time_window] = t
|
56
|
+
end
|
57
|
+
|
58
|
+
options.on('-STIME', '--start-time=TIME', '<Optional - For One-Time Scans, the Starting Time and Date for the Scan - (Defaults to Time.now.strftime("%Y%m%dT%H%M%S")>') do |t|
|
59
|
+
opts[:starttime] = t
|
60
|
+
end
|
61
|
+
|
62
|
+
options.on('-rRRULES', '--rrules=RRULES', '<Optional - For One-Time Scans, the Starting Time and Date for the Scan - (Defaults to "FREQ=ONETIME;INTERVAL=0;BYDAY=null")>') do |r|
|
63
|
+
opts[:rrules] = r
|
64
|
+
end
|
65
|
+
|
66
|
+
options.on('-zTIMEZONE', '--timezone=TIMEZONE', '<Optional - Timezone of the scheduled start time for the scan - (Defaults to "UTC")>') do |t|
|
67
|
+
opts[:timezone] = t
|
68
|
+
end
|
49
69
|
end.parse!
|
50
70
|
|
51
71
|
if opts.empty?
|
@@ -54,6 +74,7 @@ if opts.empty?
|
|
54
74
|
end
|
55
75
|
|
56
76
|
begin
|
77
|
+
# Get Options Passed to pwn_nessus_cloud_create_scan
|
57
78
|
yaml_config = opts[:yaml_config]
|
58
79
|
|
59
80
|
raise "YAML Config Not Found: #{yaml_config}" unless File.exist?(yaml_config)
|
@@ -75,7 +96,7 @@ begin
|
|
75
96
|
policy_name ||= ''
|
76
97
|
|
77
98
|
folder_name = opts[:folder_name]
|
78
|
-
folder_name ||= '
|
99
|
+
folder_name ||= 'My Scans'
|
79
100
|
|
80
101
|
scanner_name = opts[:scanner_name]
|
81
102
|
scanner_name ||= 'AUTO-ROUTED'
|
@@ -83,23 +104,94 @@ begin
|
|
83
104
|
target_network_name = opts[:target_network_name]
|
84
105
|
target_network_name ||= 'Default'
|
85
106
|
|
107
|
+
disabled = true if opts[:disabled]
|
108
|
+
disabled ||= false
|
109
|
+
|
110
|
+
enabled = true
|
111
|
+
enabled = false if disabled
|
112
|
+
|
86
113
|
launch = opts[:launch]
|
87
114
|
launch ||= 'ON_DEMAND'
|
88
115
|
|
89
116
|
scan_time_window = opts[:scan_time_window]
|
90
117
|
|
118
|
+
starttime = opts[:starttime]
|
119
|
+
starttime ||= Time.now.strftime('%Y%m%dT%H%M%S')
|
120
|
+
|
121
|
+
rrules = opts[:rrules]
|
122
|
+
rrules ||= 'FREQ=ONETIME;INTERVAL=0;BYDAY=null'
|
123
|
+
# if opts[:rrules].nil?
|
124
|
+
# # SU, MO, TU, WE, TH, FR, SA
|
125
|
+
# byday_today = Time.now.strftime('%A').upcase[0..1]
|
126
|
+
# rrules = "FREQ=ONETIME;INTERVAL=0;BYDAY=#{byday_today}"
|
127
|
+
# end
|
128
|
+
|
129
|
+
timezone = opts[:timezone]
|
130
|
+
timezone ||= 'UTC'
|
131
|
+
|
132
|
+
text_targets = opts[:text_targets]
|
133
|
+
raise 'ERROR: --text-targets (i.e. List of targets to scan) is required.' unless text_targets
|
134
|
+
|
135
|
+
text_targets_arr = text_targets.split(',')
|
136
|
+
|
137
|
+
target_groups = opts[:target_groups]
|
138
|
+
|
139
|
+
file_targets = opts[:file_targets]
|
140
|
+
|
141
|
+
tag_targets = opts[:tag_targets]
|
142
|
+
|
143
|
+
agent_group_name = opts[:agent_group_name]
|
144
|
+
agent_group_id = ''
|
145
|
+
|
146
|
+
agent_scan_launch_type = opts[:agent_scan_launch_type]
|
147
|
+
agent_scan_launch_type ||= 'triggered'
|
148
|
+
|
149
|
+
triggers = {}
|
150
|
+
triggers[:trigger_type] = agent_scan_launch_type
|
151
|
+
triggers[:trigger_type] ||= 'periodic'
|
152
|
+
|
153
|
+
triggers[:options] = {}
|
154
|
+
case agent_scan_launch_type
|
155
|
+
when 'periodic'
|
156
|
+
triggers[:options][:periodic_hourly_interval] = opts[:periodic_hourly_interval]
|
157
|
+
triggers[:options][:periodic_hourly_interval] ||= 0
|
158
|
+
when 'file-exists'
|
159
|
+
triggers[:options][:filename] = opts[:filename]
|
160
|
+
end
|
161
|
+
|
162
|
+
emails = opts[:emails]
|
163
|
+
|
164
|
+
acls = {}
|
165
|
+
acls[:permissions] = opts[:acl_permissions]
|
166
|
+
acls[:owner] = opts[:acl_owner]
|
167
|
+
acls[:display_name] = opts[:acl_display_name]
|
168
|
+
acls[:name] = opts[:acl_name]
|
169
|
+
acls[:id] = opts[:acl_id]
|
170
|
+
acls[:type] = opts[:acl_type]
|
171
|
+
|
172
|
+
# Begin Here
|
91
173
|
nessus_obj = PWN::Plugins::NessusCloud.login(
|
92
174
|
access_key: access_key,
|
93
175
|
secret_key: secret_key
|
94
176
|
)
|
95
177
|
|
178
|
+
# Requirements to create a scan:
|
179
|
+
# Part 1: Populate uuid
|
180
|
+
# Part 2: Populate settings object
|
181
|
+
# Part 3: Populate credentials object
|
182
|
+
# Part 4: Populate plugins object (optional)
|
183
|
+
|
184
|
+
# Part 1: Populate uuid
|
185
|
+
# TODO: add --list-canned-scan-templates option
|
96
186
|
scan_template = PWN::Plugins::NessusCloud.get_canned_scan_templates(
|
97
187
|
nessus_obj: nessus_obj,
|
98
|
-
|
188
|
+
name: scan_template
|
99
189
|
)
|
100
|
-
|
101
|
-
puts
|
190
|
+
scan_template_uuid = scan_template[:uuid]
|
191
|
+
puts scan_template_uuid
|
102
192
|
|
193
|
+
# Part 2: Populate settings object
|
194
|
+
settings = {}
|
103
195
|
policy = PWN::Plugins::NessusCloud.get_policies(
|
104
196
|
nessus_obj: nessus_obj,
|
105
197
|
name: policy_name
|
@@ -126,6 +218,45 @@ begin
|
|
126
218
|
name: target_network_name
|
127
219
|
)
|
128
220
|
target_network_id = target_network[:uuid]
|
221
|
+
puts target_network_id
|
222
|
+
|
223
|
+
# Part 3: Populate credentials object
|
224
|
+
credentials = {}
|
225
|
+
credential_types = PWN::Plugins::NessusCloud.get_credential_types(
|
226
|
+
nessus_obj: nessus_obj
|
227
|
+
)
|
228
|
+
puts credential_types.inspect
|
229
|
+
# TODO: add --list-credential-types option
|
230
|
+
# credentials[:add] = {}
|
231
|
+
|
232
|
+
# case opts[:credential_type]
|
233
|
+
# when 'host/ssh'
|
234
|
+
# credential_type_parent = opts[:credential_type].split('/').first.to_sym
|
235
|
+
# credential_type = opts[:credential_type].split('/').last.to_sym
|
236
|
+
# credentials[:add][credential_type_parent] = {}
|
237
|
+
# credentials[:add][credential_type_parent][credential_type] = []
|
238
|
+
# when 'host/windows'
|
239
|
+
# credential_type_parent = opts[:credential_type].split('/').first.to_sym
|
240
|
+
# credential_type = opts[:credential_type].split('/').last.to_sym
|
241
|
+
# credentials[:add][credential_type_parent] = {}
|
242
|
+
# credentials[:add][credential_type_parent][credential_type] = []
|
243
|
+
# else
|
244
|
+
# raise "ERROR: #{opts[:credential_type]} Not Supported."
|
245
|
+
# end
|
246
|
+
|
247
|
+
# Part 4: Populate plugins object (optional)
|
248
|
+
# TODO: Implment Plugins During Scan Creation
|
249
|
+
plugins = {}
|
250
|
+
|
251
|
+
# create_scan_resp = PWN::Plugins::NessusCloud.create_scan(
|
252
|
+
# nessus_obj: nessus_obj,
|
253
|
+
# scan_template_uuid: scan_template_uuid,
|
254
|
+
# settings: settings,
|
255
|
+
# credentials: credentials,
|
256
|
+
# plugins: plugins
|
257
|
+
# )
|
258
|
+
|
259
|
+
# puts create_scan_resp.inspect
|
129
260
|
rescue Interrupt
|
130
261
|
puts 'CTRL+C detected...goodbye.'
|
131
262
|
rescue StandardError => e
|
@@ -94,12 +94,13 @@ module PWN
|
|
94
94
|
|
95
95
|
# Supported Method Parameters::
|
96
96
|
# PWN::Plugins::NessusCloud.get_canned_scan_templates(
|
97
|
-
# nessus_obj: 'required - nessus_obj returned from #login method'
|
97
|
+
# nessus_obj: 'required - nessus_obj returned from #login method',
|
98
|
+
# name: 'optional - name of scan template'
|
98
99
|
# )
|
99
100
|
|
100
101
|
public_class_method def self.get_canned_scan_templates(opts = {})
|
101
102
|
nessus_obj = opts[:nessus_obj]
|
102
|
-
|
103
|
+
name = opts[:name]
|
103
104
|
|
104
105
|
scan_templates_resp = nessus_cloud_rest_call(
|
105
106
|
nessus_obj: nessus_obj,
|
@@ -108,9 +109,9 @@ module PWN
|
|
108
109
|
|
109
110
|
scan_templates = JSON.parse(scan_templates_resp, symbolize_names: true)
|
110
111
|
|
111
|
-
if
|
112
|
+
if name
|
112
113
|
selected_scan_template = scan_templates[:templates].select do |sc|
|
113
|
-
sc[:title] ==
|
114
|
+
sc[:title] == name
|
114
115
|
end
|
115
116
|
scan_templates = selected_scan_template.first if selected_scan_template.any?
|
116
117
|
scan_templates ||= {}
|
@@ -123,19 +124,20 @@ module PWN
|
|
123
124
|
|
124
125
|
# Supported Method Parameters::
|
125
126
|
# PWN::Plugins::NessusCloud.get_policies(
|
126
|
-
# nessus_obj: 'required - nessus_obj returned from #login method'
|
127
|
+
# nessus_obj: 'required - nessus_obj returned from #login method',
|
128
|
+
# name: 'optional - name of policy (i.e. user-defined template)'
|
127
129
|
# )
|
128
130
|
|
129
131
|
public_class_method def self.get_policies(opts = {})
|
130
132
|
nessus_obj = opts[:nessus_obj]
|
131
133
|
name = opts[:name]
|
132
134
|
|
133
|
-
|
135
|
+
policies_resp = nessus_cloud_rest_call(
|
134
136
|
nessus_obj: nessus_obj,
|
135
137
|
rest_call: 'policies'
|
136
138
|
).body
|
137
139
|
|
138
|
-
policies = JSON.parse(
|
140
|
+
policies = JSON.parse(policies_resp, symbolize_names: true)
|
139
141
|
|
140
142
|
if name
|
141
143
|
selected_policy = policies[:policies].select do |p|
|
@@ -152,19 +154,20 @@ module PWN
|
|
152
154
|
|
153
155
|
# Supported Method Parameters::
|
154
156
|
# PWN::Plugins::NessusCloud.get_folders(
|
155
|
-
# nessus_obj: 'required - nessus_obj returned from #login method'
|
157
|
+
# nessus_obj: 'required - nessus_obj returned from #login method',
|
158
|
+
# name: 'optional - name of folder'
|
156
159
|
# )
|
157
160
|
|
158
161
|
public_class_method def self.get_folders(opts = {})
|
159
162
|
nessus_obj = opts[:nessus_obj]
|
160
163
|
name = opts[:name]
|
161
164
|
|
162
|
-
|
165
|
+
folders_resp = nessus_cloud_rest_call(
|
163
166
|
nessus_obj: nessus_obj,
|
164
167
|
rest_call: 'folders'
|
165
168
|
).body
|
166
169
|
|
167
|
-
folders = JSON.parse(
|
170
|
+
folders = JSON.parse(folders_resp, symbolize_names: true)
|
168
171
|
|
169
172
|
if name
|
170
173
|
selected_folder = folders[:folders].select do |f|
|
@@ -181,19 +184,20 @@ module PWN
|
|
181
184
|
|
182
185
|
# Supported Method Parameters::
|
183
186
|
# PWN::Plugins::NessusCloud.get_scanners(
|
184
|
-
# nessus_obj: 'required - nessus_obj returned from #login method'
|
187
|
+
# nessus_obj: 'required - nessus_obj returned from #login method',
|
188
|
+
# name: 'optional - name of scanner'
|
185
189
|
# )
|
186
190
|
|
187
191
|
public_class_method def self.get_scanners(opts = {})
|
188
192
|
nessus_obj = opts[:nessus_obj]
|
189
193
|
name = opts[:name]
|
190
194
|
|
191
|
-
|
195
|
+
scanners_resp = nessus_cloud_rest_call(
|
192
196
|
nessus_obj: nessus_obj,
|
193
197
|
rest_call: 'scanners'
|
194
198
|
).body
|
195
199
|
|
196
|
-
scanners = JSON.parse(
|
200
|
+
scanners = JSON.parse(scanners_resp, symbolize_names: true)
|
197
201
|
|
198
202
|
if name
|
199
203
|
selected_scanner = scanners[:scanners].select do |s|
|
@@ -210,19 +214,20 @@ module PWN
|
|
210
214
|
|
211
215
|
# Supported Method Parameters::
|
212
216
|
# PWN::Plugins::NessusCloud.get_target_networks(
|
213
|
-
# nessus_obj: 'required - nessus_obj returned from #login method'
|
217
|
+
# nessus_obj: 'required - nessus_obj returned from #login method',
|
218
|
+
# name: 'optional - name of target network'
|
214
219
|
# )
|
215
220
|
|
216
221
|
public_class_method def self.get_target_networks(opts = {})
|
217
222
|
nessus_obj = opts[:nessus_obj]
|
218
223
|
name = opts[:name]
|
219
224
|
|
220
|
-
|
225
|
+
target_networks_resp = nessus_cloud_rest_call(
|
221
226
|
nessus_obj: nessus_obj,
|
222
227
|
rest_call: 'networks'
|
223
228
|
).body
|
224
229
|
|
225
|
-
target_networks = JSON.parse(
|
230
|
+
target_networks = JSON.parse(target_networks_resp, symbolize_names: true)
|
226
231
|
|
227
232
|
if name
|
228
233
|
selected_network = target_networks[:networks].select do |tn|
|
@@ -237,6 +242,128 @@ module PWN
|
|
237
242
|
raise e
|
238
243
|
end
|
239
244
|
|
245
|
+
# Supported Method Parameters::
|
246
|
+
# PWN::Plugins::NessusCloud.get_timezones(
|
247
|
+
# nessus_obj: 'required - nessus_obj returned from #login method',
|
248
|
+
# name: 'optional - name of timezone'
|
249
|
+
# )
|
250
|
+
|
251
|
+
public_class_method def self.get_timezones(opts = {})
|
252
|
+
nessus_obj = opts[:nessus_obj]
|
253
|
+
name = opts[:name]
|
254
|
+
|
255
|
+
timezones_resp = nessus_cloud_rest_call(
|
256
|
+
nessus_obj: nessus_obj,
|
257
|
+
rest_call: 'scans/timezones'
|
258
|
+
).body
|
259
|
+
|
260
|
+
timezones = JSON.parse(timezones_resp, symbolize_names: true)
|
261
|
+
|
262
|
+
if name
|
263
|
+
selected_timezone = timezones[:networks].select do |tz|
|
264
|
+
tz[:name] == name
|
265
|
+
end
|
266
|
+
timezones = selected_timezone.first if selected_timezone.any?
|
267
|
+
timezones ||= {}
|
268
|
+
end
|
269
|
+
|
270
|
+
timezones
|
271
|
+
rescue StandardError, SystemExit, Interrupt => e
|
272
|
+
raise e
|
273
|
+
end
|
274
|
+
|
275
|
+
# Supported Method Parameters::
|
276
|
+
# PWN::Plugins::NessusCloud.get_target_groups(
|
277
|
+
# nessus_obj: 'required - nessus_obj returned from #login method',
|
278
|
+
# name: 'optional - name of timezone'
|
279
|
+
# )
|
280
|
+
# )
|
281
|
+
|
282
|
+
public_class_method def self.get_target_groups(opts = {})
|
283
|
+
nessus_obj = opts[:nessus_obj]
|
284
|
+
name = opts[:name]
|
285
|
+
|
286
|
+
target_groups_resp = nessus_cloud_rest_call(
|
287
|
+
nessus_obj: nessus_obj,
|
288
|
+
rest_call: 'target-groups'
|
289
|
+
).body
|
290
|
+
|
291
|
+
timezones = JSON.parse(target_groups_resp, symbolize_names: true)
|
292
|
+
|
293
|
+
if name
|
294
|
+
selected_timezone = timezones[:networks].select do |tz|
|
295
|
+
tz[:name] == name
|
296
|
+
end
|
297
|
+
timezones = selected_timezone.first if selected_timezone.any?
|
298
|
+
timezones ||= {}
|
299
|
+
end
|
300
|
+
|
301
|
+
timezones
|
302
|
+
rescue StandardError, SystemExit, Interrupt => e
|
303
|
+
raise e
|
304
|
+
end
|
305
|
+
|
306
|
+
# Supported Method Parameters::
|
307
|
+
# PWN::Plugins::NessusCloud.get_credential_types(
|
308
|
+
# nessus_obj: 'required - nessus_obj returned from #login method',
|
309
|
+
# name: 'optional - name of credential type (e.g. SSH, Windows, HTTP, etc.)'
|
310
|
+
# )
|
311
|
+
# )
|
312
|
+
|
313
|
+
public_class_method def self.get_credential_types(opts = {})
|
314
|
+
nessus_obj = opts[:nessus_obj]
|
315
|
+
name = opts[:name]
|
316
|
+
|
317
|
+
credential_types_resp = nessus_cloud_rest_call(
|
318
|
+
nessus_obj: nessus_obj,
|
319
|
+
rest_call: 'credentials/types'
|
320
|
+
).body
|
321
|
+
|
322
|
+
credential_types = JSON.parse(credential_types_resp, symbolize_names: true)
|
323
|
+
|
324
|
+
if name
|
325
|
+
selected_credential_type = credential_types[:networks].select do |tz|
|
326
|
+
tz[:name] == name
|
327
|
+
end
|
328
|
+
credential_types = selected_credential_type.first if selected_credential_type.any?
|
329
|
+
credential_types ||= {}
|
330
|
+
end
|
331
|
+
|
332
|
+
credential_types
|
333
|
+
rescue StandardError, SystemExit, Interrupt => e
|
334
|
+
raise e
|
335
|
+
end
|
336
|
+
|
337
|
+
# Supported Method Parameters::
|
338
|
+
# PWN::Plugins::NessusCloud.create_scan(
|
339
|
+
# nessus_obj: 'required - nessus_obj returned from #login method',
|
340
|
+
# scan_template_uuid: 'required - the UUID for the Tenable-provided scan template to use. Run #get_canned_scan_templates for a list of UUIDs',
|
341
|
+
# settings: 'required - settings object as defined by https://developer.tenable.com/reference/scans-create',
|
342
|
+
# credentials: 'required - credentials object as defined by https://developer.tenable.com/reference/scans-create',
|
343
|
+
# plugins: 'optional - plugins object as defined by https://developer.tenable.com/reference/scans-create (Defaults to {})'
|
344
|
+
# )
|
345
|
+
|
346
|
+
public_class_method def self.create_scan(opts = {})
|
347
|
+
nessus_obj = opts[:nessus_obj]
|
348
|
+
|
349
|
+
http_body = {}
|
350
|
+
http_body[:uuid] = opts[:scan_template_uuid]
|
351
|
+
http_body[:settings] = opts[:settings]
|
352
|
+
http_body[:credentials] = opts[:credentials]
|
353
|
+
http_body[:plugins] = opts[:plugins]
|
354
|
+
|
355
|
+
create_scan_resp = nessus_cloud_rest_call(
|
356
|
+
http_method: :post,
|
357
|
+
nessus_obj: nessus_obj,
|
358
|
+
rest_call: 'scans',
|
359
|
+
http_body: http_body
|
360
|
+
).body
|
361
|
+
|
362
|
+
JSON.parse(create_scan_resp, symbolize_names: true)
|
363
|
+
rescue StandardError, SystemExit, Interrupt => e
|
364
|
+
raise e
|
365
|
+
end
|
366
|
+
|
240
367
|
# Supported Method Parameters::
|
241
368
|
# PWN::Plugins::NessusCloud.get_scans(
|
242
369
|
# nessus_obj: 'required - nessus_obj returned from #login method'
|
@@ -440,23 +567,33 @@ module PWN
|
|
440
567
|
)
|
441
568
|
|
442
569
|
#{self}.get_canned_scan_templates(
|
443
|
-
nessus_obj: 'required - nessus_obj returned from #login method'
|
570
|
+
nessus_obj: 'required - nessus_obj returned from #login method',
|
571
|
+
name: 'optional - name of scan template'
|
444
572
|
)
|
445
573
|
|
446
574
|
#{self}.get_policies(
|
447
|
-
nessus_obj: 'required - nessus_obj returned from #login method'
|
575
|
+
nessus_obj: 'required - nessus_obj returned from #login method',
|
576
|
+
name: 'optional - name of policy (i.e. user-defined template)'
|
448
577
|
)
|
449
578
|
|
450
579
|
#{self}.get_folders(
|
451
|
-
nessus_obj: 'required - nessus_obj returned from #login method'
|
580
|
+
nessus_obj: 'required - nessus_obj returned from #login method',
|
581
|
+
name: 'optional - name of folder'
|
452
582
|
)
|
453
583
|
|
454
584
|
#{self}.get_scanners(
|
455
|
-
nessus_obj: 'required - nessus_obj returned from #login method'
|
585
|
+
nessus_obj: 'required - nessus_obj returned from #login method',
|
586
|
+
name: 'optional - name of scanner'
|
456
587
|
)
|
457
588
|
|
458
589
|
#{self}.get_target_networks(
|
459
|
-
nessus_obj: 'required - nessus_obj returned from #login method'
|
590
|
+
nessus_obj: 'required - nessus_obj returned from #login method',
|
591
|
+
name: 'optional - name of target network'
|
592
|
+
)
|
593
|
+
|
594
|
+
#{self}.get_timezones(
|
595
|
+
nessus_obj: 'required - nessus_obj returned from #login method',
|
596
|
+
name: 'optional - name of timezone'
|
460
597
|
)
|
461
598
|
|
462
599
|
#{self}.get_scans(
|
data/lib/pwn/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: pwn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.4.
|
4
|
+
version: 0.4.432
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- 0day Inc.
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-05-
|
11
|
+
date: 2022-05-19 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|
@@ -114,14 +114,14 @@ dependencies:
|
|
114
114
|
requirements:
|
115
115
|
- - ">="
|
116
116
|
- !ruby/object:Gem::Version
|
117
|
-
version: 2.3.
|
117
|
+
version: 2.3.14
|
118
118
|
type: :development
|
119
119
|
prerelease: false
|
120
120
|
version_requirements: !ruby/object:Gem::Requirement
|
121
121
|
requirements:
|
122
122
|
- - ">="
|
123
123
|
- !ruby/object:Gem::Version
|
124
|
-
version: 2.3.
|
124
|
+
version: 2.3.14
|
125
125
|
- !ruby/object:Gem::Dependency
|
126
126
|
name: bundler-audit
|
127
127
|
requirement: !ruby/object:Gem::Requirement
|
@@ -702,14 +702,14 @@ dependencies:
|
|
702
702
|
requirements:
|
703
703
|
- - '='
|
704
704
|
- !ruby/object:Gem::Version
|
705
|
-
version: 2.11.
|
705
|
+
version: 2.11.1
|
706
706
|
type: :runtime
|
707
707
|
prerelease: false
|
708
708
|
version_requirements: !ruby/object:Gem::Requirement
|
709
709
|
requirements:
|
710
710
|
- - '='
|
711
711
|
- !ruby/object:Gem::Version
|
712
|
-
version: 2.11.
|
712
|
+
version: 2.11.1
|
713
713
|
- !ruby/object:Gem::Dependency
|
714
714
|
name: ruby-audio
|
715
715
|
requirement: !ruby/object:Gem::Requirement
|
@@ -954,14 +954,14 @@ dependencies:
|
|
954
954
|
requirements:
|
955
955
|
- - '='
|
956
956
|
- !ruby/object:Gem::Version
|
957
|
-
version: 2.6.
|
957
|
+
version: 2.6.3
|
958
958
|
type: :runtime
|
959
959
|
prerelease: false
|
960
960
|
version_requirements: !ruby/object:Gem::Requirement
|
961
961
|
requirements:
|
962
962
|
- - '='
|
963
963
|
- !ruby/object:Gem::Version
|
964
|
-
version: 2.6.
|
964
|
+
version: 2.6.3
|
965
965
|
- !ruby/object:Gem::Dependency
|
966
966
|
name: yard
|
967
967
|
requirement: !ruby/object:Gem::Requirement
|